Microsoft Purview Sensitivity Labels: Sensitivity label grouping modernization coming this fall (?)

on
There is a change coming to Microsoft Purview Information Protection that simplifies sensitivity label architecture. The goal is to make label management easier, more scalable, and less rigid for organizations. The new model will only include standalone labels and sublabels. Parent labels will be replaced by label groups, which act as organizational containers. These groups cannot be applied to content and have no actions or scope, but they retain color and priority for visual organization. Hopefully, this change will make it much easier to move labels around and make other changes in production: for example, converting a standalone label into a sublabel or moving sublabels between groups without breaking dependencies.  From my experience, this update solves one of the biggest challenges in large environments: rigid label hierarchies. The new dynamic model gives admins the agility they need to adapt quickly as compliance and business needs evolve. For admins, migration will be quic...

Signing scripts, from now on

on
During the Lyncconf13, I was lucky enough to win a certificate from digicert in give away competition from the The UC Architects. It didn't take long to decide what to do with the gift. I decided to get a code signing certificate for my online scripts.

Now, you should be able to run the scripts directly by downloading them to your labs, without tampering with the script, it's security settings or your power shell security setting.

A benefit for me, is to see if the script has been tampered with if it does not work on a tested system. I decided to sign all my backup scripts, and I will also sign every new script I post on my blog.

As a side note: I was wondering if signing a lot of certificates was going to take a long time. I turned to power shell  and scripted it. What else "could" I do? It turned out to be quite easy, and done in a few minutes (writing the code, signing took seconds)


param ([Parameter(Mandatory=$true)][string]$folder,[string]$certvalue)

cd $folder

$cert = @(gci cert:\currentuser\my -codesigning)[$certvalue]
foreach ($scripts in (Get-ChildItem)){
Set-AuthenticodeSignature $scripts $cert}

All my backup scripts have been updated, so if you download these scripts now, they will be signed. (If your machine trusts Digicert, you should be in good shape.)

Here are two posts I used as reference:
http://technet.microsoft.com/nb-no/magazine/2008.04.powershell(en-us).aspx
http://tfl09.blogspot.no/2010/06/signing-powershell-scripts.html