In order to setup Azure MFA as Primary Authentication with ADFS, this does require you to move to Azure MFA (cloud-based version). I have not deployed Azure Multi-Factor Authentication Server (on-prem/hybrid version) in a few years for anyone as pretty much everyone I work with has moved on to cloud-based Azure MFA. Feature parity is pretty close to the same at this point and in my opinion, the days of Azure MFA Server on-prem are numbered. If you’re still on the on-prem Azure MFA Server, it is very easy to migrate to the cloud-based Azure MFA.  I’m going to assume you have a working ADFS environment already that is federated with Azure AD using Azure AD Connect for this blogpost for a step by step guide.

1. Log into your ADFS server. In my example, I am using ADFS 4.0 with a Farm Behavior Level (FBL) set to 3 which means Windows Server 2016 and an Active Directory 2016 schema. You can always run the PowerShell cmdlet “Get-AdfsFarmInformation” on your ADFS server to show your FBL version. Go ahead and open the AD FS console:

​Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.

​Prerequisites

• The NSG on the Application Gateway subnet and the backend server is allowing inbound access to ports 65503-65534 (v1 SKU) or 65200-65535 (v2 SKU) from “Internet.”
• The NSG on the Application Gateway subnet and backend server subnet must allow port 443 from any source.
• The User Defined Route (UDR) on the Application Gateway subnet is set to the default route (0.0.0.0/0) and the next hop is specified as “Internet.”
• The Application Gateway Subnet must be associated with the UDR.
• The next of the public IP address range of the Application Gateway must be specified as “Internet.”
• The Application Gateway must not connect a virtual network which as a default route advertised by an ExpressRoute/VPN connection to a virtual network over BGP.
• The custom DNS server is configured on a virtual network that must resolve public domain names.
• For a public IP, you can create a new public IP address or use an existing public IP in the same location as the application gateway.
• For a private IP, you can specify a private IP address from the subnet where the application gateway is created.
• You configure SSL policy to control SSL protocol versions. You can configure an application gateway to deny TLS1.0, TLS1.1, and TLS1.2. Leave it default.

​We know that renaming a Channel in Teams breaks the associated SharePoint link. It creates a new folder in SharePoint but when you access the files from Teams, it takes you back to the original folder.  Confusing and messy!!

However, I have a process to rename a Channel in Teams without breaking the link to SharePoint.

Before I change things, I want to show how my current Team is setup.

​We all know by now that we can invite guests in Microsoft Teams if the settings are in place.  Well, that depends on how settings are configured in your tenant.

As you can see that guest access is enabled in Microsoft Teams Admin Portal.  And, yes, this setting has been enabled for several weeks.

​When Teams owners or members invite guests from public Teams, they get this message:

​Teams owners share the same experience as the image above when trying to invite guests from private Teams.

​I ran into something I have not experienced before when creating a new Teams channel.

Aside from not being able to add these special characters (~#%&*{}+/\:<>?|'”..), I discovered that Teams allows only 50 characters for “Channel name”.

In my example below, it truncates “This is a very long channel description with 50 characters” to “This is a very long channel description with 50 ch”

On and off you come across the battle of performance for your application and most of us don't take load testing seriously until it has raised some red flags. Yeah, that's when we all start to talk about performance and testing applications, monitoring all the shit which is happening, looking at the speed at which data is loaded and RPS of API is critically looked to make judgement.  We all know about Load testing but yet very few of us really invest in it and mostly just live on the unit tests.

I am also sure that most of us would have come across a group which believes in testing things only once and then forgetting about it has really damaged our reputation and invited you to a meeting with the CTO or CEO of the company. I mean as a dev we change so much on a monthly basis in any application and its UX for  users that at times we don't seem to remember all of it and the business reasons behind it. 

This blog post is not out of frustration but more about understanding the importance of Load Testing and why its done, the basics, what you need measure and do's / don'ts, etc.

What is Load Testing: 

Load testing is the process of putting simulated demand on software, an application, or website in a way that demonstrates its behavior under various conditions.

It used to be a simple pre deployment exercise to ensure a web application could handle the load of multiple users and is slowly becoming an integral part of software development and continuous performance improvement. As websites and web applications become more innovative and complex, load testing poses a significant challenge for teams to

1. Execute properly and
2. Cover all the bases. 

As a result, load testing needs to be done more frequently, more effectively, and more efficiently. It’s also created a need to simply train more people in the basics of load testing. Given that our lives increasingly rest on apps functioning properly -- whether it’s in medical devices, transportation, communications, defense, or entertainment — app performance has never been more important.

We’ll cover:

• Load testing basics
• How to prepare for load testing
• Emulating real life conditions in your load tests
• Load testing dos and don’ts

​We have all gone through this cycle of vulnerability detected and patches applied in our careers. Some of us still go through this vicious cycle of tense, challenging and nerve wrecking moments when you are racing against time and people in business are asking for updates while the customer support is assuring the customers with eyes on the screen waiting for the announcement "Patch Applied", "Service Restored" etc

Software Patch and Vulnerability Management continue to be a major challenge for many organizations. There is no single software product or vendor source of these vulnerabilities.  Organizations must consider patching at all levels of software and only applying Microsoft Patch through Tuesday updates to protect systems and data from cyber-attack is not sufficient.

This solution is based on the letsencrypt-webapp-renewer. It uses the same core library than the Azure Lets Encrypt site extension, but it is run as a WebJob. It can (should) be installed on its own web app, and supports multiple target websites.

The author of the letsencrypt-webapp-renewer has made thorough instructions, so I won't copy them here. When granting the service principal rights, you may want to only add Website Contributor and Web Plan Contributor instead of Contributor rights. The only thing needed in addition to those instructions is the support by the web app itself.

As you may already know, the Office 365 Video service is being replaced by Microsoft Stream.  If you have been using Office 365 Video to publish videos, you can now start migrating it to Microsoft Stream using the self-service migration tool. If you don’t see it, you can request to register your tenant using the form available here https://aka.ms/O365VideoEarlyMigration

When you logon to your Office 365 Video portal you will see the migration banner to start the migration process

This will open a new window (https://web.microsoftstream.com/officemigration)