Musings on Cloud, BigData, AI, Machine Learning, Containers and IOT
Musings on Cloud, BigData, AI, Machine Learning, Containers and IOT
How to setup multi-factor authentication in Office 365
In this post, we’ll see how we can enable multi-factor authentication for Office 365. The concept of multi-factor authentication has be become increasingly popular nowadays for bringing the additional layer of security hardening. Multi-factor authentication is a form of authentication, which enforces more than one form of authentication to verify the legitimacy of the transactions performed by a user. Nowadays, the most common form of second-form of authentication in to validate the Authorization code by sending it to the user’s mobile devices.
Let’s see the steps to enable multi-factor authentication in Office 365.
Log in to Office 365 admin portal, go to Users –> Active Users.
Click setup and you will be presented with the following screen.
Click ‘Enable’ link on the bottom right and the following screen will pop-up.
Click ‘enable multi-factor auth’.
Now you will get a confirmation that multi-factor authentication is enabled for selected accounts.
When I log in next time, it asks for me to setup the second form of authentication.
Click ‘Set it up now’.
It sends a 6 digit verification code to the registered mobile number. You are all set for multi-factor authentication enabled Office 365 tenant. This wraps up my quick how-to article.
At this point of time, the multi-factor authentication is available for Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online. It is not available for Office 365 Small Business and Office 365 Dedicated plans as of now. The detailed Faqs about multi-factor authentication is available here.
Understanding App Only Permission policy in SharePoint 2013 App model
In this post, we’ll understand what is an App Only Permission policy in SharePoint 2013 App model with a sample app project. The SharePoint 2013 App permissions are of three types and they are as follows :-
- App Only
- User Only
- App+User
When the logged in user does not have enough privileges to perform a certain action or set of actions, the App Only permission comes into picture. The App can elevate its permission using the App Only permission or context. A SharePoint 2013 App configured with App Only permission or context can only installed by the site-collection administrator at this point of time.
I’ll be using a Provider hosted app for the purpose of this demonstration. I have a user called ‘User A’ who does not have permission to modify the Title of SharePoint lists in the site-collection. I will be using App Only context to elevate the App’s permission and change the List Title.
I have a list called ‘Announcements’ and I will be changing its Title using App Only permission or context.
Launch Visual Studio 2013.
File –> New –> Office/SharePoint –> Apps and name it as ‘AppOnlyContextApp’
Select the app hosting type as Provider hosted apps.
In order to update the Title of the SharePoint List (at the root of the site-collection), provide the Full Control to Site-Collection.
Set App Only permission in the AppManifest.XML file
<?xml version="1.0" encoding="utf-8" ?> <!--Created:cb85b80c-f585-40ff-8bfc-12ff4d0e34a9--> <App xmlns="http://schemas.microsoft.com/sharepoint/2012/app/manifest" Name="AppOnlyContext" ProductID="{b5e637d0-8a34-498c-b8cf-c40b3d0e9ef3}" Version="1.0.0.0" SharePointMinVersion="15.0.0.0" > <Properties> <Title>AppOnlyContext</Title> <StartPage>~remoteAppUrl/Pages/Default.aspx?{StandardTokens}</StartPage> </Properties> <AppPrincipal> <RemoteWebApplication ClientId="*" /> </AppPrincipal> <AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/sitecollection" Right="FullControl" /> </AppPermissionRequests> </App>
Copy and paste the following code for the default.aspx.cs file and I have added the necessary logic in the page_load method to update Title of a particular list.
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
namespace AppOnlyContextWeb
{
public partial class Default : System.Web.UI.Page
{
protected void Page_PreInit(object sender, EventArgs e)
{
Uri redirectUrl;
switch (SharePointContextProvider.CheckRedirectionStatus(Context, out redirectUrl))
{
case RedirectionStatus.Ok:
return;
case RedirectionStatus.ShouldRedirect:
Response.Redirect(redirectUrl.AbsoluteUri, endResponse: true);
break;
case RedirectionStatus.CanNotRedirect:
Response.Write("An error occurred while processing your request.");
Response.End();
break;
}
}
protected void Page_Load(object sender, EventArgs e)
{
// The following code gets the client context and Title property by using TokenHelper.
// To access other properties, the app may need to request permissions on the host web.
var spContext = SharePointContextProvider.Current.GetSharePointContext(Context);
using (var clientContext = spContext.CreateUserClientContextForSPHost())
{
//Load the sharepoint web
clientContext.Load(clientContext.Web, web => web.Title);
clientContext.ExecuteQuery();
Response.Write(clientContext.Web.Title);
//Load the list-collection in the sharepoint web
clientContext.Load(clientContext.Web.Lists);
clientContext.ExecuteQuery();
//Change the title of announcment list to some arbitrary title
clientContext.Web.Lists[1].Title = "SundarAnnouncements";
clientContext.Web.Lists[1].Update();
clientContext.ExecuteQuery();
}
}
}
}
Hit F5 and run the App in Visual Studio. Now we can verify the elevation of App permission by using App Only policy, by validating the change in List title.
Visual Studio 2013 Update3 released
Visual Studio 2013 Update3 was released on 04’th August 2014. The update3 has got the following important components.
a)Azure SDK 2.4
b)Windows Phone 8.1 update
c) Multi-device Hybrid Apps CTP 2.0
More details are found in Somasegar’s blog http://blogs.msdn.com/b/somasegar/archive/2014/08/04/visual-studio-2013-update-3.aspx
How to get list of Fields in a SharePoint List in SharePoint 2013 Online using CSOM
In this post, we’ll see how we can get the list of Fields in a SharePoint List in SharePoint 2013 Online using CSOM. I’ll be using a Console application for the purpose of demonstration.
Open Visual Studio 2013.
File –> New Project –> Visual C# –> Console Application and name it as ‘GetFieldsCSOM’
Add a reference to the ‘Microsoft.SharePoint.Client’ and ‘Microsoft.SharePoint.Client.Runtime’ assemblies
Import the following namespaces
using Microsoft.SharePoint.Client; using System.Security;
The following code will invoke the GetbyTitle method of Lists class and access the Fields property collection.
namespace GetFieldsCSOM { class Program { private static SecureString GetSecureString(String Password) { SecureString oSecurePassword = new SecureString(); foreach (Char c in Password.ToCharArray()) { oSecurePassword.AppendChar(c); } return oSecurePassword; } static void Main(string[] args) { //Replace it with the url of your tenant or your site-collection string SiteUrl = "https://yoursite.sharepoint.com"; System.Uri oUri = new System.Uri(SiteUrl); using (ClientContext oClientContext = new ClientContext(SiteUrl)) { //Replace it with your user id for SharePoint Online string UserName = "userid@yoursite.onmicrosoft.com"; //Replace it with your password string Password = "password"; //Create a SecureString object from password string, needed for SharePointOnlineCredentials class SecureString SecurePassword = GetSecureString(Password); oClientContext.Credentials = new SharePointOnlineCredentials(UserName, SecurePassword); oClientContext.Load(oClientContext.Web.Lists.GetByTitle("TestList").Fields); oClientContext.ExecuteQuery(); FieldCollection oFieldCollection = oClientContext.Web.Lists.GetByTitle("TestList").Fields; foreach(Field oField in oFieldCollection) { Console.WriteLine(oField.Title); } Console.ReadLine(); } } } }
How to get Users and Groups in SharePoint 2013 Online using CSOM
In this post, we’ll see how we can retrieve users in a SharePoint group in SharePoint 2013 Online using managed .NET Client Side Object Model (CSOM). We’ll create a Console Application in Visual Studio for the purpose of the demo.
Open Visual Studio 2013.
File –> New Project –> Visual C# –> Console Application and name it as ‘GetUsersInGroup’
Add a reference to assemblies ‘Microsoft.SharePoint.Client’ and ‘Microsoft.SharePoint.Client.Runtime’.
Import the following two namespaces.
using Microsoft.SharePoint.Client; using System.Security;
In the client object model, the list groups in a site-collection needs to be fetched first and then based on the groups another call needs to be made to SharePoint Online to get the list of users. The following code snippet explains it all.
namespace GetUsersInGroupCSOM { class Program { static void Main(string[] args) { //Replace it with the url of your tenant or your site-collection string SiteUrl = "https://yoursite.sharepoint.com"; System.Uri oUri = new System.Uri(SiteUrl); using (ClientContext oClientContext = new ClientContext(SiteUrl)) { //Replace it with your user id for SharePoint Online string UserName = "lavsunswe@yoursite.onmicrosoft.com"; //Replace it with your password string Password = "yourpassword"; //Create a SecureString object from password string, needed for SharePointOnlineCredentials class SecureString SecurePassword = GetSecureString(Password); oClientContext.Credentials = new SharePointOnlineCredentials(UserName, SecurePassword); //Load the site-collection groups using CSOM oClientContext.Load(oClientContext.Web.SiteGroups); oClientContext.ExecuteQuery(); GroupCollection oSiteCollectionGroups= oClientContext.Web.SiteGroups; Console.WriteLine("List of groups in the site collection"); Console.WriteLine("-------------------------------------"); foreach (Group oGroup in oSiteCollectionGroups) { Console.WriteLine(oGroup.Title); Console.WriteLine("n"); } //Load the users collection in the Group 1 oClientContext.Load(oSiteCollectionGroups[1].Users); oClientContext.ExecuteQuery(); Console.WriteLine("List of users in the first group of site-collection"); Console.WriteLine("-------------------------------------"); foreach(User oUser in oSiteCollectionGroups[1].Users) { Console.WriteLine(oUser.Title); Console.WriteLine("n"); } Console.ReadLine(); } } private static SecureString GetSecureString(String Password) { SecureString oSecurePassword = new SecureString(); foreach (Char c in Password.ToCharArray()) { oSecurePassword.AppendChar(c); } return oSecurePassword; } } }
Office 365 development patterns & practices released
The Office 365 Development Patterns & Practices team have shipped the new open source repository today to GitHub.com/OfficeDev. The whole idea of releasing this is that, many sharepoint developers were familiar with how to build custom solutions with full-trust code and VSTO, however they did not know how to implement these solutions using App Model. The set of samples addresses the transformation from Full Trust Code to App Model.
The additional content for Office 365 development is available in Microsoft Download Center SharePoint 2013 and SharePoint Online solution pack for branding and site provisioning.
List of Azure services that can be moved from one subscription to another subscription
I have a requirement to transfer the entire SharePoint 2013 Farm on Azure with Virtual Network, Cloud services, Storage accounts, Virtual Machines, Subnets and Availability sets to a different Subscription on Azure. I did some analysis and in this migration process i have learnt that the following Azure services (as of today 07/29/2014) can be transferred from one Azure subscription to another Azure subscription without data-loss and downtime, by raising a support ticket with Microsoft Azure Support :-
- Virtual Machines
- Cloud Services
- CDN
- Web sites
- Media Services
- Service Bus
- Storage
- Multi Factor Authentication
- Traffic Manager
- Mobile Services
- Virtual Network
- Access Control Service (ACS)
- Caching – we need to work with Engineering Team for migrating caching service
- Reserved IP Address and the Reserved IPs under the list
However, there are certain Azure services that cannot be moved from One subscription to another subscription (as of today 07/29/2014):-
a) Active Directory (AAD)
b) BizTalk Services
c) HD Insight
d) Backup
e) Hyper-V Recovery Manager
f) Azure Store
g) Import / Export
h) Scheduler
i) Management Services
j) SQL Reporting
The following pre-conditions should be met before initiating a subscription transfer with Microsoft Azure support :
- Source and destination subscription should be active
- Selective service transfer is not feasible as of today, it might come in future. It has to be all or nothing.
- The destination azure subscription should be empty, otherwise it will be overwritten during upgrade
- Source and destination subscription should have same server administrator assigned until the migration is complete.
How to get list of SharePoint Lists in SharePoint 2013 Online using CSOM
In this post, we’ll see how to get the list of the SharePoint List in SharePoint 2013 Online using CSOM.
Open Visual Studio 2013.
File –> New –> Project –> Visual C# –> Console Application and name it as ‘ReadSharePointLists’
Add a reference to assemblies ‘Microsoft.SharePoint.Client’ and ‘Microsoft.SharePoint.Client.Runtime’.
Import the following two namespaces.
using Microsoft.SharePoint.Client; using System.Security;
Copy and paste the following snippet of the code that will help us to fetch the list of SharePoint lists in the SharePoint Online site.
namespace ReadSharePointLists { class Program { static void Main(string[] args) { //Replace it with the url of your tenant or your site-collection string SiteUrl = "https://yoursite.sharepoint.com"; System.Uri oUri = new System.Uri(SiteUrl); using (ClientContext oClientContext = new ClientContext(SiteUrl)) { //Replace it with your user id for SharePoint Online string UserName = "userid@yoursite.onmicrosoft.com"; //Replace it with your password string Password = "password"; //Create a SecureString object from password string, needed for SharePointOnlineCredentials class SecureString SecurePassword = GetSecureString(Password); oClientContext.Credentials = new SharePointOnlineCredentials(UserName, SecurePassword); //load the properties of web object Web oWeb = oClientContext.Web; //Get all the lists in the web oClientContext.Load(oWeb.Lists); oClientContext.ExecuteQuery(); foreach (List oList in oWeb.Lists) { Console.WriteLine(oList.Title.ToString()); } Console.ReadLine(); } } private static SecureString GetSecureString(String Password) { SecureString oSecurePassword = new SecureString(); foreach (Char c in Password.ToCharArray()) { oSecurePassword.AppendChar(c); } return oSecurePassword; } } }
After executing this we’ll see the below result, which displays the names of the SharePoint lists in the SharePoint 2013 Online site.
Largest collection of free Microsoft eBooks
Largest collection of FREE Microsoft eBooks ever, including: Windows 8.1, Windows 8, Windows 7, Office 2013, Office 365, Office 2010, SharePoint 2013, Dynamics CRM, PowerShell, Exchange Server, Lync 2013, System Center, Azure, Cloud, SQL Server can be downloaded here in the msdn blog.
http://blogs.msdn.com/b/mssmallbiz/archive/2014/07/07/largest-collection-of-free-microsoft-ebooks-ever-including-windows-8-1-windows-8-windows-7-office-2013-office-365-office-2010-sharepoint-2013-dynamics-crm-powershell-exchange-server-lync-2013-system-center-azure-cloud-sql.aspx
I’d like to thank Eric Ligman for collating this and publishing this in MSDN blog.
Configure internet access in Microsoft Azure Virtual Network
I’m setting up a Virtual Network in Azure to host my SharePoint 2013 farm. I’ve configured added the DNS servers of 10.0.0.4 and 10.0.0.5 (as per my pervious article), expecting that I would be able to access the public internet inside the SharePoint 2013 VM’s. I’m able to access only google and few other internet sites inside the VMs, most of the sites including microsoft.com was not accessible.
The fix for this issue is to add the Public DNS servers (168.63.129.16 and 168.62.167.9) to the list of DNS servers in the Azure Virtual Network.
After adding the Public DNS servers (168.63.129.16 and 168.62.167.9) , the internet connectivity worked like a charm.