Getting Started with Azure–updated

I have just completed an update of my Getting Started with Azure course. It now contains:

– 15 video tutorials

– A 80+ page manual that includes material not covered in the videos

– A number of free Azure publications

– Links to other material, documentation and training

You can download the table of contents to see the topics covered. The current video tutorials include:

01 – Introduction to Microsoft Azure

02 – Create a new Virtual Machine

03 – Create a load balanced web site

04 – Availability Sets

05 – Azure Web Sites

06 – Azure server backup

07 – Configuring an Azure Point to Site VPN

08 – Introduction to Azure SQL

09 – Connecting to Azure using PowerShell

10 – Creating a custom Virtual Machine image

11 – Attach a new disk to a Virtual machine

12 – Set up Azure single sign on portal

13 – Azure pricing tutorial

14- Enabling Office 365 branding

15- Configuring user self-service password resets

If you are looking at getting up to speed with Azure this course will save you a huge amount of time and is thus a great investment. Also, as the product gets updated you’ll continue to receive all updates for free for the life of the product. This makes it even greater value.

You can purchase this product, along with my other publications, from:

By supporting this product, you’ll be supporting me to create more focused content like this.

if you have any suggestions for what content you’d like to see inside this course please also let me ( know.

Need to Know podcast–Episode 76

Tas joins me again to discuss a curly Office 365 and SharePoint Online question – where should you save your document? A SharePoint Team Site or in OneDrive for Business?

There are plenty of good reasons to store your data in each location but what makes the most sense when? Tas shares his experience and thoughts from the field and we come up with some guidelines that you can use to make the decision of where to locate your data easier.

You can listen to the episode at:

or subscribe to this and all episodes in iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.


Should I save my documents to OneDrive for Business or a team site

Apps to view Office 365 encrypted messages

Recently I wrote a post about how you can configure then send and receive encrypted messages using Office 365. Microsoft has recently announced the release of dedicated mobile apps for Android and iOS that allow you to read these messages on your mobile device.

You can find the download at:





This means you can read and reply to Office 365 encrypted messages. This should make the adoption of secure messaging much easier as well as highlight that Microsoft is serious about the privacy and security of your information.

Office 365 branding and password resets now free

I recently posted an article about configuring branding and self service password resets in Office 365 by using an Azure Active Directory Premium trial. As I also indicated in that article, this feature was on the roadmap to be available free for all Office 365 tenants.

The goods news is Microsoft has now done exactly that and made both branding and user self service password resets free to all Office 365 users. The details are in this blog post:

So now you can use my previous post to set this up for all your tenants now for free!

When you do so I’d also point you to the following page:

Add company branding to your Sign In and Access Panel pages

from Microsoft that has all the details when it comes to branding, including specifically, the size of the images used. Using the right dimensions will ensure that everything looks professional once your branding has been applied.

Kudos again to Microsoft for making these once Premium features free as they something all Office 365 user can make use of and user self service password resets certainly cuts down on administrative overhead.

Microsoft My Apps mobile client


Recently, I wrote a blog post on how to configure a single sign on portal for free with Office 365. Which at completion meant users could access all their cloud based apps via the URL:

However, what about in this ‘mobile first’ world? I am pleased to report that there is a Microsoft My Apps app for both iOS and Android.

My Apps – Azure Active Directory – iOS

My Apps – Android


As you can see from above, the app looks and functions very much like the browser version.

if you have already set up your single sign on portal with Azure and Office 365, try using these mobile apps to drive adoption and make it easier for users.

Need to Know podcast–Episode 75

In this episode I’m joined by old friend Angus Mansfield from XCentral to discuss the power of business relationship and the importance of partnerships to any organisation. Angus shares his experiences and insights into what makes a successful relationship and how to ensure that it works to the advantage of both parties. Importantly Angus shares with us how to successfully search out and develop partnerships that provide real benefits for you business.

You can listen to the episode at:

or subscribe to this and all episodes in iTunes at:

The podcast is also available on Stitcher at:

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.


Angus Mansfield – Xcentral

Enabling Self Service Password Resets in Office 365

One of the most common tasks that any IT administrator performs is to reset users passwords. This means that a lot of this administration can be alleviated if the users are able to reset their own passwords.

You can enable user self service password resets in Office 365, however at this point in time you need to have an Azure Active Directory Basic or Premium subscription enabled on your Office 365 Azure AD Free account. I showed you how to enable this for every Office 365 account a few posts back.

It is also important at this point to highlight some information from the Office 365 roadmap. Under “Development” you will currently find:

Page Branding and Self Service Password Reset

Sign-in Page Branding enables an Office 365 customer to select custom colors, text and Imagery for their Office 365 sign-in page. Self Service Password Reset allows a user who has forgotten their password to reset it based on prearranged alternative personal information. These two features were previously available with the Azure AD Premium subscription and are now being made available to all Office 365 subscribers.

Thus, both branding and the user self service password reset ability will becoming available to all Office 365 subscribers.

So, this is how you enable it at the moment, with the requirement of an Azure Active Directory Premium subscription (which you can get on a 90 day trial). In the very near future this will no longer be required and be available in the Office 365 Azure AD Free account.


The first step in the process of enabling the user self service password reset feature is to login to your Office 365 Azure AD Free account, which I have detailed previously about enabling.

You will typically only see the Active Directory option on the menu on the left. When you select this you will then see your Office 365 AD to the right. If you select your Office 365 directory you will drill down into more information for that directory.


One of the options across the top now is Configure. Select this.


If you scroll through all the options on the page you will find no mention of user self service password resets. This is because you need to firstly enable an Azure AD Premium subscription (or trial) to enable this feature. As I mentioned previously, soon you will not need to do this as it will be included in the standard Azure free AD offering.


To at least see what user self service password resets are all about you can enable a 90 day Azure AD Premium subscription by now selecting Licenses from the menu across the top.

Then select the link to Try Azure Active Directory Premium Now.


Select the check button in the lower right hand of the window that appears once you have read its contents.


You will then need to wait a few minutes while the Azure AD Premium subscription is configured.


In a few moments you should see that the subscription is enabled as shown above. Select this to configure.


To enable the Azure AD Premium features for users you will need to select a user from the list of Office 365 users displayed and then select the Assign button at the bottom of the screen.

You will also need to assign a license for an Office 365 global administrator to configure the service. In this case, it has been enabled for the same admin user who is logged into the Azure portal currently.


When you assign a user an Azure AD Premium license you will see the above status message at the bottom of the screen indicating successful completion of the license assignment.


If you now return to the Configure tab you should find a new section devoted to user password reset policy as shown above.


If you now select the green Customize Branding button you will be taken to the above screen where you can upload a number of different graphics to be displayed in the portal as well as desired messaging as shown above.


Scroll down and ensure User enabled for password reset is set to YES.

You can also configure the number of authentication methods. In this case I also added Security Questions.

You can choose how many authentication methods are required for password to be reset and since I have selected to use Security Questions, I can also determine how many questions will be required for the user to create.


The next option allows you to set how many Security Questions are required to be answered from those set.

Next, you enter the questions you wish the user to create answers for.

You can then Require users to register when signing into the Access Panel. This means when the users sign into the Azure Single Sign On portal available via Office 365 they will be prompted to set up the required password reset information. Normally you want this set to YES.

The Azure Single Sign On portal is a free component of the Azure AD Free plan that is available to all Office 365 tenants. I covered how to set that up in a previous post. Your users access this single sign on portal via:


If you scroll down you can modify the language used when sending emails as well as whom to notify when passwords are reset.


Once you have completed your configuration press the Save button at the bottom of the screen. You should see the status bar at the bottom indicating that your changes are being updated.


Now when a user navigates to the Office 365 portal login page, as soon as they type their login details the branding will be applied to the portal as shown above.


Now let’s say the user now attempts to reset their password by selecting the Can’t access your account? link. They will be taken to a page shown above where they will be prompted to enter some CAPTCHA information.


Once they have done this they will be presented with the above screen telling them that their account could not be verified and they should contact an administrator (link provided, configurable from Azure).

Why is that? The reason is that the user hasn’t logged into the Azure single sign on portal and set up their security options for doing password resets yet.


Thus, once you have enabled user password self service you need to send all your users to the Azure single sign in portal at:

Once they have logged in with their Office 365 credentials they will be prompted to verify their contact information as shown above. This requirement, again, is an option set in the Azure portal during configuration previously mentioned.


Depending on the security requirements you have configured the user will need to complete each option via the process found by clicking on each of the links for that option.

Once all of these are complete ensure the Save button is select at the bottom of the page.


So if a user now selects the link Can’t access your account? on the Office 365 portal login page and completes the CAPTCHA they will now be taken to the above screen which will ask then which security method they wish to use to verify their identity.

Simply select the method from the list available and complete the requirements.


in this case the method selected is via an alternate email address. That sends a one time code to that email address which then needs to be entered at this challenge.


Once the identity of the user has been verified, they are then given the option to reset their password as shown above.


When that has been completed they can now login to the Office 365 portal (or the Azure single Sign in portal) with these details.

Again, note the branding that was also configured in this process.

Once user self service password resets are configured they should make the life of an Office 365 administrator much easier. To do this at the moment requires an Azure AD Premium subscription but as I mentioned in the beginning this will be changing so it is available for all Office 365 accounts for free very soon. So try it today with this method and get ready for when it is available everywhere.

Encryption of data at rest in SharePoint Online

A very common question I get is about how secure information is in Office 365. The above video shows you how SharePoint Online data is saved when at rest.

Microsoft do a lot in my books to ensure that data stored in Office 365 is secure as possible and in my books far more secure that most people achieve on premise. That means to me security is a major reason to CHOOSE the cloud over anything on premise.

Security is a journey and not a destination I know but Microsoft have the resources to ensure that the information they maintain is a secure as possible and I’m comfortable with that.