CheckPoint With Azure S2S

I was trying to set up a S2S with checkpoint and was going through the Configuration steps provide on MS site.
https://msdn.microsoft.com/library/azure/jj156075.aspx#bkmk_DynamicRoutingIPSec
This Steps had below statements:
When setting up a Site-to-Site VPN with Azure, you will need to see if Azure is offering subnet-to-subnet or gateway-to-gateway VPN:
If Azure is using subnet-to-subnet, them Check Point side must be configured in the following way in Check Point SmartDashboard: go to 'IPSec VPN' tab -
double-click on the relevant VPN Community - go to the 'Tunnel Management' page - in the section 'VPN Tunnel Sharing', select
'One VPN tunnel per subnet pair' - click on 'OK' to apply the settings - install the policy.
If Azure is using gateway-to-gateway, them Check Point side must be configured in the following way in Check Point SmartDashboard: go to 'IPSec VPN' tab - double-click
on the relevant VPN Community - go to the 'Tunnel Management' page - in the section 'VPN Tunnel Sharing', select 'One VPN tunnel
per Gateway pair' - click on 'OK' to apply the settings - install the policy.
I was confused with "If Azure is using subnet-to-subnet" and "If Azure is using gateway-to-gateway".
I have a Dynamic routing setup and waiting on this clarification!!
So I do I know how Azure is configured??

Similar Messages

Azure remote App with Azure SQL Backend

Hi, If I had an application which utilised a SQL backend could I host the front end in Azure remote app and the backend on an Azure SQL database or would I need to use IAAS to provide the backend?
Many thanks
James

Hi James,
If the application is designed to be compatible with Azure SQL Database then yes, you can use Azure RemoteApp for the frontend and Azure SQL Database for the backend. If the application is not compatible with Azure SQL Database then you would
need to use SQL Server running in an IaaS VM, or SQL Server running in an on-premises VM. The IaaS VM or SQL Database should be in the same Azure region as the RemoteApp collection in order to minimize latency.
For example, say you have an internally-developed application that uses SQL Server 2012 as its backend database. Before you would be able to use Azure SQL Database you would first need to migrate the database to Azure SQL Database and make any changes
necessary to the application and/or database for compatibility. The SQL Database Migration Wizard is helpful for this process.
-TP

Error while Authenticating sharepoint site with Azure AD users using Azure Access Control Namespace

I have a Sharepoint site running on Azure virtual Machine. Now i want to authenticate my sharepoint site with Azure AD users.
For this i have followed below link, but getting error after login.
Using Microsoft Azure Active Directory for SharePoint 2013 authentication
I have implemented as given on reference link, but still facing error. When i access my url from browser, it will ask me through which you want to logon.
Then on selection of ACS Provider, it will redirect me to office365 login. After i submit my credentials, it will redirect me to
https://testvm.cloudapp.net/_trust/
and got error. So i checked in sharepoint log and found below error.
Cannot find site lookup info for request Uri urn:sharepoint:spvms.
SPAudienceValidator: Audience uri 'urn:sharepoint:spvms is not valid for the context.
Getting Error Message for Exception Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The Audience URI could not be validated.
SPSaml11SecurityTokenHandler: Audience validation failed for request 'https://testvm.cloudapp.net/_trust/' with
the following audience URIs: 'urn:sharepoint:spvms', .
Application error when access /_trust/, Error=The Audience URI could not be validated.
at Microsoft.SharePoint.IdentityModel.SPSaml11SecurityTokenHandler.ValidateConditions(SamlConditions conditions, Boolean enforceAudienceRestriction)
at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token)
at Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)
at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
at Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs eventArgs)
at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

I want 100,000 external users to have access to my SharePoint online Site collection.
I was thinking of going the Azure AD route, where external users will have there ID's created in Azure AD cloud.
Trying to figure how I can integrate Azure AD cloud with my SharePoint Online Site collection.
Currently my site collection is tied to On-premise AD.
Is there a way to integrate the SharePoint online to use both Azure AD and On-premise AD?
Thanks
Nate
Any Answer here?

Record rtsp streams with azure media services

Hello.
I see that Azure media service now has rtsp streaming support, but, as I understand, it can stream videos from azure, but what about recording of incoming rtsp streams? Is it possible to record rtsp streams with Azure media Service?
Andrey

Quick correction for you... We support RTMP. Not RTSP.
You can send a live RTMP stream to us and we will record it. You just need to enable a live Channel and start a Program on it. It will archive the live stream to storage so that you can play it back as VOD.

Applicationhost.config updates for HTTP Slow Post with Azure Websites

We are trying to update our Azure websites to not show as vulnerable to the HTTP Slow Post vulnerability. Some articles suggest fixing this by updating the applicationHost.config via IIS to update the connection timeout values. Obviously with Azure websites,
we don't have access to IIS. Came across some options with Kudu and XDT to modify the application host file, as outlined on these two sites:
http://azure.microsoft.com/en-us/documentation/articles/web-sites-transform-extend/#transform
http://rtigger.com/blog/2014/03/31/number-til-modifying-you-azure-applicationhost-dot-config
Currently am using the following as our applicationHost.xdt (I have this both in our application root, as well as in a SiteExtensions folder as I wasn't clear which one was required).
<?xml version="1.0"?>
<configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform">
<system.applicationHost>
<sites>
<siteDefaults>
<limits connectionTimeout="00:00:30"
xdt:Transform="Insert" />
</siteDefaults>
<applicationDefaults applicationPool="DefaultAppPool" />
<virtualDirectoryDefaults allowSubDirConfig="true" />
</sites>
<webLimits connectionTimeout="00:00:30"
xdt:Transform="Insert" />
</system.applicationHost>
</configuration>
We also set the WEBSITE_PRIVATE_EXTENSIONS app-setting to 1 as instructed.
When testing our site using a 3rd party tool, it appears the setting is not getting applied. Hoping someone can point out where our error may be. Alternatively, is there any way to see what the current applicationHost.config is for our website? I'm curious
if our XDT is correctly being applied, so if we could see what the resulting file was that may also allow us to further troubleshoot.
Thanks in advance for any advise!

Please see
this page, which has detailed steps on finding your applicationhost.config and finding the logs from the transformation. And please make sure that your applicationhost.xdt is in your
d:\home\site folder (and not in your site\wwwroot).
David

Issues with Azure South East Australia on Saturday @ 7am-8am Sydney Time

Hello there
Yesterday Saturday 10th of Jan @ approx 7.28am until 8am our CAS003AU virtual server was non responsive.
It came online on it’s own.
This server is in the Azure South East Australia region. I have checked your status pages and found logged an issue on 7th of Jan (UTC time) which doesn’t appear to correlate to this issue.
Can you urgently investigate and advise why this happened? Why it isn’t on your status page? How can we ensure this doesn’t happen again?
I’m available via email: [email protected]
thanks
Jacob Ohlson
PowerNET

Hi Jacob,
We had a service Incident with Cloud Services and Virtual Machine over East US region which was affected from Jan 9th 2015 22:49 UTC to Jan 10th 2015 1:48 UTC.
As per your issue, we dont not see any service incident over South East Australia region. We suggest you to open a Service Request with Azure Technical Support in order to dig deep to know the Root Cause Analysis of the issue.
http://azure.microsoft.com/en-us/support/options/
Regards,
Manu Rekhar

Secure RD Web Access with Azure MFA

We are keen to deploy RD Web Access for external users but can't find any guidance on securing it with Multi-Factor Authentication (MFA - formerly PhoneFactor).
We currently use MFA with our RD Gateway for users who connect directly to VMs via RDP but want to give other users access to RemoteApps via RD Web Access with the same two factor authentication.
Cheers for now
Russell

Hi,
Thank you for posting in Windows Server Forum.
I am afraid that still there is no direct MFA for RD Web but need to login through RD Gateway which can access as follow. A Remote Desktop login request to RD Gateway that includes Azure MFA looks like this:
1. User logs into RD Web Access and double clicks a RemoteApp (or desktop connection)
2. The user’ login credentials for the website are used to validate the user (Web SSO), so no need to give them again.
3. The user then gets an SMS text message on their smart device that provides them a 6 digit numeric code (the one-time password).
4. The user replies to the text message by inputting this 6 digit code and adding their unique pre-defined PIN to the end of the sequence – Azure MFA includes the option to require the user know a predefined unique PIN as well, so that replies to a text message
have to come from the user.
5. The user is authenticated, and the RemoteApp (or desktop connection) opens.
More information.
Step By Step – Using Windows Server 2012 R2 RD Gateway with Azure Multifactor Authentication
Hope it helps!
Thanks.
Dharmesh Solanki
TechNet Community Support
Dharmesh,
I owe you an apology, I'd forgotten that when you access RD Web Access you're only downloading an RDP file which then uses the RD Gateway to connect the client to the RemoteApp. If we already have the RD Gateway in place and configured with MFA this will
produce the required result.
Sorry
Russell

Restore WindowsImageBackup files with Azure Backup

Hi,
I've made backups with Windows Server Backup (Azure Windows 2012 R2 VM) and included all options, Bare metal restore, system state C: etc. To make things easy I'll call this server Server-A.
The destination of the created WindowsImageBackup folder is a vhd that has been initialized in Windows. After the Windows Server backup job was completed a Azure Backup job made a backup to a Azure store.
For testing purposes I recovered the WindowsImageBackup folder to a different server (Server-B).
I've noticed that the Windows Server Backup wizard of Server-B doesn't recognize the volume that was backedup by Server-A. I can only browse through the WindowsImageBackup folder seeing some files that belong to Windows Server Backup.
Is there a way to fix this?
Thanks!

Hi Hero Kee,
I'm not sure what you mean by a full recovery of a VM, but you can refer the following links to backup your Azure virtual machines with Azure Backup and it gives you the option to restore the VM from the latest recovery
point or older recovery point. You can restore to an existing cloud service or create a new cloud service to create the VM. You have the ability to specify the virtual network and subnet for the restored VM.
http://azure.microsoft.com/blog/2015/03/26/azure-backup-announcing-support-for-backup-of-azure-iaas-vms/
https://azure.microsoft.com/en-us/documentation/articles/backup-azure-vms/Hope
this helps.
Regards,
Malar.

Integrate your on-premises infrastructure with Azure

Integrate your on-premises infrastructure with AzureIf you’ve experimented with Microsoft Azure, or are already using it for some of your IT functionality, you may be ready to take that next step and integrate your infrastructure with Azure so you can use it as an extension to your on-premises infrastructure. Finding all the information that helps you do this can be very time consuming. To help decrease the amount of time required to extend your datacenter to Azure, we’ve released the Datacenter extension reference architecture diagram, a static version is shown above.The diagram shows what a datacenter extension might look like, but it probably also leaves you wondering what everything in it is exactly, and why it’s in the diagram.What’s great about the diagram is that it’s interactive. You can click on every object in the diagram to...
This topic first appeared in the Spiceworks Community

Yes the current OneDrive for Business app for IOS supports logging in to on-premises SharePoint environments using NTLM or Forms based Authentication without requiring an office 365 account. Check the FAQs here:
http://blogs.office.com/2014/02/27/introducing-onedrive-for-business-for-ios-v1-2/
Paul Stork SharePoint Server MVP
Principal Architect: Blue Chip Consulting Group
Blog: http://dontpapanic.com/blog
Twitter: Follow @pstork
Please remember to mark your question as "answered" if this solves your problem.

Release management with Azure and Visual Studio Online (Cloud TFS)

What strategy would you use to manage the releasing of versioned software to Azure cloud services (web and worker roles)? We are not looking for continuous integration. We are using Visual Studio 2013 and Visual Studio Online (Cloud TFS).
At one point, we were releasing straight from Visual Studio using the Azure Cloud Project Publish tool. This is really bad practice in my opinion as you can never be sure what you are really releasing. Additionally, there is no automated control on the labeling
or branching of code, or the running of unit tests and code analysis checks.
Next, we employed Release builds on Visual Studio Online. Before deployment, one would edit the appropriate Build Definition (whether it be for Test or Production by and filling in the code label (under the "Get Version" build property) that is to
be released. This would then get the appropriate code (by the label specified), build it, and release it to whatever cloud service is specified in the targeted Cloud Project profile (this is using the AzureContinuousDeployment.11.xaml template).
There is still a degree of manual intervention involved. Also, the fact that a version of code is built every time before it is released is not ideal (as far as I understand it would be better if it was packaged once).
Microsoft Release Management tools
look ideal for the job, but are not supported with Visual Studio Online.
Is there a better way of handling our releases?

/waves hand.. These are not the tools you seek. You are looking for continuous integration.
Although CI has the word continuous in there, it does not mean "all the time, every checkin". It can easily refer only to those bits you want to release - -and the way to tell the system which bits you want released is to merge them to a Releases
branch.
If you do this, not only do you get all the joy of controlled CI, but you guarantee what you release is exactly what is controlled in your SCM - under the Releases branch, preferably tagged or otherwise noted as a particular release. That means you can also
rollback to a previous release by simply reverting to a previous release in your SCM!
Of course you don't have to let it happen automatically, you can set it up to build 'continually' and then remove the check on the SCM to see if any changes have been committed. You can replace this with the manual build button.

Connection cancellation error with Azure

Hello!
From night to day started getting the error below when I run my application on the local machine. Publishing the application on Azure have no problems.
I researched this error and in some places say it is temporary. Try again later. Others say it can be in zone function time. Modified the machine time and did not work.
The level of application did not modify anything. Continue with the same version of the SDK (2.3). Just follow the development of new features in the application. I did not update any components.
Follow the below error:
Erro de Servidor no Aplicativo '/'.
Foi forçado o cancelamento de uma conexão existente pelo host remoto
Descrição: Ocorreu uma exceção sem tratamento durante a execução da atual solicitação da Web. Examine o rastreamento de pilha para obter mais informações sobre o erro e onde foi originado no código.
Detalhes da Exceção: System.Net.Sockets.SocketException: Foi forçado o cancelamento de uma conexão existente pelo host remoto
Erro de Origem:
Exceção sem tratamento foi gerada durante a execução da atual solicitação da Web. As informações relacionadas à origem e ao local da exceção podem ser identificadas usando-se o rastreamento de pilha de exceção abaixo.
Rastreamento de Pilha:
[SocketException (0x2746): Foi forçado o cancelamento de uma conexão existente pelo host remoto]
System.Net.Sockets.Socket.EndReceive(IAsyncResult asyncResult) +6610791
System.Net.Sockets.NetworkStream.EndRead(IAsyncResult asyncResult) +56
[IOException: Não é possível ler os dados da conexão de transporte: Foi forçado o cancelamento de uma conexão existente pelo host remoto.]
System.Net.TlsStream.EndWrite(IAsyncResult asyncResult) +230
System.Net.PooledStream.EndWrite(IAsyncResult asyncResult) +13
System.Net.ConnectStream.WriteHeadersCallback(IAsyncResult ar) +116
[WebException: A conexão subjacente estava fechada: Erro inesperado em um envio.]
System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult, TransportContext& context) +2240362
System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult) +14
System.Net.WebClient.UploadBitsRequestCallback(IAsyncResult result) +86
[DataCacheException: ErrorCode<ERRCA0030>:SubStatus<ES0001>:Unable to complete authorization request for connecting to the caching endpoint. Please try again after sometime. If the issue persists, contact Microsoft support. ]
Microsoft.ApplicationServer.Caching.AcsTokenManager.ThrowLastAcsException(Exception exception) +265
Microsoft.ApplicationServer.Caching.AcsTokenManager.GetOrRefreshToken(TimeSpan timeout) +778
Microsoft.ApplicationServer.Caching.SocketClientChannel.TryAuthorizeMessage(IAuthorizedChannel channel, IVelocityRequestPacket packet) +76
Microsoft.ApplicationServer.Caching.SocketClientChannel.Send(EndpointID endpoint, IVelocityRequestPacket packet) +395
[DataCacheException: ErrorCode<ERRCA0030>:SubStatus<ES0001>:Unable to complete authorization request for connecting to the caching endpoint. Please try again after sometime. If the issue persists, contact Microsoft support.]
Microsoft.ApplicationServer.Caching.DataCache.ThrowException(ErrStatus errStatus, Guid trackingId, Exception responseException, Byte[][] payload, EndpointID destination) +292
Microsoft.ApplicationServer.Caching.DataCacheFactory.EstablishConnection(IEnumerable`1 servers, RequestBody request, Func`3 sendMessageDelegate, DataCacheReadyRetryPolicy retryPolicy) +878
Microsoft.ApplicationServer.Caching.<>c__DisplayClass5.<Initialize>b__2(RequestBody req) +83
Microsoft.ApplicationServer.Caching.SocketClientProtocol.SendReceive(IVelocityRequestPacket request, Func`2 delegate, EndpointID& destination) +34
Microsoft.ApplicationServer.Caching.SocketClientProtocol.Initialize(IEnumerable`1 servers) +367
Microsoft.ApplicationServer.Caching.DataCacheFactory.GetCache(String cacheName, CreateNewCacheDelegate cacheCreationDelegate, DataCacheInitializationViaCopyDelegate initializeDelegate) +400
Microsoft.ApplicationServer.Caching.DataCacheFactory.GetCache(String cacheName) +61
Microsoft.Web.DistributedCache.DataCacheFactoryWrapper.CreateDataCacheFromFactory(DataCacheFactory factory, String cacheName) +13
Microsoft.Web.DistributedCache.CacheHelpers.RunCacheCreationHooks(CacheConnectingEventArgs fetchingEventArgs, IDataCacheFactory dataCacheFactory, Object sender, EventHandler`1 fetchingHandler, EventHandler`1 fetchedHandler) +65
Microsoft.Web.DistributedCache.DistributedCacheSessionStateStoreProvider.CreateInternalProvider(IHttpRuntime httpRuntime, SessionInitializationData initData, IDataCacheFactory dataCacheFactory, EventHandler`1 cacheFetching, EventHandler`1 cacheFetched) +83
Microsoft.Web.DistributedCache.DistributedCacheSessionStateStoreProvider.GetInternalProvider() +148
Microsoft.Web.DistributedCache.DistributedCacheSessionStateStoreProvider.ResetItemTimeout(HttpContext context, String id) +13
System.Web.SessionState.SessionStateModule.BeginAcquireState(Object source, EventArgs e, AsyncCallback cb, Object extraData) +622
System.Web.AsyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute() +285
System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +155
Informações sobre a Versão: Microsoft .NET Framework Versão:4.0.30319; Versão do ASP.NET:4.0.30319.34212

Hi TChiang!
Thanks for help!
The value for parameter "usedevelopmentstorege' is 'true'. See below my ServiceConfiguration.Local.cscfg with some values changed:
<?xml version="1.0" encoding="utf-8"?>
<ServiceConfiguration serviceName="X.WindowsAzure" xmlns="http://schemas.microsoft.com/ServiceHosting/2008/10/ServiceConfiguration" osFamily="4" osVersion="*" schemaVersion="2014-01.2.3">
<Role name="X.Presentation.Ext.Net">
<Instances count="1" />
<ConfigurationSettings>
<Setting name="Microsoft.WindowsAzure.Plugins.Diagnostics.ConnectionString" value="UseDevelopmentStorage=true" />
<Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.Enabled" value="true" />
<Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountUsername" value="username" />
<Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountEncryptedPassword" value="XYZ" />
<Setting name="Microsoft.WindowsAzure.Plugins.RemoteAccess.AccountExpiration" value="2014-02-07T23:59:59.0000000-02:00" />
<Setting name="Microsoft.WindowsAzure.Plugins.RemoteForwarder.Enabled" value="true" />
<Setting name="Microsoft.WindowsAzure.Plugins.Caching.NamedCaches" value="{"caches":[{"name":"default","policy":{"eviction":{"type":0},"expiration":{"defaultTTL":0,"isExpirable":false,"type":0},"serverNotification":{"isEnabled":false}},"secondaries":0}]}" />
<Setting name="Microsoft.WindowsAzure.Plugins.Caching.DiagnosticLevel" value="1" />
<Setting name="Microsoft.WindowsAzure.Plugins.Caching.CacheSizePercentage" value="30" />
<Setting name="Microsoft.WindowsAzure.Plugins.Caching.ConfigStoreConnectionString" value="UseDevelopmentStorage=true" />
</ConfigurationSettings>
<Certificates>
<Certificate name="Microsoft.WindowsAzure.Plugins.RemoteAccess.PasswordEncryption" thumbprint="ABC" thumbprintAlgorithm="sha1" />
</Certificates>
</Role>
</ServiceConfiguration>
ErInfo

Error 500.00 just with Azure, locally working well

Hi, how are you?
I'm testing the deploy via Visual Studio 2003, but when I deploy I got the error 500.00. If I run via Visual Studio (Locally) works fine but using Windows Azure I get this error
Module
   ManagedPipelineHandler
Notification
   ExecuteRequestHandler
Handler
   System.Web.Mvc.MvcHandler
Error Code
   0x00000000
I've enabled the "DETAILED ERROR MESSAGES" but when I try to access the page I just get the error "Error. An error occurred while processing your request." and nothing more.
Thank you.
Matheus Canela
Analista de Segurança Windows
MCT / MCSA / MCP / MCTS / MCDST / ITIL v2
Caso a resposta for útil, favor responda e clica na seta verde abaixo da foto para votação

Hello,
Thank you for your post.
I am afraid that the issue is out of support range of VS General Question forum which mainly discusses
the usage of Visual Studio IDE such as WPF & SL designer, Visual Studio Guidance Automation Toolkit, Developer Documentation and Help System
and Visual Studio Editor.
It seems that you got issue when deploying web app with Windows Azure, I suggest that you can consult your issue on ASP.NET
Azure and ASP.NET forum:
http://forums.asp.net/1247.aspx/1?Azure+and+ASP+NET for better solution and support.
Best regards,
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

Problem monitoring server with Azure

Hi,
I'm using Application Insights to monitor one application on Windows Azure, I've followed all the instructions and installed and configured Monitoring Agend on the machine, everything seems fine, but no data was generated about the server! I verifyed the
connections on the URLs f5.services.visualstudio.com,dc.services.visualstudio.com and can connect by telnet normally, I've checked the Event Viewer but nothing! Anyone can help me please?
Wilson Teixeira ALM Consultant

Hi Anastasia,
First of all, very thanks for your help, I verified the web.config and the keys are the same on Azure Portal, I founded the module below on the web.config:
<system.webServer>
<modules runAllManagedModulesForAllRequests="true">
<remove name="ApplicationInsightsWebTracking"/>
<add name="ApplicationInsightsWebTracking"
type="Microsoft.ApplicationInsights.Extensibility.Web.RequestTracking.WebRequestTrackingModule, Microsoft.ApplicationInsights.Extensibility.Web"
preCondition="managedHandler"/>
</modules>
<validation validateIntegratedModeConfiguration="false"/>
</system.webServer>
I've comment the lines below in web.config because was breaking my application, but if I uncomment no result too and application breaks:

In the Azure portal I can see some diagnostics as Page Viewes and Exceptions.
I can use Fiddler, I just need some time to learn about and use in homologation environment first.
Update:
I installed the same web application on my machine and works perfectly, with the same web.config with the keys commented, I runned fiddler on both machines, in my workstation everthing is fine, but in server I can't capture events related to azure, maybe...
the requests its not working.
Thanks,
Wilson
Wilson Teixeira ALM Consultant

Use OData/CSOM with Azure Application authentication

Hello,
I try to create an application which can access Project Online OData and is using Azure AD Application for authentication.
So I started with the Research-Project-Code-Sample from the OfficeDev (
https://github.com/OfficeDev/Research-Project-Code-Sample ) for the authentication to Azure AD as an application.
So I can access /_api/Web Odata endpoint and get all the data.
But when I try to access /_api/ProjectServer/Projects I get no projects.
And for /_api/ProjectData I get an error.
I am assuming that there are some missing permissions.
But I have no clue which ones.
I have tried adding permissions using the same approach as for Excel described here
http://blogs.office.com/2013/03/29/project-online-and-excel-web-app-cloud-data-improves-reporting/ but it still does not work.
Any one any idea or help?
Thanks,
Fabian

Hello,
you have to use NetworkMonitor or similar tools to see the detailed traffic from the application to the DCs.
LDAP is a protocol used for AD.
http://msdn.microsoft.com/en-us/library/aa367008(v=vs.85).aspx
See here about Kerberos and NTLM
http://technet.microsoft.com/en-us/library/cc755284(v=ws.10).aspx http://technet.microsoft.com/en-us/library/cc780469(v=ws.10).aspx
Which options are used and required belongs also to the applications, so please ask therefore in the specific product forums also.
Best regards
Meinolf Weber
MVP, MCP, MCTS
Microsoft MVP - Directory Services
My Blog: http://blogs.msmvps.com/MWeber
Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.
Twitter:

Set-AzureServiceDiagnosticsExtension or publishing with diagnostitcs enabled fails with Azure SDK2.5 for existing Azure services

Similar to https://social.technet.microsoft.com/Forums/systemcenter/en-US/487234f4-9748-4f49-ab7b-ce523da4c500/publish-cloud-service-fails-from-visual-studio-2013-update-4-published-asset-entry-for-image but since the given answer provides no solution
and I found more details, I felt that opening this new question providing more details was necessary.
I have an existing Azure service with two web roles (service and worker) published first in May 2012. Recently I tried to update from SDK2.2 to SDK2.5 and Visual Studio 2013 Update 2 to Update 4. The main reason behind this was to move from log4net to WAD
and in doing so, of course directly move to the new diagnostics version. So before publishing I enabled WAD diagnostics logging in the properties of both roles.
Trying to publish from Visual Studio to the exisiting Azure Service fails, VS output shows the following lines:
11:45:24 - Checking for Remote Desktop certificate...
11:45:25 - Applying Diagnostics extension.
11:45:45 - Published Asset Entry for Image Microsoft.Azure.Diagnostics_PaaSDiagnostics_europeall_manifest.xml not found.
What's working 1: For testing purposes, I have created a new Azure service in the Azure portal.
Publishing the same solution from the same development environment to this new service is possible without problems - the service with WAD diagnostics logging is working fine. Unfortunately this is no solution to my production service, with
DNS alias and SSL certificates bound to the existing Azure service.
What's working 2: Publishing the solution to the existing Azure service WITHOUT diagnositics enabled works.
Problem with that: Trying to activate WAD diagnostics logging after publishing using the Azure cmdlets also fails WiTH a similar error message. Following http://blogs.msdn.com/b/kwill/archive/2014/12/02/windows-azure-diagnostics-upgrading-from-azure-sdk-2-4-to-azure-sdk-2-5.aspx I
tried:
PS C:\> Set-AzureServiceDiagnosticsExtension -StorageContext $storageContext -DiagnosticsConfigurationPath $public_config -ServiceName $service_name -Slot 'Staging' -Role $role_name
VERBOSE: Setting PaaSDiagnostics configuration for MyWebRole.
Set-AzureServiceDiagnosticsExtension : BadRequest : Published Asset Entry for Image
Microsoft.Azure.Diagnostics_PaaSDiagnostics_europeall_manifest.xml not found.
At line:1 char:1
+ Set-AzureServiceDiagnosticsExtension -StorageContext $storageContext -Diagnostic ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Set-AzureServiceDiagnosticsExtension], CloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.CloudException,Microsoft.WindowsAzure.Commands.ServiceManagement.
Extensions.SetAzureServiceDiagnosticsExtensionCommand
The problem seems to be related to those service configuration parts in the cloud which are not replaced by a new deployment, so I compared both services using Azure cmdlet Get-AzureService.
I found that the new service has properties which the old one is missing:
ExtendedProperties : {[ResourceGroup, myazureservice], [ResourceLocation, North Europe]}
Is this a hint? Reinstalling or repairing Visual Studio is not the answer to this problem!!!
What's the meaning of "Published Asset Entry for Image Microsoft.Azure.Diagnostics_PaaSDiagnostics_europeall_manifest.xml"?
[Perhaps MS will publish a newer version of its Azure cmdlets, but that's not today's story]
So what are possible reasons or fixes for this behaviour? Going back to log4net is not my favorite. Even worse, while there are alternative logging solution,
I currently have no performance counter monitoring in the Azure portal (Remote desktop and perfmon is NO solution). Is there any alternative to going back to SDK2.4?
Best regards,
Andreas

Hi Andreas,
Thanks for your feedback.
I will test and reproduce your issue on my side. Any information, I will post back for you.
Thanks for your understanding.
Regards,
Will
We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
Click
HERE to participate the survey.

CheckPoint With Azure S2S

Similar Messages

Maybe you are looking for