SharePoint (2003 thru Online): February 2020

Wednesday, February 26, 2020

Integration - CRM Online & SharePoint Online

The main reason for this Integration is to use SharePoint Online as Document Repository. All the Documents upload in CRM Online will be stored in SharePoint Online.

NOTE: In the below steps, we used our development tenant. Please change the tenant while copying URLs.

For this, first create a Site Collection in SharePoint Online.

https://gurram.sharepoint.com/sites/CRM

Created a sub site for current usage.

Go to Dynamics 365 > Settings > Document Management (under System).

https://gurram.crm.dynamics.com/main.aspx?settingsonly=true#640309862

Click on 'SharePoint Sites'


Click on 'New', to create a new SharePoint Site record.


Enter the below Required fields.


First, we need to create a Parent Site record filling only Absolute URL with SPO Root Site.
'List Component is installed' should be unchecked (for SharePoint Online).
'Allow Embedding of the Power BI Reports' is Optional.



then, we need to create a Site record filling parent Site and Relative URL.
'List Component is installed' should be unchecked (for SharePoint Online).
'Allow Embedding of the Power BI Reports' is Optional.



Select Active SharePoint Sites created and click on 'Activate'



Again, go to Dynamics 365 > Settings > Document Management (under System).

https://gurram.crm.dynamics.com/main.aspx?settingsonly=true#640309862



Click on 'Enable Server-Based SharePoint Integration' Follow the below steps to Complete Validation.











Active SharePoint Sites created are 'Valid' for usage.

Go to Dynamics 365 > Settings > Document Management (under System) > Document Management Settings

https://gurram.crm.dynamics.com/main.aspx?settingsonly=true#640309862


Select all required entities. Provide the SharePoint Online Company One URL > Next



Check Based on Entity > Select from drop-down. We selected Account > Next



Once Succeeded, Click Finish.



Go to Site Contents of the SharePoint Online Company One. You should see all the newly created Document Libraries.
Posted by at No comments:
Labels: ,
Location: Torrance, CA 90505, USA

Thursday, February 20, 2020

MSFT Authenticator mobile App, not receiving Notifications for 2nd step Verification.

Multi factor Authentication (MFA) Setup was done successfully. I was using the Microsoft Authenticator App on mobile to approve/reject the Notifications for 2nd step Verification.

After a couple of months, I formatted my mobile after getting a couple SMiShing messages. Installed the Microsoft Authenticator App, couldn't add my work account as it was asking to scan QR code or enter code manually. How to achieve this?

To perform the following steps, you should be Global Admininstrator of your tenant.

Click on the below link.
https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx


Select the user and Click on Manage user settings.

Select 'Require selected users to provide contact methods again' and Click Save.

'Delete all existing app passwords generated by the selected users'. This option can be used issues with app passwords.
"Restore multi-factor authentication on all remembered devices". This option can be used when users are using more than 2 devices.


Install Microsoft Authenticator app on your mobile Android or iPhone
Click on https://www.office.com/ and enter your credentials. You will see a message as shown below. Click Next,


Select Receive notifications for verification, Click Set up

Open Microsoft Authenticator app on your mobile. Click + on the right-top corner and choose "Work or school account"


Follow Instructions 2, 3 on this screen.

Scan the QR Code image (Shown above).



Your account gets added and you will receive notification for verification, Approve it.

Once Verification successful, Click on Done.
Posted by at No comments:
Labels: ,

Tuesday, February 11, 2020

SMiShing - New Scam targets Customers



Last week, I did a purchase on Amazon and got SMS message to my phone. It was "Please view the invoice of your recent purchase on Amazon". We usually get Amazon notifications thru App and email. It was first time as SMS. The link looked suspicious. Did some research and gathered below information useful to everyone. 

SMiShing is the term that many in the security industry are using to describe a social engineering technique that exploits its victims using SMS, or text messaging. Where phishing uses email as the entry point of attack, SMiShing uses text messages as its point of entry.

SMiShing is new trend and is particularly alarming. Most of us aren't aware of the threat that's presented in our cell phone's text message inbox and therefore, we tend to trust text messages more than we do emails, even from unknown senders. This elevates the probability that we will click on a malicious item sent to us via text. Hackers know this too, and that's why they're using SMiShing attacks at an increasing rate.

What does a SMiShing message look like?

The link will be very authentic and might lead to submit your information form thru fake Amazon site, the person behind the scam will either keep your information to use in other fraudulent acts or they will sell it on the dark web to other criminals in the market for stolen identities. Many cases, they request Credit card information to steal your money.

Identified SMiShing messages

FedEx Tracking codes
Amazon Invoices
Amazon Rewards
Costco Rewards
Free Rewards / WhatsApp links for Free Rewards
Group Messages



Protecting yourself against SMiShing attacks:
  • Watch out for things that are “too good to be true,” like “free” rewards that need your credit card number for some reason.
  • Don’t download and install any software sent you to via a text message or email.
  • Treat "you-must-act-now" messages with great suspicion. This is a warning sign of a social engineering attempt.
  • Banks won't send you texts asking to update your account or confirm your card numbers. If you get a message like this that appears to be coming from your bank. Don't click anything. Call your bank directly and report fraud.
  • Regarding your purchases, though you opt for SMS, but still some might be SMiShing messages. Please use vendor's trusted app on mobile or login thru their website to verify your purchases.
  • Look for suspicious numbers such as "5000" numbers. These numbers are tied to email-to-text services, which social engineers use to avoid using their personal phone numbers for the attacks.
  • Look at the source of the text message. For example, if Amazon always texts you a delivery alert from a specific number and a new message arrives in that conversation, that suggests it’s real. However, scammers can fake (spoof) the number a text message is from, just as they can fake caller ID on a phone (known as Vishing).
  • Be alert for anything suspicious. If you receive a delivery alert from a new number—especially if you weren’t expecting a delivery—that alert is potentially suspect. We recommend you avoid opening the links in any potentially dangerous text messages.
Posted by at No comments:
Labels:

Thursday, February 6, 2020

Coronavirus Phishing Attacks

Coronavirus....Yup!, another count to it. In worldwide health scare situation, the bad guys are on it like flies on $#!+We are seeing a new malicious phishing campaign that is based on the fear of the Coronavirus. 

 The message is obviously not from the Center for Disease Control and Prevention (CDC). There are very few local cases in America. Obviously, the target will be mostly Asian countries. People are more cautious and curious to know. Bad guys take advantage of that.

 You might receive in personal or official emails.

 Here is a sample of the message that is being used. Don't click on any link or attachments. Users should delete the message if they receive it. There will be many other social engineering attacks using this same scare. This is a screen shot of the real attack:

Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)