James Callaghan

Category: Azure

Login to multiple Office 365 & Azure accounts at the same time
A challenge for most administrators managing more than one or more Azure subscriptions or Office 365 tenants having to continuously log in and out with different credentials to do so.

Login error in Office 365

Many have developed techniques to work around this challenge by using Incognito Windows or Private Browsing and others use multiple Browsers. Even with these methods, you are still limited to using two accounts particularly with Incognito Window or Private Browsing technique.

In this post, I share my method that enables you to log in to multiple Office 365 & Azure accounts in the same browser, on the same device at the same time!

Here’s an example of how many accounts I toggle between:
1. Corporate Office 365 account (Email, Lync, Yammer, SharePoint, Office 365 Admin etc.)
2. Microsoft Account for Corporate used for Azure Management Portal, Intune, Visual Studio Online and MSDN
3. Personal Office 365 account
4. Multiple Customer accounts (or through Delegated Administration using my Corporate Office 365 account).
5. Multiple Developer Office 365 accounts
6. Multiple Demo Office 365 accounts
Sure, a password manager might help with the login process by storing credentials but this still doesn’t solve the challenge of being signed in to multiple accounts at the same time.

The technique I have started using is a feature available in Chrome. Chrome allows you to create multiple user accounts from the Settings page.

Users in Chrome Settings

I’ve created users for each of the Microsoft accounts I commonly use. Each Chrome user has its own settings such as the plugins installed, the bookmarks that are available, browsing history and the crucial part cookies and Browser sessions.

Now when I want to jump between Azure subscriptions or Office 365 tenants I can toggle between Chrome users. The user menu is available in a number of places.
Chrome Users is also available on the PC version of Chrome. I hope you find this technique of switching between Azure or Office 365 accounts useful.
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
18 June 2014
Use Azure Explorer to access Azure Storage Accounts
Often a difficult task for some, once up and running with Microsoft Azure, is how to get files in and out of Storage Accounts or Containers. For these particular scenarios there is a really simple tool called Azure Explorer.

There is of course the ability to upload/download files or blobs through the Azure Portal. Obviously this is not that great for large files due to timeouts etc. Then there is the Azure PowerShell cmdlets but this requires subscription information and experience of using PowerShell particular with Microsoft Azure which not everyone has. Alternatively there is software available called Azure Explorer from Cerebrata.

Cerebrata Azure Explorer

The software provides users with a familiar experience to that of Windows Explorer. You’re also able to configure multiple storage account and can create/delete new blob containers.

Azure Explorer lets you quickly browse and manipulate your Microsoft Azure blobs with ease.

A Premium version called Cloud Storage Studio is also available which enables you to work with tables and queries.

How to use Azure Explorer

Getting started with Azure Explorer is really easy. Firstly you need to Download the Azure Explorer ClickOnce installer from the Cerebrata website.

Installing Azure Explorer

Next you’ll need to get the access key for your Storage Account from the Microsoft Azure Portal. To get your access key browse to the Storage section of the Azure Portal and select your Storage Account from the list of those available. Then click on Manage Access Keys from the toolbar at the bottom and copy your Primary Access Key.

Azure Storage Access Keys

Open Azure Explorer, click on the File menu and select Add Connection. Enter the name of your Storage Account and Access Key you have just copied.

Add Storage Account to Azure Explorer.

You’ll then see the Storage Account become available in Azure Explorer. From there it is simply drag & drop or copy & paste.

Accessing blobs from Azure Explorer.

Accessing Azure Explorer Logs

You can also access the logs to troubleshoot any issues you experience by right-clicking on the window title and selecting Open Current Log File.

A.zure Explorer logs

I use this tool an awful lot to move files across multiple Storage Accounts in Microsoft Azure and my desktop. By having it installed in my VMs, I can get access to files that I have uploaded from my desktop such as software installers or ISO images etc. The interface really quick and easy to use and is a tool that I recommend to customers. Give it a try and see how easy it really is.
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
01 May 2014
Customise the Office 365 login page
It’s official you can now customise the Office 365 login page with your own branding ~~– ok not quite yet but Microsoft has just released a preview feature that will soon allow us to~~.

The dull Californian highway image that we are all accustom to can now be replaced with your own image along with your own logo and login information which is impressive in itself but these elements can also be localised for different languages. This is all achieved with a preview feature Microsoft have recently released for Windows Azure Active Directory Premium which of course underpins Office 365. Pricing for this feature is not yet available but I imagine it will be published soon.

Example of a customised login page

What can be customised?

Microsoft has made the following elements of the login page customisable.
1. The “Banner Logo” which is displayed on the sign-in page and access panel.
2. The “Sign In Page Illustration” displayed on the sign in page to the left of the login form.
3. The “Sign In Page background colour” visible when there is no sign in page illustration present or for low bandwidth connections.
4. The “Sign In Page Text” that appears below the login form and can be used to give more information to users such as where to get support.
5. The “Tile Logo” which is not used but might be used to replace the “organisational account” pictogram.
6. A “User ID Label” which again is not used but could be set to “Company email” or “User ID”.
Follow the recommendations Microsoft has included in this Add company branding to your Sign In and Access Panel pages TechNet article.

Add your own branding to your login page

You will need to login to the Windows Azure management portal and complete the following instructions:
- Browse to the Active Directory page and select your Office 365 directory.
- Click on the “Enable Active Directory Premium” link on the summary page.
- Then from the summary page click on the “Customise your organisation’s Sign In and Access Panel pages” link where you will be able to upload your logo and other assets.
Customise branding form

As this is a preview feature Microsoft has decided for the first few weeks of the preview that users must opt-in on each device to experience the customised sign-in page. To opt-in, you must visit https://login.microsoftonline.com/optin.srf.

Demo customised sign-in pages

Microsoft has also provided to demo fictitious sign-in pages that you can get access to experience a customised login page.
- http://aka.ms/aaddemo001
- http://aka.ms/aaddemo002
Further information can be found on the Add company branding to your Sign In and Access Panel pages TechNet article.
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
15 December 2013
Using PowerShell with Windows Azure
If you’re working with Windows Azure and want to use PowerShell to perform management tasks you will first need to install and configure Windows Azure PowerShell as per this article “How to install and configure Windows Azure PowerShell“.
1. Download and install the Microsoft Web Platform Installer
2. Launch the Microsoft Web Platform Installer
3. Select the Windows Azure PowerShell and then click install
4. Launch PowerShell as an Administrator
5. Type get-help *Azure* to see all the Windows Azure cmdlets – you will be asked to update help
6. Download your Windows Azure subscription publish settings file by typing Get-AzurePublishSettingsFile or by browsing to the download publish profile page
7. Save the publish settings file to a directory – in my case I store this alongside my Windows Azure scripts directory that I have synchronised with Dropbox
8. Import the publish settings file by typing Import-AzurePublishSettingsFile <PathToPublishSettingsFiles>
9. Check to see that you can are connected to your Windows Azure subscription by entering Get-AzureSubscription which should return information about your subscription.
Here are a couple of useful links to get you started – Windows Azure Management Cmdlets and Windows Azure Script Centre

That’s it – you should now be able to manage Windows Azure using PowerShell.
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
05 November 2013
Pointing external DNS at a Windows Azure hosted Virtual Machine
Update: while the VIP address is guaranteed for the lifetime of the deployment – a customer recently lost their VIP address which resulted in their custom domain name become unresolvable. Whilst this was acceptable as we were still in a phase of testing it did cause me some concern. Why had the VIP address changed without our knowledge – we had not made any configuration changes to causes this. I did some further research and found an article (Using custom domain names with Windows Azure Cloud Service) in the Documentation section on the Windows Azure website where it advised you should use CNAME records and point these to your *.cloudapp.net domain name. I asked the customer to do this and we have been able to use the system since.

This post describes how I configured one of my Windows Azure hosted Virtual Machines with my domain name registrars DNS – this meant that I could make SharePoint 2013 available using my domain name.

On the virtual machine instances, page in the Windows Azure Management Portal (https://manage.windowsazure.com) browse to the virtual machine you want to configure with your external DNS.

Windows Azure Virtual Machine Dashboard

On the right, in the “Quick Glance” section you will see that a “Public Virtual IP (VIP) Address” is listed (this is shown in the image below but for security purposes, I have changed my VIP to 111.111.111.111). The VIP address is the IP address I need to direct my external DNS to.

Virtual Machine Quick Glance information

This VIP address is guaranteed to remain for the deployment of the cloud service – therefore if the deployment is removed the VIP address will no longer be available. Corey Sanders has written a great article on the Windows Azure MSDN blog (http://blogs.msdn.com/b/windowsazure/archive/2011/07/06/windows-azure-deployments-and-the-virtual-ip-address.aspx) where he confirms that the VIP is guaranteed for the lifetime of deployment and provides a great alternative if the virtual machine deployment has to be removed.

“If that is not possible (e.g. you must delete/deploy), then a little planning beforehand can still help here: just create a new hosted service, update CNAME and A record to new hosted service (but keep old deployment there). Wait 24 hours and it should be safe to delete the older deployment.”

I also decided to add a shorter TTL to my A record just in case the VIP address does ever change for whatever reason and I need to propagate a change quickly. I’m not sure if this is advisable or not and am seeking confirmation on this.

A quick test you can do before making any changes to your DNS is to browse directly to your VIP address (http://111.111.111.111). This in my case took me to the default IIS site however this will depend on your configuration.

IIS 8 default website landing page

After I confirmed that the VIP address was accessible I then proceeded to make changes to my external DNS through my domain registrars control panel – in this example, I wanted to point a host record (or an A record) to my virtual machine.
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
26 October 2013
Change the default sync interval – Windows Azure Active Directory Sync
The default interval for Windows Azure Active Directory Sync (DirSync) synchronisations is 3 hours. If for instance, your Active Directory has lots of changes you probably want to consider shortening the sync interval.

The schedule can be modified by changing the “Microsoft.Online.DirSync.Scheduler.exe.Config” configuration file. Before proceeding to make any changes to the sync interval you should evaluate how long it takes to complete synchronisation. You can do this by reviewing the application event log for entries that indicate when sync has started and completed.

To modify the configuration file open “C:\Program Files\Windows Azure Active Directory Sync\Microsoft.Online.DirSync.Scheduler.exe.Config” in Notepad. You will then need to modify the value of the “Synctimeinterval” key – the notation of this is Hours:Minutes:Seconds.

Microsoft.Online.DirSync.Scheduler.exe.Config

Save the configuration file and restart the “Windows Azure Active Directory Sync Service” Windows Service (via PowerShell Restart-Service MSOnlineSyncScheduler) to apply this change.

Restart-Service MSOnlineSyncScheduler
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
17 October 2013
Force a full syncronisation – Windows Azure Active Directory Sync
When configuring Windows Azure Active Directory Sync (or DirSync as it was previously known) it’s useful to be able to run various synchronisation tests. The default synchronisation schedule is 3 hours so unless you want to wait you will need to force a full synchronisation using PowerShell.

Start-OnlineCoexistenceSync cmdlet

To do this you need to load the Windows Azure Active Directory Sync PowerShell module and run a cmdlet. Start by navigating to “C:\Program Files\Windows Azure Active Directory Sync” in PowerShell and then run “.\DirSyncConfigShell.psc1” from this directory. This will launch a new PowerShell console with the Windows Azure Active Directory Sync PowerShell module loaded (Add-PSSnapin Coexistence-Configuration). Then to force a full synchronisation you need to run the Start-OnlineCoexistenceSync cmdlet.

[code lang=”PowerShell”]
Start-OnlineCoexistenceSync -fullsync
[/code]

You can verify that synchronisation has occurred by reviewing the application event log on the server running DirSync – there should be several items in the log such as “Directory Synchronization, Event ID – 114, Export cycle completed”. There is also a status of the Active Directory Synchronisation on the “Users and Groups” page in the Office 365 admin portal. There are also two other ways to see the status of synchronisation jobs which I will go into in more detail in a later post but these include using the Forefront Identity Manager (FIM) client and Fiddler web debugging proxy.

Office 365 Active Directory Sync status

You can create a shortcut to “C:\Program Files\Windows Azure Active Directory Sync\DirSyncConfigShell.psc1” on the desktop for ease of administration. I, however, take this one step further and create a shortcut to perform a synchronisation as well. Create a shortcut with the following target below.
```
%SystemRoot%\system32\WindowsPowerShell\v1.0\powershell.exe -PSConsoleFile "%PROGRAMFILES%\Windows Azure Active Directory Sync\DirSyncConfigShell.psc1" -Command "& Start-OnlineCoexistenceSync -fullsync
```
Share:
LinkedIn
Twitter
Facebook
More
Email
Pocket
Pinterest
17 October 2013