Monday, May 25, 2015

My Study notes for 70-533 Exam: Implementing Microsoft Azure Infrastructure Solutions

Hi All,

Happy memorial day! I am posting this blog post to share my study notes for Implementing Microsoft Azure Infrastructure Solutions exam.

I passed this test last week and i used to keep all my written notes to share it with others to help them get prepared for the test and eventually pass it from the first round -:)

Here are my tips and topics you need to be knowing before taking the test:

1) Add a VM to existing Virtual Network (VNet) in Azure using: New-AzureQuickVM
2) How to configure a cloud service to join a VNet in Azure by updating the csdef file.
3) How to configure Corp VNet for new employees using:
    a) Create a VPN Subnet.
    b) Enable Point-to-site connecting to Corp VNet.
2) Using DirSync with Azure Active Directory (AAD) to synchronize on-premise AD to AAD.
3) Working with Access Control Services in Azure.
4) How to configure an application as a multi-tenant application.
     Ref.: https://code.msdn.microsoft.com/Multi-Tenant-Cloud-8015b84b
              https://msdn.microsoft.com/en-us/library/ff966499.aspx
5) Active Geo-Replication is available in the Premium Services Tier.
6) Managing access to anonymous and external users using access policy in Azure Storage.
7) All logs are stored in $logs container when storage analytics is enabled.
8) Deploy protection between two on-premises VMM sites.
    Ref.: https://msdn.microsoft.com/en-us/library/azure/dn168841.aspx
9) Configure custom script extensions in VMs.
10) How to configure Data Protection Manager (DPM) with Azure backup service.
11) How to enable anonymous users to access blob storage container in Azure.
12) To integrate AD domain services (ADDS) with Azure AD (AAD):
       a) Setup a DirSync Server.
       b) Setup an active Directory Federation Services Server.
13) Work with Graph API  RESTful endpoints in Azure AD in SaaS apps.
14) Service Bus permissions:
      a) Send: for all send operation.
      b) Listen: opens up listeners and receive messages.
      c) Manage: to observe or manage the state of the service bus tenant.
15) Use Monitor page in Azure portal to setup metrics for your webroles.
16) Use Configure page in Azure portal for endpoints and rules for yor webroles.
17) To control access to VM, use Set-AzureAclConfig PS Cmdlet.
18) To add disk to a VM, use Add-AzureDataDisk PS Cmdlet.
19) Connect branch users to your corp network using: Site-to-Site configuration in Azure.
20) Connect remote users to your corp network using point-to-site configuration in Azure.
21) Free and Shared provides 1GB of Data in Azure as storage.
22) Basic provides 10GB of Data in Azure as storage
23) Standard provides 50GB of Data in Azure as storage.
24) Copy Databases using BACPAC from one server to another using blob storage.
25) Update cloud services with primary and secondary access keys in cscfg files:
       Ref.: http://blogs.msdn.com/b/jennifer/archive/2010/03/02/why-do-you-need-a-primary-and-a-secondary-access-key-for-windows-azure-storage.aspx
26) To create a reserved IP and associate it with a cloud service: New-AzureReserveIP
27) How to setup 2 solutions to communicate in two different subscriptions:
      a) Add local networks to the VNets.
      b) Create a dynamic Routing Gateways.
      c) Connect the VPN Gateways.
28) You must be Enterprise and Global Admin to run Directory Sync Tool.
29) Use Set-AzureResource PS Cmdlet to change properties of  Microsoft.com/Sites
30) You need to enable VM extensions checkbox while provisioning a new VM.
31) Select-zureSubscription -SubscriptionName "NAME" -Current  ->to set current subscription.
32) Web Jobs Path in Azure:
      site\wwwroot\App_Data\jobs\{JobType}\{JobName}
Where JobType could be continuous or triggered.

Hope these notes will help you pass the test! drop me a line if you have any suggestions!


All my best wishes!




Thursday, May 21, 2015

How to fix first slow request load time in Azure Cloud Service Web Roles


Hi All,

If you are experiencing that cloud service web roles are slow for the first call or request, this is due to the default IIS Application Pool setting is set to recycle after 20 minutes.

This means, that every 20 minutes of inactivity, the application pool will recycle which means any request after this period will experience slow load time that you need to avoid for your customers.

If you have Azure Web Application (websites), you can easily configure this by turning on Always On switch in Azure Management Portal under Configure tab and you will be able to get your site faster to load!

Unfortunately, this option is not available for cloud service web roles, To achieve the same you need to follow these steps:

1) In your web application, add a new folder and name it: Startup
2) In the Startup folder, right click and add a new Text File in VS 2013.
3) Name the new file: Startup.cmd
4) Paste the following command in the Startup.cmd file (as one line) :

if exist %windir%\system32\inetsrv\appcmd.exe %windir%\system32\inetsrv\appcmd set config -section:applicationPools -applicationPoolDefaults.processModel.idleTimeout:00:00:00


This command sets the IIS recycle app pool setting to zero which is never recycle!

Make sure to test out the cmd file by running it form the command prompt as admin, the output of the command should look like this below figure.



5) Select the Startup.cmd file in VS 2013 and press F4 to change the file properties.
6) Set Copy To Output Directory to Always Copy.
7) Save you changes and build your website, make sure that you have startup folder in the bin folder.
8) Publish your cloud service and check the difference for the first time you call the site after the deployment!


Hope this helps!


Monday, May 18, 2015

The best of BUILD and Windows 10 Training from MVA & ch9

Hi All,

If you have missed or couldn't attend BUILD event where Microsoft announced tons of cool things in Windows 10 features, Open Source, Universal Apps, Edge (New IE), IoT and Unity news for Game Developers.

Build will cover all Microsoft Platforms - expect rich new content and information on Windows, Azure, Office 365 and more. Developers will receive deep training, allowing them to take advantage of the incredible advances in our platforms, including Windows 10, and providing access to over 1.5 billion devices.

Microsoft is providing a free training course through Microsoft Virtual Academy (MVA) that cover all what you missed in BUILD 2015 that was held on April 29 - May 1, 2015.

http://www.microsoftvirtualacademy.com/training-courses/best-of-build-and-windows-10

If you want to watch certain sessions in BUILD event, check out this ch9 link below, where you can select technology, speakers and other criteria to filter out the list of videos:

http://channel9.msdn.com/events/build/2015?wt.mc_id=build_hp


Enjoy //build 2015 content!

Sunday, May 17, 2015

How to setup custom SSL certificate in Azure Cloud Services

Hi All,

In this blog post, I am providing a walk-through on how to setup custom SSL certificate into Azure cloud service. In any cloud service project, you may have multiple web roles that you need to configure some or all of them using SSL certificate.

Since Certificate authorities (CAs) don't provide a pfx file to configure and upload into windows azure, there are some work you need to do once you get the CA response which in some cases it is different formats for the ssl certificate.

For example: GoDaddy provides a zip file which contains .crt (which is your custom domain certificate response) and .p7b file which is set of intermediate certificates used to authenticate your certificate to the root GoDaddy certificate.

Windows Azure SSL certificate requirements:

1) Windows azure accepts only SSL certificate with personal exchange information extension (.pfx).
2) SSL certificate has to be 2048 bit encryption certificate.

Any Certificate Authority (CA) requires you to generate a CSR request to issue a SSL certificate, once you get the CA response, you will be getting file formats such as: (*.crt)

How to convert (*.crt) file into (.pfx) file:

1) Open your IIS manager, click on your server in the left pane.
2) Click on "Complete Certificate Request".
3) Select the certificate .crt file, provide a friendly name and click on OK.


4) Double click on the generated .pfx file to import it in your computer (CurrentUser) store.
5) Open the certificate manager by typing certmgr in the Run window.
6) Open your personal store, you will see the imported certificate with the same friendly name you gave in IIS is imported into your machine.
7) Right click on the certificate, click on export.


8) Make sure to select export the private key, save the generate SSL certificate with pfx file.
Note: remember the password you set for the file since we will need this password when we upload the ssl certificate into Azure portal.

9) We will be using this generate certificate file (.pfx) to be configured in the cloud service and to upload in windows azure.

10) Login to Azure portal, click on your cloud service, select certificates tab.
11) Upload the ssl certificate we generated, and type in the password you previously set when you export the ssl in step #8.

12) This step is to associate the installed SSL certificate in the cloud service for certain web role.
13) From VS 2013 Solution explorer window, double click on the web role you would like to associate the SSL certificate to.
14) Click on Add Certificate.
15) Add a name for your certificate, select store location: CurrentUser
16) Click on the thumbprint small button and select the SSL certificate.
You don't need to copy the thumbprint value for the ssl, once you select the certificate, VS 2013 pulls this value and set it in the field.
17) Click on endpoints tab and add a new endpoint using https protocol and select the certificate associated with the web role we previously added in the certificates tab.



17) Save and deploy your cloud service, Test out accessing the cloud service web role using https!


Enjoy!


How to configure custom domain in azure cloud service deployment

Hi All,

In this post i am going to show how to configure custom domains in azure cloud services.
As you my have multiple web roles in your cloud service, you need to configure your website to use your custom domain.

For example: if your domain is: www.MostafaElzoghbi.com --> You want this domain to point to the azure cloud service url: mycloudservice.cloudapp.net

The way to configure custom domains in azure cloud services is different than the web apps. In the web app scenario you have custom domain option to set your configuration per web app.
In case of the cloud service here are the steps you need to follow:

1) Login to Azure Portal, Click on Cloud Services.
2) Select your cloud service.
3) Copy your cloud service Site Url.
For example: mycloudservice.cloudapp.net

4) Copy your Cloud Service Public Virtual IP Address (VIP).
For Example: 191.236.48.195



5) Login to your hosting/domain provider, access your control panel and edit the DNS entries for the domain you want to point to azure cloud service.

6) Add CNAME record with the following values:
Type: CNAME
Name: www
Data: mycloudservice.cloudapp.net

7) Add A record with the following vaues:
Type: A Record
Data: VIP of the cloud service.

8) Save your entries and give it few minutes or hours to propagate.

7) Check out your cloud service web role using the custom domain: www.mycustomdomaain.com

Enjoy!

Monday, May 11, 2015

How to get started with Office 365 API Development

Hi All,

I have been asked by clients: How to get started with Office 365 API Development ?
They want to integrate office365 capabilities in their existing systems and applications.

In this blog i am providing links on how to get started with authentication, accessing mail, calendar, contacts and providing an amazing *FREE* training course from MS MVA (Microsoft Virtual Academy) site:


1) Office 365 API platform overview:

2) Samples to integrate with Office 365, specially what you mentioned mail, calendar...etc.:
Check out under Web, It has MVC Web samples to integrate calendar, contacts..etc

3) Office 365 app authentication concepts, this will provide different scenarios to authenticate users against o365 (Important):

4) Great FREE training course for office 365 development training:

5) Calendar, Mail and Contact REST API reference:

Hope this helps, and feel free to send any questions over to help.


Friday, May 01, 2015

My Study notes and guidance to pass 70-532 Exam : Developing Microsoft Azure Solutions

Hi All,

Today i have passed Microsoft exam 70-532 "Developing Microsoft Azure Solutions". I have been studying for awhile. I have been implementing Azure solutions since 2008. The preparation was just a mater of getting the exam materials, focus on the exam topic areas, and do lots of readings!

I will provide all what you need to read, watch or most importantly is my study tips to pass the first exam in the Azure certifications for Developers and Architects.

A) What you need to read:

1) Topics covered in the exam:
https://www.microsoft.com/learning/en-us/exam-70-532.aspx

2) Developing Azure Solutions book (or the ebook):
http://www.amazon.com/70-532-Developing-Microsoft-Azure-Solutions/dp/0735697043


B) What you need to Watch:
Microsoft  Virtual Academy (MVA) has a course for this exam. Amazing course that cover all the basics of this exam, great conversations and discussions for these topics. It covers exam's  topics and lots of demos in the MVA course and  you need to do some exercise for all the topics they asked to read more about.

http://www.microsoftvirtualacademy.com/training-courses/developing-microsoft-azure-solutions


C) My Study notes & tips:




  • How to configure custom domain in your Azure app service:    
          http://azure.microsoft.com/en-us/documentation/articles/web-sites-custom-domain-name/

  • How to configure GIT in Azure for Continuous Integration:
          http://azure.microsoft.com/en-us/documentation/articles/web-sites-publish-source-control/

  • How to enable remote debugging for deployed Azure app service:
          http://blogs.msdn.com/b/webdev/archive/2013/11/05/remote-debugging-a-window-azure-web-site-with-visual-studio-2013.aspx

  • How to configure Azure Mobile Push Notifications service:
          https://msdn.microsoft.com/en-us/library/azure/dn167707.aspx

  • Understand the factors that affect the cost (billing) when you store content in Azure CDN Services and how to control it.
  • How to integrate with Azure AD Services through REST API.
  • Understand Azure Storage replication strategies, check out this link:
          https://msdn.microsoft.com/en-us/library/azure/hh873027.aspx
  • How to manipulate data in Azure storage in C#, check out this simple reference:
           http://azure.microsoft.com/en-us/documentation/articles/storage-dotnet-how-to-use-blobs/
  • How to configure Virtual Networks (VNet) in Azure using Site-to-Site and Site-to-Point, check out this reference:
          https://msdn.microsoft.com/en-us/library/azure/jj156206.aspx


Hope this helps and best of luck for all of you!




Thursday, April 23, 2015

Office 365 Dev Camp is near your city ?

Hi All,

If you are looking to get up to speed in office 365 application development. I have good news for you!

Microsoft is planning to have Office 365 in every major city in US, check out the schedule and save your seat today.

The dev camp is a one day deep dive in building office 365 applications including Office Word, Outlook, SharePoint Apps, Office 365 API and more.

Check out all office Dev Camps events in the below link:

http://aka.ms/msdevcamps


For local friends, The Washington DC office 364 dev camp event will be in 6/1 for Office 365 Dev Camp!


DC office 365 Dev Camp direct link to sign up!



The link above has other dev camps for cloud data and IoT dev camps.


Enjoy!