Recent Discussions
PL-100: Microsoft Power Platform App Maker -- WILL BE RETIRING END OF JUNE!
Microsoft Power Platform app makers have new opportunities to demonstrate skills in specific scenarios relevant to the work that they do every day, such as creating and managing automated processes with Power Automate; canvas apps with Power Apps; and model-driven apps with Power Apps and Dataverse with our new Applied Skills credentials. These modular 1-Day ILT courses teaching relevant skills will be available for ILT, that can be combined as desired. As a result, effective June 30th, 2024, the following will be retired: Microsoft Certified: Power Platform App Maker Associate Exam PL-100: Microsoft Power Platform App Maker. PL-100: Microsoft Power Platform App Maker Microsoft Power Platform Applied Skills launching February 12th, 2024 PL-7001: Create and Manage Canvas Apps with Power Apps PL-7002: Create and Manage Automated Processes by using Power Automate PL-7003: Create and Manage Model-Driven Apps with Power Apps and Dataverse Please reach out if you have any questions. Thank you!Repost: Make quick assist run as admin
Question: We need to be able to use Quick Assist in Windows 10 to do some administrative tasks, but if the end user initiates the Quick Assist session then the remote admin is limited to only what the end user has access to. Is there any way we can start Quick Assist as an administrator or elevate it to admin level during the Quick Assist session? Response: Quick Assist is my preferred application to resolve all technical issues remotely. It also allow me to Run as Administrator to install and configure hardware/software but there are few steps required as mentioned below: Run CMD at end-user's computer Type the below command: runas /user:domain\administrator cmd *domain will be any domain of your organization *administrator can be any administrator login. If domain is not available type the below command in cmd. runas /user:local_user cmd Put the admin password. Now you have successfully launched cmd in administrator mode, you can run the below tasks. x:\MicrosoftEdgeSetup.exe (for software installation, where x is any drive letter from your computer). appwiz.cpl for installing or uninstalling program. services.msc (Run or Stop a service) devmgmt.msc (Device Manager, to install/uninstall or upgrade the device driver) diskmgmt.msc (Disk Management) compmgmt.msc (Computer Management) regedit (Registry Editor) Above mentioned are just example, you can use the number of commands as per your requirement.
Repost: Authenticator app isn't receiving notifications to approve log in on my laptop
Question: I have been trying to log in to my Microsoft account on my new laptop. I have previously used the 2-factor identification method on my old laptop, however, it doesn't seem to be working for my new laptop. When it says it has sent a notification to approve on the authenticator mobile app, nothing is coming up to approve on my mobile so i am making no progress. I also cannot find a code to enter on my laptop from the app. There is no QR code to scan on my laptop using the authenticator app. I don't know what to do and it is extremely frustrating because I cannot access anything, emails etc. Would be very grateful for some help. Response string: This sounds rather like a problem of the Authenticator app on the mobile it is not the laptop which stores any MFA information, the account setting at account.microsoft.com (or the security settings for the Microsoft Accounts set in there) triggers MFA, regardless from which machine you access those. Generally, when the message appears that a notification was send to the mobile device, there should be an option to use different verification method, which allows to also choose to enter a 6 digit token that is displayed for this account in the MS Authenticator app. Also it might show options to use another email address or phone number. Doing a new MFA registration in the authenticator app (showing the AR code) is only possible when you can access account.microsoft.com and log in using MFA - if you can't the dialogue usually also shows an option reset MFA, then you have to enter additional information to verify your identity. This does not sound like a problem specific to CSP Partners where this community is set up for, but more like a problem with a personal Microsoft Account outside of the scope of this forum. You can review guidance on how to set up MFA for personal accounts here: Microsoft account security info & verification codes - and at the end of the article you find links to the correct community and support options. Finally there is also an option to reset password and security information all together: Recover your account (live.com) Response: My MS Authenticator app does not show any 6 digit one-time-tokens. It shows 8 digit one time passwords. Also, my MS Authenticator does not receive any notifications. There is no help available anywhere, and there seems to be no way to "reset" this security information. Response: 8 digit one-time passwords are for personal Microsoft accounts, not work accounts, so you confirmed that your issue is not reg. CSP Partner security requirements where this community is meant for. I would suggest you contact Microsoft support directly - Contact Us - Microsoft Support - if you can't get access to a browser where you can log in to account.microsoft.com and use the available options to reset your authentication methods. Response: Have personal and work Authenticator use. Azure side(work) never sends notification to authenticator. Therefor cannot use any of my work related phone apps which is literally essential to my job. Personal use works every time. Cant text myself the verification code because the phone number is wrong and I have no idea how to change it. I have my new number on Microsoft account for 2 years now and my work have my new number saved in their system for the same period of time so I have no idea why my old number is in there. I guess i've never noticed this as the notifications have just stopped working recently. Any help would be great here also. Response: If you want to change setting for MFA for a work/school account, go to https://aka.ms/mfasetup and log in with your work account. There is both a setting on if a notification will be send or if the 6-digit code should be used (given the admin of the tenant did not disable certain methods) and an option to change the phone number.
REPOST from Old community | OAuth Refresh token has expired after 90 days
PROBLEM: We have encountered an issue on our live environment: The Multi Factor Authentication does not work anymore. We try to authenticate using an OAuth Refresh Token (this authentication mechanism has been recommended by the Yammer group "Partner Center Security Guidance", which now has been closed). But since today, this authentication does not work anymore, but we get the following error message: invalid_grant: AADSTS700082: The refresh token has expired due to inactivity. The token was issued on 2019-01-02T09:19:53.5422744Z and was inactive for 90.00:00:00.: But I am absolutely sure that this refresh token has been successfully used yesterday. The Microsoft documentation https://docs.microsoft.com/en-us/graph/auth-overview says that an OAuth Refresh token should only expired if it has been inactive for 90 days. But our tokens were used. Therefore the tokens should not expire! Why do we now have a live incident? What went wrong? Please not that we are selling in 12 different markets, and therefore have 12 different partner accounts, and therefore 24 different OAuth refresh tokens (one for the live environment and one for the sandbox). Therefore it is not this easy to update the 24 OAuth refresh tokens. What can we do to avoid similar production incidents in the future? We are regularily using the refresh tokens to get new access tokens. We do this using the call "POST /{tenant}/oauth2/token grant_type=refresh_token&refresh_token=..." (see https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-protocols-oauth-code). The response of this call not only contains the access token, but also a new refresh token. At the moment, we ignore the new refresh token that is returned. Should we store and use the new refresh token that is returned by this call, or would the new refresh token also expire at the same time? Does Microsoft offer a way to find out the expiry time or the issued-at-date of a refresh token? RESPONSE TO USER: Please check that you store your token(cache) also after AquireTokenSilent. You will get a new refresh token which you schould use in sequential requests. In my case I did not (correctly) store it, so I used the refresh token which I aquired the first time when I used AquireTokenInteractive. That token will expire after 90 days. There are two authentication flows: a confidentialclient which authenticates the application. The application has access to the resources of your organisation, but you have little control over who uses the software. This is, even for background processes, not workable when you develop your own software for multiple customers (you cannot guarantee that customer 1 might never access data from customer 2). In that case you develop a Public Client where you get access via a user's account via AquireTokenInteractive (that method also supports multifactor authentication and it shows any consentscreen necessary). Once you have access you can use AquireTokenSilent to renew the token. Note that AcquireTokenSilent DOES return a refresh token (valid for 90 days), and you should make sure you store this after every request. The refreshtoken is not visible if you look in the debugger, but it is visible if you use Fiddler to view the raw data (and decode the token). That was in hindside my problem: I created a daemon process for which the interactive flow does not seem logical, and since I had token issues I went for the confidential flow. But there you do not get the consent screens and it does not work with multifactor authentication. My conclusion: if you are developing 3rd party software then even for background (daemon) processes you could (should) use the publicclient flow. There is no problem with the token process: it will continue to work forever once you aquire a token. Only when your software is 'down' for more than 90 days you will need to log in again (and when access for your app is changed from the client's azure account) Relevant links: https://docs.microsoft.com/nl-nl/azure/active-directory/develop/msal-client-applications https://docs.microsoft.com/nl-nl/azure/active-directory/develop/msal-net-acquire-token-silentlyRepost: change region and language settings using group policy
Question: Please share the steps for configuring "region and language settings" using group policy. Response: Something here may help. http://dennisspan.com/configuring-regional-settings-and-windows-locales-with-group-policy/ Response: To set up the Regional settings for multiple users, use the group policy and to the following steps: Launch Group Policy Management, create a new GPO or configure the one you have. See the screenshots. Make all needed settings, and use F6 to confirm the configuration from red to green. Consider having a trustworthy Microsoft office 365 backup software from NAKIVO, as you can never predict a ransomware attack or other issues.Annual/monthly price increase per 1st of April 2025
Hi Microsoft, Besides the discussion on the price increase itself: November 2024 announcements - Partner Center announcements | Microsoft Learn I'm wondering how this "standardizing the billing structure" works for triannual subscriptions. The post only states that Annual subscriptions with Monthly payment term will undergo a +5% price increase. But how will this affect multi-year subscriptions? Eg. Triannual subscription with annual payment term. Cheers, MartijnATTENTION DP-500 WILL BE RETIRING APRIL 30TH, 2024!!
DP-500 for ILT will be retiring on April 30th, 2024 Find out how certification and exam retirements make way for new opportunities. Microsoft Fabric—the all-in-one analytics solution that covers everything from data movement to data science—has enabled the role of enterprise data analyst to evolve into that of analytics engineer. As a result, effective April 30, 2024, we’ll retire the Microsoft Certified: Azure Enterprise Data Analyst Associate certification and Exam DP-500: Designing and Implementing Enterprise-Scale Analytics Solutions Using Microsoft Azure and Microsoft Power BI. Enterprise data analysts can now earn the Fabric Analytics Engineer Associate certification by taking DP-600 and also passing Exam DP-600. Please see the blog posted on MS Learn for further information regarding this found here: Microsoft Credentials roundup: In-demand news for in-demand skills - Microsoft Community Hub Thank you!Question: How to allow multiple users on Azure VM
Some partners followed the below article and were able to resolve their issue: https://community.dynamics.com/365/b/dynamics365enterprisecloudfronts/posts/setup-simultaneous-remote-login-for-multiple-users Here are a few other responses from community influencers: Comment: This sounds like a scenario where you are hosting an application/service for end customers, e.g. a SaaS offering, but as rich client where RDP protocol is required. The solution is to enable Remote Desktop Services to allow multiple users working simultaneous on a VM. You could either build a RDS farm in Azure yourself, or you use Windows Virtual Desktop as Gateway/broker Service to publish the application, which I would recommend. You need to use WVD with Windows Server-based session hosts though, not WVD with Windows 10 Multi-Session - this is because of licensing reasons. Since you are providing a hosted service, the access of the end customers would need to be licensed via RDS Subscriber Access Licenses (RDS SALs) obtained via SPLA, for hosted scenarios like this there is no other option then to use SPLA licenses because usage of RDS role is not covered with the Windows VM license that Azure offers. Comment: Does not change that you need RDS and the licenses (RDS CALs - or RDS SALS via SPLA when it is about a hosted solution like described by the OP). Since this thread was revived via the new post, and since there were changes, some additional information: You can now also offer Windows Client OS (Windows 10/11 Multisession) in Azure Virtual Desktop as basis for your hosted, custom services/apps, not only Windows Server how I described. This is possible because there is a new licensing options - AVD remote app streaming: What is Azure Virtual Desktop remote app streaming? - Azure | Microsoft Docs
New MCPP Subscription in Azure
Hi, Apologies if this is the wrong forum. Earlier this year I renewed my Action Pack subscription and had to link my billing profile at the same time. Once that had gone through, I noticed that I had a new Azure subscription called 'MCPP Subscription' I still also have my Microsoft Partner Network subscription which has all my resource groups etc in. My query is what is this new subscription? Should I start using it? My credits are linked to the old MPN subscription. I've not been able to find anything so far about it either on general internet searches or this community. many thanks
Microsoft E3 and Windows 10/11 E3 CSP Licenses and VDA Rights
Does a user licensed with a Microsoft E3 or Windows 10/11 E3 licensed through CSP, have VDA Rights for an onprem VDI server? My understanding is that this was recently changed to allow these rights through a CSP Agreement, whereas before it was only allowed through an EA or MPSA agreement. Here is the documentation I have found on this that I am hoping you can verify. I’ve attached the presentation from Microsoft that announced this change. Please go to slide 21 where you can see that you can run Windows hosted desktops on a server through the CSP model. I have attached the Licensing Brief for licensing for Virtual Desktops. If you look at Page 8, you will find the Summary Table, that shows that with a Microsoft E3, you have the ability to run the Microsoft E3 (or Windows E3) on an on-prem server. Thank you!SQL Server Standard - 24 Core Limit - Licensing
Hi Team, Hope you are doing well. I do not want to put up a duplicate question, so please excuse my ignorance, and if this question is already answered, would request you to direct me to the correct link. With SQL Server Standard (Core or Server-CAL model), there is a limit on compute capacity and maximum number of cores should be 24 cores. Would request your help to understand what impact will it have on licensing i.e. do we need to assign such server (assuming running 32 cores) the Enterprise Core edition license? Or do we need to stack SQL Server Standard Core licenses? Appreciate any inputs here.
Events
in 2 days
**Event Date & Time: September 24, 2025, 12:00 - 1:00 PM GMT+8 Singapore **
Learn how to effectively plan, build, and deploy generative AI solutions. Join us at Microsoft ISV AI Envisioning Day: Ge...
Online
in 2 days
**Event Date & Time: September 24, 2025, 1:00 - 2:00 PM GTM+1 UK **
Learn how to effectively plan, build, and deploy generative AI solutions. Join us at Microsoft ISV AI Envisioning Day: Get the Fr...
Online
Recent Blogs
- 1 MIN READStay Aligned: Weekly Title Plan Releases + New “Is AI” KPI SupportSep 19, 2025
- Arm apps now span key categoriesSep 19, 2025
