Every discussion about security should start with a discussion about identity and access management. It’s that important and therefore the quest for a perfect IDaaS solution is a painful but needed journey. One could of course choose to build its own identity and access management systems/software, but most of the time companies don’t have the necessary time and resources to do that since we’re seeing crazy release cycles nowadays. Going towards IDaaS is therefore a natural choice in a lot of circumstances. But do we really have a “perfect for every scenario” IDaaS solution somewhere out there? Let’s see! Continue reading
So, do you want to become a software developer and you didn’t graduate computer science? Do you feel that “your time has passed” and you still think that there’s a lot more to achieve? Well, this post is for you, so you might want to keep on reading! If you ask yourself if this is even possible, well…. yes it is! I’ve studied philosophy and theology and still I’m working for almost ten years in the IT industry, I’m playing around with code for around 2 years and now I’m a software developer. Is it easy? Not at all! Or it depends on what “easy” means for you. But it’s achievable and here are a few guidelines on how you can become a software developer. Continue reading
Azure automation is, in my opinion, one of the heavily underrated offerings in the Microsoft Azure platform. During my time at Microsoft I had the opportunity to work with some great partners on Azure automation projects and also talk about it at the Microsoft Partner Days in Munich. So I thought it might be worth writing a few words about it on my blog and move away from the .NET Core topic. A huge challenge is to keep this as short as possible.
Microsoft Azure Automation provides a way for users to automate the manual, long-running, error-prone, and frequently repeated tasks that are commonly performed in a cloud and enterprise environment. It saves time and increases the reliability of regular administrative tasks and even schedules them to be automatically performed at regular intervals. You can automate processes using runbooks or automate configuration management using Desired State Configuration. I will not give the entire “Intro” talk here :). If you are not familiar at all with this topic, you may check the official Microsoft getting started guide. Continue reading
ADFS in multi forest environments is still a very hot topic based on my day to day experience. Even if I’m concentrating more on cloud application development projects for more than 8 months, I still get a lot of questions from partners, colleagues, customers, IT admins from all around the world regarding this specific scenario. To put this in a little bit more perspective, the questions are usually asked in the context of Azure Active Directory, so the already renowned federated identity scenario. So that’s why I decided to blog about it, hoping to complement the scarce existing documentation.
Before we get started I would like to clarify one thing. Even if I will reference a lot Azure AD, everything I describe here is not restricted to Azure AD as a relying party. In fact, last time I worked on such a scenario, the relying party was AWS. So let’s get started.
The basic scenario is the following: a company has two or more Active Directory forest and one Azure AD. Using Azure AD Connect we can synchronize several forests to the same Azure AD. The question arises on the ADFS design. How many ADFS farms would we need? How would this work? Is this supported? Continue reading
When I talk to partners or during my speeches at conferences I almost always mention the fact that there is a big market for Office add-ins and that developers should clearly exploit it. Today I stumbled upon a great Office add-in called Curriculum Vitae Builder, developed by Egomnia. And this add-in is really great, especially for graduates or for professionals that seek a new professional challenge. With a lot of different versions of résumé it is often difficult to put together a very strong and appealing curriculum vitae. However, with Curriculum Vitae Builder you surely won’t forget any important information about yourself. Continue reading
Starting with Windows 8.1 I noticed that when I change my laptop, most of the settings and favourites will be there on the new device. This was a great thing! However, I asked myself if this would be possible also when changing my company laptop. With Azure AD and Windows 10 this is now possible, using a new feature called Enterprise State Roaming. Continue reading
Last week I was in Munich, attending a Microsoft partner event and I also delivered a track on Azure AD, called “Azure AD, the door to the future”. So I was thinking on writing down a brief summary of the content I delivered on Azure AD.
But it’s not possible to jump directly to Azure AD, without spending some words on the modern workplace, since Azure AD is just a technical answer for the challenges IT administrators face nowadays. Ten years back, the workplace was straightforward. Users came in their office, logged in to their PC and worked. In the evening they sut everything down and went home. Nowadays it’s different, since users are very mobile. They don’t simply work from their desk. Instead, users are now working from places difficult to imagine few years back, like bars, trains, hotels and their homes, of course. Not only that users are physically mobile, but they also use a vast palette of devices to accomplish work related tasks. If the IT department doesn’t offer devices, users will bring them themselves. In this circumstances, mobility is not something about movement anymore, but about the mobility of the entire experience.
Further, users also use a vast range of apps in their day to day work. And to be sincere, users also use a lot of third party SaaS apps to accomplish their tasks. Most IT departments wanted to improve the user experience and tried to integrate some way all the apps in their IT infrastructure, in order to prevent the leak of corporate information. Continue reading
Exchange Online Archiving seems to be a very popular service offered by Microsoft via Office 365 and it usually is a key factor for enterprise customers and small businesses to opt for their way to Exchange Online. Enterprise customers usually use Office 365 enterprise subscription, like E3, where Exchange Online Archiving is included by default, together with the Office 365 ProPlus desktop applications. Everything is very straightforward. However, small businesses usually work with the Office 365 Business Plans that don’t include Exchange Online Archiving by default, neither the Office ProPlus desktop applications and this may cause some headaches. That’s why I aim to clarify some important aspects around Exchange Online Archiving and Outlook client limitations.
First of all, if you are using an Office 365 business subscription (essentials, business, business premium), this doesn’t include Exchange Online Archiving. However, you can purchase it as additional service for your tenant for a fee around 3$/month/user. Still, there is another very BIG aspect you should take into consideration: Exchange Online Archiving is supported only with Office 365 ProPlus! With the Office 365 business plans you get the Office 365 Business desktop applications, and Exchange Online Archiving will not work with Outlook! Continue reading
Exchange Online gains more and more momentum and Exchange hybrid deployments are already a pretty common scenario for a lot of IT organizations. Even if almost every aspect around an Exchange Hybrid deployment is well known by IT pros, there is still a point that seems to cause some difficulties: certificates. And since an Exchange hybrid deployment is not possible without a proper certificate configuration, I thought to clarify the most important aspects about certificates in such a scenario by answering 5 questions I often hear when working with IT administrators.
One of the top question I deal with almost every day is: “I have a self signed certificate configured for my Exchange Server deployment, issued by my Windows Server 2012 R2 Certification authority. Can I use this certificate for an Exchange Hybrid deployment?” The answer is NO! In order to create an Exchange Hybrid deployment, organizations need a certificates issued by a trusted and public certification authority. And the reason why is very simple. Certificates are meant to prove your organization’s identity so that users and other service providers (like Microsoft) can be sure that they engage with the organizations they wanted to engage and not with an attacker. Continue reading
PowerShell is a great tool when we have to manage a lot of resources, because it enables automation. Most of you may be already aware that we can use PowerShell also with Office 365. So let’s see some PowerShell magic with Office 365 licenses.
These days one of my colleague had to deal with a very interesting scenario. A customer moved to Exchange Online and therefore assigned only Exchange Online licenses to the users that were synchronized from the local Active Directory. After the whole migration process was ended, the customer decided to also use the powerful features of SharepointOnline. So he wanted an automated option to assign to some users also the SharePoint Online licenses, without removing the Exchange Online license first. (Removing an Exchange Online license would disconnect the mailbox and put it into a soft deleted state. Assigning the license back would re-connect the mailbox, but in some cases this process causes some big problems). Continue reading