The Microsoft Build 2018 kicked off today in Seattle with Microsoft CEO Satya Nadella taking the stage and presenting Microsoft’s vision and strategy for the developer ecosystem. Scott Guthrie took then the audience through the main technical novelties with a lot of help from product managers and Microsoft partners or customers. If you missed the Microsoft Build 2018 keynote, here is a brief summary of what happened, taking note that it might be difficult to sum up in a few lines everything that was discussed for more than 3 hours. Continue reading
Cloud computing is now growing at a very fast pace for over 4 years now. Strictly related to the increased adoption of cloud technologies there is also an increasing interest in software as a service, as companies of all sizes around the world realized the benefits of paying a subscription for the software they use. In these perspective, software development companies and independent developers around the world build now multi tenant applications. However, multi tenant applications are a tricky from the planning phase, since customer data needs to be strictly isolated, the application itself must be highly available and easily scalable. And, as I also briefly mentioned in my previous article, everything starts from the database. That;s why I would like to briefly point out the main SQL design patterns for multi tenant applications.
In practical examples I will refer mostly to Azure SQL databases and the .NET ecosystem, although the main design patterns are still valid for any relational databases you might want to use. A lot of these aspects are described in different Microsoft Azure documentation articles. My goal is to summarize information that is otherwise dissipated in different sources. Continue reading
ADFS in multi forest environments is still a very hot topic based on my day to day experience. Even if I’m concentrating more on cloud application development projects for more than 8 months, I still get a lot of questions from partners, colleagues, customers, IT admins from all around the world regarding this specific scenario. To put this in a little bit more perspective, the questions are usually asked in the context of Azure Active Directory, so the already renowned federated identity scenario. So that’s why I decided to blog about it, hoping to complement the scarce existing documentation.
Before we get started I would like to clarify one thing. Even if I will reference a lot Azure AD, everything I describe here is not restricted to Azure AD as a relying party. In fact, last time I worked on such a scenario, the relying party was AWS. So let’s get started.
The basic scenario is the following: a company has two or more Active Directory forest and one Azure AD. Using Azure AD Connect we can synchronize several forests to the same Azure AD. The question arises on the ADFS design. How many ADFS farms would we need? How would this work? Is this supported? Continue reading
I just finished watching the #Build 2017 keynote and I am really excited by all the new things that were announced in this occasion. There were so many cool things that at the end I started to forget those mentioned at the beginning. That’s why I thought of writing a //build 2017 keynote summary, to serve more for me remembering all the things that I need to keep up with during the next year.
One of the coolest thing is the new Azure Cosmos DB offering. Azure Cosmos DB is Microsoft’s globally distributed, multi-model database. With the click of a button, Azure Cosmos DB enables you to elastically and independently scale throughput and storage across any number of Azure’s geographic regions. It offers throughput, latency, availability, and consistency guarantees with comprehensive service level agreements (SLAs), something no other database service can offer. What this means is that you have a database where you can store documents, tables, graph data and many more in the same place and use really any DB API to access all the data in nearly real time.
Just to stay in the same database area, the announcement of Azure database for MySql was also a nice surprise. Basically, you get a MySql database as a service, without the need to take care of patching infrastructures and so on.
Further, Microsoft announced at //build 2017 the new Azure IoT Edge, a technology that’s meant to extend “the intelligence — and other benefits — of cloud computing to edge devices.” It’s a cross-platform run time that runs on both Windows and Linux, and it will work on devices that are smaller than a Raspberry Pi. This will solve a lot of problems in IoT scenarios with really small devices, since this new features enables a more straight forward communication between Azure and devices.
Next, the announcement of the new Azure Portal App for iOs and Android, together with the built in full featured Bash shell in the Azure Portal was also a very intriguing announcement. First, the mobile app is not available on Windows 10 mobile devices (I know, there are few of them out there, but still….) and second, the first integrated shell is a Bash shell, not PowerShell (PowerShell will come “some time” in the future). On the other side, this underlines once more the heavy open source approach that Microsoft is showing during last years.
The remote debugging of production web apps using Visual Studio 2017 without any downtime was also a great thing to watch.
Let’s go to the AI part. I was already fairly familiar with Microsoft Cognitive Services, but the announcement of the custom vision API was really exciting. This enables developers to easily train their own vision machine learning models, providing the necessary training data. This really starts to look more and more like democratized AI, which should enable developers to build more and more intelligent applications.
The PowerPoint Translator was also a fairly cool demo, but for me it was not necessarily something new since exactly the same thing was showcased two years ago at the Build conference, but back then it was a Skype extension, called Skype translator. These two are fairly similar.
A final observation: almost all demos were made from MacOS laptops and iPhones.
Watching the //Build 2017 keynote was a very good time investment. I still dream to attend this conference in person at some time 🙂
Azure AD conditional access and per app MFA is globally available starting today, as announced by Alex Simmons. This feature was in preview for some time, but now, that it is globally available, it can be used in production environments. Since this is a new feature, I played a little bit around with it and I would like to share some insights.
Azure AD per app MFA and conditional access allows administrators to set MFA requirements on applications that are registered in Azure AD. This enables interesting scenarios, like for example requiring MFA for Exchange Online, but not for SharePoint Online, if a request comes from outside the corporate network. In order for this to work, you would have to activate MFA first and define the IP ranges that define your corporate network in CIDR format. You should be able to do this by accessing following URL: https://account.activedirectory.windowsazure.com/usermanagement/mfasettings.aspx. Continue reading
Starting with Windows 8.1 I noticed that when I change my laptop, most of the settings and favourites will be there on the new device. This was a great thing! However, I asked myself if this would be possible also when changing my company laptop. With Azure AD and Windows 10 this is now possible, using a new feature called Enterprise State Roaming. Continue reading
Do you remember the times when you couldn’t assign service admin roles in Office 365? Those times are not gone for a long time, but however, it was not possible to add an Exchange Online Administrator, or a SharePoint Administrator. So, in most cases, companies used Global Administrators to manage Exchange, for instance, but the same admins had also access to SharePoint. It’s clear that this was odd.
The reason why this was not possible is that users and correspondent administrative roles are handled in Azure AD. So each Office 365 organization also has an Azure AD, only that many don’t know. And back then, administrative roles weren’t properly integrated across different services. However, this is possible now and we can also use PowerShell do handle everything. Continue reading
Last week I was in Munich, attending a Microsoft partner event and I also delivered a track on Azure AD, called “Azure AD, the door to the future”. So I was thinking on writing down a brief summary of the content I delivered on Azure AD.
But it’s not possible to jump directly to Azure AD, without spending some words on the modern workplace, since Azure AD is just a technical answer for the challenges IT administrators face nowadays. Ten years back, the workplace was straightforward. Users came in their office, logged in to their PC and worked. In the evening they sut everything down and went home. Nowadays it’s different, since users are very mobile. They don’t simply work from their desk. Instead, users are now working from places difficult to imagine few years back, like bars, trains, hotels and their homes, of course. Not only that users are physically mobile, but they also use a vast palette of devices to accomplish work related tasks. If the IT department doesn’t offer devices, users will bring them themselves. In this circumstances, mobility is not something about movement anymore, but about the mobility of the entire experience.
Further, users also use a vast range of apps in their day to day work. And to be sincere, users also use a lot of third party SaaS apps to accomplish their tasks. Most IT departments wanted to improve the user experience and tried to integrate some way all the apps in their IT infrastructure, in order to prevent the leak of corporate information. Continue reading
Microsoft CEO, Satya Nadella, just announced in Berlin the new cloud strategy for Germany which includes two new Microsoft datacenters, one located in Frankfurt and the second located in Magdeburg. All major Microsoft Cloud services will be offered from the new facilities, including Azure, Office 365 and CRM Online. The new Microsoft datacenters in Germany will most probably go live in the second half of 2016.
The new Microsoft datacenters in Germany underline once more Microsoft’s commitment to data security and data privacy, making sure that all Microsoft cloud customers are able to meet their specific compliance and regulatory needs. The two datacenters are connected through a private network, so that the data flow is completely isolated from the internet.
Further, German and European customers will be able to choose between a global Microsoft cloud service and a local cloud service. If customers opt for the local cloud service, none of the data or metadata will be stored outside Europe. To make everything as transparent as possible, the German company T-Systems will act as a data trustee under German law. What this means is that T-Systems is the only one to decide who gets access to the data stored in the new datacenters and who doesn’t. This means that Microsoft itself won’t have any access to the data. Continue reading
Around one year ago Microsoft and Docker started a great partnership meant to continuously innovate and bring new cool features to Azure IaaS that enable organizations around the world to build their next generation cross platform apps. Trying to enumerate all the new features brought to Microsoft Azure in partnership with Docker is not easy at all, but some of them include Windows Server Containers, Hyper-V Containers, Docker VM Extensions for Linux on Azure, Docker CLI support on Windows, Compose and Swarm support on Azure, Visual Studio Tooling for Docker.
These days at the the DockerCon North America Microsoft and Docker announced and demonstrated some new features and updates that take the partnership to a next step. Continue reading