Windows Azure Self-Service Management with System Center App Controller

25th of February, 2014 / / No Comments

Windows Azure empowers everyone access to world-class Cloud computing and its potential. Few questions came up from enterprises:

  • How do we delegate authority on my Enterprise Azure subscription?
  • How do we create a user role with the authority to carry out specific tasks?
  • How do we provide self-service portal with Active Directory integration?

App Controller can be the answer for all the questions above. App Controller is one of the System Center family products. App Controller provides a single interface for admins to manage both public and private clouds.[Keep reading] “Windows Azure Self-Service Management with System Center App Controller”

Best Practices for Managing Azure Subscriptions in Windows Azure PowerShell Cmdlets

23rd of February, 2014 / / 2 Comments

Windows Azure PowerShell cmdlets makes it nice and easy to get started managing your Windows Azure services. Using the Get-AzurePublishSettingsFile cmdlet you can login into your WAZ subscription and fetch the details you need to manage your cloud services. PowerShell even saves these details locally so you can reuse them again in the future. This is great for personal accounts and small teams getting to know the Windows Azure PowerShell cmdlets. However in larger organisations this can quickly lead to management issues and security risks.… [Keep reading] “Best Practices for Managing Azure Subscriptions in Windows Azure PowerShell Cmdlets”

Windows Azure Active Directory Self Service Password Reset

10th of December, 2013 / / 1 Comment

Microsoft has recently released an enhancement to its Windows Azure Active Directory (WAAD) offering. This enhancement enables end users to perform self-service password resets in the case of a forgotten password. Previously this function was available to administrative accounts only.

WAAD self-service password reset (SSPR) is a premium offering, requiring Premium Features to be enabled for the WAAD.

Once WAAD Premium Features are enabled, the User Password Reset Policy can be edited and SSPR enabled. For the initial release, enabling SSPR does so for all WAAD user accounts.… [Keep reading] “Windows Azure Active Directory Self Service Password Reset”

Windows Azure Active Directory Module and Online Services Sign-in Assistant

18th of July, 2013 / / 2 Comments

Back in 2012, we talked about Office 365 – PowerShell Setup.  This was back in the days prior to the Microsoft Online Services Sign-in Assistant RTW, and before Windows 8 had gained a lot of traction.  Recent updates however have not made this such a straightforward process.

My first attempt at installing the Windows Azure Active Directory Module on Windows 8 failed with the error “must have microsoft online services sign-in assistant version 7.0 or greated installed”.  … [Keep reading] “Windows Azure Active Directory Module and Online Services Sign-in Assistant”

Office 365: To Federate or Not to Federate… that is the Question

5th of June, 2013 / / 8 Comments

Yesterday, Microsoft released a new version of their ‘DirSync’ utility (http://technet.microsoft.com/en-us/library/dn246918.aspx) which up until yesterday provided a basic ‘copy’ of your local Active Directory accounts (Active Directory Domain Service or ‘AD DS’) from your premises to the MS Cloud directory (referred to as ‘Azure Active Directory’) for Office 365 (and other Cloud apps such as Team Foundation Service (TFS Online).

This blog is written for those considering moving to Office 365 (or have moved to Office 365) but haven’t identified any other application in the organisation apart from Office 365 that requires Active Directory Federation Services and SAML/WS.Federation… [Keep reading] “Office 365: To Federate or Not to Federate… that is the Question”

Connecting Cloud Services with Virtual Machines in Windows Azure

2nd of June, 2013 / / 7 Comments

As of Windows Azure SDK 1.7, Microsoft has enabled us to connect a cloud service with a virtual machine in Windows Azure. Now that the general availability of Windows Azure Infrastructure Services has been announced, Microsoft also supports it.

The common scenario for this is connecting from a public ASP.NET web application that is running in a cloud service to a private SQL Server database that is running in a virtual machine via a virtual network.… [Keep reading] “Connecting Cloud Services with Virtual Machines in Windows Azure”

Azure AD and the Progression of Microsoft Identity and Access Management

16th of April, 2013 / / 1 Comment

Defining Microsoft IDAM

The words ‘Identity and Access Management’ (IDAM) mean different things to different people – and a lot of confusion still reigns about what this area represents to an IT department. However, it’s generally agreed that a good corporate IDAM policy can drive down cost, increase security and provide significant user experience benefits to approved applications as they are introduced to an IT environment.

These improvements can broadly be categorised into the following areas:

Single Sign On (usually abbreviated to ‘SSO’) – a user provides a single factor (99% of the time a password) and gets access to not just one application but a suite of applications after authenticating once without being prompted again for credentials.… [Keep reading] “Azure AD and the Progression of Microsoft Identity and Access Management”

Windows Azure Virtual Machine Domain Provisioning with PowerShell

27th of July, 2012 / / 5 Comments

Windows Azure Virtual Machines preview allows persistent Virtual Machines which retain the same private addresses on reboot. This means that Active Directory can easily run in Azure without worry of the Domain Controller IP changing. This also means that Virtual Machines running in Azure that can be joined to your on-premise Active Directory using a site-to-site IPsec VPN. The Azure VMs then act like a branch network with full connectivity. I covered setting up TMG 2010 as a VPN endpoint (instead of using Cisco or Juniper hardware devices) for Windows Azure Virtual Network in a previous post.… [Keep reading] “Windows Azure Virtual Machine Domain Provisioning with PowerShell”

Windows Azure Virtual Network VPN with TMG 2010

25th of July, 2012 / / 25 Comments

Microsoft announced Windows Azure Virtual Network and Windows Azure Virtual Machines in June 2012 to provide IaaS ‘Hybrid Cloud’ functionality.

What this allows is persistent Virtual Machines (which retain the same private addresses) running in Azure that can be joined to your on-premise Active Directory using a site-to-site IPsec VPN. The Azure VMs then act like a branch network with full connectivity and you can add Domain Controllers in the Azure Virtual Network.

This is still a preview release and Microsoft currently only support specific Cisco and Juniper devices that have been tested.… [Keep reading] “Windows Azure Virtual Network VPN with TMG 2010”