New features from Microsoft set to help organizations detect risky usage of AI

Here are two new features from Microsoft which will enhance the detection of risky AI usage and generative AI interactions. Microsoft Purview Insider Risk Management is introducing new detections for risky AI usage. This update will enhance the ability of administrators to identify risky AI usage within their organizations. The new detections will cover both intentional and unintentional insider risk activities related to generative AI applications, including risky prompts containing sensitive information or intent and sensitive responses generated from sensitive files or sites. The detections will apply to M365 Copilot, Copilot Studio, and ChatGPT Enterprise, contributing to Adaptive Protection insider risk levels. Using IRM  administrators can gain insights into risky AI usage in an anonymized form using analytics, create policies to track risky prompts and sensitive responses, and use the new generative AI indicators in adaptive protection to assess user risk scores. Microsoft P...

Backup your Lync Enterprise 2010 Server to one zip file

It's been a couple of weeks since I posted the backup script for Lync 2010 Standard Edition (here), and I promised to be back with a similar script for the Enterprise edition. I must admit it took longer than I expected as I ran into some issues with the way the SQL server backup works. But here it is, tested on several systems and in working order.

Since it is very similar to the original SE, I'll only focus on the differences in this script, and a few things to look out for.

The biggest challenge was to understand why my SQL server backup failed. Once I figured out my "system error 5 (access denied)" error message, it was only a matter of "creativity" to make it work.

If you examine the two scripts you'll see the SQL server backup routine is almost identical. The difference is in the $dest statement. When you run a SQL server backup, remotely, as this script is set up to do, you actually run the backup as the remote SQL server service's user context. As a result, when the backup "device" is accessed from the SQL server, this is done through a share on the Lync server. And the SQL Server Service account must have write access to this share.

My way of solving this, was through creating a share with the script, access it, and delete it by the end.
#################################################################
# Creating a fileShare with everyone rigths
# If you already have provisioned a share, where you SQL_service user have full controll over,
# You may skip this.
#################################################################

$filepathshare = "c:\lyncbackup"
NET SHARE lyncbackup=$filepathshare "/GRANT:Everyone,FULL"

#################################################################            
# Deleting the fileshare
#################################################################

NET SHARE lyncbackup /y /delete    
If you want to set up a permanent share, and restrict access to it, please feel free to do so.

Then the destination of the backup routine should be set to include this file share path

Here are a few things to consider before you run this on your own servers.
  • This script is for a Enterprise Edition Server.
  • The script has only been tested in single site topology. I suspect adjustments must be made for deployments with more than one site (If anyone would do so, or let me have access to such a deployment, please let me know)
  • This script has been tested with a co location of all databeses. If you require it to backup your Monitoring/archiving databases from seperate SQL servers, you must add these sources to the script.
  • The script should be able to run without any modification or input, unless you want to use other paths than I have entered. But, the script is set to map drive Y: to the Lync File Share. If this drive is already in use, you should change this to a drive not already in use.
  • The script must be run on a server where Lync PS is available, and this must be imported if you are to run this as a scheduled task (See the script for details).
  • If you want to backup your RGS information, you will have to install reskit tools as well (and import the script commands as I do in my script)
  • My script creates a directory C:\lyncbackup\, this may be edited if you like.
  • Certificates will only be backed up if you allowed for this when requesting and creating certificates.
  • The creation of the zipfile can take a while. The script finishes before the zipfile is finished (If anyone know how to wait for this task before quitting the script, please let me know).
  • I highly recommend you test the script in your Lab, before running in your production environment
That's all there is to it. All that's left for me to do, is to give you the link to the script: Backupscript - Enterprise EDT v1_2.ps1

As always, I appreciate feedback or suggestions on improvements.