Category Archives: Cloud/Hybrid/On premises

All about Office 365

Exchange Hybrid deployment certificate requirements

Published by:

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Exchange Online gains more and more momentum and Exchange hybrid deployments are already a pretty common scenario for a lot of IT organizations. Even if almost every aspect around an Exchange Hybrid deployment is well known by IT pros, there is still a point that seems to cause some difficulties: certificates. And since an Exchange hybrid deployment is not possible without a proper certificate configuration, I thought to clarify the most important aspects about certificates in such a scenario by answering 5 questions I often hear when working with IT administrators.

One of the top question I deal with almost every day is: “I have a self signed certificate configured for my Exchange Server deployment, issued by my Windows Server 2012 R2 Certification authority. Can I use this certificate for an Exchange Hybrid deployment?” The answer is NO! In order to create an Exchange Hybrid deployment, organizations need a certificates issued by a trusted and public certification authority. And the reason why is very simple. Certificates are meant to prove your organization’s identity so that users and other service providers (like Microsoft) can be sure that they engage with the organizations they wanted to engage and not with an attacker. Continue reading

Microsoft and Docker announce new innovations for Azure IaaS

Published by:

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Around one year ago Microsoft and Docker started a great partnership meant to continuously innovate and bring new cool features to Azure IaaS that enable organizations around the world to build their next generation cross platform apps. Trying to enumerate all the new features brought to Microsoft Azure in partnership with Docker is not easy at all, but some of them include Windows Server Containers, Hyper-V Containers, Docker VM Extensions for Linux on Azure, Docker CLI support on Windows, Compose and Swarm support on Azure, Visual Studio Tooling for Docker.

These days at the the DockerCon North America Microsoft and Docker announced and demonstrated some new features and updates that take the partnership to a next step.  Continue reading

Fixes in Azure AD Sync Build 1.0.494.0501

Published by:

ActiveDirecotry2

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Azure AD Sync Build 1.0.494.0501 was released some time ago and in my opinion it brought a fix for a major problem I was seeing in a lot of cases and that is failing of password writeback with servicebus connectivity error.

I still see a lot of partners struggling with this type of error messages at their end customers and I advised all of them to install the new build. This solved this error in all of the cases.

However, be aware that Azure AD Sync build  1.0.494.0501 now requires the .Net Framework version 4.5.1 to be installed. So if you don’t have this .NET version currently installed on your server, you may want to install it before installing the new Azure AD Sync Build.  Continue reading

Moving documents between SharePoint libraries

Published by:

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Last few weeks I came across a lot of SharePoint related questions and especially to document management in SharePoint and what happens when we move documents between libraries. One of the mains issues I heard about relate to document metadata, versions and DocumentID not beeing kept when a document is copied into another SharePoint library. So I thought to write down a few ideas on this topic that might be useful for SharePoint users.

First of all, I have to admit that this behavior is kind of expected since when we copy a document to another location, a new and fresh document is created. That’s why the copy will have fresh metadata, versions and a brand new DocumentID.  Continue reading

How to manage access to corporate Twitter accounts using Azure Active Directory

Published by:

azure ad

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Azure Active Directory is really great because it gives administrators in an organization the possibilities to centrally manage identities, authentication and authorization to all application that employees use for their day to day work. And you can do this also for services and applications Twitter, Facebook and other around 3000 further applications that support integration with Azure Active Directory. And this is very useful.

Let’s say that Jim is the IT Manager for a global PR agency. They have several teams, managing different customer accounts, including their social media presence. Security is very important and in order to avoid account hijacking it would be great if employees could access the Twitter accounts they manage without knowing the password for that specific Twitter account. The good news is that this is possible with Azure Active Directory.  Continue reading

What’s new in AD FS on Windows Server 2016

Published by:

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Identity Federation is one of my favourite IT topics, maybe also because it is the foundation for any discussion about cyber security in a cloud-first world. And I am glad that Microsoft presented today at Ignite some cool new feature that will be included in the AD FS server role in Windows Server 2016, as well as some key improvements made to some great features already present in Windows Server 2012 R2. So let’s take a look at them!

The first great thing I noticed is the ability to authenticate users from LDAP v3 directories, such like AD LDS, Novell, OpenLDAP just to name few of them. This is because modern LDAP directories are modelled as a local claim provider (just like Active Directory is). This LDAP directories will show up as another Claims Provider in the home realm discovery for passive authentication. Login ID can be any attribute, but it has to be unique in the LDAP directory. For authentication to Office 365, the attribute chosen for authentication should be unique across al directories that are configured for authentication to Office 365. In other.  Continue reading

Some PowerShell magic with Office 365 licenses

Published by:

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

PowerShell is a great tool when we have to manage a lot of resources, because it enables automation. Most of you may be already aware that we can use PowerShell also with Office 365. So let’s see some PowerShell magic with Office 365 licenses.

These days one of my colleague had to deal with a very interesting scenario. A customer moved to Exchange Online and therefore assigned only Exchange Online licenses to the users that were synchronized from the local Active Directory. After the whole migration process was ended, the customer decided to also use the powerful features of SharepointOnline. So he wanted an automated option to assign to some users also the SharePoint Online licenses, without removing the Exchange Online license first. (Removing an Exchange Online license would disconnect the mailbox and put it into a soft deleted state. Assigning the license back would re-connect the mailbox, but in some cases this process causes some big problems).  Continue reading

Microsoft Ignite: Key announcements during the keynote

Published by:

2015-1-May-ignite

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

The first ever Microsoft Ignite conference for IT professionals kicked off today in Chicago with a 3 hour long keynote. A lot of announcements were made during the keynote, so t might be difficult at times to keep track of all the great new feature, capabilities and products. So here is a list of 3 key announcements that were made during the Microsoft Ignite keynote.

1. Skype for Business broadcasting capabilities

Using this new capability, meeting organizers will be able to broadcast Skype meeting to an audience of up to 10.000 attendants. This feature will be very helpful  in scenarios like global department meetings and so on, when the presenter speaks to several thousands users at the same time. Skype for Business broadcasting capabilities were just announced today, so there weren’t any deeper technical insights on how this capability will work, but I can assume that companies may want to take advantage of this capability also when delivering online trainings and webinars.

Even though this is, in my opinion, the biggest Skype announcement, Gurdeep Singh Pall also announced other interesting stuff like pre-loaded meeting attachments and in-call co-authoring of Office documents.  Continue reading

Build an Office 365 Identity lab in Microsoft Azure

Published by:

office-365-logo

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Managing identities is a vital part of cyber-security in general and especially in the cloud. Organizations may want to manage identities, authentication and authorization by themselves, also when users are accessing cloud resources and workloads. They can do this without any problems by using Azure AD Sync to synchronize Active Directory Objects to Azure AD, and therefore keep the source of authority of these objects in the organization. On the other hand, organizations may use ADFS to federate identities. By doing this, authentication and authorization decisions are made also in the organization.

IT professionals normally try to build such labs in order to understand and see how everything works. These days I managed to build such a lab in Microsoft Azure. I used a MSDN subscription where you get a monthly credit of 115 EUR, if I’m not wrong. I think it may be helpful to briefly share how I build this lab.  Continue reading

Fixes in Azure AD Sync Build 1.0.491.0413

Published by:

ActiveDirecotry2

Dan Patrascu-Baba

Partner Technical Consultant at Microsoft
Azure PaaS and dev consultant, working for Microsoft. Mostly dealing with Microsoft Azure services, ASP.Net Core, AngularJS, Javascript. Helping partners and customers to write good code and to architect their cloud and hybrid solutions.

Few days back Microsoft released Azure AD Sync Build 1.0.491.0413, fixing some important issues that were present in the previous build. This is a pretty important update I would say, since in the past month I had several partners where we struggled with some Azure AD Sync issues that were resolved by installing the new build.  Continue reading