Integrate your on-premises infrastructure with Azure

Similar Messages

• Free Webinar: Integrate your ABAP Documents with SAP Mobile Documents

  Learn how to integrate documents stored in your ABAP-based application into SAP Mobile Documents. In this webinar, you will also learn how to share documents out of your ABAP application with SAP Mobile Documents.
  For further details check out http://scn.sap.com/docs/DOC-60383.

  The recording of the session is now available at http://scn.sap.com/docs/DOC-60383. There is also a new blog on what you have to do to share your documents from your ABAP system How to share your documents from ABAP with SAP Mobile Documents.

• Free Webinar: Integrate your SCM Documents with SAP Mobile Documents

  Learn how to integrate documents stored in SCM into SAP Mobile Documents. In this webinar, you will also learn how to share documents out of your SCM system with SAP Mobile Documents.
  For further details check out http://scn.sap.com/docs/DOC-60383.

  The recording of the session is now available at http://scn.sap.com/docs/DOC-60383. There is also a new blog on what you have to do to share your documents from your ABAP system How to share your documents from ABAP with SAP Mobile Documents.

• Free Webinar: Integrate your PLM Documents with SAP Mobile Documents

  Learn how to integrate documents stored in PLM into SAP Mobile Documents. In this webinar, you will also learn how to share documents out of PLM with SAP Mobile Documents.
  For further details check out http://scn.sap.com/docs/DOC-60383.

  The recording of the session is now available at http://scn.sap.com/docs/DOC-60383. More detailed documentation about how to do the coding is available at How to share your documents from ABAP with SAP Mobile Documents.

• Dropping on Premise AD for Azure AD post exch/lync offsite migration clean cut to new AD or Azure AD or both

  Here is the scenario:
  The current customer Domain as been active since NT, and has seen every version of Exchange.
  The domain has also had multiple admins, each who gave it their 'golden' touch.  (Not a good thing, because the majority of them it appears had no clue what they were doing).
  The domain supports 14 users.
  Exchange and Lync have been moved off premise to a hosting provider. Exchange, Lync, CAS, Edge, Mediation have been sucsufully demoted and decom'd.
  The network (AD) which because of a very complex, and 'tweaked' infrastructure is very problematic and time consuming to manage. It appears nothing of value outside of login  security is being used, including no wsus, no GP, etc.
  The only items the network supports now outside of VERY basic FSMO ops (very like 'everyone' s allowed access to everyone's everything (yikes) is a SQL server using a shared folder old net application, a file server and an iis server. (IIS does NOT support
  their current domain name/role)  Outside of server roles, AD is doing nothing with those servers. AD NEEDS to be doing what it was intended to do, but whenever something is changed, everything blows up. For example, I created a new group container,
  nothing else, and a single shared folder stopped working, and two users were disconnected, nothing in the log files. Or a user who enters a password incorrectly three times is locked out. The admin unlocks the account which locks three other accounts.
  Nothing in the log except a basic user locked out message. Like I said it's HOSED!
  Originally my thought was to spin up a new DC for them, with a new/different domain (internal named)  for their small office and do a clean cut. Set up AD the way I want to that will benefit them with proper security, file shares, etc.
  Question 1) What are your thoughts about this being a fix for a small office? If its a bad idea, why?
  Question 2) Why not spin up AD in Azure instead of locally, or do they need a local AD syncing with Azure AD?
  What is the best course of action that will bring them the most benefit over the next few years?

  Hi,
  For the issue about windows azure AD, i would suggest you may ask in:
  http://social.msdn.microsoft.com/Forums/windowsazure/en-US/home?forum=WindowsAzureAD
  Regards.
  Vivian Wang

• Replacing On-Premises AD with AAD

  Hi All,
  We have on-premises AD and a AAD tenancy in the cloud.
  We are planning to use DirSync + Password Sync to synchronized the identity data.
  My question is - Can Azure Active Directory be used as a domain service for LOB applications residing on-premises and for device (laptops/desktops) authentication?
  I understand we can move on-premises AD to Azure to set up a cloud based domain service for LOB applications and devices.
  But we dont want to do that.
  Can we use just the AAD for authentication/authorization requirements for all applications (LOB and Cloud) and also the devices (laptops and desktops)?
  Regards,
  Ajay Suri

  The term Line of Business Application does not define how it may integrate to a 3rd party directory service, such as Active Directory or Azure Active Directory.  Having said that, its doubtful that any of your existing LOB apps were written to work
  with Azure AD, given its newness, difference in protocols, etc.
  The 2nd part of your question applies to the Windows operating system's integration with Azure AD.  Currently, Windows 8.1 can authenticate users with local credentials, Active Directory domain credentials, or a LiveID.  At time of writing, there
  is no ability to "join" a workstation to AAD, or get SSO without additional tools (such as ADFS).
  Mike Crowley | MVP
  My Blog --
  Planet Technologies

• Error while Authenticating sharepoint site with Azure AD users using Azure Access Control Namespace

  I have a Sharepoint site running on Azure virtual Machine. Now i want to authenticate my sharepoint site with Azure AD users.
  For this i have followed below link, but getting error after login.
  Using Microsoft Azure Active Directory for SharePoint 2013 authentication
  I have implemented as given on reference link, but still facing error. When i access my url from browser, it will ask me through which you want to logon.
  Then on selection of ACS Provider, it will redirect me to office365 login. After i submit my credentials, it will redirect me to
  https://testvm.cloudapp.net/_trust/
  and got error. So i checked in sharepoint log and found below error.
  Cannot find site lookup info for request Uri urn:sharepoint:spvms.
  SPAudienceValidator: Audience uri 'urn:sharepoint:spvms is not valid for the context.
  Getting Error Message for Exception Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The Audience URI could not be validated.
  SPSaml11SecurityTokenHandler: Audience validation failed for request 'https://testvm.cloudapp.net/_trust/' with
  the following audience URIs: 'urn:sharepoint:spvms', .
  Application error when access /_trust/, Error=The Audience URI could not be validated.
  at Microsoft.SharePoint.IdentityModel.SPSaml11SecurityTokenHandler.ValidateConditions(SamlConditions conditions, Boolean enforceAudienceRestriction)
  at Microsoft.IdentityModel.Tokens.Saml11.Saml11SecurityTokenHandler.ValidateToken(SecurityToken token)
  at Microsoft.IdentityModel.Tokens.SecurityTokenHandlerCollection.ValidateToken(SecurityToken token)
  at Microsoft.IdentityModel.Web.TokenReceiver.AuthenticateToken(SecurityToken token, Boolean ensureBearerToken, String endpointUri)
  at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.SignInWithResponseMessage(HttpRequest request)
  at Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs args)
  at Microsoft.SharePoint.IdentityModel.SPFederationAuthenticationModule.OnAuthenticateRequest(Object sender, EventArgs eventArgs)
  at System.Web.HttpApplication.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
  at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously)

  I want 100,000 external users to have access to my SharePoint online Site collection.
  I was thinking of going the Azure AD route, where external users will have there ID's created in Azure AD cloud.
  Trying to figure how I can integrate Azure AD cloud with my SharePoint Online Site collection.
  Currently my site collection is tied to On-premise AD.
  Is there a way to integrate the SharePoint online to use both Azure AD and On-premise AD?
  Thanks
  Nate
  Any Answer here?

• SharePoint 2013 on-premises integration with goDaddy Email account

  Hi Everyone , 
  We wish to integrate our on premise SharePoint 2013 notifications and other related stuff with our Domain emails hosted on GoDaddy servers. 
  We are unable to find the related support content on internet.
  We have integrated email via SMTP with our outlook already. So far my understanding is that we have to add SMTP settings in IIS Sharepoint Application and then adding these settings in Central admin settings.
  Tech Learner

  Hi,
  Based on your description, my understanding is that you want to configure the outgoing email setting and incoming email setting in SharePoint 2013.
  You can use the SMTP server for your outgoing email and incoming email settings in SharePoint 2013.
  Please refer to the links below:
  Configure outgoing email for a SharePoint 2013 farm:
  http://technet.microsoft.com/en-us/library/cc263462(v=office.15).aspx
  Configure incoming email for a SharePoint 2013 farm:
  http://technet.microsoft.com/en-us/library/cc262947(v=office.15).aspx
  Thanks,
  Victoria
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Victoria Xia
  TechNet Community Support

• Public-facing on-premises SharePoint with NTLM authentication

  I've been searching for authentication best practices for public-facing SharePoint site but I didn't find any useful resources on the issue that is troubling me.
  Assume I set up a web application with Classic NTLM authentication. On that web application I enable
  Anonymous access. This means that users inside organization's network will be able to authenticate (actually use SSO) using organization's DC. They will be able to access and administer all content. All other anonymous users will be able to see
  published content only i.e. content which is permitted to anonymous users.
  My question is: Is this kind of setup a security issue because if a potential attacker hacks a WFE then he has direct access to DC?
  Is FBA maybe a better solution for public-facing sites? Or maybe use NTLM, but create a separate domain with one-way trust to organization's domain?

  There are many variations you can take with this - and really you need to consider more than just your content. For true separation:
  I would have a dedicated DC to manage service accounts.
  I would break up my DMZ behind firewall contexts with a reverse proxy publishing SharePoint at the edge.
  proxy/firewall -- SP Server -- Firewall -- SQL/DC
  For true separation you don't want to share any underlying infrastructure with internal either, although in reality logical separation is usually enough.
  Now you have to deal with internal user authentication and how to handle that. The first thing is I would have at minimum two webs available, your primary for editing and the extended version for public access.
  While a one way trust would work - you still do expose user info out to the public which you may not want. With this configuration you could configure people picker to only select from a particular OU to minimize this.
  Another option however is to look at using ADFS between your domains and create the trust there. You would have to configure the farm for claims auth to make this work, but this would eliminate the possibility of probing all the users in AD or the OU you expose.
  With the ADFS method when you update documents you user name is still tagged to content - however if you don't populate the user profiles this will be the only information available about any internal user.
  You may even want to go a step further and when you extend the public site, use forms authentication but don't provide any users. Then there is no authenticated access from the public URL. And with ADFS/Reverse Proxy may you even be able to configure some pre
  authentication for your internal users before they can even reach the internal SharePoint pages.
  I would strongly consider moving to SharePoint 2013 and looking at the cross site publishing (2010 and below have the content publishing - but stay away from that, when it works it's great, but when it doesn't it's a PITA to get back in sync). with cross site
  publishing you have an editing site and the publishing site pulls from the Search index and the permissions are completely separate.

• I am trying to integrate EBS 12.1.3  with Enterprise Manager 11g

  HI Experts
  I need to integrate EBS 12.1.3 with Enertprise Manager 11g grid control.
  I have applied patch 8333939 to my OMS Instance successfully.
  But I am not able to apply the same to my agent home.
  I am following this doc.
  http://docs.oracle.com/cd/E11857_01/em.111/e18708/T506934T511454.htm
  I need to deploy patch 9757683 to my agent home.
  Also silent installation is not working.
  Please advise.
  Thanks
  Vsyed786

  I see this error in your output:
  2014-11-26 10:55:23,583 ERROR [ThemeAutoDeployer]
  java.io.FileNotFoundException: /tmp/liferay/com/liferay/portal/deploy/dependencies/liferay-theme.tld (Too many open files)
  I'm not across what the EBS recommended setting for this is, or if there is one.  But try running:
  ulimit -n
  ... and if the number is low, edit /etc/security/limits.conf , add some entries for increased "soft nofile" and "hard nofile" and run sysctl -p.  See Linux & Java tips: Too many open files .

• Azure remote App with Azure SQL Backend

  Hi, If I had an application which utilised a SQL backend could I host the front end in Azure remote app and the backend on an Azure SQL database or would I need to use IAAS to provide the backend?
  Many thanks
  James 

  Hi James,
  If the application is designed to be compatible with Azure SQL Database then yes, you can use Azure RemoteApp for the frontend and Azure SQL Database for the backend.  If the application is not compatible with Azure SQL Database then you would
  need to use SQL Server running in an IaaS VM, or SQL Server running in an on-premises VM.  The IaaS VM or SQL Database should be in the same Azure region as the RemoteApp collection in order to minimize latency.
  For example, say you have an internally-developed application that uses SQL Server 2012 as its backend database.  Before you would be able to use Azure SQL Database you would first need to migrate the database to Azure SQL Database and make any changes
  necessary to the application and/or database for compatibility.  The SQL Database Migration Wizard is helpful for this process.
  -TP

• Error 500.00 just with Azure, locally working well

  Hi, how are you?
  I'm testing the deploy via Visual Studio 2003, but when I deploy I got the error 500.00. If I run via Visual Studio (Locally) works fine but using Windows Azure I get this error
  Module
     ManagedPipelineHandler
  Notification
     ExecuteRequestHandler
  Handler
     System.Web.Mvc.MvcHandler
  Error Code
     0x00000000
  I've enabled the "DETAILED ERROR MESSAGES" but when I try to access the page I just get the error "Error. An error occurred while processing your request." and nothing more.
  Thank you.
  Matheus Canela
  Analista de Segurança Windows
  MCT / MCSA / MCP / MCTS / MCDST / ITIL v2
  Caso a resposta for útil, favor responda e clica na seta verde abaixo da foto para votação

  Hello,
  Thank you for your post.
  I am afraid that the issue is out of support range of VS General Question forum which mainly discusses
  the usage of Visual Studio IDE such as WPF & SL designer, Visual Studio Guidance Automation Toolkit, Developer Documentation and Help System
  and Visual Studio Editor.
  It seems that you got issue when deploying web app with Windows Azure, I suggest that you can consult your issue on ASP.NET
  Azure and ASP.NET forum:
  http://forums.asp.net/1247.aspx/1?Azure+and+ASP+NET  for better solution and support.
  Best regards,
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Schema Error when Syncing on Premises AD to Azure

  Hi,
  I have an odd issue with trying to Sync my local user passwords with Azure AD.  My schema version is 47 (which is supported) and we are running 2008R2 Domain Controllers.
  Presently, I am not installing the Azure AD Connect tool on a Domain controller, I have tried both on domain joined Server 2012R2 and Server 2008R2 servers.
  Anyone come across this before?
  <v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75" path="m@4@5l@4@11@9@11@9@5xe"
  stroked="f">
   <v:stroke joinstyle="miter">
  <v:formulas>  <v:f eqn="if lineDrawn pixelLineWidth 0">
    <v:f eqn="sum @0 1 0">
    <v:f eqn="sum 0 0 @1">
    Thanks,</v:f></v:f></v:f></v:formulas></v:stroke></v:shapetype>
  Martin<v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75" path="m@4@5l@4@11@9@11@9@5xe"
  stroked="f"><v:stroke joinstyle="miter"><v:formulas><v:f eqn="if lineDrawn pixelLineWidth 0"><v:f eqn="sum @0 1 0"><v:f eqn="sum 0 0 @1"><v:f eqn="prod @2 1 2">
    <v:f eqn="prod @3 21600 pixelWidth">
    <v:f eqn="prod @3 21600 pixelHeight">
    <v:f eqn="sum @0 0 1">
    <v:f eqn="prod @6 1 2">
    <v:f eqn="prod @7 21600 pixelWidth">
    <v:f eqn="sum @8 21600 0">
    <v:f eqn="prod @7 21600 pixelHeight">
    <v:f eqn="sum @10 21600 0">
   </v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:formulas>
   <v:path gradientshapeok="t" o:connecttype="rect" o:extrusionok="f">
   <o:lock aspectratio="t" v:ext="edit">
  </o:lock></v:path></v:stroke></v:shapetype><v:shape alt="" id="Picture_x0020_2" o:spid="_x0000_i1025" style="width:660pt;height:457.5pt;" type="#_x0000_t75">
  <v:imagedata o:href="cid:[email protected]" src="file:///C:\Users\MARTIN~1.MCD\AppData\Local\Temp\1\msohtmlclip1\01\clip_image001.png">
  </v:imagedata></v:shape>
  MMcD

  Hi,
  Thanks for your response.
  The AD web services is not needed when you install the azure connect tools.
  Your target computer for installing AAD Sync can be stand-alone, a member server or a domain controller.
   And it must have the following components need  installed:
  .Net 4.5
  PowerShell (preferably PS3 or better)
  http://blogs.technet.com/b/canitpro/archive/2014/09/30/step-by-step-setting-up-the-new-aad-sync.aspx
  Please install the tools in your windows server 2012r2 DC to check the result.
  Regards.
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Applicationhost.config updates for HTTP Slow Post with Azure Websites

  We are trying to update our Azure websites to not show as vulnerable to the HTTP Slow Post vulnerability. Some articles suggest fixing this by updating the applicationHost.config via IIS to update the connection timeout values. Obviously with Azure websites,
  we don't have access to IIS. Came across some options with Kudu and XDT to modify the application host file, as outlined on these two sites:
  http://azure.microsoft.com/en-us/documentation/articles/web-sites-transform-extend/#transform
  http://rtigger.com/blog/2014/03/31/number-til-modifying-you-azure-applicationhost-dot-config
  Currently am using the following as our applicationHost.xdt (I have this both in our application root, as well as in a SiteExtensions folder as I wasn't clear which one was required).
  <?xml version="1.0"?> 
  <configuration xmlns:xdt="http://schemas.microsoft.com/XML-Document-Transform"> 
  <system.applicationHost>
          <sites>
              <siteDefaults>
                  <limits connectionTimeout="00:00:30"
  xdt:Transform="Insert" />
              </siteDefaults>
              <applicationDefaults applicationPool="DefaultAppPool" />
              <virtualDirectoryDefaults allowSubDirConfig="true" />
          </sites>
          <webLimits connectionTimeout="00:00:30"
  xdt:Transform="Insert" />
  </system.applicationHost>
  </configuration> 
  We also set the WEBSITE_PRIVATE_EXTENSIONS app-setting to 1 as instructed.
  When testing our site using a 3rd party tool, it appears the setting is not getting applied. Hoping someone can point out where our error may be. Alternatively, is there any way to see what the current applicationHost.config is for our website? I'm curious
  if our XDT is correctly being applied, so if we could see what the resulting file was that may also allow us to further troubleshoot.
  Thanks in advance for any advise!

  Please see
  this page, which has detailed steps on finding your applicationhost.config and finding the logs from the transformation. And please make sure that your applicationhost.xdt is in your
  d:\home\site folder (and not in your site\wwwroot).
  David

• Issues with Azure South East Australia on Saturday @ 7am-8am Sydney Time

  Hello there
  Yesterday Saturday 10th of Jan @ approx 7.28am until 8am our CAS003AU virtual server was non responsive.
  It came online on it’s own.
  This server is in the Azure South East Australia region.  I have checked your status pages and found logged an issue on 7th of Jan (UTC time) which doesn’t appear to correlate to this issue.
  Can you urgently investigate and advise why this happened? Why it isn’t on your status page?  How can we ensure this doesn’t happen again?
  I’m available via email: [email protected]
  thanks
  Jacob Ohlson
  PowerNET

  Hi Jacob,
  We had a service Incident with Cloud Services and Virtual Machine over East US region which was affected from Jan 9th 2015 22:49 UTC to Jan 10th 2015 1:48 UTC.
  As per your issue, we dont not see any service incident over South East Australia region. We suggest you to open a Service Request with Azure Technical Support in order to dig deep to know the Root Cause Analysis of the issue.
  http://azure.microsoft.com/en-us/support/options/
  Regards,
  Manu Rekhar