Just made a simple demo project (not for production purposes) that shows you how you can use the Azure Active Directory as a REALM for your authentication. Nowadays you would use a framework that does 3rd party authentication for you…your custom authenticator will use a third party framework that federates the authentication to a (trusted) 3rd party like Facebook or Google.
Please note that this is NOT the way to use AAD in a production environment.
This is Demo code to show how you can (mis)use AAD as a LDAP solution.
In future I will create a federated authentication solution using AAD.
Here is the project: https://github.com/cvugrinec/microsoft/tree/master/java-webapp-tomcat-aad
Here you see the code in action: https://youtu.be/i61I3muADDA
If you are a MAC or Linux user like I am and you like to manage your azure environment with azure-cli or azure-powershell you can use the following docker Image: cvugrinec/ubuntu-azure-powershellandcli:latest
Just type the following:
docker run –it cvugrinec/ubuntu-azure-powershellandcli /bin/sh
Please note that for azure-powershell only ARM mode is supported. Azure cli supports ASM and ARM mode.
Recently I certified myself for the 70-533 exam, which is the MCP certification for Implementing Microsoft Azure infrastructure solutions. Here are my notes what I think you should do (HANDS ON) in order to pass:
- Web Applications/ Paas services
- Deploy some webapplications, using the concept of slots. Also pretend to do a production update
- Enable monitoring for 1 or 2 endpoints in your app for different test locations
- Play with the traffic manager and understand when to use it
- Enable CDN and understand what needs to be done (for e.g. which DNS records)
- Implement several databases and understand the difference in products and service levels.
- Implement autoscaling
- Azure Virtual Machines
- Create some VMS’ preferable with own image and attaching own datadisks
- Make an availabilty plan
- Make a scaleset
- Do an update on a update domain
- Test a failover scenario with the failover domain(s)
- Enable diagnostics and download the diagnostics with powershell commands
- Storage and Disks
- Create storage accounts with powershell, create shares on it and put files on them
- Upload a VHD and create a image for an OS you would like to make available
- Create a datadisk and play with the optimization parameters for caching
- Play with Azure Site Recovery and Backup manager
- Play and understand the with several zones (LRS/ZRS/GRS/GRS(A))
- Azure Virtual Networks
- Play with the setting for Site to Site and Point to Site and understand when to use Express route. Understand when a VPN needs to be installe
- Export an existing network config, change it and import it back again
- Make a connection between 2 Virtual Networks
- Implement subnets and routing between them
- Implement NSG and play with ACL
- Play with Static IP addresses for PAAS services (reserved) or VM’s
- Azure Active Directory (IAM)
- Add a custom domain to your AAD
- Add a custom web application and use the SSO with own credential store
- Add an application from the store and enable SSO
- Add an application using existing SSO (for e.g. from Google or facebook)
- Implement a multisite network
To be honest I haven’t done all of this…but this is what I think I should have done in retrospective. The exam is doable ( I passed it the first time…so everyone can 🙂 If I would create a course for passing this exam (maybe I will someday) than I would spend a week doing the stuff I mentioned here. PS: I passed my exam by doing prep exams from: http://mindhub.com …