SharePoint Stuff



Azure MySQL In App Manager – Increase Import Size

Written by Luke Smith. Posted in Microsoft

When importing a database using phpmyadmin via the Azure App Service MySQL In App Manage you find the Import Maximum size is set to 8,192KiB (Max:8,192KiB).

To increase the php upload size please run through the following steps:

In the Azure Portal, select your App Service
Navigate to Configuration
Select Application Settings
Click New Application settings

Name = PHP_INI_SCAN_DIR
Value = D:\home\site\ini

Click Save

Then Under Development Tools select Advanced Toolees (KUDU) or navigate to https://.scm.azurewebsites.net

From the menu select Debug Console\CMD

Go to site directory and press the “+” button and create an “ini” directory.
In the ini directory, create an “extensions.ini” file.
Press the edit button next to the file.
Add the following to the file and save. This will modify the Master values.
upload_max_filesize=30M
post_max_size=30M
Go to the wwwroot directory and create a “.user.ini” file.
Edit the file and add the same values as mentioned in step 7 above. This will modify the Local values.
Restart the site using the Azure Portal.
PHPMyAdmin Import page will also reflect the changes.

Office 365 DLP Acction Encrypt email messages Missing

Written by admin. Posted in Microsoft

ISSUE

When you create an Office 365 Data Loss Protection (DLP) Policy the Action to “Encrypt email messages (applies only to content in Exchange)” is missing.

RESOLUTION:

Exchange Online Azure AD Rights Management needs to be eneabled.

Download the Exchange Online PowerShell from: https://docs.microsoft.com/en-us/powershell/exchange/exchange-online/exchange-online-powershell?view=exchange-ps


Connect-ExchangeOnline
Connect-AadrmService
(Get-AadrmConfiguration).LicensingIntranetDistributionPointUrl -match “https:\/\/[0-9A-Za-z\.-]*” | Out-Null; $matches[0]

#Copy URL into $list below
$irmConfig = Get-IRMConfiguration
$list = $irmConfig.LicensingLocation
$list += “https://512889fd-d24f-4f29-87e1-7111b27ebada.rms.eu.aadrm.com/_wmcs/licensing“
Set-IRMConfiguration -LicensingLocation $list
Set-IRMConfiguration -internallicensingenabled $true
<\code>

Microsoft Cloud App Security (CAS) and Squid

Written by Luke Smith. Posted in Microsoft

The below are the high level steps to configure squid syslog to Microsoft Cloud App security using the CASCollector (an ubuntu vm which runs on Azure\Hyper-V\AWS)

Install CAS Collector

Follow steps here: https://docs.microsoft.com/en-gb/cloud-app-security/discovery-docker-ubuntu-azure

Summary of commands below which are run on the CASCollector Ubuntu server

sudo -i

curl -o /tmp/MCASInstallDocker.sh https://adaprodconsole.blob.core.windows.net/public-files/MCASInstallDocker.sh && chmod +x /tmp/MCASInstallDocker.sh; /tmp/MCASInstallDocker.sh

(echo cb83b3f208347603e38ea2816c7503ec257159001225001c2b8efa6e06f49951) | docker run –name CASLogCollector -p 514:514/udp -p 21:21 -p 20000-20099:20000-20099 -e “PUBLICIP=’10.10.10.12′” -e “PROXY=” -e “SYSLOG=true” -e “CONSOLE=cas.eu2.portal.cloudappsecurity.com” -e “COLLECTOR=CASLogCollector” –security-opt apparmor:unconfined –cap-add=SYS_ADMIN –restart unless-stopped -a stdin -i microsoft/caslogcollector starter

sudo docker logs UKADLogCollector

Confirm it is running

Install IP Traffic monitor (to review incoming syslogs)

On the CASCollector Ubuntu server
Sudo apt-get install iptraf

Setup SQUID (note squid 2.7 at minimum is required for syslog support)

Open Squid.config and make sure the following 2 entries exist

access_log C:/ClientSiteProxy/var/logs/access.log squid
access_log udp://172.18.1.150:514 squid

Save the file and then restart the squid service

The “squid” value at the end of the path sets the format to native, Microsoft CAS (out of the box) supports Native and Common, customised formats can be created but we are keeping this simple.

Make sure the CAS data source is selected with the format Squid (Native)

Troubleshooting

Review “sudo iptraf” network traffic and confirm you can see the incoming UDP traffic on the log collector
Review the governance logs from the CAS portal (gear icon > governance log)
Install a separate syslog receiver test tool (confirm syslog traffic is appearing)
Install a separate syslog transmitter test tool (confirm syslog udp traffic is appearing)

NB: this article relates to squid 2.7 or above and Symantec client site proxy (was known as messagelabs)