Azure data centers are coming to Australia!

Living in a country with low population density and very poor internet, going to the cloud can be a big challenge at times. What looks fast and responsive on US demos ends up being very substandard here for many reasons.

We have known for a while that Azure data centers are coming to Australia and it seems like they are starting to come online as you see from the above graphic. This shows the speed to different Azure data centers and down the bottom of the list now appears Australia! Yeah!

It will be fantastic when these become available via the azure portal for hosting things like Virtual Machines. It’ll be nice to have a piece of the Microsoft cloud in our own backyard for a change.

Restricting remote access to Azure Virtual Machine

If you create virtual machines in Microsoft Azure, you typically connect to them using RDP (if they are of course Windows machines). What you may not be aware of is the fact that you restrict, or whitelist, which remote IP addresses are allowed to RDP to these machines. Here’s how you configure this.

You login to you Microsoft Azure console as shown above.

In here is a Windows Domain Controller machine. What I want to do is restrict remote RDP access to this machine for security reasons (since it is a Domain Controller after all).

To do that select the Virtual Machine from the list and then the Endpoints option from the menu across the top as shown above.

At the moment there are only have two endpoints, one for PowerShell and one for Remote Desktop (i.e. RDP). Both of these services are accessible to the outside world via the Public port (which I have obscured for privacy reasons). These Public ports map to familiar Private ports at the virtual machine.

Thus, Remote Desktop connects via a random port from the Internet and this then mapped to the familiar port 3389 port internally at the machine.

To set security on an Endpoint, simply select it and then select the MANAGE ACL button at the bottom of the screen.

You will then see a dialog that allows you to enter a description as well as a remote subnet. You can then set the action to be either Permit or Deny. With RDP traffic the default is to allow all inbound traffic for that endpoint. All other ports are blocked for inbound traffic unless endpoints are created for those ports.

Points to consider:

No ACL – By default when an endpoint is created, Azure permits all for the endpoint.
Permit – When you add one or more “permit” ranges, you are denying all other ranges by default. Only packets from the permitted IP range will be able to communicate with the virtual machine endpoint.
Deny – When you add one or more “deny” ranges, you are permitting all other ranges of traffic by default.
Combination of Permit and Deny – You can use a combination of “permit” and “deny” when you want to carve out a specific IP range to be permitted or denied.

(Reference – http://msdn.microsoft.com/en-us/library/azure/dn376541.aspx)

You can of course configure these ACLs using PowerShell and the reference for that is here:

http://msdn.microsoft.com/en-us/library/azure/dn376543.aspx

more information about setting endpoints for virtual machines can be found at:

http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-set-up-endpoints/

Introduction to SharePoint Online Picture Library video

Images are a significant part of the data that resides on most hard disks. Getting this into SharePoint Online in Office 365 is a perfect way to make this information more visible and searchable.

In this video you’ll see how to add the Picture Library app to a SharePoint Online Team Site. You’ll also see how to upload images and edit their keyword and description fields for better searchability.

This video is part of my Getting Started With SharePoint Online playlist which will give you all the basics of how to get up and running with SharePoint Online in Office 365 quickly and easily.

Add a custom domain to Azure

Microsoft Azure shares many commonalities with Office 365. When you sign up you are given a default .onmicrosoft.com domain but you can also add you own custom domain. here’s how to do just that.

http://manage.windowsazure.com

From the menu on the left locate the Active Directory icon, which is near the bottom and select it.

You should then see a single entry called Default Directory displayed, select this.

From the menu that now appears across the top select DOMAINS. You’ll then see the above message indicating that you can add a custom domain.

Select ADD A CUSTOM DOMAIN.

In the field that appears, enter the custom domain you wish to use and then press the add button at the bottom.

You should now see a message at the top of the dialog saying that the domain has been successfully added.

Select the arrow in the bottom right to move to the next page in the process.

Much like Office 365 you’ll need to verify that you own this domain. You do that be adding a DNS record to your domain records and having Windows Azure verify it.

There are a number of verification options but the best is normally a simple TXT record. If you therefore select RECORD TYPE as TXT record at the top you’ll be provided with the DNS information you need to add to your domain.

You then got to the name records for you domain and add the supplied details to match the record selected in Windows Azure.

When you have updated your domain record return to Windows Azure and select the verify button at the bottom.

Windows Azure will then query the DNS records of your domain to verify that a matching record can be found. If so, you will receive a verification confirmation message at the top of the dialog as shown above.

Press the check mark in the lower right to complete the process.

You should now see the domain you just added listed in the domains option as shown above.

Again, much like Office 365 you can add multiple domains to Windows Azure as required.

With that done, now we can start utilizing this custom domain inside Windows Azure and I’ll cover that in upcoming blog posts.

Making an Office 365 calendar public

If you want anyone to be able to see your calendar by simply browsing to a web page and you are using Office 365 Exchange Online for your emails then simply follow this process.

Login to the Microsoft Online portal with your account details. Select Calendar from the menu options that appear across the top of the page. This will display your calendar as shown above.

Under the option My Calendars on the left, right mouse click on the calendar you wish to share (in this case Calendar).

From the menu that is displayed select permissions..

An options pane will appear from the right as shown above. The option should show Public Calendar Not shared currently.

From the pull down options select a calendar sharing option to suit your needs. In this case the selection is Full details.

Now select Save in top left of this pane to update your preferences and return to your calendar view.

If you then again right mouse click on the calendar you wish to share as before and again select permissions to reveal the pane, you will find two new hyperlinks as shown above.

The View Calendar link provides you a URL link you can send to an external contact they can enter in their browser.

When they do they will see a copy of your calendar (depending on the permissions you provided previously of course) as shown above. In my experience it may 10 – 15 minutes for a calendar to be accessible publicly via this URL as it obviously need to be ‘published’ securely in Office 365.

At this stage there does not appear to be a way to allow anonymous users to actually make changes to the calendar which may be handy in some circumstance. I am pretty confident that we’ll see that down the track very soon.

Getting started SharePoint videos

One of the most common challenges with SharePoint Online is actually getting started. That’s why I created these books:

which you can find over at my publications page. Purchasing one or more copies helps me to continue creating resources like these and my YouTube videos.

What I thought I’d start doing is take advantage of the playlist features in YouTube to start building lists of common videos to help people get up and running with SharePoint Online quickly.

That meant that I needed to create a few new videos which you’ll find here:

Uploading documents to SharePoint Online

Basics of working with Document Libraries

Basic calendaring in SharePoint

I have then combined these, along with an existing video, into a dedicated playlist:

Getting Started with SharePoint Online

where these, and the ones I add in future, can be played one after each other. This makes it a nice series you can get someone to work through to get them up to speed with SharePoint quickly.

The videos are generally 5 – 10 minutes and provide the main points you need to get up and running quickly.

As I said, I’ll keep working on creating new videos to add to this playlist as well as looking at developing new playlists on different Office 365 and SharePoint Online topics. Let me know what you’d like to see.

OneNote for Mac now opens OneDrive for Business notebooks

Another recent update Microsoft released, this time for OneNote for Mac, is the ability to open notebooks on OneDrive for Business in Office 365.
I know plenty of people that have been waiting for this.

Edit document directly in OWA

Here’s a handy little feature that has just been added to Office 365.

Let’s say that someone send you an attachment as shown above. if you now click on that attachment Office 365 will automatically show you that document side by side (provided of course it can be viewed in Office Online).

You’ll see the document on the left in Office Online and the email on the right. You can still download it to your desktop if you want.

At the top of the page you’ll also see the option to Edit a copy.

When you do it will create a new reply email on the right, take a copy of the attached document on the left and then place that copy into edit mode with Office online.