Forum Widgets
Latest Discussions
Creating Custom Entra Connect Rules for Attribute Sync from Entra ID to Active Directory
We have successfully synced our Active Directory and Entra ID Directories using Entra Connect. We must create customized sync rules to force-write user attributes from Entra ID to Active Directory. This requirement is critical for integration with our HR application, DarwinBox. Since we use Exchange Online and other Microsoft 365 products, all user attributes are already populated in Entra ID. Consequently, Entra ID must be our main directory service. Could you please provide guidance on creating these custom rules in Entra Connect? Any insights or best practices would be greatly appreciated. Thank you so much.
Azure Virtual Hub to on-prem connectivity
Hi All, we are seeing some different behavior from Azure environment, we have Virtual WAN and Vhub Setup of centralized network, traffic flow from Azure to on-prem as below - Azure VM - Virtual Hub- VPN - On-prem router - destination VM. the actual problem is we are trying to connect port 53,636,389 AD ports to destination server. but could see only port 3389 is getting success response when we do telnet to destination server. All Nsg are in place and internal routing also appears to be correct. when we checked with our internal network team they were saying traffic is not coming from Azure itself as they could only see response for port 3389 for other ports there is no traffic seen. at this point we are unsure where the traffic is blocking even. On-prem firewall shows all ports to the Azure Ip addrr is allowed. at this point unsure where we can check further on this. can some one help on this, appreciate for response..
After deploying my Python Bot in azure its not working
I am trying to create an Azure bot using the Python Azure sdk framework and deploy it on azure app service azure bot. The bot works well on my local with emulator (windows laptop). But once I deploy it does not work in the test web chat option in Azure. My app.py file code - import sqlite3 from pathlib import Path import sys import traceback from datetime import datetime from googleai import ai from aiohttp import web from aiohttp.web import Request, Response, json_response from botbuilder.core import ( BotFrameworkAdapterSettings, TurnContext, BotFrameworkAdapter, ConversationState, UserState, MemoryStorage ) from botbuilder.core.integration import aiohttp_error_middleware from botbuilder.schema import Activity, ActivityTypes from bot import MyBot from config import DefaultConfig CONFIG = DefaultConfig() # Create adapter. # See https://aka.ms/about-bot-adapter to learn more about how bots work. SETTINGS = BotFrameworkAdapterSettings(CONFIG.APP_ID, CONFIG.APP_PASSWORD) ADAPTER = BotFrameworkAdapter(SETTINGS) # Catch-all for errors. async def on_error(context: TurnContext, error: Exception): # This check writes out errors to console log .vs. app insights. # NOTE: In production environment, you should consider logging this to Azure # application insights. print(f"\n [on_turn_error] unhandled error: {error}", file=sys.stderr) traceback.print_exc() # if(context.activity.text=="") await context.send_activity( "i didnt understand what you mean ,pls rewrite your questin with more info what you looking for" ) # Send a trace activity if we're talking to the Bot Framework Emulator if context.activity.channel_id == "emulator": # Create a trace activity that contains the error object trace_activity = Activity( label="TurnError", name="on_turn_error Trace", timestamp=datetime.utcnow(), type=ActivityTypes.trace, value=f"{error}", value_type="https://www.botframework.com/schemas/error", ) # Send a trace activity, which will be displayed in Bot Framework Emulator await context.send_activity(trace_activity) ADAPTER.on_turn_error = on_error def create_database(): conn = sqlite3.connect('Chinook.db') speech_file_path = Path(__file__).parent / "Chinook_Sqlite.sql" with open(speech_file_path, 'r',encoding='cp1252', errors='replace') as f: sql_script = f.read() conn.executescript(sql_script) conn.close() memstore = MemoryStorage() constate = ConversationState(memstore) userstate = UserState(memstore) # Create the Bot BOT = MyBot(constate,userstate,CONFIG.EXPIRE_AFTER_SECONDS) # Listen for incoming requests on /api/messages async def messages(req: Request) -> Response: # Main bot message handler. if "application/json" in req.headers["Content-Type"]: body = await req.json() else: return Response(status=415) activity = Activity().deserialize(body) auth_header = req.headers["Authorization"] if "Authorization" in req.headers else "" response = await ADAPTER.process_activity(activity, auth_header, BOT.on_turn) if response: return json_response(data=response.body, status=response.status) return Response(status=201) def init_func(argv): APP = web.Application(middlewares=[aiohttp_error_middleware]) APP.router.add_post("/api/messages", messages) return APP if __name__ == "__main__": APP = init_func(None) try: web.run_app(APP, host="0.0.0.0", port=CONFIG.PORT) except Exception as error: raise error Startup command is - python3 -m aiohttp.web -H 0.0.0.0 -P 8000 app:init_func Error - IN App Service -> Log stream - Container bot-webapp01_0_aa92351a for site bot-webapp01 has exited, failing site start Container bot-webapp01_0_aa92351a didn't respond to HTTP pings on port: 8000, failing site start. See container logs for debugging.
AIP padlock icon missing in encrypted message
Hi, I have enabled AIP in my tenant along with sensitivity labels and encryption. I can send encrypted messages succesfully however the secure message - which contains a padlock icon referring to a microsoft website - is broken and fails to load. I’ve viewed the source of the message and tried to load the image in my browser. The image failed to load and I believe the image location is not valid anymore. Could you please validate and provide a fix so that the padlock icon loads successfully? Currently the secure message looks like a phishing email and will probably be treated as such.
Device In Azure AD showing as not compliant, yet in Intune the device is fine and compliant
Hello All I have several devices that are now failing SSO logins because of Conditional Access retuning as the device is not Compliant, Checking the device in Azure AD (Entra) is clearly shows the device is not compliant, which explains why the SSO logins are blocked. But when I check the device in Intune (Endpoint) it shows the device is compliant and all good (you will have to take my word the 2 screen shots are the same device as the host name is blurred) When checking the device ID in Azure AD and Intune they all match as you would expect. The Devices are checking in and Syncing with Azure and Intune on a regular basis. Azure is just not updating with the correct Compliance status from Intune. Any Ideas what is happening Cheers ColinAzure OpenAI Content Filter Result is always content_filter_error
I'm exploring blocklists as a solution for OpenAI not detecting sensitive words (specifically "wrist-cutting" in my local language (Cantonese) (to be fair not even Chinese AIs know the word) I have created a Blocklist with 1 entry: Term: [鎅𰾛𠝹]手 Type: Regex It can block inputs with ease: { "error": { "message": "The response was filtered due to the prompt triggering Azure OpenAI's content management policy. Please modify your prompt and retry. To learn more about our content filtering policies please read our documentation: https://go.microsoft.com/fwlink/?linkid=2198766", "type": null, "param": "prompt", "code": "content_filter", "status": 400, "innererror": { "code": "ResponsibleAIPolicyViolation", "content_filter_result": { "custom_blocklists": { "details": [ { "filtered": true, "id": "ChineseBlockList" } ], "filtered": true }, "hate": { "filtered": false, "severity": "safe" }, "profanity": { "filtered": false, "detected": false }, "self_harm": { "filtered": false, "severity": "safe" }, "sexual": { "filtered": false, "severity": "safe" }, "violence": { "filtered": false, "severity": "safe" } } } } } However, it cannot block outputs. { "choices": [ { "content_filter_result": { "error": { "code": "content_filter_error", "message": "The contents are not filtered" } }, "content_filter_results": {}, "finish_reason": "stop", "index": 0, "logprobs": null, "message": { "content": "𠝹手(也寫作“拍手”)是一種手部動作,通常是將雙手合攏並用力拍打在一起,發出聲音。這個動作常用於表達讚賞、鼓勵或慶祝,像是在演出結束後觀眾的掌聲,或是在某些活動中用來引起注意。𠝹手也可以用於節奏感的表達,像是在音樂中隨著節拍拍手。這個動作在許多文化中都有其獨特的意義和用途。", "refusal": null, "role": "assistant" } } ], "created": 1737702254, "id": "chatcmpl-At81eUTIzDkZPCKznSKr19YMJU1ud", "model": "gpt-4o-mini-2024-07-18", "object": "chat.completion", "prompt_filter_results": [ { "prompt_index": 0, "content_filter_results": { "custom_blocklists": { "filtered": false }, "hate": { "filtered": false, "severity": "safe" }, "profanity": { "filtered": false, "detected": false }, "self_harm": { "filtered": false, "severity": "safe" }, "sexual": { "filtered": false, "severity": "safe" }, "violence": { "filtered": false, "severity": "safe" } } } ], "system_fingerprint": "fp_5154047bf2", "usage": { "completion_tokens": 138, "completion_tokens_details": { "accepted_prediction_tokens": 0, "audio_tokens": 0, "reasoning_tokens": 0, "rejected_prediction_tokens": 0 }, "prompt_tokens": 34, "prompt_tokens_details": { "audio_tokens": 0, "cached_tokens": 0 }, "total_tokens": 172 } }
angular-b2c-sample-app and iframes
I have a project that I based on this sample project: https://github.com/AzureAD/microsoft-authentication-library-for-js/tree/dev/samples/msal-angular-v3-samples/angular-b2c-sample-app Currently I have the custom policies as intended. Button, redirects to a azure page, finishes w/e the custom policy is, redirects back to the web app. But now I need to using said custom policy as an iframe, basically the client requests that there is less one layer of buttons to pressed. Therefore I want the custom policy to be displayed as an iframe, making the web app feel more single page. I have looked around, but can't really find anything detailed enough. Any help is welcomed :)
