Category Archives: Azure

Playing around with ASP.Net Core ConfigureServices()

Published by:

These days I’m working on a small personal project with ASP.Net Core and this allowed me play around with the ConfigureServices method in Startup.cs and discover some things I wasn’t aware of. So I though on sharing my experiments here to see what others have to say about them.

Even if the application itself is fairly simple I decided to create several different projects in a solution to keep things open for extensions, right? So what I have is an ASP.Net Core API project and a bunch of different other projects like Sample.Core, Sample.Infrastructure, Sample.Dal. For the data access layer I wanted to play around with the repository pattern and created a very simple and insecure repository to handle operations on the Azure Table Storage service. Continue reading

Microsoft Build 2018 keynote summary

Published by:

The Microsoft Build 2018 kicked off today in Seattle with Microsoft CEO Satya Nadella taking the stage and presenting Microsoft’s vision and strategy for the developer ecosystem. Scott Guthrie took then the audience through the main technical novelties with a lot of help from product managers and Microsoft partners or customers. If you missed the Microsoft Build 2018 keynote, here is a brief summary of what happened, taking note that it might be difficult to sum up in a few lines everything that was discussed for more than 3 hours.  Continue reading

SQL design patterns for multi tenant applications

Published by:

Cloud computing is now growing at a very fast pace for over 4 years now. Strictly related to the increased adoption of cloud technologies there is also an increasing interest in software as a service, as companies of all sizes around the world realized the benefits of paying a subscription for the software they use. In these perspective, software development companies and independent developers around the world build now multi tenant applications. However, multi tenant applications are a tricky from the planning phase, since customer data needs to be strictly isolated, the application itself must be highly available and easily scalable. And, as I also briefly mentioned in my previous article, everything starts from the database. That;s why I would like to briefly point out the main SQL design patterns for multi tenant applications.

In practical examples I will refer mostly to Azure SQL databases and the .NET ecosystem, although the main design patterns are still valid for any relational databases you might want to use. A lot of these aspects are described in different Microsoft Azure documentation articles. My goal is to summarize information that is otherwise dissipated in different sources. Continue reading

ADFS in multi forest environments

Published by:

ADFS in multi forest environments is still a very hot topic based on my day to day experience. Even if I’m concentrating more on cloud application development projects for more than 8 months, I still get a lot of questions from partners, colleagues, customers, IT admins from all around the world regarding this specific scenario. To put this in a little bit more perspective, the questions are usually asked in the context of Azure Active Directory, so the already renowned federated identity scenario. So that’s why I decided to blog about it, hoping to complement the scarce existing documentation.

Before we get started I would like to clarify one thing. Even if I will reference a lot Azure AD, everything I describe here is not restricted to Azure AD as a relying party. In fact, last time I worked on such a scenario, the relying party was AWS. So let’s get started.

The basic scenario is the following: a company has two or more Active Directory forest and one Azure AD. Using Azure AD Connect we can synchronize several forests to the same Azure AD. The question arises on the ADFS design. How many ADFS farms would we need? How would this work? Is this supported? Continue reading

#Build 2017 – some exciting things

Published by:

I just finished watching the #Build 2017 keynote and I am really excited by all the new things that were announced in this occasion. There were so many cool things that at the end I started to forget those mentioned at the beginning. That’s why I thought of writing a //build 2017 keynote summary, to serve more for me remembering all the things that I need to keep up with during the next year.

One of the coolest thing is the new Azure Cosmos DB offering. Azure Cosmos DB is Microsoft’s globally distributed, multi-model database. With the click of a button, Azure Cosmos DB enables you to elastically and independently scale throughput and storage across any number of Azure’s geographic regions. It offers throughput, latency, availability, and consistency guarantees with comprehensive service level agreements (SLAs), something no other database service can offer. What this means is that you have a database where you can store documents, tables, graph data and many more in the same place and use really any DB API to access all the data in nearly real time.

Just to stay in the same database area, the announcement of Azure database for MySql was also a nice surprise. Basically, you get a MySql database as a service, without the need to take care of patching infrastructures and so on.

Further, Microsoft announced at //build 2017 the new Azure IoT Edge, a technology that’s meant to extend “the intelligence — and other benefits — of cloud computing to edge devices.” It’s a cross-platform run time that runs on both Windows and Linux, and it will work on devices that are smaller than a Raspberry Pi. This will solve a lot of problems in IoT scenarios with really small devices, since this new features enables a more straight forward communication between Azure and devices.

Next, the announcement of the new Azure Portal App for iOs and Android, together with the built in full featured Bash shell in the Azure Portal was also a very intriguing announcement. First, the mobile app is not available on Windows 10 mobile devices (I know, there are few of them out there, but still….) and second, the first integrated shell is a Bash shell, not PowerShell (PowerShell will come “some time” in the future). On the other side, this underlines once more the heavy open source approach that Microsoft is showing during last years.

The remote debugging of production web apps using Visual Studio 2017 without any downtime was also a great thing to watch.

Let’s go to the AI part. I was already fairly familiar with Microsoft Cognitive Services, but the announcement of the custom vision API was really exciting. This enables developers to easily train their own vision machine learning models, providing the necessary training data. This really starts to look more and more like democratized AI, which should enable developers to build more and more intelligent applications.

The PowerPoint Translator was also a fairly cool demo, but for me it was not necessarily something new since exactly the same thing was showcased two years ago at the Build conference, but back then it was a Skype extension, called Skype translator. These two are fairly similar.

A final observation: almost all demos were made from MacOS laptops and iPhones.

Watching the //Build 2017 keynote was a very good time investment. I still dream to attend this conference in person at some time 🙂

Testing Azure AD per app MFA and conditional access based on network location

Published by:

Azure AD conditional access and per app MFA is globally available starting today, as announced by Alex Simmons. This feature was in preview for some time, but now, that it is globally available, it can be used in production environments. Since this is a new feature, I played a little bit around with it and I would like to share some insights.

Azure AD per app MFA and conditional access allows administrators to set MFA requirements on applications that are registered in Azure AD. This enables interesting scenarios, like for example requiring MFA for Exchange Online, but not for SharePoint Online, if a request comes from outside the corporate network. In order for this to work, you would have to activate MFA first and define the IP ranges that define your corporate network in CIDR format. You should be able to do this by accessing following URL: https://account.activedirectory.windowsazure.com/usermanagement/mfasettings.aspxContinue reading

Enterprise State Roaming – everything’s possible when Azure AD and Windows 10 work together

Published by:

Starting with Windows 8.1 I noticed that when I change my laptop, most of the settings and favourites will be there on the new device. This was a great thing! However, I asked myself if this would be possible also when changing my company laptop. With Azure AD and Windows 10 this is now possible, using a new feature called Enterprise State Roaming.  Continue reading

Using PowerShell to assign service admin roles in Azure AD

Published by:

Do you remember the times when you couldn’t assign service admin roles in Office 365? Those times are not gone for a long time, but however, it was not possible to add an Exchange Online Administrator, or a SharePoint Administrator. So, in most cases, companies used Global Administrators to manage Exchange, for instance, but the same admins had also access to SharePoint. It’s clear that this was odd.

The reason why this was not possible is that users and correspondent administrative roles are handled in Azure AD. So each Office 365 organization also has an Azure AD, only that many don’t know. And back then, administrative roles weren’t properly integrated across different services. However, this is possible now and we can also use PowerShell do handle everything. Continue reading

Azure AD, the door to the future

Published by:

Last week I was in Munich, attending a Microsoft partner event and I also delivered a track on Azure AD, called “Azure AD, the door to the future”. So I was thinking on writing down a brief summary of the content I delivered on Azure AD.

But it’s not possible to jump directly to Azure AD, without spending some words on the modern workplace, since Azure AD is just a technical answer for the challenges IT administrators face nowadays. Ten years back, the workplace was straightforward. Users came in their office, logged in to their PC and worked. In the evening they sut everything down and went home. Nowadays it’s different, since users are very mobile. They don’t simply work from their desk. Instead, users are now working from places difficult to imagine few years back, like bars, trains, hotels and their homes, of course. Not only that users are physically mobile, but they also use a vast palette of devices to accomplish work related tasks. If the IT department doesn’t offer devices, users will bring them themselves. In this circumstances, mobility is not something about movement anymore, but about the mobility of the entire experience.

Further, users also use a vast range of apps in their day to day work. And to be sincere, users also use a lot of third party SaaS apps to accomplish their tasks. Most IT departments wanted to improve the user experience and tried to integrate some way all the apps in their IT infrastructure, in order to prevent the leak of corporate information.  Continue reading

New Microsoft datacenters in Germany officially announced

Published by:

Microsoft CEO, Satya Nadella, just announced in Berlin the new cloud strategy for Germany which includes two new Microsoft datacenters, one located in Frankfurt and the second located in Magdeburg. All major Microsoft Cloud services will be offered from the new facilities, including Azure, Office 365 and CRM Online. The new Microsoft datacenters in Germany will most probably go live in the second half of 2016.

The new Microsoft datacenters in Germany underline once more Microsoft’s commitment to data security and data privacy, making sure that all Microsoft cloud customers are able to meet their specific compliance and regulatory needs. The two datacenters are connected through a private network, so that the data flow is completely isolated from the internet.

Further, German and European customers will be able to choose between a global Microsoft cloud service and a local cloud service. If customers opt for the local cloud service, none of the data or metadata will be stored outside Europe. To make everything as transparent as possible, the German company T-Systems will act as a data trustee under German law. What this means is that T-Systems is the only one to decide who gets access to the data stored in the new datacenters and who doesn’t. This means that Microsoft itself won’t have any access to the data. Continue reading