Microsoft Family Safety App

[Dynamic5912]

Currently, Microsoft Family Safety app reports zero usage for Windows and Xbox devices that are linked to the parental account despite being in use - this doesn't prevent devices from working or going beyond their allocated daily time limits - but it does affect reporting to the app and occasional affects requests for time extensions from apps/devices.

My understanding and from Reddit is that allowing *. events.data.microsoft.com fixes this - but I don't want to allow all subdomains through - just the ones required for Family Safety.

Do you (or the community) know which domains are required for the app to function and report usage correctly?

I've looked online and on Microsofts forums/help pages and they say to allow the domain and all subdomains as a whole for "all Microsoft services to function correctly".

[hagezi]

I don't know anyone who uses it and I don't know which telemetry domains Microsoft “misuses” for it. If it really is the telemetry events, my guess is:

mobile.events.data.microsoft.com

Depending on the region:

au-mobile.events.data.microsoft.com
eu-mobile.events.data.microsoft.com
in-mobile.events.data.microsoft.com
jp-mobile.events.data.microsoft.com
uk-mobile.events.data.microsoft.com
us-mobile.events.data.microsoft.com

These are used by almost everything that “smells” of Microsoft.

Which list version are you using?
Which event domains are blocked according to your log?
Have you unblocked *.events.data.microsoft.com to see if this is the cause?

[hagezi]

I can also think of the following:

vortex.data.microsoft.com - This subdomain is often used for collecting telemetry data and is probably also relevant for Microsoft Family Safety.

self.events.data.microsoft.com - This subdomain is specifically for collecting telemetry data and events triggered by user actions or system operations, which may also be important for tracking activity in Microsoft Family Safety.
Only blocked in Ultimate.

[Dynamic5912]

Thanks for the hints.

I'm using the Ultimate List.

For now, i have whitelisted the domain in AGH as follows: @@||events.data.microsoft.com^

And will see if this yields any results then try to figure out which domains are being used.

Kids are on downtime this evening but they should be on their devices tomorrow so I can see what happens :)

[hagezi]

For Ultimate, I would unblock self.events.data.microsoft.com and see if that is enough.

[Dynamic5912]

self.events.data.microsoft.com

OK. Will change my custom filter to that domain and see if it works tomorrow.

Will update as I know more...

[Dynamic5912]

OK, so..

Allowing self.events.data.microsoft.com made no difference - no time used etc. was being reported to the Family Safety App.

So I whitelisted events.data.microsoft.com to allow all subdomains and within a couple of minutes, the app updated with usage time for the kids laptops as well as time spent in individual apps (previously this all said "not used today").

Now begins the game of figuring out which subdomain of events.data.microsoft.com is required for Family Safety to work - I'll need to trawl through the logs for the evening and see which whitelisted subdomains were used then take it step-by-step I guess..

[Dynamic5912]

It might be functional.events.data.microsoft.com not 100% sure..

I have other Windows machines in the household and only the kids laptops are calling this subdomain when in use..

[Dynamic5912]

It's not functional.events.data.microsoft.com so back to searching again.

I've whitelisted events.data.microsoft.com as a whole again so will see what crops up and if it starts working...

[hagezi]

@Dynamic5912 Anything new here?

[Dynamic5912]

Still testing - whitelisting events.data.microsoft.com seems to work sporadically.

Disabling blocking/filtering altogether in AGH makes it work as it should - so something else is required to be whitelisted as well it seems.

I think it might be activity.windows.com but need to do more testing.

[xRuffKez]

@Dynamic5912 new results?

[Dynamic5912]

Been on holiday 😀

Will check again over the next few days

[paddyofurniture]

Wondering if there's been progress on this?

Also, where are you whitelisting? Windows Firewall, router, or..?

[hagezi]

@Dynamic5912 Is there anything new or can I close here?

[hagezi]

@Dynamic5912 If the problem still exists, or if you know what you need to unblock, just contact here in the topic again. I'll close it for now.

[Dynamic5912]

Hey - sorry been busy with work and stuff so not gotten around to re-testing this again.

Will update the post again if there's any update.

[Dynamic5912]

Revisiting this..

Allowing:

@@||events.data.microsoft.com

Lets reporting work again.

However, there are quite a few subdomains that get allows through with this filter, so it's now a case of narrowing down which one/s are required:

• v10.events.data.microsoft.com
• v20.events.data.microsoft.com
• browser.events.data.microsoft.com
• teams.events.data.microsoft.com
• self.events.data.microsoft.com
• mobile.events.data.microsoft.com
• watson.events.data.microsoft.com
• functional.events.data.microsoft.com

[tschai-yim]

Hi, this isn't related to the same app but the same domains. Blocking the following domains completely breaks SSO sign-in for Microsoft apps on Android:

• eu-mobile.events.data.microsoft.com
• mobile.events.data.microsoft.com

I've tried Teams and Outlook with two different organizations, both of which use Microsoft AD SSO. My guess is, this probably also is the case in other regions listed here: #3277 (comment)

PS: concretely, it'll ask for the password but then show a network error after a while or after clicking "login".

[hagezi]

@tschai-yim #5118