|
In order to setup Azure MFA as Primary Authentication with ADFS, this does require you to move to Azure MFA (cloud-based version). I have not deployed Azure Multi-Factor Authentication Server (on-prem/hybrid version) in a few years for anyone as pretty much everyone I work with has moved on to cloud-based Azure MFA. Feature parity is pretty close to the same at this point and in my opinion, the days of Azure MFA Server on-prem are numbered. If you’re still on the on-prem Azure MFA Server, it is very easy to migrate to the cloud-based Azure MFA. I’m going to assume you have a working ADFS environment already that is federated with Azure AD using Azure AD Connect for this blogpost for a step by step guide. Configure ADFS and Azure MFA to work 1. Log into your ADFS server. In my example, I am using ADFS 4.0 with a Farm Behavior Level (FBL) set to 3 which means Windows Server 2016 and an Active Directory 2016 schema. You can always run the PowerShell cmdlet “Get-AdfsFarmInformation” on your ADFS server to show your FBL version. Go ahead and open the AD FS console:
0 Comments
 Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.
Prerequisites
We know that renaming a Channel in Teams breaks the associated SharePoint link. It creates a new folder in SharePoint but when you access the files from Teams, it takes you back to the original folder. Confusing and messy!! However, I have a process to rename a Channel in Teams without breaking the link to SharePoint. Before I change things, I want to show how my current Team is setup.
And the last part of the SharePoint URL:  We all know by now that we can invite guests in Microsoft Teams if the settings are in place. Well, that depends on how settings are configured in your tenant. As you can see that guest access is enabled in Microsoft Teams Admin Portal. And, yes, this setting has been enabled for several weeks.  When Teams owners or members invite guests from public Teams, they get this message:  Teams owners share the same experience as the image above when trying to invite guests from private Teams.
I ran into something I have not experienced before when creating a new Teams channel.
Aside from not being able to add these special characters (~#%&*{}+/\:<>?|'”..), I discovered that Teams allows only 50 characters for “Channel name”. In my example below, it truncates “This is a very long channel description with 50 characters” to “This is a very long channel description with 50 ch” 
On and off you come across the battle of performance for your application and most of us don't take load testing seriously until it has raised some red flags. Yeah, that's when we all start to talk about performance and testing applications, monitoring all the shit which is happening, looking at the speed at which data is loaded and RPS of API is critically looked to make judgement. We all know about Load testing but yet very few of us really invest in it and mostly just live on the unit tests.
I am also sure that most of us would have come across a group which believes in testing things only once and then forgetting about it has really damaged our reputation and invited you to a meeting with the CTO or CEO of the company. I mean as a dev we change so much on a monthly basis in any application and its UX for users that at times we don't seem to remember all of it and the business reasons behind it. This blog post is not out of frustration but more about understanding the importance of Load Testing and why its done, the basics, what you need measure and do's / don'ts, etc. What is Load Testing: Load testing is the process of putting simulated demand on software, an application, or website in a way that demonstrates its behavior under various conditions. It used to be a simple pre deployment exercise to ensure a web application could handle the load of multiple users and is slowly becoming an integral part of software development and continuous performance improvement. As websites and web applications become more innovative and complex, load testing poses a significant challenge for teams to 1. Execute properly and 2. Cover all the bases. As a result, load testing needs to be done more frequently, more effectively, and more efficiently. It’s also created a need to simply train more people in the basics of load testing. Given that our lives increasingly rest on apps functioning properly -- whether it’s in medical devices, transportation, communications, defense, or entertainment — app performance has never been more important. We’ll cover:
We have all gone through this cycle of vulnerability detected and patches applied in our careers. Some of us still go through this vicious cycle of tense, challenging and nerve wrecking moments when you are racing against time and people in business are asking for updates while the customer support is assuring the customers with eyes on the screen waiting for the announcement "Patch Applied", "Service Restored" etc Software Patch and Vulnerability Management continue to be a major challenge for many organizations. There is no single software product or vendor source of these vulnerabilities. Organizations must consider patching at all levels of software and only applying Microsoft Patch through Tuesday updates to protect systems and data from cyber-attack is not sufficient.  Organizations that were diligent with Microsoft patches avoided WannaCry related ransomware. However, flaws with Apache Struts and Intel Processors left organizations vulnerable to cyber-attack (e.g., Spectre and Meltdown).
A lot of software companies have elected to stop providing individual patches each release period. Instead, separate and distinct patches are bundled in a roll-up model. The reason for this change is to prevent patch fragmentation that led to problems like dependency errors, lengthy scans, and testing complexity. This practice has created an all or nothing condition for customers in which selecting individual patches are no longer available. Further, software companies are building these patch bundles in a monthly rollup manner. These patch bundles not only contain all the recently announced patches, but also the previously shipped patches. This cumulative update model is intended to improve security, quality, and reliability. Yes i am referring to the Microsoft and Adobe model, however with this model in practice comes the requirement for customers to perform extensive application program compatibility testing in a short period of time—especially when functionality and non-functionality (i.e., security) code changes are mixed in the update. The days of cherry-picking patches are over. Orchestrating patching is complex and costly. Patching has many dependencies including asset management, notification tracking, risk assessment, patch preparation, QA, release management, communications, and auditing. As with the installation of any software update, many teams must collaborate to ensure success and avoid unintended interruption of service. If any of these teams are not resourced and prepared for this demand, then patches are not properly tested and announced prior to deployment creating availability and integrity risks. If patch deployment is delayed to perform necessary QA and communication, vulnerabilities linger longer for cyber- criminals to discover and exploit. Traditional operations and project management methods of patching are not nearly rapid enough. Sadly most organizations claim to have adopted the Agile methodology which is an iterative approach to software development and delivery but fail to address when it comes to the needs of patch upgrades and its mostly neglected until an incident takes place. I'll try my best to summarize how Agile can be implemented for patch vulnerability assessment and the structure through which you will be able to maintain pace as well as deliver quality.
This solution is based on the letsencrypt-webapp-renewer. It uses the same core library than the Azure Lets Encrypt site extension, but it is run as a WebJob. It can (should) be installed on its own web app, and supports multiple target websites.
The author of the letsencrypt-webapp-renewer has made thorough instructions, so I won't copy them here. When granting the service principal rights, you may want to only add Website Contributor and Web Plan Contributor instead of Contributor rights. The only thing needed in addition to those instructions is the support by the web app itself.
As you may already know, the Office 365 Video service is being replaced by Microsoft Stream. If you have been using Office 365 Video to publish videos, you can now start migrating it to Microsoft Stream using the self-service migration tool. If you don’t see it, you can request to register your tenant using the form available here https://aka.ms/O365VideoEarlyMigration When you logon to your Office 365 Video portal you will see the migration banner to start the migration process  This will open a new window (https://web.microsoftstream.com/officemigration)  |
Archives
February 2020
Categories
All
|
RSS Feed