Category: microsoft Azure

Microsoft Azure – Quick Guide ”; Previous Next Cloud Computing – Overview The popular trend in today”s technology driven world is ‘Cloud Computing’. Cloud computing can be referred to as the storing and accessing of data over the internet rather than your computer”s hard drive. This means you don”t access the data from either your computer”s hard drive or over a dedicated computer network (home or office network). Cloud computing means data is stored at a remote place and is synchronized with other web information. One prominent example of cloud computing is Office 365 which allows users to store, access, edit their MS Office documents online (in browser) without installing the actual program on their device. Architecture of Cloud Computing The architecture of cloud computing comprises of the following components − Front-end device Back-end platform Cloud-based delivery Network Front-end Devices − These are basically the devices that are used by clients to access the data or program using the browser or special applications. Back-end Platform − There are various computers, servers, virtual machines, etc. that combine to become a back-end platform. Types of Cloud The storage options on cloud is in 3 forms − Public Private Hybrid Public Cloud − A service provider makes the clouds available to the general public which is termed as a public cloud. These clouds are accessed through internet by users. These are open to public and their infrastructure is owned and operated by service providers as in case of Google and Microsoft. Private Cloud − These clouds are dedicated to a particular organization. That particular organization can use the cloud for storing the company”s data, hosting business application, etc. The data stored on private cloud can”t be shared with other organizations. The cloud is managed either by the organization itself or by the third party. Hybrid Cloud − When two or more clouds are bound together to offer the advantage of both public and private clouds, they are termed as Hybrid Cloud. Organizations can use private clouds for sensitive application, while public clouds for non-sensitive applications. The hybrid clouds provide flexible, scalable and cost-effective solutions to the organizations. Benefits of Cloud There are many benefits of clouds. Some of them are listed below. Cloud service offers scalability. Allocation and de-allocation of resources is dynamically as per demand. It saves on cost by reducing capital infrastructure. It allows the user to access the application independent of their location and hardware configuration. It simplifies the network and lets the client access the application without buying license for individual machine. Storing data on clouds is more reliable as it is not lost easily. SPI Next comes how cloud services are categorized. S stand for Software, P stands for Platform and I for Infrastructure in SPI. SaaS is Software as a service; PaaS is Platform as a service and IaaS is Infrastructure as a Service. Following are the live examples of these models. SAAS Model − E-mail (Gmail, Yahoo, etc.) PAAS Model − Microsoft Azure IAAS Model − Amazon S3 Microsoft Azure – Windows There are many cloud computing platforms offered by different organizations. Windows Azure is one of them, which is provided by Microsoft. Azure can be described as the managed data centers that are used to build, deploy, manage the applications and provide services through a global network. The services provided by Microsoft Azure are PaaS and IaaS. Many programming languages and frameworks are supported by it. Azure as PaaS (Platform as a Service) As the name suggests, a platform is provided to clients to develop and deploy software. The clients can focus on the application development rather than having to worry about hardware and infrastructure. It also takes care of most of the operating systems, servers and networking issues. Pros The overall cost is low as the resources are allocated on demand and servers are automatically updated. It is less vulnerable as servers are automatically updated and being checked for all known security issues. The whole process is not visible to developer and thus does not pose a risk of data breach. Since new versions of development tools are tested by the Azure team, it becomes easy for developers to move on to new tools. This also helps the developers to meet the customer’s demand by quickly adapting to new versions. Cons There are portability issues with using PaaS. There can be a different environment at Azure, thus the application might have to be adapted accordingly. Azure as IaaS (Infrastructure as a Service) It is a managed compute service that gives complete control of the operating systems and the application platform stack to the application developers. It lets the user to access, manage and monitor the data centers by themselves. Pros This is ideal for the application where complete control is required. The virtual machine can be completely adapted to the requirements of the organization or business. IaaS facilitates very efficient design time portability. This means application can be migrated to Windows Azure without rework. All the application dependencies such as database can also be migrated to Azure. IaaS allows quick transition of services to clouds, which helps the vendors to offer services to their clients easily. This also helps the vendors to expand their business by selling the existing software or services in new markets. Cons Since users are given complete control they are tempted to stick to a particular version for the dependencies of applications. It might become difficult for them to migrate the application to future versions. There are many factors which increases the cost of its operation. For example, higher server maintenance for patching and upgrading software. There are lots of security risks from unpatched servers. Some companies have welldefined processes for testing and updating on-premise servers for security vulnerabilities. These processes need to be extended to the cloud-hosted IaaS VMs to mitigate hacking risks. The unpatched servers pose a great security risk. Unlike PaaS, there is no provision of automatic server patching in IaaS. An unpatched

Microsoft Azure – Useful Resources ”; Previous Next The following resources contain additional information on Microsoft Azure. Please use them to get more in-depth knowledge on this topic. Useful Video Courses Container on Microsoft AZURE: Docker, Kubernetes 16 Lectures 2 hours Harshit Srivastava, Pranjal Srivastava More Detail Microsoft AZURE course: Cloud Migration 12 Lectures 1 hours Harshit Srivastava More Detail Microsoft Azure Machine Learning Studio 9 Lectures 4 hours Frahaan Hussain More Detail Cloud Security on Microsoft Azure Training Course 15 Lectures 1.5 hours Harshit Srivastava More Detail DevOps on Cloud- IBM Bluemix, Microsoft Azure and AWS Best Seller 36 Lectures 4 hours Harshit Srivastava More Detail Microsoft Certified Azure Solution Architect Training 76 Lectures 9 hours Pranjal Srivastava, Harshit Srivastava More Detail Print Page Previous Next Advertisements ”;

Microsoft Azure – Websites ”; Previous Next There is a detailed description of how to create websites in Azure in the chapter, ‘Compute Module’. Azure websites service is named ‘Web Apps’ everywhere in the management portal so don’t get confused. This chapter will discuss few more terms associated with Azure websites. In normal hosting environment, developers usually encounter problem when they deploy their websites in production. Azure websites service ensures that developers encounter least problems while deploying their websites. Also, Azure website service comes under PaaS (Platform as a Service). This means that websites can be deployed without actually having a full-fledged infrastructure. Create a Website in Azure Management Portal Just to reconnect with the website creation, let’s take a look at these steps of how to create a website in Azure Management portal. Step 1 − Login to your management portal. Step 2 − Click ‘New’ at the left bottom corner of the screen → Compute → Web Apps → Quick Create. Step 3 − Enter the details as shown in the picture above and click ‘Create Web App’. Step 4 − Go back to websites in your management portal and you will see it listed. Click the URL. You will be taken to the website that you just created. Deploying Azure Website from Visual Studio Let’s publish our website from Visual Studio in the domain name we just created. After a website or web application is created in Visual Studio. Step 1 − Go to Solution Explorer and right click on the website/webapp name. Step 2 − Choose ‘publish’. Step 3 − In this step, you need to connect to Azure subscription account in order. Click ‘Import’. Step 4 − Click ‘Add Azure Subscription’. Step 5 − For the first time, you will have to ‘Download Subscription file’. Step 6 − The above step will download a file with extension .publishsetting on your computer (if you are not logged in, it will ask you to login before downloading). Step 7 − Come back to the same pop-up and now browse for the file that was just downloaded. Step 8 − Now expand the dropdown and you will see the websites available in your subscription. As in the picture below you can see two websites. Let’s select ‘tutorialsPoint’. Step 9 − On the following screen, leave the defaults on. There are many options for public methods. We need ‘Web Deploy’ method here. Click ‘Validate Connection’. Step 10 − On the next screen, again the leave the defaults on. Step 11 − Finally on the last screen, click publish. Step 12 − Go to the URL of website and you will see your content. You can see how easy it is to deploy a website in Azure using Visual Studio. You can make changes in Visual Studio and publish it from there itself. This makes testing of applications very easy. Monitoring the Website In the management portal, if you go to the website’s dashboard you can see the figures related to the website. You can control lots of things related to your website from this section of your management portal. You can see the website metrics, create backup, configure setting, and scale the website. Step 1 − To see the website metric, select monitor from top menu and you will see the following screen. Step 2 − Go to the website and select ‘Dashboard’ from the top menu. Step 3 − Scroll down and you will see the following information. Staged Publishing Windows Azure enables the deployment of a website in stages. You can create the deployment slots. Add a Deployment Slot for Testing Before Production Basically, this feature allows you to deploy your website in a separate slot for testing purpose and then switch the slot. If anything goes wrong, you can simply go back to the previous version by changing the slot. Sometimes, applications don’t behave well as they are expected to at a large scale, this feature comes handy in such situations. This makes deployment tasks very easy for developers and organizations. Print Page Previous Next Advertisements ”;

Microsoft Azure – Orchestrated Recovery ”; Previous Next Orchestrated recovery is one of the features in Azure Site Recovery service. Azure Site Recovery automates the recovery of applications in case of failover at the primary site. This recovery is done in a coordinated way to restore the applications even if they have multi-tier workload. With multitier applications a coordinated recovery is essential to restore the service quickly, which is a challenging part of IT disaster and recovery tasks. However with the cloud technology, this has become very a simple and easy task. In order to activate orchestrated site recovery you have to create a recovery plan. This can be done in Azure Management portal. The plans created for disaster recovery can be tested without interrupting the service. Create a Site Recovery Vault Step 1 − Login to your Azure management portal. Step 2 − Click ‘New’ at the left bottom corner. Step 3 − Click Data Services → Recovery Services −> Site Recovery Vault → Quick Create. Step 4 − Enter the name and select the region. Make sure this vault is in the same region where virtual machines and networks are residing. Step 5 − You will be redirected to the following screen. On the following screen, you can see a dropdown. If you expand the dropdown, you will see the different scenarios in which recovery can be configured. Here you have to choose the recovery scenario according to the organization’s requirements. Let’s discuss each scenario in detail − Between On-premises VMM Site and Azure In this scenario, on-premises virtual machines are replicated to Azure. There are few prerequisite for this on-premise resources. Virtual machine server running on Windows server 2012 R2. Virtual machine server should have at least one cloud to be protected. Cloud should have at least one VMM host group and Hyper-V host server, or cluster and virtual machine on Hyper-V host server. Setting up site recovery is a very methodological task. If you are not ready with all the prerequisites mentioned above, after going through few steps in the task you might have to revert back. When you select this scenario from the dropdown you have to follow the five steps encircled in the picture above. Between On-premises Hyper-V Site and Azure This option is chosen for the replication of virtual machines residing on-premises Hyper-V server. The choice is suitable when Hyper-V server is running but VMM is not available. Prerequisites (on-premises) On-site host should be Windows server 2012 R2 with Hyper-V role. Hyper-V should have at least one virtual machine. Between On-premises Site with VMWare / Physical Server and Azure This scenario replicates the physical servers to Azure. Also you have to choose this option from the dropdown when you need to replicate the VMware virtual machines residing at your premises. Protection is done in various ways like data is replicated over the internet. Before you begin the deployment, you must know the following terms. You will be configuring following servers while setting up site recovery in this scenario − Process Server − The data of the protected items is first sent to the process server where it is cached, compressed and encrypted. Then data is sent to the master target server. Configuration Server − This server is a communication link between protected items, process and master target server. Master Target Server − The master target server stores the data that is replicated from protected items. Between Two On-premises VMWare Sites Between Two On-premises VMM Sites and SAN Array Application In this scenario, the on-premises VMM site is replicated to another site. The Hyper-V virtual machines on this site are protected through Storage Array Based (SAN) replication. An organization can take benefit from this option if it has an existing SAN infrastructure. Prerequisites The following image describes the prerequisite for this scenario to be deployed. Create a Recovery Plan When you are done setting up site recovery for one of your chosen scenario, in your management portal you will have to create a recovery plan to orchestrate your recovery. Step 1 − In the management portal, go to Azure Site Recovery vault you are working with. Step 2 − Select ‘Recovery Plans’ from the top menu. You will see different options based on your choice of scenario and resources registered in the recovery vault. Step 3 − You can create the recovery plan for site recovery as desired. It will also tell you any prerequisite task, in case you have missed any step in the process. Step 4 − The customized plan created here can be executed in case of failover to orchestrate recovery. The services can be made available at a secondary site. Print Page Previous Next Advertisements ”;

Microsoft Azure – Disk Configuration ”; Previous Next You would have noticed that we can attach a disk to a virtual machine that we create in Azure. We will be discussing those disks in this chapter. Disk here is referred to the data disks that can be stored on Azure. All kinds of disks are virtual hard drives with .vhd extensions. Vhds are the image file that stores the contents of physical hard drive. So they are images of the files, which we usually find on our computer’s hard drive. There are two types of virtual hard disks − Operating system VHDs and Data Disks Image VHDs On the basis of the extendibility, there are two types of VHDs − Fixed Size Dynamically Expanding Azure supports only fixed sized VHDs. If you have to upload expandable VHD you will have to first convert it to fixed size VHDs. Maximum size supported by Azure is 1 terabyte for a disk. Virtual Machine and Disks When we create a virtual machine, it always resides in a storage account in Azure account. If there is no existing storage account in Azure, while attempting to create a virtual machine, Azure will automatically create one. If you already have a storage account, it will ask you to choose the storage account while creating a virtual machine. There is a detailed how-to on creating a virtual machine in this tutorial. Create/Attach a Disk in Virtual Machine Step 1 − Go to the virtual machine. Step 2 − Select ‘Dashboard’ from the top menu. Step 3 − Click ‘Attach disk’ → Attach empty disk at the bottom of the screen. Step 4 − Enter the details in the following screen that pops up. It will take few seconds to attach the disk to the virtual machine. Configure the Disk in Virtual Machine Step 1 − Connect to the virtual machine through .rpd file downloaded on your local machine. Step 2 − In the virtual machine, right-click the windows icon at the left bottom corner and select ‘Disk Management’. Step 3 − You will see a message saying Disk is available on the screen. This is the same disk that you attached in the previous step. Step 4 − Before you can use it, you need to allocate it. You will see that it is still unallocated. Scroll down on the same screen and locate the disk as shown in the following image, it is Disk 2. Right-click on it and select ‘New Simple Volume’. Step 5 − Follow the wizard. It will ask very general things, like naming the drive and file system. In the last screen, make sure to keep the quick format option checked. Step 6 − After the wizard’s job is over, you will be ready to use the disk. In this example, we have created the ‘F’ drive. You can create the folder and files or copy your data in the F drive. Delete the Disk You will have to first locate the disk in order to delete. Locating the right disk is very important. When you create a virtual machine you select the storage account for it. Disks reside in the storage account. Step 1 − Go to the storage account of the virtual machine. Step 2 − Click ‘Containers’ from the top menu. Step 3 − Click vhd. Step 4 − All the vhds in that storage account will be listed. This list will also contain the vhds from other virtual machines so be very careful while selecting the vhd. Step 5 − Select the vhd you want to delete. You must know the name of the disk in order to identify it among the several vhds in the list (when you attach the disk you are prompted to enter the name of the disk). Image Disks Create an image from Virtual Machine Step 1 − Go to the management portal. Step 2 − Select the virtual machine you want to create an image of. Step 3 − Click ‘Dashboard’ from the top menu. Step 4 − Click the ‘Capture’ icon at the bottom of the window. Step 5 − Name the image and enter the description. Step 6 − Once capturing is done, to find the image, follow the points given below − Select Virtual Machines from the panel. All the virtual machines in your account will be listed there. Click ‘Images’ from the top menu. Create an Image from Your Computer This is done through sysprep tool available in all modern Windows operating system. Step 1 − Go C drive −> Windows −> System32 → Sysprep Step 2 − Alternatively copy the following path in the address bar C:WindowsSystem32Sysprep Step 3 − Run ‘sysprep’ application. This will create a VHD file on your computer which is the image of your machine. Considerations You might get confused with the names of vhds, when you have multiple virtual machines under the same storage account. A way of knowing the name of the vhds associated with a particular machine is running ‘Get-AzureDisk’ cmdlet in Windows PowerShell. This cmdlet will get you all the details of disks in each virtual machine. Step 1 − Run the following command Get-AzureDisk Step 2 − Locate your virtual machine name in the list. Under that virtual machine, check the diskname and medialink for your vhd name and link. Print Page Previous Next Advertisements ”;

Microsoft Azure – Management Portal ”; Previous Next As the name suggests this is a portal to manage Azure services, which was released in 2012. This is a platform provided by Microsoft for its Azure clients where they can see, manage and buy the services offered by Azure. A different portal called ‘Azure Preview Portal’ was released by Azure team in 2014, which makes it easier to access the platform on mobiles and tablets. However, features are more or less same in both the portals. To access the management portal − Step 1 − Go to https://manage.windowsazure.com Step 2 − Sign in with your Hotmail or live ID. If you don’t have Azure accounts, sign up for one. You will get a free trial and you can explore, learn and create your own applications using Windows Azure. The following screen will appear. Since here we have an application already running, you can see a list of them. Your account will be empty for the first time. Left panel categorizes the application and the middle part lists all the application in the account. Create a New Application Step 1 − Click on the ‘New’ left bottom corner. Step 2 − Following screen will come up and you can choose what you want to create. Check Credit and Subscriptions Step 1 − Click on ‘Credit’ in the green block at the top of the screen. Step 2 − Click on ‘View more details’. It will take you to the following screen. This screen will show you all the details of your subscription, spending, and data usage. As the spending limit is set here, it says ‘Remove Spending Limit’. If the limit would not have been set, it would have said ‘Set Spending Limit’. This way you can set a spending limit for you. Your services will be stopped once you reach the spending limit. If you scroll down on the page in the above image, you can see all that is available with your subscription and see the details on the right side. You are absolutely in control of your spending. The green block in which ‘Credit’ button is displayed will change color if you are about to fall short of your credit. This is calculated by your average per day spending and it would tell you in how many days your credit is going to get over. Add a New Subscription Step 1 − Click on your account e-mail id or on the picture at the top right corner. Step 2 − Click on ‘View my bill’ in the list. Step 3 − It will take you the following screen. Click on ‘add subscription’. Step 4 − Choose the subscription from the list in the following screen. Azure Preview Portal Step 1 − Click on your account e-mail at the top right corner. Step 2 − Select ‘Switch to Azure Preview Portal’. Step 3 − The following screen will appear. All the functionalities are same. ‘Azure Preview Portal’ is built for mobile and tablet screen with a responsive design. Print Page Previous Next Advertisements ”;

Microsoft Azure – Self-Service Capabilities ”; Previous Next The self-service capabilities here refer to the ability to manage group, users profile and passwords. These capabilities are helpful in reducing the cost and labor of the IT departments. It enhances the user experience and removes the unnecessary hassle of asking for permissions of the administrator. Self-service capabilities enable the users to manage the mentioned services without compromising the security of the systems. Everything happens within the policies set by the organization. Group Management Let us say few people in an organization want to create one group where they can connect with each other for certain period of time. Usually, they will have to ask for the administrator to create a group for them. But in Azure active directory, one person can create a group and others can join the group without having to ask the administrator. Also, the group owner can handover the ownership of the group to someone else by himself. Password Management Azure Active directory offers the services that lets the users (client’s employees or application users) to manage their password on their own. The end users can make a self- registration for password reset. Additionally, this service includes the resetting and changing the password by the end users. Self-service capability policies are completely controlled by the administrators of Azure Active directory. They can configure the policies in accordance with their organizations policy. They can view the reports on end user password resets, change, etc. This way administrators can monitor the user’s activities for their account management, even after making them capable of self-service. In order to use this service, organizations must subscribe to basic or premium version of Azure active directory. There is a detailed demonstration of self-service password reset and group management using Azure Active Directory in a separate chapter of this tutorial. Print Page Previous Next Advertisements ”;

Microsoft Azure – Security Reports & Alerts ”; Previous Next Azure Active Directory enables the administrator to view the security reports that contain different types of data. Anomalies Reports This contains any data of sign-in attempt which is normal. If the system detects anything abnormal during the sign-in, it is collected in anomalies report. There are 9 types of reports available under this category, as you can see in the following image. To view these reports − Step 1 − Login to the management portal and go to the active directory. Step 2 − Click ‘Reports’ tab from the top menu. Step 3 − Click on one of the categories you want to see data for under ‘Anomalous Activity’. Activity Reports On the same screen, if you scroll down you will see few reports under the heading ‘Activity Report’. These are the activities like password reset, registration, etc. Each report name is self-explanatory. Currently, there are 4 types of reports under this category. If you click on one of them, you will be shown the details as in the following image. Here, let’s look for the audit report. You can see 1 activity has come up. All other kinds of reports are listed in the left panel where you can easily navigate through them. Also, you can download the report in CSV format by clicking on the ‘Download’ button at the bottom of the screen. Integrated Application This category contains the reports of the usage of cloud application in the organization. This category provides an interactive way to monitor the applications usage. For example, in the following screen when you click on ‘Application Usage’ in the left panel, you can see that there are 12 sign-ins in App Access Panel and 3 in Visual Studio application. Search Activity of a Particular User Azure Active Directory provides one more useful feature that allows the administrator to search an activity for a particular user. As soon as you click on the ‘Reports’ in the top menu, you will see the following screen. You just have to enter the user display name or the user principal name. You will see all directory activities. In the above screen, we have searched by entering the display name of the user and the user’s activity details with time and date are listed on the screen. Azure Active Directory Editions and Reports All kinds of reports are not available in all the editions of Azure Active Directory. The following table lists the types of reports available in three editions of Azure Active Directory. Print Page Previous Next Advertisements ”;

Microsoft Azure – Multi-Factor Authentication ”; Previous Next All of us at some point have encountered multi-factor authentication. For example, customers of some banks receive a call or one-time password as text message on their mobile phones while signing in to their bank account online. The multi-factor authentication refers to the system in which more than one system authenticates the user to access an application. The multi-factor authentication offers better security for Azure clients. It lets the client choose if they want to use more than one system of credentials to allow the users to access the applications. Multi-factor authentication can be used to protect both on-premise and on-cloud directories. In this process, the user first signs in with the username and password in a normal way. The credentials are verified and then if the automated call authentication is activated, the user receives a call and is asked to confirm the sign-in attempt. Mobile App − Mobile apps for all platforms (Android, iOS and Windows) are available. This app pushes a notification when a sign-in attempt is made and then the user can choose to authenticate, if it is genuine attempt. Text Message − This method sends a one-time password to the registered mobile phone of the user. They either reply from their phone or enter the one-time password into their sign-in page. Automated Call − The automated call asks for the user to validate the sign-in attempt by pressing a key on their phone’s dial pad. Create a Multi-Factor Authentication Provider Step 1 − Click ‘New’ at the left bottom corner → App Services → Active Directory → Multi Factor Auth Provider → Quick Create. Step 2 − Enter the name for the provider. Step 3 − Select Usage model. Let’s choose ‘Per Authentication’ for this example. Please note that you won’t be able to change the usage model once multi-authentication provider is created. So please take your needs in consideration before choosing it. Step 4 − Next, there is an option, if you wish to link the existing directory or not. Here, let’s link an existing directory name ‘tutorialspoint’ that was previously created to this multi-factor provider. Step 5 − After you click ‘Create’, it will be listed in your services list. Select the multi-factor provider you just created and you will the following screen. Step 6 − Select ‘Manage’ at the bottom of the screen and you will be taken to a new page as shown in the following image. Step 7 − Select ‘Configure’ to choose the authentication. Step 8 − You can set the number of attempts, change the phone number from where the call is made (default number is already there), two-way message timeout (default is 60 seconds), one-time password’s timeout (default is 300 seconds) under general settings. You can also provide an e-mail address where you can be notified if one-time password is bypassed. Step 9 − Scroll down the page and you will see fraud settings. Under Fraud Setting, you can choose to allow the users to send fraud alerts, block the user if an alert is reported and also set an e-mail address where alerts are sent. After the multi-factor authentication is activated for the users, they will be asked to choose one of the three methods (automated message, text message or mobile app) when they sign in to their account next time. The chosen method will be used to authenticate them each time they sign in to their account. Enable the Multi-Factor Authentication for Existing Directory One way is to link the directory to multi-factor authentication provider while creating it, as we seen in the previous section. However, you can also do it in the following way for a particular user. Step 1 − Go to your directory by choosing it from the left panel and click ‘Manage MultiFactor Auth’ at the bottom of the screen. Step 2 − It will take you to the following screen. Here you can select the user and enable or disable the multi-factor authentication for the user. Enable Multi-Factor Authentication for On-premises Applications When you create a new multi-authentication provider using the management portal and select to manage it, you are taken to the page as was shown in the first section of this chapter. If you want to enable the multi-factor authentication for your on-premise application, you have to install the authentication server by clicking the highlighted link. Then you can configure the setting as desired. Step 1 − Click the link encircled in the following image. Step 2 − You will be taken to the following screen, download the setup and generate activation credentials in order to login to the server. Print Page Previous Next Advertisements ”;

Microsoft Azure – Security ”; Previous Next Security is about managing the access of users to the organization’s applications, platforms and portals. Active directory is used to manage the database of users in a protected manner. The same kind of service is provided by Windows Azure to keep the users and their password safe. Active directory is a feature that lets you create users, manage their roles, grant access and delete them. Creating an Active Directory Step 1 − Sign in to Azure Management Portal. Step 2 − Click ‘New’ and then click ‘App Services’. Step 3 − Click ‘Active Directory’ and then ‘Directory’. Step 4 − Click ‘Custom Create’. Step 5 − Enter the details and you are done. In the following image, ‘tutpoint’ is the domain name. Enter a domain name which is a temporary DNS. Once its directory is created, you can map it to your own domain. Mapping a Custom Domain Since you have provided a temporary domain name, when creating a directory in Windows Azure, you can map it to your own domain using this functionality. Step 1 − Click on the directory name in the list of your directory. Step 2 − Click on ‘Domains’ from the top menu items. Step 3 − Click ‘Add a Custom Domain’. Step 4 − In the screen that pops up, enter the details. You can choose for ‘single sign in option’ if needed. Creating Users Step 1 − Click on ‘Add User’ button at the bottom of the screen. Step 2 − The following screen pops up. You can create a new user or link an existing Microsoft account. You can even import a user from other directory in Azure. Let’s choose ‘Create a new user’ here. Step 3 − Enter the user name in the following screen. Step 4 − Enter other details and choose the role for the user. Step 5 − Click next arrow and it will create a user for your application and give you a temporary password which can be changed by the user. Integrating with Azure Active Directory Step 1 − Locate and click ‘Application’ at top of screen. Step 2 − Click on ‘Add’ displayed at the bottom of the screen. A pop up shown in the following image will be seen on the screen. Step 3 − If you click the first option, it will take you to the following screen. You can enter the name of the application and follow the wizard. Step 4 − Similarly, if you choose the second option in ‘What do you want to do’ pop up, it will let you choose an application from the gallery as shown in the following screen. Integrating On-Premise Active Directory Azure active directory lets you run an active directory in cloud and also lets you connect it to your on-premise active directory. Basically, it will replicate your user database residing on your on-premise machine in cloud. It will also automatically synchronize whenever changes are made on-premise. Click on the ‘Directory Integration’ from the top menu. An on-premise directory can be connected using the three steps as shown in the following image. Reports This is a very useful feature of Active Directory as it shows different reports such as number of times a user is signing in, or signing in from an unknown device can be seen here. Print Page Previous Next Advertisements ”;