How does the privacy in O365 Groups/Teams affect the SharePoint Site

When you create a O365 Group or Teams you get given the option for Privacy. Either Public or Private. When an O365 group is created a Modern SharePoint Team site is created, but how is the site affected depending on the privacy?

Private Privacy

In a “Private” group, in the SharePoint site, the members of the O365 Group get added to the SharePoint Members Group.

And the owners of the O365 Group get added to the Site Collection Administrators.

Public Privacy

In a public site, the Members and Owners of the group get added to the SharePoint Members group and Site Collection Administrators respectively. The extra difference I have noticed, is that the “Everyone except external users” group is also added to the SharePoint members group.

What does this mean?

A private site is what it says. It is private. If it’s joined to a Teams anyone who is not a member of the group, cannot see MS Teams, search for site or documents inside it, or have access to the SharePoint site.

A public site is different. If it’s joined to Teams, a person who isn’t a member to the group will not see the MS Teams, meaning they cannot see channel chats, but can search to join it.

The documents however are available to them. They can search for these documents, access the SharePoint Site contribute on the documents too if they like.

Testing this

I have created two MS Teams. The first one is called Public OTB Permissions and set the privacy to Public. I am the only member of this site. The second site is called Private OTB and set the privacy to Private. Again, I am the only member of this site. In both “General” channels I have uploaded a Word document.

Public Privacy

Private Privacy

I have a second user called Alan Brewer, and in SharePoint I’m going to search for the word “Place” as this word is in both test documents.

Alan can only see the document from the public site, and when clicked through can access the document, contribute towards it. He can even view the whole SharePoint site. This is because he is being let into the site via the “Everyone except external users” claim that has been added to the SharePoint Members group for the site.

Just to complete this, I have added another user called Adam Barr to the Private site.

If I now sign in as Adam and perform the search “Place” like before, Adam can see both documents.

What happens when I switch the privacy for the O365 group.

When you decided you want to make a “Private site” public or a “Public site” Private, there is a process that happens in the back end which will either add/remove the “Everyone Except External users” to the SharePoint members group. I’ve noticed this can take up to 15 minutes or so before it is reflected in the SharePoint site.

Should I remove/change the “Everyone Except External users” from a public SharePoint site?

You can, but I don’t recommend it. If like me, personally it might be better to have the Everyone Except External Users in the Visitors group. Allowing the site to still be public, but you must be a member to contribute or change anything. The trouble with this, the site would be set up they way you want it, but then if an Owner decides to change the O365 Groups Privacy to Private, the backend process does not remove the “Everyone Except External Users” from the SharePoint Visitors Group, leaving the documents open to all. Then if they decided to switch it back or change an O365 Group from Private to Public Privacy, the backend process would add the “Everyone Except External Users” to the SharePoint members group. Making the site now open and everyone can contribute again. You could train all owners to ensure they remove/add this group if they switch the privacy, but who will remember to do that!

You could, if you are a developer, have a webhook using MS Graph that is attached to monitor O365 Group changes. https://docs.microsoft.com/en-us/graph/webhooks. Although possible, you would need to ensure that there is a delay from capturing the O365 Group webhook privacy change, and updating SharePoint, as you need to run after the backend process has been and flipped the “Everyone Except External Users”. If switching from Public to Private policy, any process you develop, if runs too late would leave the site open for a given amount of time, or if it fails could leave the site open where the users believe it is all locked down.

Setting up Webhook for O365 Audit logs

This is part one of a 2-part blog post.

1. Walkthrough Setting up WebHook for O365 Audit Logs – (This Post)
2. Dive into the code for O365 Audit Log webhooks to see how it works

In this blog post I’m going to show you how to get the O365 Audit logs using WebHooks. The full code can be found at my Github repo https://github.com/pmatthews05/O365AuditWebHook. My post will show you how to set up with screenshots and the expected results. In my next blog post I will dive into the important parts of the code to get this Audit WebHook connected and working.

Set up – Walkthrough

Creating an App Only Token

Once you have downloaded a copy from my Repo you will need to set up your environment. First thing we are going to do is create an App Only Token that will be able to read the Audit Logs.

• For your Office 365 Tenant go to https://portal.azure.com
• Select Active Directory
• Select App Registrations
• Click Create New Registration
  • Name: Audit Logs Retrieval
  • Supported Account types:
    Accounts in this organizational directory only
  • Click Register
• Take a copy of the Application (client) ID
• Take a copy of the Directory (tenant) ID
• Click View API Permissions
• Click Add a Permission
• Select Office 365 Management APIs -> Application Permissions -> ActivityFeed.Read
• Click Add permissions

• Click Grant Admin Consent for [tenant] and accept the permissions.
• Click on Certificates & Secrets
• Click New Client Secret
  • Description: Audit Web Hook
    
  • Expires: Never
    
• Take a copy of the Secret value
  

Setting up Azure

You will need to set up your Azure Environment, this will consist of the following:

• Resource Group
• Azure Function V1
• Applications Insights
• Storage Account

I like to automate where I can, also it saves me creating loads of screenshots which are probably all out of date after 2 months. I have written an Az CLI PowerShell script that will create the above for you in your Azure Environment. In the next blog post I will explain the code.

• Download the latest version of Az Cli.
• Using a PowerShell window – Sign into your Azure Environment using ‘az login’
• If you have multiple subscriptions, ensure you are pointing to the correct subscription ‘az account set –subscription [SubscriptionName]‘
• Change the directory to .\O365AuditWebhook\powershell
• Run the following: ‘.\Install-AzureEnvironment.ps1 -Environment “[Environment]” -Name:”AuditWebHook”‘ replacing the [Environment] with your tenant name. For example, I’ve used cfcodedev.
• Once the script has run, you will have the basic template Azure resources you need within the Resource group named [Environment]-AuditWebHook

Deploying Azure Function from Visual Studio 2019

Firstly, you don’t have to deploy this way. If you prefer to use Visual Studio code, create an AZ install script or manually deploy using Kudu, that is your choice, and all are valid. My choice of doing this is simplicity for screen shots and steps.

• Open the solution using Visual Studio Code 2019
• Right click on the project AuditWebHook and select Publish
  
• From the Pick a publish target dialog (click Start if you are not seeing a dialog), and under Azure Functions Consumption Plan click Select Existing, and select Create Profile.
  
• Sign into your account if you need to, then pick your subscription, resource group, and then you can either search, or just pick the Azure Function. Click OK.
  
• This takes you back to the Summary page. Under Actions click Edit Azure App Service settings
  
• The Application Settings dialog will show you the values Local and what is found within Azure Function in the cloud. You will need to update the Remote value for the following:
  • FUNCTIONS_EXTENSION_VERSION: ~1
• You will need to add the following Settings, by clicking on Add Setting creating the setting name, and put the value in afterwards. Repeat for each setting below.
  • Tenant: [Name of your Tenant, do not include .onmicrosoft.com]
  • ClientId: [Client ID created in step ‘Creating an App Only Token’ earlier]
  • AppSecret: [Secret Value created in step ‘Creating an App Only Token’ earlier]
• Click OK
• Back on the Publish screen, click the Publish button. This will push the code to your environment, with the correct Application Settings.
  
• By going to your Azure Function at portal.azure.com, you will see 2 Azure Functions
  
• Then clicking on Configuration, it will take you to the Application settings page, click Show Values and you will see your values.
  

At this point you just have the Azure function as a Webhook in place. Next steps are to tie the O365 Audit log to the WebHook.

Connecting O365 Audit Logs to your webhook

The last step is tying the Audit logs to your webhook. The webhook can be used for the different Audit logs. There are 5 different types of logs.

1. Audit.AzureActiveDirectory
2. Audit.Exchange
3. Audit.SharePoint
4. Audit.General
5. DLP.All -Note: DLP sensitive data is only available in the activity feed API to users that have been granted “Read DLP Sensitive Data” permission.

I have written a PowerShell script for you that will register the webhook for you. You will find this in the repo.

• Open PowerShell
• Change the directory to .\O365AuditWebhook\powershell
• Run the following PowerShell script (Run on one line), change the parameters to match your environment. I’ve picked Audit.SharePoint, but you can use any listed above, and run the PowerShell script multiple times to connect all logs to the webhook.

	.\Set-AuditLogs.ps1 -ClientId:<ClientID>
	-ClientSecret:<AppSecret>
	-TenantDomain:<Tenant>.onmicrosoft.com
	-TenantGUID:<Directory ID>
	-WebHookUrl:https://<Environment>-auditwebhook.azurewebsites.net/API/AuditWebHook
	-ContentType:Audit.SharePoint

view raw Call-SetAuditLogs.ps1 hosted with ❤ by GitHub

The above codes login with the ClientID and Secret and Starts a subscription to the given ContentType audit, using the WebHookUrl for the webhook.

If successful, you will receive a 200 Status Code message like below.

Your Azure Function (AuditWebHook) would have fired, and you would see something like the following within your logs.

Viewing the results

Directly from the Microsoft Page on Office 365 management api it states in this note:

“When a subscription is created, it can take up to 12 hours for the first content blobs to become available for that subscription. The content blobs are created by collecting and aggregating actions and events across multiple servers and datacenters. As a result of this distributed process, the actions and events contained in the content blobs will not necessarily appear in the order in which they occurred. One content blob can contain actions and events that occurred prior to the actions and events contained in an earlier content blob. We are working to decrease the latency between the occurrence of actions and events and their availability within a content blob, but we can’t guarantee that they appear sequentially.“

If you are using a Development environment – like myself – and setup the Audit.SharePoint content type then I suggest you go into SharePoint, and start using SharePoint. Just so the logs start to fill.

Please note, it can take up to 30 minutes or up to 24 hours after an event occurs for the corresponding audit log entry to be displayed in the search results, depending on the service of Office 365. See the table at the bottom of this section Search the audit log in security and compliance – Before you begin

Viewing the AuditWebHook azure function, you will see that it has fired more times since your initial setup.

If you look at your latest call, (note: logs can display out of order in azure functions) you will see that it attempts to find the validation code, which is what it needs to set up the webhook. When it is unable to find the validation code, the code assumes that content contains log information. It grabs the URI of the log that has been created and then it adds it to our Azure Storage Queue for our other azure function to process. Depending on how busy your environment is, this request could hold multiple URL’s to logs. A webhook has to respond quickly back to the calling code with a 200 status code. Therefore we are adding the URI’s of the logs directly to a Storage Queue to allow a different process to interrogate the logs.

The second Azure Function (AuditContentUri) will fire every time an item lands on the Storage Queue. This will grab the information from within the log file by calling the URI.

If we select one of the calls and view the logs of that Azure Function call, every entry within that Audit log file URI will be displayed in a JSON format. Clicking on a row in the logs, will display the full details of the line. At this point in the code, would be where you process the line and do whatever you need to do with the Audit log. I’m just printing it out to the Azure Function Logs.

Remove O365 Audit Logs from your webhook

To remove the webhook from the Audit log just run the following PowerShell script. You will find this in the repo.

• Open PowerShell
• Change the directory to .\O365AuditWebhook\powershell
• Run the following PowerShell script (Run on one line), change the parameters to match your environment. I’ve picked Audit.SharePoint, but you can use any listed above, and run the PowerShell script multiple times to remove all logs to the webhook.

The below codes login with the ClientID and Secret and stops the subscription of the given ContentType audit.

	.\Remove-AuditLogs.ps1 -ClientId:<ClientID>
	-ClientSecret:<AppSecret>
	-TenantDomain:<Tenant>.onmicrosoft.com
	-TenantGUID:<Directory ID>
	-WebHookUrl:https://<Environment>-auditwebhook.azurewebsites.net/API/AuditWebHook
	-ContentType:Audit.SharePoint

view raw Call-RemoveAuditLog.ps1 hosted with ❤ by GitHub

Hopefully, if you have followed this correctly, (and I have written decent enough instructions for you), you should have a basic Audit Log Webhook working in your environment. This isn’t anywhere near production ready code, but it gives you an idea where to start. In my next blog post I will be going though parts of the code, to explain how it all fits together.

Unable to change Office 365 Group Membership

Was recently having a problem trying to change the group membership of a 365 Group. I was trying to add external users to the group, and through SharePoint it always redirects you to Outlook to do this.

• Click on members top right of the screen.
  
• Click Add members
  
• Click go to Outlook to add Guests.
  
• This should redirect you to the group information for the group, where you can edit; about this group, change membership, see emails, and files related to the group.
  

The problem I was getting, was that as soon as it hit the above page, it was redirecting to https://outlook.office365.com/people/. I also couldn’t see the Groups part, as highlighted below.

It made no sense that I couldn’t see it, I was a global administrator, I created the site, I was an owner of the site, I had a E5 license.

It turned out, it was a simple thing that took Microsoft Support, and several engineers a while to help me solve. Somehow my account mailbox had been converted to a Shared Mailbox. How or why this happened doesn’t matter.

By going to the Exchange admin centre, clicking on Recipients and Shared it displays all the Shared Mailboxes.

In the example above, David Mamam (a made-up person in my demo tenant) has a Shared Mailbox. If David attempted to click on the ‘go to outlook’ link in the SharePoint site, he would be re-directed to https://outlook.offic365.com/people. To fix this problem, David’s mailbox needs to be converted back to a regular mailbox.

To do this, click on the ‘convert’ link underneath the ‘Convert to Regular Mailbox’ within the Exchange admin center, as show above. The conversion takes a few moments.

Once complete, the user will be able to click the link to modify the Office 365 Group that they were an owner of.

Office applications crashing with SharePoint Content Types and Document Templates

The scenario I had set up was, a few content types with different site columns assigned to the content type. (Single Line of Text, Ratings and Managed Metadata). Each content type also had a document template assigned to them.

The content types were then added to a document library list. When I click the New button on the list menu bar, I’m presented with a choice of documents I can create.

On my environment I was using Office 2013, and opening each one didn’t cause me a problem. The Document Information Panel (DIP) was there, my Presentation document template loaded correctly.

However when my clients tried to open any of the document templates it crashed. It appeared to crash just as the Document Information Panel attempted to load. They were using MS Office 2010, perhaps that was the problem?

It wasn’t. As I tried to open the same document on numerous of other PC’s that had either MS Office 2010 or MS Office 2013, none of them had a problem. The client had a few different people attempt to open the document templates and they all had MS Office crashing on them.

Going back to basics, I decided to create a basic content type with just single line of text columns and use the same document template. This loaded no problem in the clients MS Office 2010, the document information panel was there and the document saved back to the SharePoint Library. Therefore only difference then between the two content types were the columns.

Working with the client, I removed a column from the content type one at time and got them to open the Document Template. It turns out that after all Managed Metadata columns were removed the document open OK. This was great that I worked out the problem, but this wasn’t a solution, I needed the Managed Metadata columns to be there. I did a bit of searching on the internet, and many forums were pointing people in the direction that there are two version of Microsoft Office installed on the PC’s that are crashing.

The guys I were dealing with were working with SharePoint 2013 a lot, and turned out that they had SharePoint Designer 2013 installed. When SharePoint Designer 2013 is installed so is a bunch of Microsoft Office 2013 dlls. These Shared Dlls get registered and override some of the Office 2010 dlls.

Solution

The solution is a simple fix, (maybe not if you have to do it to everyone in your company), basically you need to either upgrade everyone to 2013 or get the PC’s with Office 2010 to repair the install. This will re-register the dlls for 2010 correctly and the Document Templates will open correctly. (SharePoint designer 2013 will continue to work)

To repair your Office 2010, on the PC go to Control Panel > Program and Features. Click on MS Office 2010, and then on the menu bar Click Change. Then select Repair. Once the repair is complete you will need to restart your PC, and afterwards you will be able to open Document Templates with Managed Metadata columns.

Final thought

Even though MS Office 2010 is very old now, and less people will probably encounter this issue, there is a chance that this issue could resurface for people when MS Office 2016 is released.

Building Your SharePoint 2013 development machine on Windows Server 2012 – Part 3 – Building a base disk to use for differencing disks.

UPDATE: SharePoint 2016 development machine

I am doing a collection of blog posts, you can access the other parts of this post below.

• Part 1 – Introduction
• Part 2 – Setting up and configuring Host Computer using Hyper V and a Wireless Network
• Part 3 – Building a base disk to use for differencing disks.
  • Installing Windows Server 2012
  • Installing SQL 2012
  • Installing Office 2013
  • Installing Visual Studio
  • Setting up the Menu
  • Syspreping
• Part 4 – Installing Active Directory
• Part 5 – Configuring SQL 2012 ready for SharePoint 2013
• Part 6 – Installing SharePoint 2013
• Part 7 – Configuring Hosting Apps
• Part 8 – Configuring My Sites and User Profiles
• Part 9 – Configuring Workflow
• Part 10 – Setting up Visual Studio

Building a base disk to use for differencing disks.

Now as this is a single build machine, you might wonder why bother building a base disk for differencing? The reason is simply that it will save you time in the future, if you wish to expand your farm, or create another server at a later date. By doing this, you will find that all the default programs and updates are already on the machine.

What needs to go on here?

I would put on the base build everything that you probably will need on all your virtual machines. So I will be adding;

• Windows Server 2012 Standard Edition 64 bit.
• SQL 2012 Standard Edition 64 bit with SP1 – Basic set up with database and management studio
• Office 2013 – Access, Excel, InfoPath, Lync, OneNote, Outlook, PowerPoint, Publisher, Visio and Word
• PowerShell Plus from Idera
• FireFox
• Chrome
• Visual Studio 2012 Ultimate
• Fiddler

Creating your Virtual Machine.

1. Open up Hyper-V Manager.
   
2. Under Actions, click on New and select Virtual Machine. Click Next.
   
3. Name your Virtual Machine, and your choice if you wish to store the virtual machine in a different location.
   
   
4. Assign it some memory. At this Stage just 6GB will be enough for installing everything. Click Next.
   
   
5. Configure the Network to point to the Internal LAN connection that we made in the previous blog.
   
   
6. Name your Virtual Hard disk. Change the location if you wish, and I’d recommend creating a 400GB hard disk. (If you have room). We will split the disk inside the virtual machine into 100GB and 300GB for C and D drive. Click Next.
   
   
7. Installation Options, you can select Install an Operating system from a Boot CD/DVD-ROM and in my case I have selected the Windows Server 2012 Image file.

Install Windows 2012 Server Standard Edition.

Inside your Hyper V manager you should now see your Virtual machine. In my case it is called Cann0nF0dderBase. By right clicking on the machine you can connect to it. A window will open. You can then click the Start Button.
As your virtual machine starts up it will load the Windows 2012 files.

1. Configure the language. Click Next.
   
2. Then Click Install Now.
3. Insert your product key. Click Next.
4. Select Windows Server 2012 Standard (Server with a GUI) and then click Next.
   
5. Tick I accept the license terms. And then click Next.
6. Select the Custom: Install Windows only (advanced) option.
   
7. In the Where do you want to install Windows. Select Drive options (advanced) and create a new space of 102400MB. This will create a 100GB space. Accept the message that says Windows might create additional partitions for system files. You should now see Drive 0 Partition 1: System Reserved, Drive 0 Partition 2 and Drive 0 Unallocated Space. Select the last one and click New, then Apply. This will set up your drive space. Click Next, and Windows 2012 will start installing.
   
8. Once it has finished installing itself, it will ask you for a password for the Administrator. I use Pa55w0rd. Click Finish.
   
9. Now you can log in. To perform Ctrl + Alt + Del in a Hyper V Machine. Press Ctrl + Alt + End.
10. Before you continue any further, install Hyper V Client tools. At the menu on the Virtual Machine Connection, click Action > Insert Integration Services Setup Disk. Then run the setup disk. You will find the disk has been attached as drive E within your virtual Machine. It will warn you about upgrading to the latest version. Accept this, and restart the VM when requested.

Configuring Windows 2012

1. Once you have logged back in again the Server Manager appears. On the left hand menu, click on Local Server. This will bring up all the properties for this machine.
   
2. Disable the Windows Firewall, by clicking on the Windows Firewall Public: On link and then selecting Turn Windows Firewall on or off. And then turn the firewall off.
   
   
3. Back on the properties screen click the On link for IE Enhanced Security Configuration. Then turn this off for Administrators and Users. Click OK.
   
4. Go back to the Start menu by moving your mouse to the bottom left of the screen, or by pressing the windows key. Type UAC, and select settings from the right hand side. Click on Change User Account Control Settings.
5. On the User Account Control Settings, move the slider down to the bottom. This will prevent the screen keep prompting you when an administrative task needs to be made. Click OK. A administrative prompt will appear, but this will be your last one.
6. Back in the Server Manager properties window for the server. Enable Remote Desktop. Click the Disabled link. Then select Allow remote connections to this computer. Click OK.
   
7. Back in the Server Manager properties window for the server, Click on Windows Update Not Configured link. This will open up the Windows Update dialog.
   
8. Click Let me choose my settings. Then on Choose your Windows Update settings, I always have Download updates but let me choose whether to install them. And then I tick Recommended updates. Click OK.
   
9. Your server will now check for updates. Install anything that is outstanding.

Apply the DisableLoopbackCheck Registry Fix.

1. Click the Windows PowerShell icon in the Taskbar.
   
2. Run the following PowerShell commands, pressing [Enter] after each one:

   
   $regKeyPath = "HKLM:\System\CurrentControlSet\Control\Lsa"
   $key = "DisableLoopbackCheck"
   New-ItemProperty –Path $regKeyPath –Name $key –Value "1" –PropertyType dword
   
   

Disable the Shutdown Event tracker.

1. Open the start menu and type gpedit.msc. Click on the program to open it.
2. In Group Policy Editor, navigate to Computer Configuration\Administrative Templates\System, open the Display Shutdown Event Tracker policy, and set it to Disabled.
   

   Now when you shut down you shouldn’t see the Shutdown tracker appear.

   

Enabling the Desktop Experience.

1. Open up the Server Manager.
2. On the right of the screen click Mange > Add Roles and Features
3. Click Next.
4. Ensure Role-based or Feature-based installation is selected. Click Next.
5. On Select destination server click Next.
6. On Select server roles click Next.
7. On Select features. Expand User Interfaces and infrastructure (Installed) and tick Desktop Experience. Add the addition features that it requires. Click Next.
8. Click Install.

Getting the Sound to work within your Virtual Machine.

Now you might have noticed there is no sound coming from your virtual machine. It might not bother you. It appears that you cannot get sound going through a Hyper V client window. However if you remote desktop onto the machine you can then get sound from your virtual machine, if you follow my previous blog on Getting sound to work within your Windows Server Hyper V Client.

Set up directories for SQL.

1. Bring up Explorer by click on Windows Key + E.
   
2. Double click on D drive. It will ask if you wish to format it. Say yes and format the disk.
   
3. Create the following Directories on D.
   
   1. d:\SQL\Data
   2. d:\SQL\Logs
   3. d:\SQL\Temp\Data
   4. d:\SQL\Temp\Logs
   5. d:\SQL\BackUp
      

SQL 2012 Standard Edition 64 bit with SP1

Now we can Install SQL Server 2012 Standard Edition with SP1. Select the ISO in Virtual Machine Settings.

1. Run Setup.exe
2. The SQL Server Installation Center will open up. On the left hand side, click Installation.
3. Click on New SQL Server stand-alone installation or add features to an existing installation
   
4. After click next Setup support rules will identify any problems that might occur when installing SQL Server Setup support files. There should be all passes. Click OK.
5. Choose Enter the product Key the product key should already be entered. Click Next.
6. Accept the license terms. Click Next.
7. The setup files will now install.
8. Click Next
9. On the Setup Role Page. Select SQL Server Feature Installation and click Next.
10. On the Feature Selection Page. Select Database Engine Services, Full-Text and Semantic Extractions for Search. Then under Shared Features select Management Tools – Basic and Management Tools Complete. Click Next.
    
11. On the Installation Rules page click Next.
12. On the Instance Configuration page click Next.
13. On the Disk Space Requirements page click Next.
14. On the Server Configuration page, change the SQL Server Agent Start Up Type to Automatic. Click Next.
    
15. On the Database Engine Configuration page. Select Mixed Mode and enter the password as Pa55word. And Click Add Current User.
    
16. On the Data Directories tab, change the data to the following.
    1. User Database Directory – d:\SQL\Data
    2. User Database Log Directory – d:\SQL\Logs
    3. Temp DB directory – d:\SQL\Temp\Data
    4. Temp DB Log Directory – d:\SQL\Temp\Logs
    5. Backup Directory – d:\SQL\BackUp
17. On the FILESTREAM tab tick Enable FileStream for Transact-SQL access and Enable FILESTREAM for file I/O access. Click Next.
18. On the Error Reporting page, click Next.
19. On the Installation Configuration Rules page, click Next
20. On the Ready to Install page, click Install.
21. After installation your SQL Server 2012 is installed. You may be asked to reboot.

Installing Office 2013

Now we can Install Office 2013. Select the ISO in Virtual Machine Settings.

1. Run Setup.exe
2. Accept the license terms. Click Continue.
3. I just except the defaults, and click Install Now.
4. Office 2013 is now installed. You will be requested for the key code when you open up an office product.

Don’t forget that Visio is a separate installation. (I’m not going to teach you how to do Next Next on that as well. I think you can work it out yourself.

Installing Visual Studio.

Now we can Install Visual Studio 2012 Ultimate. Select the ISO in the Virtual Machine Settings. (Again I probably don’t need to walk you through this bit).

1. Run VS_ultimate.exe
2. Agree to the License terms and Conditions. Click Next
3. Decide what you want to install, you will need Microsoft Office Developer Tools, Microsoft SharePoint Developer Tools, Silverlight Development Kits, and Microsoft Web Developer Tools. Blend for Visual Studio might be useful for SharePoint. Click Install.
   

Extra Stuff to install.

• Chrome
• Firefox
  • Firebug for FireFox
• Fiddler
• PowerShell Plus from Idera – You will need to give your email address to them, but the free tool is useful.

Setting up the Menu.

If you currently look at your menu you will notice that everything is everywhere. You can click and drag tiles and position them in more logical sections. By moving them between other sections you can create new sections.

By clicking on the bottom right of the menu screen there is a minus icon. By clicking this, you will zoom out. Then by right clicking a section you can then name it.

I organised my menu to look like below screen shot.

Sysprep the machine.

As I have already written a blog on Sysprepping a machine while keeping the Menu the same after sysprep follow the following blog. Windows 8 and Windows Server 2012 Start Screen is Reset when Sysprep

Once you have completed the above post of Sysprep while keeping the Start menu. Do not turn on your Virtual Machine again. If you do it will start the Sysprep process. At this point, go to where the base hard drive is for the Virtual Machine, and set it to Read Only.

Create your SharePoint machine from your Base disk.

1. First remove the Virtual Machine from the Hyper V manager. Select the base virtual machine and on the right hand side, under the machine name, click Delete. This just deletes the machine, but keeps the virtual machine disk. By deleting this from Hyper V there is no chance of accidently starting it.
2. Next follow my previous blog on Creating your hyper V windows Server 2012 machine from a differencing disk.
3. When you start up your new Virtual Machine based on the base disk, you will be required to enter a valid Key Code for Windows Server 2012 Standard Edition. Let the sysprep process complete, answer any installation questions required and then log in.
4. You now have a Windows Server 2012 with Office, SQL, Visual Studio ready for SharePoint 2013, or whatever else you might want to install on it instead.

How to configure Microsoft Word 2010 with WordPress

This was a good start. Now I have created my WordPress site I wanted to ensure I could post to it directly from word. I stumbled at the first hurdle. Here are instructions.

1. Click File -> New and select Blog Post. Then click Create.
   
2. Once the blank blog post has loaded, on the ribbon menu bar select Manage Accounts.
3. Click New and select WordPress as your Blog provider. Click Next.
   
4. Here is the bit I stumbled on. When it asks for the URL of your blog DO NOT remove xmlrpc.php from the end. Enter your username and password, select remember password, and click OK. The Picture Options bit should be set up as “My Blog Provider”.
   
5. Type out you blog, give it categories, and click Publish!