SP HAMMAD
Menu

SKILLS & TRICKS

Azure MFA as Primary Authentication and Configuring Microsoft ADFS

2/29/2020

0 Comments

 
In order to setup Azure MFA as Primary Authentication with ADFS, this does require you to move to Azure MFA (cloud-based version). I have not deployed Azure Multi-Factor Authentication Server (on-prem/hybrid version) in a few years for anyone as pretty much everyone I work with has moved on to cloud-based Azure MFA. Feature parity is pretty close to the same at this point and in my opinion, the days of Azure MFA Server on-prem are numbered. If you’re still on the on-prem Azure MFA Server, it is very easy to migrate to the cloud-based Azure MFA.  I’m going to assume you have a working ADFS environment already that is federated with Azure AD using Azure AD Connect for this blogpost for a step by step guide.

Configure ADFS and Azure MFA to work

Picture
1. Log into your ADFS server. In my example, I am using ADFS 4.0 with a Farm Behavior Level (FBL) set to 3 which means Windows Server 2016 and an Active Directory 2016 schema. You can always run the PowerShell cmdlet “Get-AdfsFarmInformation” on your ADFS server to show your FBL version. Go ahead and open the AD FS console:

Read More
0 Comments

Step by Step - Azure Application Gateway

2/11/2020

0 Comments

 
Picture
​Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.

​Prerequisites
  • The NSG on the Application Gateway subnet and the backend server is allowing inbound access to ports 65503-65534 (v1 SKU) or 65200-65535 (v2 SKU) from “Internet.”
  • The NSG on the Application Gateway subnet and backend server subnet must allow port 443 from any source.
  • The User Defined Route (UDR) on the Application Gateway subnet is set to the default route (0.0.0.0/0) and the next hop is specified as “Internet.”
  • The Application Gateway Subnet must be associated with the UDR.
  • The next of the public IP address range of the Application Gateway must be specified as “Internet.”
  • The Application Gateway must not connect a virtual network which as a default route advertised by an ExpressRoute/VPN connection to a virtual network over BGP.
  • The custom DNS server is configured on a virtual network that must resolve public domain names.
  • For a public IP, you can create a new public IP address or use an existing public IP in the same location as the application gateway.
  • For a private IP, you can specify a private IP address from the subnet where the application gateway is created.
  • You configure SSL policy to control SSL protocol versions. You can configure an application gateway to deny TLS1.0, TLS1.1, and TLS1.2. Leave it default.

Read More
0 Comments

Microsoft Teams - Renaming a Channel without Breaking the Link to SharePoint

2/3/2020

9 Comments

 
​We know that renaming a Channel in Teams breaks the associated SharePoint link. It creates a new folder in SharePoint but when you access the files from Teams, it takes you back to the original folder.  Confusing and messy!!

However, I have a process to rename a Channel in Teams without breaking the link to SharePoint.

Before I change things, I want to show how my current Team is setup.
Picture
Picture
And the last part of the SharePoint URL:
Picture

Read More
9 Comments

Microsoft Teams - Issue with Guest Access

1/28/2020

0 Comments

 
​We all know by now that we can invite guests in Microsoft Teams if the settings are in place.  Well, that depends on how settings are configured in your tenant.

As you can see that guest access is enabled in Microsoft Teams Admin Portal.  And, yes, this setting has been enabled for several weeks.
Picture
​When Teams owners or members invite guests from public Teams, they get this message:
Picture
​Teams owners share the same experience as the image above when trying to invite guests from private Teams.

Read More
0 Comments

Microsoft Teams - Channel Name and Character Limits

1/17/2020

0 Comments

 
​I ran into something I have not experienced before when creating a new Teams channel.

Aside from not being able to add these special characters (~#%&*{}+/\:<>?|'”..), I discovered that Teams allows only 50 characters for “Channel name”.

In my example below, it truncates “This is a very long channel description with 50 characters” to “This is a very long channel description with 50 ch”

Read More
0 Comments

Take Load Testing Seriously !!!

12/26/2019

0 Comments

 
Picture
On and off you come across the battle of performance for your application and most of us don't take load testing seriously until it has raised some red flags. Yeah, that's when we all start to talk about performance and testing applications, monitoring all the shit which is happening, looking at the speed at which data is loaded and RPS of API is critically looked to make judgement.  We all know about Load testing but yet very few of us really invest in it and mostly just live on the unit tests.

I am also sure that most of us would have come across a group which believes in testing things only once and then forgetting about it has really damaged our reputation and invited you to a meeting with the CTO or CEO of the company. I mean as a dev we change so much on a monthly basis in any application and its UX for  users that at times we don't seem to remember all of it and the business reasons behind it. 

This blog post is not out of frustration but more about understanding the importance of Load Testing and why its done, the basics, what you need measure and do's / don'ts, etc.

What is Load Testing: 

Load testing is the process of putting simulated demand on software, an application, or website in a way that demonstrates its behavior under various conditions.

It used to be a simple pre deployment exercise to ensure a web application could handle the load of multiple users and is slowly becoming an integral part of software development and continuous performance improvement. As websites and web applications become more innovative and complex, load testing poses a significant challenge for teams to

1. Execute properly and
2. Cover all the bases. 

As a result, load testing needs to be done more frequently, more effectively, and more efficiently. It’s also created a need to simply train more people in the basics of load testing. Given that our lives increasingly rest on apps functioning properly -- whether it’s in medical devices, transportation, communications, defense, or entertainment — app performance has never been more important.

We’ll cover:
  • Load testing basics
  • How to prepare for load testing
  • Emulating real life conditions in your load tests
  • Load testing dos and don’ts

Read More
0 Comments

Security Patching & Vulnerability for Agile Scrum Teams

12/3/2019

0 Comments

 
​We have all gone through this cycle of vulnerability detected and patches applied in our careers. Some of us still go through this vicious cycle of tense, challenging and nerve wrecking moments when you are racing against time and people in business are asking for updates while the customer support is assuring the customers with eyes on the screen waiting for the announcement "Patch Applied", "Service Restored" etc

Software Patch and Vulnerability Management continue to be a major challenge for many organizations. There is no single software product or vendor source of these vulnerabilities.  Organizations must consider patching at all levels of software and only applying Microsoft Patch through Tuesday updates to protect systems and data from cyber-attack is not sufficient.
Picture
Organizations that were diligent with Microsoft patches avoided WannaCry related ransomware. However, flaws with Apache Struts and Intel Processors left organizations vulnerable to cyber-attack (e.g., Spectre and Meltdown).

A lot of software companies have elected to stop providing individual patches each release period. Instead, separate and distinct patches are bundled in a roll-up model. The reason for this change is to prevent patch fragmentation that led to problems like dependency errors, lengthy scans, and testing complexity. This practice has created an all or nothing condition for customers in which selecting individual patches are no longer available. Further, software companies are building these patch bundles in a monthly rollup manner. These patch bundles not only contain all the recently announced patches, but also the previously shipped patches. This cumulative update model is intended to improve security, quality, and reliability.  Yes i am referring to the Microsoft and Adobe model, h
owever with this model in practice comes the requirement for customers to perform extensive application program compatibility testing in a short period of time—especially when functionality and non-functionality (i.e., security) code changes are mixed in the update. The days of cherry-picking patches are over.

Orchestrating patching is complex and costly. Patching has many dependencies including asset management,  notification tracking, risk assessment, patch preparation, QA, release management, communications, and auditing. As with the installation of any software update, many teams must collaborate to ensure success and avoid unintended interruption of service. If any of these teams are not resourced and prepared for this demand, then patches are not properly tested and announced prior to deployment creating availability and integrity risks. If patch deployment is delayed to perform necessary QA and communication, vulnerabilities linger longer for cyber- criminals to discover and exploit. Traditional operations and project management methods of patching are not nearly rapid enough.

Sadly most organizations claim to have adopted the Agile methodology which is an iterative approach to software development and delivery but fail to address when it comes to the needs of patch upgrades and its mostly neglected until an incident takes place. I'll try my best to summarize how Agile can be implemented for patch vulnerability assessment and the structure through which you will be able to maintain pace as well as deliver quality.

Read More
0 Comments

FIXED - Let's Encrypt in Azure Web Apps running on .Net Core and Linux

11/16/2019

0 Comments

 
We all know that Let's Encrypt Site Extension cannot be used for ASP.Net Core on a Linux Web App and though its an easy way to achieve getting and renewing SSL certificates for Web Apps.  However, site extensions are not available when running on Linux. Furthermore, the certificate creation process needs support from the target web app. With .Net Framework and IIS this could be achieved with web.config modification without modifying the web app (or it's web.config) itself.
Picture
This solution is based on the letsencrypt-webapp-renewer. It uses the same core library than the Azure Lets Encrypt site extension, but it is run as a WebJob. It can (should) be installed on its own web app, and supports multiple target websites.

The author of the letsencrypt-webapp-renewer has made thorough instructions, so I won't copy them here. When granting the service principal rights, you may want to only add Website Contributor and Web Plan Contributor instead of Contributor rights. The only thing needed in addition to those instructions is the support by the web app itself.

Read More
0 Comments

O 365 - Report Service Incident from Service Health Dashboard

11/2/2019

0 Comments

 
Picture
The Office 365 administration portal (admin preview) has been updated to include a way to report service incident to Microsoft.

If you are impacted by a service issue not yet reported you can submit an incident report.

This feature is currently being deployed to targeted tenant (aka preview.

To start using it, logon to your Office 365 administration portal and switch to the new admin center if not yet done) 

Read More
0 Comments

Office 365 Video to Microsoft Stream - Self Service Migration Tool

10/25/2019

0 Comments

 
As you may already know, the Office 365 Video service is being replaced by Microsoft Stream.  If you have been using Office 365 Video to publish videos, you can now start migrating it to Microsoft Stream using the self-service migration tool. If you don’t see it, you can request to register your tenant using the form available here https://aka.ms/O365VideoEarlyMigration

When you logon to your Office 365 Video portal you will see the migration banner to start the migration process
Picture
This will open a new window (https://web.microsoftstream.com/officemigration)
Picture

Read More
0 Comments
<<Previous

    Archives

    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    December 2018
    November 2018
    October 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    November 2017
    October 2017
    April 2017
    March 2017
    February 2017
    January 2017
    November 2016
    July 2016
    December 2014

    Categories

    All
    Agile
    Analysis Of Metrics
    CMS
    DevOps
    Digital Workplace
    Guideline
    Microsoft
    Microsoft Azure
    Microsoft Teams
    Microsoft WPC 2016
    MS Ignite
    Niteco
    Office 365
    Office 365 CDN
    Personalization
    PowerShell
    Project Management
    Scrum
    SharePoint
    SharePoint 2013
    SharePoint 2016
    SharePoint Framework
    Sitecore
    Sitecore 9
    Sitecore Symposium
    Software Project Audit

    RSS Feed

    Picture

Feel free to connect and Subscribe for updates!

SKYPE

hammad.ahmad

Telephone

+62 81316905997

Email

hammad@sphammad.com
  • Home
  • About Me
  • Blog
  • Contact
  • Home
  • About Me
  • Blog
  • Contact