horse head

Microsoft released a public preview of modern authentication for Office 365 in the office clients in November.

Security is kind of a big deal, and you don't have to watch the news for very long to hear about someone getting hacked or compromised or something like that.

One of the new things — well not new anymore — but one of the things that cloud providers and all that have done to reduce your chances of getting hacked,is to enable things like two-factor authentication or multi-factor authentication.

To Know & Have (or Forget & Lose)

The problem is that when they change authentication, everything that authenticates against that has to know. And that was one of the problems with the office client: if you had crazy secure two-factor authentication in Office 365, your clients had problems getting into it.

So this Microsoft blog post explains how the Office 2013 and 2016 clients now understand what they're calling "modern authentication." So you can go into your Microsoft online products, SharePoint online, Lync and Exchange and all that stuff, and turn on multi-factor authentication, and then continue to use your client's Outlook, Word and those kinds of things.

This is something that you should be considering. And I say this for the Microsoft properties that I talked about, as well as other cloud things — I'm talking Dropbox, Facebook, Twitter. They all this day have multi-factor auth options.

Let me talk about Microsoft accounts. So OneDrive and all that,has two-factor auth. Whenever you sign up a new machine and attach to your Microsoft account, they text you a code that you have to put it.

So the way I like to explain it — if I had to explain it to my mom — is like this. With one-factor auth, you need a password … something you know or something you can't forget.

With multi-factor authentication, you start with something you know, and then something you have. That something you have can be a key fob, or it can be a text message to your phone, or something else.

It's something you know and something you have, so that is what the two-factor auth is.

But again, when I'm talking to my mom it's something she can forget and it's something she can lose. You have to put it into terms people can understand.

Try It - You'll Like It

All these cloud providers have it: Google, Facebook, Twitter.

Think about trying it out. Think about using it. The bad guys are out there, and two-factor auth is one of the things that can slow them down.

The good news is for Office 365 and Azure AD and all those things, you can turn two-factor on but you don't need to turn it on for everybody.

So you can turn it on for a couple of test accounts in your IT group and figure out where the rough spots are before you unleash it on all of your users. You should definitely be doing that.

One Side or the Other

I also wanted to let you guys know that a new version of the client side object model for Office 365 was released a couple of months ago.

This is CSOM, client side object model for Office 365, but it also works with SharePoint 2013 and SharePoint 2016.

This is that idea that developers can write code that can sit on the client side, in your browser typically so there is less vulnerability, less security stability issues on your server.

They released a new package where you can download all the CSOM things, the DLLs, you can create all these things on the client side. Now you're probably asking yourself, "Why is Todd talking about all of this?"

I got some nasty tweets today about mentioning Visual Studio in one of my previous podcasts,

I don't do any developing, but I bring this up because CSOM is the great way to bridge those blank spaces that we have for PowerShell that the Office 365 PowerShell cmdlets don't have.

And that's why CSOM is important. Now there's a bunch of resources out there, a bunch of pieces of code out there that we can use with PowerShell that utilize the client side object model because PowerShell, in this case, is just a client. So it can do these client side things, and that's why we care.

Office 365 Development Patterns and Practices (PnP) is Microsoft's guidance for how you can develop against Office 365 and SharePoint. But again, for PowerShell, it's the same thing. So all those frustrations you have when you try to use PowerShell with SharePoint online, CSOM is the way to get around that. Patterns and Practices is the way to use someone else's code and not have to write it yourself.

Other Things That Tickle My Fancy

The Bulk User Profile Updater is part of Patterns and Practices. It's on GitHub. This is an executable you can use and it will go out to something like an LDAP provider, pull down all the profiles and then, using web services, push all those profiles into Office online or on-prem or something.

So this bulk user profile updater applies to Office 365 Multi Tenant (MT), Office 365 Dedicated (D) and SharePoint 2013 on-premises. They don't call out SharePoint 2016 but I assume if it doesn't support now it will.

SharePoint 2016 is in preview so Microsoft gets really weird about saying production things support preview things. But this is a way to fill all that information in, if you've got some weird thing and you can't use regular profile sync.

Great functionality and great ability to have. Test it first. Play with it in a non production tenant or a non-production farm. It's a little weird. It's not how we're used to doing things.

So be aware of that, but it offers functionality you're probably gonna wanna use.

Wrapping Up

As always, there is more in Podcast 275. So sit back and watch or just listen. The time stamps below link to the selected content.

08:00: Microsoft kind of screwed up with OneDrive. Now it's trying to remedy that with OneDrive for Business update on storage plans and Next Generation Sync Client
25:13 - I found this nice document with links to a bunch of other documents on Azure Active Directory Hybrid Identity Design Considerations
26:33: Azure AD Connect sync: Attributes synchronized to Azure Active Directory
27:49: There are rumors going around about me having too many tablets. Well, now you can find out the number of Windows devices you have registered.
30:35: Finally, how to save Windows Spotlight lockscreen images so you can use them as wallpapers

Title image by Ryan McGuire