TagAzure

Get your data to your home country!

If your Microsoft 365 tenant like mine is located in a region that not`s include your country then this is how you should configure your tenant to get the data as close to you as posible!

(if Microsoft has opened a Datacenter in your country of course :))

Why move your data?

There are several improvements by getting your data moved to a closer datacenter.

  • Improved latency to the services
  • Data stored in your own country
  • Still have DR capabilities outside of your country if infrastructure failes
  • Multi-geo capabilities to many more closeby countries for your staff

The latency improvements are incredible! I have noticed this when using a SharePoint Online site located in Europe vs. In my home country Norway. The latency against Norway was much much better and when using the service it feels much more “snappy”.

Creating a new Microsoft 365 tenant for everyone living in Norway will create the data store in Norway aswel for the services

  • Exchage Online
  • SharePoint Online
  • Microsof Teams

When to do it?

Microsoft has released a table of when the Request period for requesting a move of data, take a look here to have a look for your country!

https://docs.microsoft.com/nb-no/Office365/Enterprise/request-your-data-move#when-can-i-request-a-move

For us in Norway this means that we need to opt-in by the end of October to be migrated and get our core customer data at rest in Norway.

When will your data be moved?

A catch with all this is that Microsoft says that they may use 24 months to move your data! TWO years for migrating it to new datacenters.. But that said, it can happend faster. After you request a move of data, Microsoft will plan to move your company data as soon as operational constraints allow.

How to request a move of data?

It`s quite easy to request a move of data!

Head in to “Settings -> Organization profile -> Data residency” and check the checkmark and “Save changes” then wait 🙂

To look at where your data is at the moment head into the “Data location” in the same menu under Organization profile and have a look 🙂

Azure Tags

Azure tags is an important tool of marking your resources with some additional information. 

This information can be what your business requires and is not set by any templates or so. 

Keep in mind that when you start with tagging it must give you some sort of value in some reasons this is cost-related that meaning you can tag resources with a costcenter tag like 

CostCenter : BusinessApplication 
CostCenter : Human Resources 

Other departments can also be in use of tags and then i`m thinking of the Security department and their Incidence and Respond team. By adding additional information to your Azure resources, you can set an value on resources and with that also prioritize what resources to mitigate first if there is an security incident.  

Setting tags can be done at creation of the resource in the Azure Portal but also within ARM templates or you can use Azure Policy to add tags after deployments aswell.  

When adding tags to a existing resource navigate to the resource and hit the Tags pane in the menu then add a TagName and a Value of the tag. 

Going forward this can also be done when creating a new resource within the Wizard and also by ARM temlates by adding this to the “Parameter” section of your ARM temlate:

"resourceTags": {  
      "type": "object",
      "defaultValue": {
      "CostCenter": "BusinessApplication"}
      }

And this to the actual resource 

"tags": "[parameters('resourceTags')]", 

If using Azure Policy to remidiate existing resources you can use a built in policy named “Add a tag to resource” and deploy that to your subscription.  

By using Azure Policies you can also block creation of new resources without having a Tag set to the resources upon creation.  

All of these methods are powerfull methods but i like the Azure Policy methods the most as these policies can be givven a logic to it – but more on Azure Policies in another blog post. 

Keep tagging all your resources and grow your value of your assets in Azure!  

Azure AD Connect sync issues

Now and then we get errors in our Azure AD Connect syncronization, or that said – my customers get errors.

And every now and then there is a error wich are not easy to spot what can be wrong.

In this case the sollution was not that easy – but when you think of it, it makes kind of sense sort of.

So this is the Error i got.

Other Error 
onmicrosoft.com 
Description 
Error Details 
pro perty 
Error Type 
Last Attem pted At 
Related Articles: 
Attribute 
o 
x 
The object failed synchronization. For more information, please see the error details. If the problem continues and 
cannot be fixed, please contact Microsoft Support. 
Value 
WorkflowException 
12/17/2019, PM 
1. Azure AD Connect: Troubleshooting Synchronization Errors 
user Principal Name 
Object GUID 
Synchronization Status 
Details 
Attribute Value 
0625<71 
On premises AD only 
52fde7d7eab1

Looking into Azure AD Connect it throwed a error on syncronization.

After some investigation back and forth i with the GUID who did not match the Azure AD Sync error – i found out that a deleted group was configured as a licensing group within Azure AD. Therefor when it was deleted from On-prem AD it could not be deleted in Azure AD since it still was in use.

By removing it from the license sku it removed it self on next sync.

Sensitivity labels available in Outlook Web

The first step into enabling the use of Unified labels in Office Web apps is here! Today i got the “Sensitivity” bar enabled in my tenants.

Sorry for the Norwegian text in the picture, as “Følsomhet” is the Norwegian word for “Sensitivity”

To get started with Sensitivity labels – head over to Microsoft 365 Security portal and open the “classification” menu.

From there head in to “Sensitivity” and create a label.

Next – choose the tab for Label Policies and publish the label you created.

When testing the feature, remember to only publish the label to your self so that you not enable all users in your company to use and test it. 🙂

© 2020 IdefixWiki

Theme by Anders NorénUp ↑