John Fedor

My feedback

  1. 464 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    17 comments  ·  Web Apps  ·  Flag idea as inappropriate…  ·  Admin →

    Hi all,

    We are currently working on items that will enable service endpoints for multi-tenant App service. We will share the news of the features we deliver on the App Service Blog here: aka.ms/AppServiceBlog.

    We also expect to speak about this topic at the Ignite conference in September in Orlando.

    Thanks,
    Oded

    John Fedor supported this idea  · 
  2. 30 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    John Fedor supported this idea  · 
  3. 50 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    John Fedor commented  · 

    Conditional access only works with modern-auth applications. Non-modern auth applications bypass conditional access checks (such as Outlook 2010, Outlook 2013 without the registry tweak), so app-password wouldn't be applicable in conditional access scenarios.

  4. 113 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    23 comments  ·  Azure Active Directory » Conditional Access  ·  Flag idea as inappropriate…  ·  Admin →
    John Fedor commented  · 

    Today, conditional access policies are handled AFTER authentication (as MS support and the following article indicate: https://docs.microsoft.com/en-us/azure/active-directory/active-directory-conditional-access-locations#what-you-should-know)

    The problem with this is that we're leveraging the conditional access policy to block access based on country. Ideally, this should happen prior to authentication happening, as the identity & the resource is known (parts of the condition).

    The reason for this is so that people in other countries that we want blocked do not have the ability to lock out accounts as is currently possible (and happening).

    We have MFA in place, so we should be protected, but would be ideal if the logic would block prior to authentication (just using identity), that'd make a lot more sense.

    Thanks.

  5. 6 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  (General Feedback) » Other  ·  Flag idea as inappropriate…  ·  Admin →
    under review  ·  Kimberly Bolton responded

    Thanks for your suggestion. Would you attach a copy of the email you are talking about? We can then match it to an existing template and see what needs to be adjusted.

    John Fedor commented  · 

    Not seeing an attach option, but here's the body of it. If you want to provide your email address, I can attach it in a reply.
    Thanks.

    Subject:
    Azure App Service to comply with TLS requirements

    Body:



    AWARENESS

    Azure App Service to maintain compliance with TLS requirements
    Dear Azure customer,
    You’re receiving this email because you have an App Service app and we want to let you know about upcoming security improvements we’re making for PCI compliance. The PCI Security Standards Council announced that PCI-compliant websites must transition from TLS version 1.0 to TLS 1.1 or higher by June 30, 2018.
    What is App Service?
    App Service is a service to rapidly build, deploy, and scale enterprise-grade web, mobile, and API apps running on any platform. Meet rigorous performance, scalability, security and compliance requirements while using a fully-managed platform.
    What this means for you:
    • By April 30, 2018:
    o Through the Azure portal and Azure Resource Manager templates, you’ll be able to select the minimum-required TLS version (1.1 or 1.2) for your app.
    o We’ll configure App Service apps to require only newer TLS versions (1.1 and 1.2)—two months before the required date.
    • After June 30, 2018, all newly created App Service apps will be automatically configured to require TLS 1.2. You’ll still retain the option to configure earlier TLS versions for your apps, if necessary, for compatibility with older browser clients.
    Questions or concerns? Please contact us on the App Service forum or on Stack Overflow.

    Thank you,
    Your Azure team

    Account Information
    Subscription Id: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx

    Privacy Statement
    Microsoft Corporation, One Microsoft Way, Redmond, WA 98052

    John Fedor shared this idea  · 
  6. 2 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    John Fedor shared this idea  · 
  7. 96 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Signup and Billing  ·  Flag idea as inappropriate…  ·  Admin →
    John Fedor commented  · 

    Get-MsolPartnerInformation actually doesn't provide the information being requested. Partners are assigned on each license in O365, and we'd need to see which licenses that have (or don't have) a partner assigned to it.

  8. 360 votes
    Vote
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    planned  ·  13 comments  ·  Networking » Other  ·  Flag idea as inappropriate…  ·  Admin →
    John Fedor supported this idea  · 
  9. 281 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    5 comments  ·  Virtual Machines  ·  Flag idea as inappropriate…  ·  Admin →
    John Fedor supported this idea  · 
  10. 184 votes
    Sign in
    (thinking…)
    Password icon
    Signed in as (Sign out)

    We’ll send you updates on this idea

    7 comments  ·  Virtual Machines » Windows  ·  Flag idea as inappropriate…  ·  Admin →

    Given the sparse nature of Windows Azure Storage and with recent announcement for trim support on guest OS’s that support trim, the need for resizing should be reduced, as you should just assume you start with the largest size possible and only pay for what you use.

    John Fedor supported this idea  · 

Feedback and Knowledge Base