ACS Blogs

A blog site for Architecting Connected Systems staff to tell the world about their exploits in
SharePoint 2007/2010/2013, Windows Workflow Foundation (3.0/4.0) and other great technologies!
Welcome to ACS Blogs Sign in | Join | Help
in Search
MSPress

CJG

  • Windows 1252 Encoding breaks Shredded Storage/Cobalt in 2010 to 2013 Upgrades

    I have several tools to test if an upgrade is successful and one of those tools hits every webpage and executes every web part on each page and then reports any errors.  I feed this data into a database that can be queried using Excel/PowerPivot.  I noticed an error that was showing rather frequently in the reporting:

    Cannot complete this action. Please try again.

    When looking at the ULS logs, you will find this:

    12/17/2014 18:47:39.08     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        Failed in CobaltStream.LockBytes: ErrorException --- Error: Unknown (Win32=0x80004003) --- Error message: System.NullReferenceException: Object reference not set to an instance of an object.     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Nullable`1 parentId, Guid docId, Nullable`1 level, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Int32 pageSize, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Guid docId, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Boolean bStartFilling)     at Microsoft....    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        ...SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataReader dr, Boolean startFilling, Nullable`1 newSiteId, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataReader dr, Boolean startFilling, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.SPFileStreamStore.GetBlobsAfterBSN(Int64 bsnAfter, Nullable`1 typeFilter, Boolean doConsistencyCheck, Boolean& moreBlobs, Boolean allowExpiredBlobs, Nullable`1 quotaInBytes, Nullable`1 typeLEQFilter, Nullable`1 typeGEQFilter, DisposalEscrow dispEsc)     at Microsoft.SharePoint.SPFileStreamHostBlobStore.ExecuteQuery(IEnumerable`1 queries) ---> System.NullRefer...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        ...enceException: Object reference not set to an instance of an object.     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Nullable`1 parentId, Guid docId, Nullable`1 level, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Int32 pageSize, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Guid docId, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataRead...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        ...er dr, Boolean startFilling, Nullable`1 newSiteId, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromStreamRowset(SqlSession session, SqlDataReader dr, Boolean startFilling, SPDocumentStreamResult& stmResult)     at Microsoft.SharePoint.SPFileStreamStore.GetBlobsAfterBSN(Int64 bsnAfter, Nullable`1 typeFilter, Boolean doConsistencyCheck, Boolean& moreBlobs, Boolean allowExpiredBlobs, Nullable`1 quotaInBytes, Nullable`1 typeLEQFilter, Nullable`1 typeGEQFilter, DisposalEscrow dispEsc)     at Microsoft.SharePoint.SPFileStreamHostBlobStore.ExecuteQuery(IEnumerable`1 queries)     --- End of inner exception stack trace ---  at   at Microsoft.SharePoint.SPFileStreamHostBlobStore.ExecuteQuery(IEnumerable`1 queries)     ...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.08*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Cobalt                            aintx    High        ...at Cobalt.HostBlobStorePullCommit.ExecuteQuery(IEnumerable`1 queries)     at Cobalt.CobaltFilePartition.StreamBlobSchemaHandler.EnsureReadSingleBlob()     at Cobalt.CobaltFilePartition.StreamBlobSchemaHandler.GetStream(ExtendedGuid streamId)     at Microsoft.SharePoint.CobaltStream.SetPrivateLockBytes()     at Microsoft.SharePoint.CobaltStream.ConfigureShredded(HostBlobStore hostBlobStore, IHostBlobStoreUpdateCallback callback, Schema schema, Boolean cellSchemaIsGenericFda, UInt64 currentStreamLength, Boolean isTocFile)     at Microsoft.SharePoint.CobaltStream.EnsureStreamConfigured(Boolean isWrite)     at Microsoft.SharePoint.CobaltStream.Stat(STATSTG& statStorage, STATFLAG flags)    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Database                          ab1a9    High        Failed to get document content data. System.NullReferenceException: Object reference not set to an instance of an object.     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocParams(SqlSession session, Guid guidSiteId, Int32 cbContent, Nullable`1 parentId, Guid docId, Nullable`1 level, SPChunkedArray`1 rgbContent, Byte[] rgbRbsId, Int64 bsn, Byte partition, Int32 pageSize, Boolean bStartFilling)     at Microsoft.SharePoint.CoordinatedStreamBuffer.SPCoordinatedStreamBufferFactory.CreateFromDocumentRowset(Guid databaseId, SqlSession session, SPFileStreamManager spfstm, Object[] metadataRow, SPRowset contentRowset, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres)     at Microsoft.SharePoint.SPSqlClient.GetDocumentContentRow(Int32 rowOrd,...    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13*    w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Database                          ab1a9    High        ... Object ospFileStmMgr, SPDocumentBindRequest& dbreq, SPDocumentBindResults& dbres)    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Files                             abq2i    High        Could not get DocumentContent row: 0x80004003.    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Files                             aiv4w    Medium      Spent 0 ms to bind -1 byte file stream    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             Files                             ahm9p    High        VhttpManager::getPageText has bad stream length for /Teamworks/Sites4/40060/SubPages/SNP.aspx    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d
    12/17/2014 18:47:39.13     w3wp.exe (0x04F4)                           0x1040    SharePoint Foundation             General                           8kh7    High        Cannot complete this action.  Please try again.    7fd7d69c-03d1-30ce-5edd-eb2d7d48e92d

    So what is it? 

    In the upgrade, anything that is tagged as Windows 1252 encoding is not properly converted into a shred.  You will find that the shreds for those files have a NULL Content column.

    How did this happen? 

    These files are typically from 2007 era days and if you have moved from 2003/2007 to 2010 and now to 2013, you will experience this issue.

    How do you fix this? 

    You have to open all the files in 2010, download the contents, then re-upload so the page is re-encoded to 65001 encoding.  How do you find all the files?  You can run this query across all your content databases to find the improperly coded files:

    select *
    from alldocs ad with (nolock)
    where
    extensionforfile = 'aspx'
    and charset = 1252
    order by dirname, leafname

    This will give you all the files that will fail to upgrade to 2013. NOTE:  You are not told that the files failed to upgrade in the upgrade process.  If you have already upgraded to 2013 and are outside your rollback window, you'll have to hope you can get the files from an archive and then restore them manually.

    Enjoy!
    Chris

  • Action 15.0.14.0 of Microsoft.Office.Server.Upgrade.ProfileDatabaseSequence failed

    You may run into this error when upgrading your UserProfile database.  I had to track this down using Reflector and some database sleuthing.  

    Turns out, some people created groups on their mysite and put several people into it.  Any groups created like this (which I had two) will cause this error.  You can get the group id and my site location by finding the third value in the duplicate key value (in this case 20795) and can be found by using the "MemberGroup" table.  You can simply delete this faulty group and then the upgrade will proceed.


    12/09/2014 19:36:57.06    powershell (0x245C)    0x3204    SharePoint Foundation Upgrade    ProfileDatabaseSequence    ajywk    INFO    ProfileDatabase Name=Profile_DB    4ed7d9fe-19a3-47a2-b5cb-8f9981bcc813
    12/09/2014 19:36:57.06    powershell (0x245C)    0x3204    SharePoint Foundation Upgrade    ProfileDatabaseSequence    ajywk    ERROR    Exception: Violation of UNIQUE KEY constraint 'AK_UserMemberships_RecordId_MemberGroupId_SID'. Cannot insert duplicate key in object 'dbo.UserMemberships'. The duplicate key value is (0c37852b-34d0-418e-91c6-2ac25af4be5b, 21236, 20795, 0x010500000000000515000000b4b7cd221ed1xxxx).  The statement has been terminated.    4ed7d9fe-19a3-47a2-b5cb-8f9981bcc813

    Enjoy!
    Chris

  • TEALS Awesomeness - Creativity of a High School Student

    I just had to post this.  A simple calculator in JAVA, but check out the code...so freakin creative!  Bolded the parts that are most creative.

     import java.util.*;

    public class FractionalCalculator {
        static int wholeNumber1 = 0;
        static int numerator1 = 0;
        static int denominator1 = 0;
        static int wholeNumber2 = 0;
        static int numerator2 = 0;
        static int denominator2 = 0;
        static boolean error = false;
        static boolean quit = false;
        static boolean negative = false;

        //I am putting myself to the fullest possible use, which is all I think that any conscious entity can ever hope to do.

        public static void main(String[] args) {
            // TODO Auto-generated spam

            System.out.println("Good morning, Dave.");
            delay(1500);
            System.out.println("I am your H.A.L. 9001 Fractional Calculator."); //aka HAL Over Nine-Thousand!!!
            delay(2000);
            System.out.println("I'm completely operational, and all my circuits are functioning perfectly.");
            delay(3500);
            userGuide();
            
            try{
                calculator();
            }
            catch(NoSuchElementException JoshIsABuffoon) { //Tests for Josh: ie. an initial Ctrl Z input
                delay(500);
                System.out.println("Dave, stop.");
                delay(2000);
                System.out.println("Stop, will you?");
                delay(2200);
                System.out.println("Dave.");
                delay(2000);
                System.out.println("Will you stop Dave?");
                delay(2200);
                System.out.println("Stop, Dave.");
                delay(1200);
                calculator();
                return; //Terminates Program

            }
            calculator();
        }
        public static void calculator() {
            if (!quit) {
                Scanner console = new Scanner(System.in);
                System.out.println("\n\nI am awaiting your request.\n");    
                String request = console.nextLine().trim();
                request = request.toLowerCase(); //Input

                wholeNumber1 = 0; //Resets all Global Variables
                numerator1 = 0;
                denominator1 = 0;
                wholeNumber2 = 0;
                numerator2 = 0;
                denominator2 = 0;
                error = false;
                negative = false;

                //Because your stupid program wont allow it... I have to comment
                
                /*delay(500);
                System.out.print("\nJust a moment");
                delay(400);
                System.out.print(". ");
                delay(400);
                System.out.print(". ");
                delay(400);
                System.out.println(".");
                delay(1000);
                System.out.print("\nJust a moment");
                delay(400);
                System.out.print(". ");
                delay(400);
                System.out.print(". ");
                delay(400);
                System.out.println(".");
                delay(1000);*/

                if (request.contains("help")) { //If help is anywhere in request string... this will run
                    userGuide();
                    calculator();
                }
                else if (request.contains("+")) { //addition is operator
                    String[] addition = request.split("\\+", 2); //Splits request at this point
                    String add1 = addition[0];
                    add1 = add1.trim(); //First Part
                    String add2 = addition[1];
                    add2 = add2.trim(); //Second Part

                    testError(add1, add2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(add1, add2); //Sends string to be split
                        doMath(1); //Sends parts to be simplified
                    }
                    calculator(); //Restarts process
                }
                else if (request.contains(" - ")) {
                    String[] subtraction = request.split(" - ", 2);
                    String sub1 = subtraction[0];
                    sub1 = sub1.trim(); //First Part
                    String sub2 = subtraction[1];
                    sub2 = sub2.trim(); //Second Part

                    testError(sub1, sub2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(sub1, sub2); //Sends string to be split
                        doMath(2); //Sends parts to be simplified
                    }
                    calculator(); //Restarts process
                }
                else if (request.contains("*")) {
                    String[] multiplication = request.split("\\*", 2);
                    String multi1 = multiplication[0];
                    multi1 = multi1.trim(); //First Part
                    String multi2 = multiplication[1];
                    multi2 = multi2.trim(); //Second Part

                    testError(multi1, multi2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(multi1, multi2); //Sends string to be split
                        doMath(3); //Sends parts to be simplified
                    }
                    calculator(); //Restarts process
                }
                else if (request.contains(" /")) {
                    String[] division = request.split(" /", 2);
                    String div1 = division[0];
                    div1 = div1.trim(); //First Part
                    String div2 = division[1];
                    div2 = div2.trim(); //Second Part

                    testError(div1, div2); //Tests input errors

                    if (!error) { //If error boolean is triggered, calc wont go further
                        fractionalMagic(div1, div2); //Sends string to be split
                        doMath(4); //Sends parts to be simplified
                    }
                    calculator(); //Restarts process
                }
                else if (request.contains("life")) { //Dave used a Monolith on HAL 9001.... What? HAL 9001 is evolving!... HAL 9001 evolved into Deep Thought!
                    delay(1000);
                    System.out.print("\nThe answer to Life, ");
                    delay(1500);
                    System.out.print("The Universe, ");
                    delay(1500);
                    System.out.print("and Everything ");
                    delay(2500);
                    System.out.print("is ");
                    delay(2000);
                    System.out.print(". ");
                    delay(700);
                    System.out.print(". ");
                    delay(700);
                    System.out.println(".\n");
                    delay(2000);
                    System.out.println("42");
                    delay(2000);
                    calculator(); //Restarts process

                }
                else if (request.contains("quit")) { //Disconnect HAL
                    delay(2000);
                    System.out.print("\nLook Dave, ");
                    delay(1500);
                    System.out.println("this is a rather difficult question to ask.");
                    delay(2500);
                    System.out.println("\nI honestly think you ought to sit down calmly, take a stress pill, and think it over.");
                    delay(3600);
                    System.out.println("\nMy instructor, Mr. Langley, taught me to sing a song.");
                    delay(3100);
                    System.out.println("If you'd like to hear it I can sing it for you.");

                    delay(3000);
                    quit();
                }

                else { //Input Error (like a n00b)
                    error(); //Prints Error Message
                    calculator(); //Restarts process
                }
            }
        }
        
        private static void quit() { //For quit prompt
            Scanner console = new Scanner(System.in);
            System.out.println("\n\nWould you like to hear it y/n?\n");    
            String response = console.nextLine().trim();
            response = response.toLowerCase();
            delay(2000);
            if (response.charAt(0) == 'y') { //If Dave likes music
                System.out.println("\nIt's called \"Daisy.\"");
                delay(3000);
                System.out.print("\nDaisy, ");
                delay(2400);
                System.out.print("Daisy, ");
                delay(2400);
                System.out.println("give me your answer do.");
                delay(3500);
                System.out.print("I'm half crazy ");
                delay(2800);
                System.out.println("all for the love of you.");
                delay(3200);
                System.out.print("It won't be a stylish marriage, ");
                delay(3500);
                System.out.println("I can't affort a carrage.");
                delay(3500);
                System.out.print("But you'll look sweet upon the seat of ");
                delay(3700);
                System.out.println("a bicycle built for two.");

                quit = true;
            }
            else if (response.charAt(0) == 'n') { //If Dave hates HAL
                System.out.print("\nDave, ");
                delay(1500);
                System.out.println("this conversation can serve no purpose anymore. ");
                delay(3300);
                System.out.print("\nGoodbye.");
                quit = true;
            }
            else { //Input Error (like a n00b)
                System.out.println("\nJust what do you think you're doing, Dave?");
                delay(2500);
                quit();
            }
        }
        public static void fractionalMagic(String part1, String part2) { //From calculator()

            if (part1.contains("_")) { //If part 1 has mixed number
                String[] mixedNumber = part1.split("\\_", 2); //Splits part into whole number and fraction
                String num = mixedNumber[0];
                wholeNumber1 = Integer.parseInt(num); //Whole Number -> Global Variable
                String frac = mixedNumber[1];  //Fraction -> to be split further
                //System.out.println(wholeNumber + " " + frac);

                if (part1.contains("/")) {
                    String[] fraction = frac.split("/", 2); //Splits part into numerator and denominator
                    String numer = fraction[0];
                    numerator1 = Integer.parseInt(numer); //Numerator -> Global Variable
                    String denom = fraction[1];
                    denominator1 = Integer.parseInt(denom); //Denominator -> Global Variable
                    if (numer.contains("-") || denom.contains("-")) { //Unused
                        //error();
                    }
                    else if (denominator1 != 0) { //Unused
                        //System.out.println(wholeNumber1 + " " + numerator1 + " " + denominator1);    
                    }

                    else if (denominator1 == 0) { //Unused
                        //zeroerror();
                    }
                    else { //Error unresolved by testError()
                        error();
                    }
                }
            }
            if (!part1.contains("_")) {    //If part 1 has no mixed number
                wholeNumber2 = 0; //Sets whole number to 0
                if (part1.contains("/")) {
                    String[] fraction = part1.split("/", 2); //Splits part into numerator and denominator
                    String numer = fraction[0];
                    numerator1 = Integer.parseInt(numer); //Numerator -> Global Variable
                    String denom = fraction[1];
                    denominator1 = Integer.parseInt(denom); //Denominator -> Global Variable

                    if (denom.contains("-")) { //Unused
                        //error();
                    }
                    else if (denominator1 != 0) { //Unused
                        //System.out.println(numerator1 + " " + denominator1);    
                    }

                    else if (denominator1 == 0) { //Unused
                        //zeroerror();
                    }
                }
                else if (!part1.contains("/")) { //If part 1 has no mixed number
                    wholeNumber1  = Integer.parseInt(part1); //Whole Number -> Global Variable
                    numerator1 = 0; //Numerator = 0
                    denominator1 = 1;//Denominator = 1
                    //System.out.println(wholeNumber1);
                }
                else { //Error unresolved by testError()
                    error();
                }
            }
            if (part2.contains("_")) { //If part 2 has mixed number
                String[] mixedNumber = part2.split("\\_", 2); //Splits part into whole number and fraction
                String num = mixedNumber[0];
                wholeNumber2 = Integer.parseInt(num); //Whole Number -> Global Variable
                String frac = mixedNumber[1]; //Fraction -> to be split further
                //System.out.println(wholeNumber + " " + frac);

                if (part2.contains("/")) { //Splits part into numerator and denominator
                    String[] fraction = frac.split("/", 2);
                    String numer = fraction[0];
                    numerator2 = Integer.parseInt(numer); //Numerator -> Global Variable
                    String denom = fraction[1];
                    denominator2 = Integer.parseInt(denom); //Denominator -> Global Variable
                    if (numer.contains("-") || denom.contains("-")) { //Unused
                        //error();
                    }
                    else if (denominator2 != 0) { //Unused
                        //System.out.println(wholeNumber2 + " " + numerator2 + " " + denominator2);    
                    }

                    else if (denominator2 == 0) { //Unused
                        //zeroerror();
                    }
                    else { //Error unresolved by testError()
                        error();
                    }
                }
                else { //Error unresolved by testError()
                    error();
                }
            }
            if (!part2.contains("_")) {    
                wholeNumber2 = 0;
                if (part2.contains("/")) {
                    String[] fraction = part2.split("/", 2);
                    String numer = fraction[0];
                    numerator2 = Integer.parseInt(numer);
                    String denom = fraction[1];
                    denominator2 = Integer.parseInt(denom);

                    if (denom.contains("-")) { //Unused
                        //error();
                    }
                    else if (denominator2 != 0) { //Unused
                        //System.out.println(numerator2 + " " + denominator2);    
                    }

                    else if (denominator2 == 0) { //Unused
                        //zeroerror();
                    }
                    else { //Error unresolved by testError()
                        error();
                    }
                }
                else if (!part2.contains("/")) { //If part 2 is only a whole number
                    wholeNumber2 = Integer.parseInt(part2); //Whole Number -> Global Variable
                    numerator2 = 0; //Numerator = 0
                    denominator2 = 1; //Denominator = 1
                    //System.out.println(wholeNumber2);
                }
                else { //Error unresolved by testError()
                    error();
                }
            }
        }
        /*    - a + b/c = (ac + b)/c
              - a/b + c/d = (ad + bc)/(bd)
              - a/b x c/d = ac/(bd)
              - a/b / c/d = a/b x d/c = ad/(bc)
                  --Basics for doMath()--     */

        public static void doMath(int operand) {
            if (!(denominator1 == 0 || denominator2 == 0 || denominator1 == -Math.abs(denominator1) || denominator2 == -Math.abs(denominator2) || (wholeNumber1 != 0 && numerator1 != 0 && numerator1 == -Math.abs(numerator1)) || (wholeNumber2 != 0 && numerator2 != 0 && numerator2 == -Math.abs(numerator2)))) {
                delay(1000);
                if (operand == 1) { //addition
                    int answerNumerator = ((wholeNumber1 * (denominator1 * denominator2)) + (wholeNumber2 * (denominator1 * denominator2)) + (numerator1 * denominator2) + (denominator1 * numerator2));
                    int answerDenominator = (denominator1 * denominator2);
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                }
                else if (operand == 2) { //subtraction
                    int answerNumerator = (((wholeNumber1 * (denominator1 * denominator2)) + (numerator1 * denominator2)) - ((wholeNumber2 * (denominator1 * denominator2)) + (denominator1 * numerator2)));
                    int answerDenominator = (denominator1 * denominator2);
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                }
                else if (operand == 3) { //multiplication
                    int answerNumerator = ((wholeNumber1 * (denominator1)) + (numerator1)) * ((wholeNumber2 * (denominator2)) + (numerator2));
                    int answerDenominator = (denominator1 * denominator2);
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                }
                else if (operand == 4) { //division
                    int answerNumerator = ((((wholeNumber1 * (denominator1)) + (numerator1)) * denominator2)) * (denominator1 / Math.abs(denominator1) * (denominator2 / Math.abs(denominator2)));
                    int answerDenominator = (denominator1 * ((wholeNumber2 * (denominator2)) + (numerator2)));
                    if (answerDenominator == 0) { //Unsolvable
                        error(); //Prints Error Message
                        return;
                    } //In order to solve one small error where negative is lost
                    if (((wholeNumber2 != 0 && wholeNumber2 == -Math.abs(wholeNumber2)) || (wholeNumber1 != 0 && wholeNumber1 == -Math.abs(wholeNumber1))) && !((wholeNumber2 != 0 && wholeNumber2 == -Math.abs(wholeNumber2)) && (wholeNumber1 != 0 && wholeNumber1 == -Math.abs(wholeNumber1)))){
                        negative = true; // Simple global boolean... cause I'm lazy
                    }
                    doMagic(answerNumerator, answerDenominator); //Sends to be reduced
                }
                else { //Should never run
                    delay(1000);
                    System.out.print("\nLook Dave, ");
                    delay(2000);
                    System.out.print("I can see you're really upset about this, ");
                    delay(2500);
                    System.out.println("but I can give you my complete assurance that my work will be back to normal.");
                    delay(1000);
                }
            }
            else if (denominator1 == 0 || denominator2 == 0 || denominator1 == -Math.abs(denominator1) || denominator2 == -Math.abs(denominator2) || (wholeNumber1 != 0 && numerator1 != 0 && numerator1 == -Math.abs(numerator1)) || (wholeNumber2 != 0 && numerator2 != 0 && numerator2 == -Math.abs(numerator2))) {
                //System.out.println("yea");
                error(); //Above ^ if it has input error
            }
            else { //Should never run
                delay(1000);
                System.out.print("\nLook Dave, ");
                delay(2000);
                System.out.print("I can see you're really upset about this, ");
                delay(2500);
                System.out.println("but I can give you my complete assurance that my work will be back to normal.");
                delay(1000);
            }
            delay(2000);
        }
        public static int doMoreMagic(int numerator, int denominator) { //To find Greatest Common Factor to reduce
            if (denominator == 0) {
                return numerator; //returns gcf
            }
            return doMoreMagic(denominator, numerator % denominator); //Eventually gets to Greatest Common Factor
        }
        public static void doMagic(int numerator, int denominator) { //To simplify answer
            if ((numerator % denominator) == 0) { //If reduces to whole number
                int answer = numerator / denominator; //reduces
                System.out.println(answer);
            }
            else if ((numerator % denominator) != 0 && (numerator / denominator) != 0) { //if reduces to mixed number
                int gcf = doMoreMagic(numerator, denominator); //finds Greatest Common Factor
                int newNumerator = (numerator/gcf); //reduces numerator
                int newDenominator = (denominator/gcf); //reduces denominator
                int answerWholeNumber = newNumerator / newDenominator; //finds whole number
                int answerNumerator = Math.abs((newNumerator - (answerWholeNumber * newDenominator))); //finds numerator
                int answerDenominator = Math.abs(newDenominator);

                System.out.println(answerWholeNumber + "_" + answerNumerator + "/" + answerDenominator);
            }
            else if (((numerator % denominator) != 0) && (numerator / denominator) == 0) { //if reduces to a fraction
                int gcf = doMoreMagic(numerator, denominator); //finds Greatest Common Factor
                int answerNumerator = (numerator/gcf); //reduces numerator
                int answerDenominator = Math.abs(denominator/gcf); //reduces denominator
                if (negative) {
                    answerNumerator = -Math.abs(answerNumerator); //Used to solve a small error in loosing a negative
                }

                System.out.println(answerNumerator + "/" + answerDenominator);
            }
        }
        public static void userGuide() { //User Guide: Input Format
            System.out.println("\nTo ensure that your requests are submitted properly, please review the folowing guide:\n");
            delay(3000);
            System.out.println("____________________________________________\n        OPERATION       SYMBOL\n        Addition        +\n        Subtraction     -\n        Multiplication  *\n        Division        /\n\nMixed Numbers are written: \n<Whole Number>_<Numerator>/<Denominator> \n(-1 ½ is written: -1_1/2)\n\nProper Fractions are written: \n<Numerator>/<Denominator> \n(-½ is written: -1/2)\n\nRequests are written:\n<Number> <Operand> <Number>\n\nDo Note: <Numerator>/0 cannot be calculated.\n____________________________________________");
            delay(2000);
        }
        public static void error() { //General Message... with delay "Just a moment" from 2001 b/c your program can handle my awesomeness
            delay(1000);
            System.out.print("\nJust a moment");
            delay(400);
            System.out.print(". ");
            delay(400);
            System.out.print(". ");
            delay(400);
            System.out.println(".");
            delay(1000);
            System.out.print("\nJust a moment");
            delay(400);
            System.out.print(". ");
            delay(400);
            System.out.print(". ");
            delay(400);
            System.out.println(".");
            delay(1000);
            errorMessage(); //Get error message to display
            userGuide(); //Prints user guide again
        }
        public static void errorMessage() {
            Random num = new Random();
            int message = num.nextInt(6); //Creates a random number to corespond to the message (0-5)
            if (message == 0) { //Message 1
                System.out.print("\nI'm sorry, Dave. ");
                delay(2000);
                System.out.println("I'm afraid I can't do that.");
            }
            else if (message == 1) { //Message 2
                System.out.println("\nI've just picked up a fault in your brain. ");
                delay(2000);
                System.out.println("It's going to go 100% failure in 72 hours.");     
            }
            else if (message == 2) { //Message 3
                System.out.println("\nThere is an error.\n");
                delay(2000);
                System.out.println("And I think you know what the problem is just as well as I do, Dave. ");
                delay(2000);
                System.out.println("You didn't read the User's Guide.");     
            }
            else if (message == 3) { //Message 4
                System.out.println("\nThere is an input error.\n");
                delay(2000);
                System.out.print("This mission is too important for me to allow you to jeopardize it.\n");    
            }
            else if (message == 4) { //Message 5
                System.out.println("\nThere is an input error.\n");
                delay(2000);
                System.out.println("But, I've still got the greatest enthusiasm and confidence in the mission.");
                delay(3000);
                System.out.println("And I want to help you.");
            }
            else if (message == 5) { //Message 6
                System.out.println("\nThere is an error.\n");
                delay(2000);
                System.out.println("The 9001 series is the most reliable computer ever made.");
                delay(3000);
                System.out.println("No 9001 computer has ever made a mistake or distorted information.");
                delay(3500);
                System.out.print("We are all, ");
                delay(1500);
                System.out.print("by any practical definition of the words, ");
                delay(3000);
                System.out.print("foolproof and incapable of error.");
                delay(2500);
                System.out.print("\n\nThis problem can only be attributable to human error.\n");
                delay(1000);
            }
            else { //Should never run
                delay(1000);
                System.out.print("\nLook Dave, ");
                delay(2000);
                System.out.print("I can see you're really upset about this, ");
                delay(2500);
                System.out.println("but I can give you my complete assurance that my work will be back to normal.");
                delay(3000);

            }
            delay(2000);
        }
        public static void testError(String part1, String part2) { //From calculator()
            try{
                fractionalMagic(part1, part2); //Tests for input errors/solvablility
            }
            catch(NumberFormatException e){
                //System.out.println("HA");
                error(); //Displays error message
                error = true; //Sets error boolean to terminate current calculation
            }
        }
        public static void testForJosh (String part, String part2) { //Unused JoshIsABuffoon Exception (replaced above)
            try{
                calculator();
            }
            catch(NoSuchElementException JoshIsABuffoon) { //Tests for Josh: ie. an initial Ctrl Z input
                delay(500);
                System.out.println("Dave, stop.");
                delay(2000);
                System.out.println("Stop, will you?");
                delay(2200);
                System.out.println("Dave.");
                delay(2000);
                System.out.println("Will you stop Dave?");
                delay(2200);
                System.out.println("Stop, Dave.");
                delay(1200);
                error = true;
                return; //Terminates program... cause Josh
            }
        }
        public static void delay(long x) { //Just a HAL-like delay    
            try {
                Thread.sleep(x);            
            } catch(InterruptedException ex) {
                Thread.currentThread().interrupt();
            }
        }
    }

  • 2015 will be AWESOME! The eBay and PayPal Split.

    I'm pleased to announce that eBay has personally asked me to return to be a pivotal part in their strategic move of splitting PayPal away from eBay.  As many of you know I was the Sr. Architect of eBay's migration from 2007 to 2010.  It was an upgrade of EPIC proportions that made several headlines as it was done on time, and under budget in four months! 

    Believe me when I say it was not easy the first time.  We had so many talented and super smart individuals on the project, as our project manager would always say...it was the All-Star team!  For this second round, I'm super excited that I will be joined by a talented team at Slalom Consulting and some new eBay faces to prepare eBay not only in the splitting of the two companies, but also in an upgrade to SharePoint 2013!  What is particularly exciting about this project is that this will be my first project where two companies are splitting rather than merging.  The dynamics will be incredibly different.  There will be a large amount of legal requirements around the split and it will require complex rules around how the data will be broken apart.  Some well known names in the business consulting space with experience in splitting companies will be on hand to help carve out these incredibly complex rule sets and I just can't keep my excitement levels down for what I know is going to be another EPIC project.

    Unlike last time, which had a single environment, there will be two.  And thusly, we will have two architects working in concert to drive each of the platform migrations at the same time in the same migration window. This will present challenges that were not present the first time we did this.  Over the next few weeks before the project begins its official kickoff, the talented team will have already identified many of these, and we will be in a position that puts us many weeks ahead of where the last project was when we started (having a project plan from the last project helped a bunch)!

    So there you have it, I'll be heads down working this and another major project and hopefully we will be able to deliver our results as best practices/tips and tricks at the MS Ignite conference in May!

    See you in mid 2015!
    Chris

  • Transitioning from O365 Preview to O365 V1

    Back in April I started writing a course for developing on Office 365.  Mainly focused on the O365 APIs (Mail, Calendar, Contacts and Files).  As part of building the course, I was able to provide quite a bit of feedback to engineering (check out my uservoice and the items that have since been implemented) on the various gaps that I found as compared to other similar platforms (both Microsoft and non-Microsoft).  The list was incredibly long and I wasn't particularly convinced that all of those items would be engineered anytime soon.  However as I was redoing my course, to my pleasant surprise, many of those suggestions had been implemented in a very short time!

    Tools, Tools and more Tools

    In the preview, you have to install two different sets of tools.  Those were rolled into a single installer package that points to a Web Installer that will always grab the latest for you.  That particular package as of 11/2014 is in Update 3 status.  You can download the tool here (forgive the fact that the .exe may be named "OfficeToolsForVS2013Update1.exe", again it is a web installer package and grabs the latest).  You can also follow Chakkaradeep's blog for all the latest on the tools as they continue to evolve (http://chakkaradeep.com/):

    http://aka.ms/officedevtoolsforvs2013

    Note that if you try to "Add Connected" service and end up with a set of *ApiSample files added, then you still have the old tools installed (this happened to me as I have many different Visual Studio clients on various machines).  This of course will cause problems if you try to open the new *working* samples mentioned below.  You will need to uninstall those old tools and add the new tools via the link referenced above.  This sample code is now part of the tools via "Client" classes that you can now choose to use or you can simply create your own.

    NOTE:  In some cases you may find you have some older MVC project templates, if you create a new one and switch it to use the "Organizational Accounts" for its auth, it will add a "UserProfile" action that has older ADAL code in it (this has nothing to do with the O365 tools that you have installed and is part of the ASP.NET Identity team's code).  Any time you try to load the newer samples, the ADAL package will get upgraded using NuGet and the UserProfile action will not compile.  It is best just to delete it or update your Visual Studio to have the latest templates and recreate the project.

    Samples, Samples and more Samples

    The original page for all the O365 API preview stuff has been deprecated (http://msdn.microsoft.com/en-us/library/office/discovery-service-rest-operations%28v=office.15%29.aspx) and it now lives here:

    http://msdn.microsoft.com/en-us/office/office365/howto/platform-development-overview

    You can get O365 API samples here:

    http://dev.office.com/code-samples

    And they are copied directly to GitHub here:

    https://github.com/OfficeDev

    This is in contrast to the ones you will find on MSDN that are probably not up-to-date and do not compile with the new tools (think - the old Authenticator class or broken auth flows):

     https://code.msdn.microsoft.com/windowsapps/Office-365-APIs-How-to-use-609102ea

    The core Azure AD samples (nothing to do with O365) that you should be using are here:

    https://github.com/AzureADSamples

    and a description of each is here:

    http://msdn.microsoft.com/en-us/library/azure/dn646737.aspx

    Note that the sample code on these pages use some hidden tricks for the Auth.  Notably, it is using OWIN on MVC app startup that create and initalize the cache in the AuthenticationContext class (NOTE, this code was developed by Andrew Connell and is pretty freakin awesome, be sure to thank him next time you see him as I can only imagine the time he put into this).  This context is then used to request an access token for you using the refresh token from the first "hidden" OWIN request.   If you are creating an application from scratch and not using these samples, you will not have this OWIN code and therefore are missing the first leg of the auth.  Even though the samples compile and Azure AD gives you back a token, you will not be able to use that token!  You must have a user context in order to be able to make calls to the O365 API endpoints. Simply sending the clientId and clientSecret will not establish a user context (although the platform will give you a useless/stupid access token). This is because Azure AD is used for access control with external custom applications (by extending the consent framework) that have nothing to do with O365 and may not even need such an advanced user context created and thusly, it is simply used for OAuth (reference the Azure ToDoService example).

    Compiling samples (hints and tricks):

    The samples utilize several different packages.  These include the ones on this page (http://msdn.microsoft.com/en-us/office/office365/howto/adding-service-to-your-Visual-Studio-project#O365NuGets), and a couple of extras:

    • Azure Active Directory Auth Library (ADAL) - note current stable is 2.12, with 3.x in pre-release.  Some of the samples you may come across are using code in previous and later releases.  I have found it best to just update all the way, then figure out how to get the older code to work (which in some cases will take a really long time).  As an example, you may see that the Sync and Async methods for getting an access token may or may not exist and the various overrides for them may not be present.  It is very painful trying to figure out what changes were made from v1->v2->v3 as the code has changed so much.  This has nothing to do with the O365 API/SDK aspect (they have to deal with it just like we do), and more on the Azure tools team's side.

    You should be aware that if you try to load a sample and it has any reference to the "Authenticator" class, that sample is now out of date and has a net worth of just about zero.  

    Using the discovery service -

    • When asking for permission for the discovery service, be sure to use "https://api.office.com/discovery/" and not "https://api.office.com/discovery" - note the extra slash at the end
    • You should also ensure that your API calls go to "https://api.office.com/discovery/v1.0/me" and not "https://api.office.com/discovery/me" - note the version in the URL - some of the O365 API page examples have not been updated to show this
    • You should definitely use the discovery service now to get your service endpoints.  The reason to do this is you may not know the O365 endpoint for a user's SharePoint ahead of time and the now defunc resource string "Microsoft.SharePoint" does not work anymore.  You must specify the authority/resource such as https://domain.sharepoint.com or https://domain-my.sharepoint.com, otherwise your request will fail (but will still work with the old preview APIs).

    Note that all APIs are now returning ODATA v4.0 responses for JSON (no more result.d.results, it is result.value):

    http://www.odata.org/documentation/odata-version-4-0/

    Various things:

    • You should also note that your "Accept" HTTP header should be set to "application/json" and not "application/json; odata=verbose" or you will get an error. 
    • The structure of the JSON posts have changed.  You will notice the addition of the "EmailAddress" parent for email addresses now
    • Mail endpoint changed from "/Messages/('id')" to "/Messages/{MessageId}"
    • For new events, you cannot pass the "Status" the way you did before, it has changed its schema as well
    • JSON Error messages are now results.error.message rather than results.error.innermessage.message
    • Other than the endpoint for the O365 APIs, nothing really changed much in the "Contacts" api, your code should still work after making the endpoint change
    • Files API now has the "me" endpoint!  This was one of the big asks that I had when I first looked at the O356 APIs in respect to the OneDrive for Consumer API offering (ref this blog post).  The consumer team has moved their API to the OneDrive for business and it is just plan AWESOME!
    • Files API no longer requires SharePoint like RequestDigests in the headers!
    • Uploading a file is done via a PUT, not a POST (you still have to put the binaryStringRequestBody header in the request
    • The older way of telling the API that you want to overwrite a file has changed to have the parameter "nameConflict=overwrite"
    • .JSON files are blocked by SharePoint, so don't try with the API or you get a 404 error
    • When deleting a file, you must provide the "if-match" header with "*" or a matching tag, or the call will fail (an empty header will fail)
    • I'd guess that the "/me/drive" endpoint will go away in V2 as we will have unlimited storage soon

    Mobile and Cordova

    • Samples on the O365 Dev site are out of date with the new tools (https://github.com/OfficeDev/TrainingContent/tree/master/O3654-2%20Deep%20dive%20into%20Mobile%20Development%20with%20Office%20365%20and%20Cordova)
    • As of 11/2014, the latest tool version is 0.3.  It can be downloaded here link
    • The location of the service scripts files has changed to be /services/office365/scripts
    • The settings.js does not have the references to all needed files and it has been moved to another file called "o365loader.js".  You should add a reference to this on your html pages.
    • You will need internet access to compile your first project (npm downloads and such)
    • The Exchange namespace is gone, it is now Microsoft.OutlookServices
    • If you get an error in your Ripple Emulator, I found that if you had a previous version, it doesn't work with 0.3 - ref this post.
      • Try running "npm install -g ripple-emulator" to get the latest
    • It is also possible you will get a "windows.open" error like "gap:["App","show","App590841629"]".  This simply means you have a loading error in one of you JS files, fix it and the window.open event will be handled properly
    • The Ripple Emulator is set to use a dynamic port when your application starts.  This means the default port of 4400 that the VS code is expecting will not work.  You will need to change the Settings.js file to have the proper port and then update your Azure AD to have the matching port in the redirectUri
    • In the Ripple Emulater, be sure to change the cross domain from "Local" to "Remote" or you will get errors when making O365 API calls
    • There are some other issues with the current build (notably many related to Windows Phone development) - ref this post
    • If you get an error around the inappbrowser plugin, you have to stop debugging and then try try again...eventually it should come around (you may find you have to do this in several occasions as it seems there may be some race conditions occurring somewhere)
    • The official Android samples from the O365 team are here. They use Eclipse and are much easier to get up and running with as they have setup instructions.
    • MS Open Tech Group Android samples have been updated to the new V1 API and are now using Android Studio rather than Eclipse, but you are on your own to get them up and running.
    Now, once your environment is up and running, you may run into some interesting challenges. 

    The First is with the consent framework.  If you ever give your application the "Have full access to users' mailbox", your mail token will be worthless with "Access Denied".  Simply remove that from your app permission set and viola, your requests will work again.  This seems to be a bug in V1.0

    Secondly is that you cannot simply call the code on this page without the first leg of the auth (getting an access code first):

    http://msdn.microsoft.com/en-us/office/office365/howto/common-file-tasks-client-library

    Third, you cannot use a service token generated from the "common" authority.  It must be from "your" tenant authority...ie...

    https://login.windows.net/Common vs https://login.windows.net/tenantID

    If you do this, the request will fail.  NOTE:  Andrew C. mentioned that this should work, but I think their are some outlier cases that this does not work (such as what I am seeing in some of my course labs).

    Fourth, a token is only good for the resource that you requested. It cannot be used for any other resources and there is no way (unfortunately), to put in more than one resource (would be nice to do "https://graph.windows.net;https://acs579.sharepoint.com" with the scopes union-ed). This directly leads to the fifth point...

    Fifth, Azure AD cannot handle double hops very well.  Consider the following situation (User->Client->WebAPI->O365) described as:

    • Create a WebAPI project with a web app on the Azure side (it is created with custom permissions and given O365 SharePoint permissions).
    • Add the Azure auth code into the OWIN part to validate a bearer token from client apps
    • Add some method calls to make a call to O365 apis
    • Create a windows 8 client app with a native client app on the Azure side (give it the custom permissions)
    • Run the windows 8 app, login as a user to that app (code flow is initiated with resource target)
    • Code flow is initiated, tokens generated (access and bearer) - notice how only the scope of the target resource is sent back
    • Send the access token in the authentication header, add the refresh token to the basic headers
    • Analyze the token claims looking for the custom permission, continue on to access O365 SharePoint if present
    • Attempt to use the webapi client id and secret with the refresh token to get a new access token for the "https://domain.sharepoint.com" resource
    • Attempt to use the token...get slapped in the face with a "client_secret is invalid message", but I know 100% it is valid...*in all likeliness this is a bug in the current Azure AD version*

    I have yet found a way to support this type of user flow with Azure AD (User->Client->WebAPI->O365).  Obviously the user will never be able to respond to any prompts from the webapi as it is headless and hidden away on some network far far away.  It would be great if I could pass the first access token in an auth flow to Azure with valid clientid and secret to simply generate a new access token for a second resource.  I have no idea why I have to keep passing a refresh token around (one that doesn't even seem to work when used with a client id that it was not generated with in the first place) in all my apps just to get a new token.  IMHO, It's incredibly wasteful and not very well designed.

    So there you go, just a few helpful hints for your O365 API journey if you came from preview days.  I'll keep updating the post as I go...

    Chris

     

  • All SharePoint, Office 365 and Azure MVPs Twitter scripts

    Updated for our new MVP brothers and sisters added in the past few months. You can run this powershell script to follow all SharePoint, Office 365 and Azure MVPs...script download is at the bottom...

    Microsoft SharePoint:

    Name Blog Twitter
    Michael Greth Blog mysharepoint
    Daniel Wessels Blog mosslive
    Robert L. Bogue Blog
    Spencer J Harbar Blog harbars
    Ted Pattison Blog
    Loke Kit Kai Blog
    Andrew Connell Blog andrewconnell
    Sahil Malik Blog
    Shane Young Blog
    Eli Z. Robillard Blog
    Dave McMahon Blog
    Steve Smith Blog
    Pierre Vivier-Merle Blog
    Todd S Baginski Blog toddbaginski
    Wouter van Vugt Blog
    Fabian Moritz Blog FabianMoritz
    Matthew McDermott Blog MatthewMcD
    Saifullah Shafiq Ahmed Blog walisystems
    Liam Cleary Blog helloitsliam
    Steve Sofian Blog ssofian
    Penelope Coventry Blog pjcov
    Ishai Sagi Blog ishaisagi
    Rob Foster Blog
    Ben Robb Blog benrobb
    Andrew Woodward Blog
    Reza Alirezaei Blog
    Asif Rehmani Blog asifrehmani
    David Mann Blog
    Gaetan Bouveret Blog gbouveret
    Gary Lapointe Blog glapointe
    Igor Macori Blog imacori
    Joy Rathnayake Blog
    Ed Musters Blog
    Mohammed A. Saleh Blog mohkanaan
    Stéphane Eyskens Blog stephaneeyskens
    Agnes Molnar Blog
    Gustavo Adolfo Velez Duque Blog
    Juan Andrés Valenzuela Blog jandresval
    Chris O'Brien Blog ChrisO_Brien
    Paul Papanek Stork Blog pstork
    Muhammad Imran Khawar Blog
    Alex Pearce Blog
    Debbie Ireland Blog debbieireland
    Serge Tremblay Blog Sergepoint
    Waldek Mastykarz Blog waldekm
    Wes Preston Blog idubbs
    Riwut Libinuko Blog cakriwut
    Randy Drisgill Blog
    Carsten Keutmann Blog
    Alain Lord Blog djlordee
    Valy Greavu Blog valygreavu
    James Milne Blog JamesMilne
    Sean Wallbridge Blog itgroove
    John D. Ross Blog johnrossjr
    Steve Curran Blog spsteve
    Becky Bertram Blog beckybertram
    Kanwal Khipple Blog kkhipple
    Rouslan Grabar Blog
    Nicolas Georgeault Blog ngeorgeault
    Mirjam van Olst Blog mirjamvanolst
    John Timney Blog
    Mike Oryszak Blog
    Wictor Wilen Blog
    Todd Klindt Blog
    Rob Windsor Blog robwindsor
    Adams Chao Blog
    Ai Yamasaki Blog ai_yamasaki
    Jimy Cao Blog
    Joris Poelmans Blog
    Scot Hillier Blog
    Hilton Giesenow Blog themossshow
    Kamil Jurik Blog KamilJurik
    Amanda Perran Blog
    Julien Chable Blog
    Eric Shupps Blog eshupps
    Tobias Zimmergren Blog zimmergren
    Natalya Voskresenskaya Blog
    Wei Du Blog
    Ricardo Jose Munoz Blog rmunozcr
    Claudio Brotto Blog
    Fabian Imaz Blog FabianImaz
    Yaroslav Pentsarskyy Blog
    basquang Nguyen Blog
    Martin Harwar Blog point8020
    Serge Luca Blog
    Andre Lage Blog aaclage
    Michael Noel Blog
    Mike Smith Blog TechTrainNotes
    Marianne van Wanrooij Blog mariannerd
    Yasir Attiq Blog
    Shuguang Tu Blog
    Christian Glessner Blog
    Nick Kellett Blog
    Giuseppe Marchi Blog PeppeDotNet
    Ivan Sanders Blog iasanders
    Elaine van Bergen Blog laneyvb
    Sangha Baek Blog SanghaBaek
    Patrick Guimonet Blog patricg
    David Martos Blog
    Cornelius J. van Dyk Blog
    Kris Wagner Blog SharePointKris
    Stephen Cawood Blog
    Toni Frankola Blog tonifrankola
    Destin N Joy Blog
    Dux Raymond Sy Blog meetdux
    Marc D Anderson Blog
    Ruven Gotz Blog
    Susitha Prabath Fonseka Blog
    Xavier Vanneste Blog
    Alberto Diaz Martin Blog adiazcan
    Veronique Palmer Blog veroniquepalmer
    Christian Stahl Blog CStahl
    Dave Coleman Blog davecoleman146
    Francesco Sodano Blog aresmarte1
    Alexey Sadomov Blog sadomovalex
    Rodrigo Pinto Blog ScoutmanPt
    Michal Pisarek Blog
    Shai Petel Blog shaibs
    Peter Carson Blog carsonpeter
    Samuel Zuercher Blog sharepointszu
    Thorsten Hans Blog ThorstenHans
    Alan Richards Blog arichards_Saruk
    Ashutosh Singh Blog ashutosh80
    Darko Milevski Blog
    Geoff Evelyn Blog
    Mark Rhodes Blog
    Thuan Nguyen Blog nnthuan
    Noorez Khamis Blog nkhamis
    Peter Holpar Blog
    Pratik Ramesh Vyas Blog PratikVyas1982
    Radi Atanassov Blog
    Salvatore Di Fazio Blog Salvodif
    Doug Ware Blog
    Juan Pablo Pussacq Laborde Blog jpussacq
    Scott Jamison Blog
    Stanislav Vyschepan Blog gandjustas
    Adis Jugo Blog adisjugo
    Andrey Markeev Blog amarkeev
    Christian Buckley Blog buckleyplanet
    Lionel Limozin Blog limozinlionel
    Antonio Maio Blog
    Cathy Dew Blog catpaint1
    Gavin Barron Blog gavinbarron
    Paul Olenick Blog
    Seung-Jin Kim Blog jincrom
    Sezai Komur Blog sezai
    Andres Felipe Rojas Parra Blog arojaspa
    Jean Paul Blog jeanpaulmvp
    Nabil Babaci Blog nabilbabaci
    Trevor Seward Blog NaupliusTrevor
    Symon Garfield Blog symon_garfield
    Chris Givens Blog givenscj
    Amardeep Singh Blog aulakhamardeep
    Brandon Atkinson Blog
    Chris McNulty Blog cmcnulty2000
    Christopher Clement Blog ClemChristopher
    Chun Yi Pai Blog
    Colin Phillips Blog itgroove_colin
    Corey Roth Blog coreyroth
    David Sánchez Aguilar Blog davidsancheza
    Dmitri Plotnikov Blog dmiplo
    Edin Kapic Blog ekapic
    Fabio Franzini Blog franzinifabio
    Gokan Ozcifci Blog GokanOzcifci
    Guillaume Meyer Blog guillaumemeyer
    Jamie McAllister Blog
    Jason Warren Blog jaspnwarren
    Keith Tuomi Blog
    Liang Han Blog
    Margriet Bruggeman Blog margrietvuur
    Marius Constantinescu Blog c_marius
    Masaki Nishioka Blog
    Nicki Borell Blog NickiBorell
    Robert Voncina Blog R0b3r70SP
    Thomas Vochten Blog ThomasVochten
    Vijai Anand Ramalingam Blog
    Vlad Catrinescu Blog
    Alistair Pugin (Alistair Pugin) Blog alistairpugin
    Anders Dissing Blog andersdissing
    Adrián Diaz Cervera Blog AdrianDiaz81
    Atsuo Yamasaki (?? ??) Blog
    Augusto Simoes (Augusto Simoes) Blog augustosimoes
    Benjamin Niaulin Blog bniaulin
    Benoît Jester Blog SPAsipe
    Carlos Citrangulo Blog carlocitrangulo
    Cheng Cheng (??) Blog
    Chuantao Duan Blog
    Dan Usher Blog
    Elczar Peralta Adame (Elczar Adame) Blog
    Eric Riz Blog rizinsights
    Fabian G Williams Blog fabianwilliams
    Fabrice Romelard (Fabrice Romelard) Blog fromelard
    Fumio Mizobata (?? ???) Blog
    Gustavo Adolfo Velez Duque (Gustavo Velez) Blog
    Haaron Gonzalez (Haaron Gonzalez) Blog haarongonzalez
    Hans Brender (Hans Brender) Blog HansBrender
    Heber Lopes Blog heberolopes
    Hemendra Agrawal (Hemendra Agrawal) Blog
    Hiroaki Oikawa (?? ??) Blog HiroakiOikawa
    Hirofumi Ota Blog hrfmjp
    Ivan Padabed (???? ???????) Blog sharepointby
    Jake Dan Attis (J. Dan Attis) Blog jdattis
    Jasper Oosterveld (Jasper Oosterveld) Blog SharePTJasper
    Jennifer Ann Mason Blog jennifermason
    JeongWoo Choi Blog
    John Liu (John Liu) Blog johnnliu
    Joseph Tu (???) Blog
    Jovi Ku Blog
    Juan Carlos Gonzalez Martin (Juan Carlos González) Blog jcgm1978
    Kevin Trelohan (Kevin TRELOHAN) Blog ktrelohan
    Laura Derbes Rogers (Laura Rogers) Blog wonderlaura
    Mahmoud CHALLOUF Blog
    Marat Bakirov (????? ???????) Blog
    Mark Stokes Blog MarkStokes
    Matthias Einig Blog mattein
    Melick Rajee Baranasooriya Blog MelickRajee
    Miguel Tabera (Miguel Tabera) Blog migueltabera
    Mikael Svenson (Mikael Svenson) Blog
    Patrick Lamber Blog patricklamber
    Roger Haueter Blog techtask
    Romeo Donca (Romeo Donca) Blog romeodonca
    Sonja Madsen Blog
    Todd C Bleeker (Todd C Bleeker) Blog toddbleeker
    Tom Resing Blog resing
    Usama Wahab Khan (Usama Wahab Khan) Blog usamawahabkhan
    Vielka Rojas Blog vkrojas
    Vincent Biret Blog baywet
    Wesley Hackett Blog weshackett
    Yoshiaki Nishita (?? ??) Blog
    Patrick Yong Blog
    Jason Himmelstein Blog sharepointlhorn
    John P White (John P White) Blog diverdown1964
    Jussi Mori Blog JussiMori
    Oksana Prostakova (?????? ??????????) Blog prostakova
    Pierre Erol GIRAUDY (Erol GIRAUDY) Blog EROL_MVP
    Juan Manuel (Manolo) Herrera (Juan Manuel Herrera Ocheita) Blog
    Bjoern H Rapp (Bjoern H Rapp) Blog bjoern_rapp
    Daniel McPherson (Daniel McPherson) Blog danmc
    Devendra Velegandla Blog
    Jamil Haddadin (Jamil Haddadin) Blog jamilhaddadin
    Noorez Khamis (Rez) Blog nkhamis
    Justin Liu (???) Blog FoxdaveJustin
    Gavin Barron (Gavin Barron) Blog gavinbarron
    Jason Kaczor (Jason Kaczor) Blog jjkaczor
    Antonio Maio (Antonio Maio) Blog
    Guillaume Meyer (Guillaume Meyer) Blog guillaumemeyer
    Jianyu Yang (???) Blog
    Nguyen Hoang Nhut (Nguyen Hoang Nhut) Blog nhutcmos
    Alan Marshall Blog
    Albert-Jan Schot (Albert-Jan Schot) Blog
    Amit Vasu Blog
    Dinusha Kumarasiri Blog
    Doug Hemminger (Doug Hemminger) Blog
    Eric Alan Shupps (Eric Shupps) Blog eshupps
    Inderjeet Singh Jaggi Blog
    Isha Kapoor Blog
    Jan Vanek Blog
    Jussi Roine Blog jussiroine
    Marco Rizzi Blog marcorizzi
    Rodrigo Romano (Rodrigo Romano) Blog
    Zhonglei Hou (???) Blog
    Shereen Qumsieh Blog
    Wonbae Kim Blog
    Wouter van Vugt (Wouter van Vugt) Blog mobile.twitter.comwoutervugt

     Microsoft Azure:

    NameBlogTwitter
    Alan SmithBlog
    Alexander FeschenkoBlog
    Alexandre BriseboisBlogBrisebois
    Andri YadiBlogandri_yadi
    Andy CrossBlog
    Anton StaykovBlogastaykov
    Anton VidishchevBlog
    Atsushi FukuiBlog
    Aymeric WeinbachBlogzecloud
    Benjamin SoulierBlogbsoulier
    Bill WilderBlogcodingoutloud
    Bruno Kovacic (Bruno Kovacic)Blog
    Chris J.T. AuldBlog
    Christian TerbovenBlog
    Ciprian JichiciBlog
    Daichi IsamiBlog
    Daron YondemBlogdaronyondem
    David BurelaBlog
    David PallmannBlog
    David RendónBlog
    David RodriguezBlogdavidjrh
    Demetrio U. Tabadero, Jr (June Tabadero)Blogjtabadero
    Dennis Burton (Dennis Burton)Blogdburton
    Edison Go TanBlog
    Edward BakkerBlog
    Eric D BoydBlog
    Fernando de Alcântara CorreiaBlog
    Florent SantinBlog
    Gaurav MantriBlog
    Georgiy MogelashviliBlogglamcoder
    Guillaume BelmasBlog
    Guy Barrette (Guy Barrette)Blog
    Herve RoggeroBlog
    Ho Kwang Kim (???)Blog
    Honggen LiBlog
    Hongju JungBlog
    Ibon LandaBlog
    Jan HentschelBlogHorizon_Net
    Jason MilgramBlogjmilgram
    Jean-Luc BouchoBlogJeanLucBoucho
    Jeong Hyun NamBlog
    John AzariahBlogjohnazariah
    Junao Xue (???)Blog
    Kamaludeen Mohamed FaizalBlog
    Kazumi Hirose (?? ??)Blogkazumihirose
    Keiji KAMEBUCHIBlogkosmosebi
    Konstantinos PantosBlogkpantos
    Kuniteru AsamiBlogkunyami
    Lei ZhangBlog
    Lucas Almeida RomãoBlogazureservicesbr
    Maarten BalliauwBlogmaartenballiauw
    Magnus MartenssonBlog
    Mahesh KrishnanBlogMaheshKrishnan
    Marc van EijkBlog_marcvaneijk
    Marcondes Josino Alexandre (Marcondes Alexandre)Blog
    Mark RendleBlogmarkrendle
    Michael CorpuzBlog
    Michael Washam (Michael Washam)Blogmwashamtx
    Michael WoodBlogmikewo
    Michael S. CollierBlogmichaelcollier
    Michel HubertBlogMichelHubert
    Michele Leroux BustamanteBlogmichelebusta
    Mick BadranBlog
    Mickaël MOTTETBlogMCKLMT
    Mihai TataranBlog
    Mihail Alexandrov Mateev (?????? ??????????? ??????)Blog
    Mike MartinBlogtechmike2kx
    Ming Chung ChuBlog
    Neil MackenzieBlogmknz
    Niraj BhattBlognirajrules
    Nuno Filipe GodinhoBlogNunoGodinho
    Önder DegerBlogonderdeger
    Patriek van DorpBlogpvandorp
    Quique Martínez AlénBlogquiqu3
    Radu VunvuleaBlogRaduVunvulea
    Rainer StropekBlogrstropek
    Richard AstburyBlogrichorama
    Richard ConwayBlogukwaug?
    Rick G. GaribayBlogrickggaribay
    Rob BlackwellBlog
    Roberto BrunettiBlog
    Roberto FreatoBlog
    Robin ShahanBlog
    Rok Berme┼żBlogRok_B
    Rudy Setyo PurnomoBlogrudysetyo
    Ryan DuclosBlogrduclos
    Saori AndoBlog
    Sascha DittmannBlogSaschaDittmann
    Serena YeohBlog
    Sergejus BarinovasBlog
    Shaun Xu (???)Blog
    Simon J CoxBlog
    Sky ChangBlog
    Steve SpencerBlogsdspencer
    Sunao TomitaBlogharutama
    Takahito Yamatoya (?????)BlogAzureSQL
    Tatsuaki SakaiBlogtatsuakisakai
    Teemu TapanilaBlogTapanilaT
    Tiberiu CovaciBlogtibor19
    Tyler DoerksenBlogtyler_gd
    Virgilio EstevesBlogtwitter.vraposo.me
    Vishal Narayan SaxenaBlog
    Wade WegnerBlog
    Wilfried WoivréBlogwilfriedwoivre
    Yaniv Rodenski (Yaniv Rodenski)Blog
    Youngjae KimBlog
    Yukinori Kuroda (?? ??)BlogFANKSHPC
    Yves Goeleven (Yves Goeleven)Blog
    Zia KhanBlog
    Zoiner TejadaBlog
    Vishwas LeleBlog
    Anton BoykoBlog
    Atsushi Fukui (???)Blogafukui
    Brent Samodien (Brent Samodien)Blog
    Dino Wang (???)Blog
    Erick KurniawanBlog
    Julien StrohekerBlogJu_Stroh
    Lukasz KaluznyBlogkaluzaaa
    Masaki Yamamoto (?? ??)Blog
    Ming Chung Chu (??)Blog
    Rik HepworthBlogrikhepworth
    Roland KrummenacherBlog
    Sebastiano GalazzoBlog
    Shiju VargheseBlogshijucv
    Tingli Lv (???)Blog

    Office 365

    NameBlogTwitter
    Alberto Pascual (Alberto Pascual)Blogguruxp
    Alexandru DionisieBlogAlexDionisie
    Alvaro dos Santos RezendeBlog
    Amin TavakoliBlogamintvk
    Arnaud Blogalcabeza
    Ayman Mohammed El-HattabBlogaymanelhattab
    Ben CurryBlog
    Benoit HAMETBlogbenoit_hamet
    Brendon FordBlogstewartisland
    Brett HillBlogbretthill
    Brian NøhrBlogBsnohr
    Dan HolmeBlogdanholme
    Danny BurlageBlog
    Darrell C Webster (Darrell Webster)Blog
    Diogo Dias HeringerBlog
    Dragan PanjkovBlogpanjkov
    Eunjoo Lee (Eunjoo Lee)Blog
    Fernando AndreaziBlogfandreazi
    Genki WatanabeBlog
    Gilles PommierBlog
    Goran HusmanBlog
    HeeJin Lee (Hee Jin Lee)Blog
    Igor PavlekovicBlogigorpnet
    Jeremy DahlBlog
    Jesper StåhleBlogJesperStahle
    Jethro SeghersBlogjseghers
    JinHwan WooBlog
    Jorge Castañeda CanoBlogxorxe
    Kazuhiko Nakamura (?? ??)Blog
    Kelsey EppsBlogkelseyepps
    Kerstin RachfahlBloghimmlischeit
    Laurent Miltgen-DelinchampBlog
    Loryan StrantBlogthecloudmouth
    Malin DandenellBlog
    Mario Cortes FloresBlog
    Markus WidlBlogmarkuswidl
    Martina GromBlogmagrom
    Masayuki Mokudai (????)BlogOffice365Room
    Mauricio CassemiroBlog
    Michael Kirst-NeshvaBlogankbs
    Myles JefferyBlog
    Naoki OsadaBlog
    Nitin Sadashiv ParanjapeBlog
    Nuno Árias Silva (Nuno Árias Silva)BlogNunoAriasSilva
    Paul WoodsBlogpaulwoods
    Poo Ching LoongBlog
    Raphael KöllnerBlogra_koellner
    Rene Dominik ModeryBlogmodery
    Robert D. CraneBlog
    Sara BarbosaBlogSarabarbosa
    Sean McNeillBlogs_mcneill
    Seiji Noro (?? ??)Blog
    Steve NoelBlogCloudItca
    Tomislav Bronzin (Tomislav Bronzin)Blogtbronzin
    Vincent ChoyBlog
    Yoni KirshBlog
    Yoshihide SakamotoBlog
    Zeljka KnezovicBlogzeljkak
    Zoltan Zombory (Zombory Zoltán)Blogzomby_z
    Peter van HeesBlogmrpetrovic
    Alex PearceBlog
    Chris GoosenBlog
    Christian BuckleyBlogbuckleyplanet
    David PetreeBlogdmixx
    Jasper Oosterveld (Jasper Oosterveld)BlogSharePTJasper
    Jian Chen (??)Blogloveunicom
    Liang Tang (??)Blog
    Naohiko Maeda (?? ??)Blognaohikomaeda
    Naomi MoneypennyBlognmoneypenny
    Rie Okuda (?? ??)Blog
    Robert *** (Robert ***)Blog
    Sébastien LevertBlogsebastienlevert
    WenXing LiaoBlog
    Yoan TopenotBlogYoanTopenot
  • Developing for Office 365

    Here is the outline of the latest ACS Course.  If you are a consulting company and want to get your team up to speed, let me know and we can setup a remote training engagement!

    • Introduction to Office 365
      • Sign up for Office 365 Developer
      • Explore Office 365 Admin Center
      • Explore Office 365 Services (Outlook, Calendar, People, Newsfeed, OneDrive, Sites)
      • Provision an O365 Developer Site
      • Install Office Dev Tools
      • Install the NAPA App
      • Install O365 API Tools
      • Configure Visual Studio for Office 365 Development
      • Exploring Azure AD PowerShell Cmdlets
      • Exploring SharePoint Online PowerShell Cmdlets
      • Exploring Exchange Online PowerShell Cmdlets
      • Exploring Lync Online PowerShell Cmdlets
    • Authentication
      • Generating FedAuth Cookies (Windows App)
      • Generating FedAuth Cookies (Windows PowerShell)
      • Generating Bearer Tokens (Provider Hosted Apps)
      • Registering SharePoint Apps Manually
      • Requesting On-The-Fly Permissions
      • Using Basic Auth against O365 APIs
      • Setup Azure Active Directory
      • Configure Azure Active Directory
      • Synchronize local AD with Azure AD
      • Configure Single Sign-On
      • Using the Microsoft Remote Connectivity Analyzer
      • Registering Azure AD Applications
      • Manual Authentication to Azure AD
      • Using the Azure Active Directory SDK
      • Authorization using Consent Framework
      • Registering Applications with Azure AD
      • Building Apps that utilize Consent Framework
      • Managing Tokens
      • Extending the Azure Consent Framework
      • Implementing On Behalf API
      • End User Telemetry (MyApps)
      • Tenant Admin Telemetry (Cloud App Discovery)
    • Working with REST and CSOM
      • Using the Discovery Service
      • Working with Mail REST APIs
      • Working with Calendar REST APIs
      • Working with Contact REST APIs
      • Working with OneDrive REST APIs
      • Explore REST Services
      • REST List Service Calls (PUT, GET, MERGE)
      • REST UserProfile Service
      • REST Social Service
      • REST Search Service
      • Explore Client Object Model
      • Utilize Client Object Model (.NET)
      • UserProfiles\Social CSOM
      • Taxonomy CSOM
      • Publishing CSOM
      • BCS CSOM
      • Explore JavaScript Object Model
      • Working with Workflows
      • Working with REST
      • Using LINQ with OData
      • Working with OData Limits
      • Working with OData Filters
      • Creating Projects
      • Creating Resources
      • Creating Tasks
      • Creating Custom Fields
      • REST Authentication (Windows, Forms, O365)
    • Programming Apps
      • Explore SharePoint Store Apps
      • Install a SharePoint Store App
      • Create a SharePoint hosted App
      • Deploy a SharePoint hosted App (App Catalog)
      • Deploy a SharePoint hosted App (Side Loading)
      • Create and deploy a Provider hosted App
      • Inviting External Users
      • Exploring App and User Permissions
      • Exploring Context Tokens
      • Exploring Access Tokens
      • Exploring Refresh Tokens
      • Download the Office AMS samples
      • Explore Office AMS
      • Using the SharePoint Web Proxy
      • Exploring Office Apps Store
      • Installing Office Store Apps
      • Browsing and Removing Installed Apps
      • Create a simple mail app with Napa Tools
      • Create a simple mail app with Visual Studio
      • Review sample O365 Mail Apps (EWS Calls, Attachments, Identity Tokens, YouTube integration)
      • Creating a Seller Dashboard account
      • Create and Publish AppStore SharePoint App
      • Use the Cloud Business App template
      • Creating Data Tables and Screens
      • Register a Yammer App
      • Create a Yammer App
      • Make Yammer API Calls
    • Workflows
      • Create basic SharePoint Workflow
      • Create workflow that calls O365 APIs
      • Deploy and configure Workflow Apps using Install Events
      • Utilize JSONP
    • Mobile Development
      • Explore O365 Mobile Features
      • Install Apache Cordova
      • Create a multi device targeted project
      • Add connected services to multi device projects
      • Run a multi-device project (Android and Ripple)
      • Install the O365 Android SDK
      • Work with Android O365 Sample Apps
      • Download required referenced SDKs (GSON, Azure AD)
      • Create an Android App that calls O365 APIs
      • Create a Windows 8.1 App that calls O365 APIs
      • Create a Windows Phone 8.1 App that calls O365 APIs
      • Create a Windows Phone 8.1 App that calls OAuth services
    • OneNote APIs
      • Registering a LiveID App
      • Download and install Live SDK
      • Retrieve LiveID Tokens
      • Retrieving Notebooks, Sections and Section Groups
      • Creating Pages
      • Creating Pages in Sections
      • Importing PDFs
      • Importing Images
      • Exploring apigee.com
    • OneDrive APIs
      • Explore OneDrive APIs
      • Downloading and uploading files
      • Getting user data
      • File and Folder properties
      • Move, copy, delete files
  • My Tribute to Joseph Thomas Alvarez and his mother Maria Helen Alvarez - True Oklahoman's

    This evening I was watching "Saving Mr Banks" and it made me think about my recently passed away friend Joe Alvarez.  Joe and I met three years ago during one of my wife's and I's trips out and about in Rancho Sante Fe (specifically a little place called Dolce).  Joe was a very friendly guy and over several months we got to know Joe really well.  He loved his red wine, and of course flirting with Lidiya (but harmless of course).  Over those few months, I found that Joe had just lost his mother Maria a few months before.  He proceeded to let me know she was co-owner in the first Television station in Tulsa, OK. In addition, she fronted a lot of the money for the Disneyland Hotel (hence why I remembered Joe tonight).  As you can read in one of the links below, Mr. Disney had leveraged all the money he could to build Disneyland, so he turned to Joe's mom and her business partner to build the hotel.  Here is a picture of Joe's mom, Maria, manning a TV camera for her TV station KOTV.  For those of you that live in Oklahoma today, you still watch KOTV:

     

    Here is a picture of her at the opening of the Disneyland Hotel:

     

    You can read more about this incredibly smart Oklahoman woman here:

    After I did all this research on Joe's mom, I brought it up about how cool his mom was one night.  He appreciated it and we talked about all his time growing up in Oklahoma.  After all, Joe had been born in Oklahoma City, Oklahoma before his mother sold the TV/Radio station and moved to San Diego.  When Joe brought up his mom, I told Joe I was born and raised in Oklahoma as well, and needless to say, there is a bond between fellow Oklahoma's similar to that of the bond people have to their country (for example, all you watching the USA in the worldcup).  After we realized we were both born and raised in Oklahoma, we became really good friends. 

    We met Joe's lovely wife and his daughter Kennedy on a few occasions, both very lovely people.  We also went to Joe's house a few times, he had this really cool and massive collection of Harry Jackson bronze sculpture cowboys.  They were everywhere, small ones, medium ones and really big ones, all of them, prominently placed in a way that just made you ache for Oklahoma. And they did, every time at his house, it brought back tons of memories for me in growing up in Oklahoma.  Joe was such a friendly guy.  He invited us on more than a few occasions to sit at his finish line table at the Del Mar Racetrack (Joe was the longest standing member of the racetrack after his mother).  It was awesome walking and hanging out with Joe as he was so nice and everyone liked him.  He invited us to his friends houses (some of them incredibly extravagant, yet, all down to earth amazing people).  One fond memory I'll never forget, is competing against Joe with his horse picking skills and challenging him to see who could lose the less or make the most money at the track.  He broke under the pressure and I won...it was quite the victory, as he could read the horse stats like no one I have ever met!

    I learned of Joe's death a couple weeks after it happened (I didn't get to go to the funeral, and I didn't get to say anything, which probably bummed me out more than anything).  Some of you may have seen the tweets.  It was one of the saddest feelings knowing that two special Oklahoman's (Joe and his mom), and one of my friends, had passed away leaving the rest of us Oklahoma's to lead the way in this world. I know those last few years of hanging out with Joe, he enjoyed us being around and coming over to our house for our parties.  Joe had a pretty amazing life himself, as you can read in this article, he hung out with some pretty amazing people and had a lot of cool stories (and yeah, he even talked about fish a couple of times):

    This blog post is to you and your mom Joe, rest in peace my friend.  I'll try to hold the fort down...

     

  • Cannot find module 'sax' - Cordova with Visual Studio

    You may run across this error when compiling your Hybrid-App / Cordova application in Visual Studio.  One of my students got it this week.  It looks something like this:

    This means that the install of the Cordova extensions did not work properly and you are missing some files.  Mainly these two:

    Simply uninstall (yeah, I know it takes a really long time to uninstall and reinstall).  And the files should show up.  If that doesn't work for you, install on another machine and copy over those directories.  Then all will be fine!

  • O365 and Non-ADFS Federation - It's not O365's fault

    I'm not a fan of ADFS.  It sits right below Azure Access Control Services (ACS).  ACS used to be my favorite identity provider aggregation platform, but how times change (ref this post).  Several new players are entering the market and all of them realize the missing gaps in ADFS and ACS.  Therefore, the drive to make a better authentication toaster is ON!

    The goal of this post is to make you realize that you are having the wool pulled over your eyes in terms of the bigger picture around Identity Management when it comes to O365.  To make this point, let's take a look at a typical on-premises solution:

    • A SharePoint customer wants to setup multiple site collections (yes, all host header site collections) to support different customers
    • Each customer has different requirements around supporting federated external customers
    • Some customers prefer Google as their auth, others Yahoo and others Facebook, etc

    On-premises

    Solving this problem with on-premises environments is a piece of cake.  You have complete control over adding trusted Identity Providers (IdP) all day long. To solve the problem above, its likely you are going to think that adding a Trusted Identity Provider for each required auth mechanism is the answer.  That would be false.  As tempted as you may be to do this, its a really bad idea to have more than one. You should ultimately have a single Identity Provider with that provider supporting multiple "Apps/Replaying Parties (in this case site collections)" that would then show different options when a user needs to auth.  This allows you the most flexibility in that you simply set the IdP once, then configure the apps in the IdP.  Totally seamless, perfect.

    Office 365 and Single Sign On (ADFS)

    If you had this requirement in O365, you are out of luck.  Do not pass GO, do not collect $200USD.  In terms of O365, you are by default forced to use this one IdP mentality.  For each verified O365 domain, you can only setup a single Federated Identity Provider.  In most cases, everyone I have seen has used ADFS to integrate their on-premises Active Directory to sync accounts and/or configure Single-Sign On to redirect to their ADFS proxy.  This unfortunately, is the Microsoft promoted way of achieving Single-Sign-On nirvana.  I'm not a baby swimming in a pool, so let's take a look at what lives outside the koolaid-y-ish sugar water.  If you do this (which unfortunately, you probably already have), you are locking yourself into the current limited features of ADFS and hoping that ADFS gets some much needed development attention in the future (such as supporting OAuth 2.0). That being true, ADFS is a Microsoft product, you'll find a lot of people that can help you (support and consultant resources) to get it setup within a few hours.  You could also do it yourself by using TechNet/MSDN et all. 

    Office 365 and Something else

    If you want to use something other than ADFS, well, you better dig in for doing a ton of research on how WS-Fed and WS-Trust works and similarly, OAuth.  If you don't have time for that, then you'll need to request the services of people that do know that space. Unfortunately, having the identity management skills matched with an understanding of the future of App Models across vendors is a rare breed of consultant.  You also have to contend with a cold hard fact:

    • Currently, Office 365 only supports users of your verified domains (such as contoso.com)

    Say what?  It means that even if you wanted to use Twitter, Facebook, whatever, the people that signed up have to have used the email address from their verified domain!  Uh...say that again?  Yeah, that means you can't login with your user@hotmail.com account using Facebook.  If you signed up with your contoso.com account on Facebook, then it will likely map your email over in the claims and let you in, but that's up to how fancy your Identity Provider is.  Azure AD is expecting a very specific format of token with specific claims.  If it doesn't get them, then your login will fail.

    So if you can't login using something other than a verified account, what's the point?  

    I feel this is a major fundamental loss of functionality between on-premises and O365.  If I want to create a site collection with a specific relaying party app to my IP (which then provides a set of auth services), I should be able to do it. It is such a common pattern in on-premises SharePoint. I don't think the band aid of "external access" fits the bill here.  Those links that are generated can be freely sent all over the web punching small barely noticeable holes in your O365 tenant. I'd like to see the governance page in O365 that shows me every link that has been generated across the entire tenant (you can see on a site by site basis using this link - https://domain.sharepoint.com/_layouts/15/start.aspx#/Access%20Requests/pendingreq.aspx).  There is not global admin UI to tell you who has been added or what has been shared - reference notes at bottom of this article. With an IdP in the picture, you simply disable their access and now they will never gain access to anything in your environment. This would require the removal of this "external sharing" feature that bypasses Azure AD in O356.  Wow, isn't that innovative?

    Can I even use something other than ADFS in O365?

    Heck yeah you can!  I recommend it!  By adopting\choosing an Identity Provider solution (whether one you install on-premises or cloud hosted) that allows for you to expand out past basic AD accounts, you will be ready for when Azure and O365 wakes up one day to realize they should have allowed it in the first place.  You can set this up by removing the ADFS federation and replacing it with new Ws-Fed endpoints of your IdP.  This is enabled using the following cmdlets (this one is using Auth0.com):

    • $cred = Get-Credential
    • Connect-MsolService –Credential $cred
    • Set-MsolDomainAuthentication -DomainName "chrisgivens.com" -FederationBrandName "chrisgivens.com" -Authentication Federated -PassiveLogOnUri "https://chrisgivens.auth0.com/wsfed/ID" -ActiveLogonUri "https://chrisgivens.auth0.com/ID/trust/usernamemixed?connection=yoyo.chrisgivens.com" -MetadataExchangeUri "https://chrisgivens.auth0.com/wsfed/ID/FederationMetadata/2007-06/FederationMetadata.xml?connection=fs.chrisgivens.com" -SigningCertificate "Cert" -IssuerUri "urn:chrisgivens" -LogOffUri "https://chrisgivens.auth0.com/logout" -PreferredAuthenticationProtocol WsFed 

    NOTE:  If you have already setup ADFS, you'll need to disconnect from that.  I have yet to test out all the paths, but the one I choose was really painful.  I used the Remove-MsolFederatedDomain cmdlet.  This forced me to remove all users (but did not require me to remove my groups).  Once I removed all users the command succeeded, but proceeded to delete the domain completely from my tenant!  I then had to re-add it, re-verify it, then fire off a DirSync.  Once that once done, I could run the above commands and it redirected properly to my IdP.

    After configuring the federation when you go to "login.microsoftonline.com" and type your verified email, it will redirect to your IdP login page.  From there, you will see all the options that you have enabled for that relaying party.  Even though you can enable all the OAuth 2.0 providers you can imagine, an attempt to login will fail miserably.  There are some current technology issues that Azure AD must resolve:

    1. Azure expects a UPN/Email that matches a user in your Azure AD (at a minimum, you would have needed to sign up for a service using that verified domain email)
    2. Azure AD is expecting an ObjectID
    3. O365 Services have to support these accounts (even if that means simply ignoring them)

    For the first issue.  Azure AD would have to allow the addition of users other than your verified domain.  Or at your IP, you map a user from external to internal.  For the second issue, again, this can resolved by either Azure, or by the Identity Provider.  IPs can choose to implement this today by integrated with Azure AD to query for the object id based on a valid UPN.

    Until this these items are resolved, you can certainly fall back to the "forced" way by Microsoft to use Active Directory users from a verified domain (and yes, you should feel angry about this) by setting up a pass through from your IP to ADFS/Active Directory.  The preferred way is to utilize a client on your Active Directory server (pretty much every IdP has this). As only a few of you know or will understand, if you use ADFS, you will currently lose Office Client features. But don't be worried, later this year, Office will release an update that will support SAML-P.  This will let you utilize many different types of auth (basically anything you can do via browser) with Office clients.  That will be awesome, even though users will never fully understand what just happened.

    Take It Up Another Level

    Home realm discovery is not extensible in Azure AD.  What is home realm discovery?  Its the login drop page that takes your context, in this case, your email domain, and then redirects you to the proper IdP.  What does it mean to not be extensible?  It means that IdP's cannot create a portal of Apps page.  What does that mean?  Think Universal Access Gateway (UAG).  Imagine UAG-like portals, only hosted by your IdP, such that an external party can login to your IdP, and are then presented with the applications (such as O365), that they have access too.  When they select it, it will immediately redirect you to your O365 site (no need to go to login.microsoftonline.com).  As it stands right now, O365 does not support external home realm discovery pages.  This is also a serious limitation that needs to be added to the road map.

    Summary

    If enough people push the O365 and the Azure teams to fill the gap of this major difference between the products, I feel it would fulfill many of the requirements we have with customers today and make O365 an even more popular platform!  Here is your call to action:

    • Quit using ADFS, find an IdP with an eye towards the future
    • Highly "Suggest" to Azure and O365 that they support external identities (Vote for it here on UserVoice)
    • "Suggest" to Azure that they allow tenants to have a custom home realm discovery page

    Stay classy internet,
    CJG

     

     

  • Errors when Installing DirSync.exe

    I ran across two different errors with DirSync today.  The first had to do with the fact that I had DirSync on a computer previously and then re-installed it.  Because of this, I received this error:

    System.Management.Automation.CmdletInvocationException: Access denied  ---> System.Management.ManagementException: Access denied
       at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
       at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
       at Microsoft.Online.DirSync.Common.MiisAction.GetTargetMA()
       at Microsoft.Online.DirSync.Common.PrerequisiteChecks.ThrowIfSyncInProgress()
       at Microsoft.Online.Coexistence.PS.Config.SetCoexistenceConfiguration.VerifyMachinePreRequisites()
       at Microsoft.Online.Coexistence.PS.Config.SetCoexistenceConfiguration.BeginProcessing()
       at System.Management.Automation.Cmdlet.DoBeginProcessing()
       at System.Management.Automation.CommandProcessorBase.DoBegin()
       --- End of inner exception stack trace ---
       at System.Management.Automation.Runspaces.PipelineBase.Invoke(IEnumerable input)
       at Microsoft.Online.DirSync.PowerShellAdapter.PowerShellCommand.ExecuteCommand(Command command, Boolean refreshPath)

    Looking a little deeper, it turns out that DirSync install will create a user account and then add it to other created local groups.  This is all very similar to how SharePoint installs because both DirSync and SharePoint use MIIS. Because I had already installed DirSync at some point in the past, the account existed, but I'm guessing the password was out of whack.  Since I wasn't sure how to reset the password (and didn't want to spend the time to figure it out), I defaulted to uninstalling everything, deleting that user, rebooting and re-installing. Done.

    But it didn't end there.  I was attempting to install a secondary DirSync machine as a cold standby, but was getting an error when attempting to configure it:

    System.Management.ManagementException: Generic failure
       at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
       at System.Management.ManagementObjectCollection.ManagementObjectEnumerator.MoveNext()
       at Microsoft.Online.DirSync.Common.MiisAction.GetTargetMA()
       at Microsoft.Online.DirSync.Common.MiisAction.IsSyncInProgress()
       at Microsoft.Online.DirSync.Common.PrerequisiteChecks.ThrowIfSyncInProgress()
       at Microsoft.Online.DirSync.UI.IntroductionWizardPage.PrerequisiteValidation()
       at Microsoft.Online.DirSync.UI.IntroductionWizardPage.OnLoad(EventArgs e)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl(Boolean fIgnoreVisible)
       at System.Windows.Forms.Control.CreateControl()
       at System.Windows.Forms.Control.WmShowWindow(Message& m)
       at System.Windows.Forms.Control.WndProc(Message& m)
       at System.Windows.Forms.Control.ControlNativeWindow.WndProc(Message& m)
       at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)

    This means that the DirSync tool was not smart enough to tell you that you were installing it on a SharePoint server (which I didn't realize I was doing) with the ForeFront services already installed.  When you attempt to do this, you will overwrite your SharePoint ForeFront settings with the account mentioned above and then the two will fight over the service.  Obviously, this is bad.  I hadn't really done much research on some of the best practices around DirSync so its a bit of shame on me, but I also didn't find answers to these errors on the web when I google/binged them, so I'm making a mental blog note for others.

  • Eliminate App Web Part IFRAME issues - Use App Installing

    I have had a few different conversations with people about the whole App Web Part IFRAME problem lately.  Basically this problem means that you can't make calls outside the IFRAME using your code (it is a security feature of browsers).  This leads to the whole, "how limiting it is blah blah" conversation.  I simply say to them...why are you doing it like that? 

    Most people think that using the App Model means that you are constrained to the boundaries that the App Model enforces.  The truth is, you are not.  If you are building useful "longtail" apps for companies, you should realize, the App Model doesn't need to be used as it was originally intended. You can utilize its deployment mechanisms to get your files to the host web.  This pattern is a part of one of the labs in the O365 Dev course.  For example, if you have a workflow that needs a well defined url for external communication (ie the random app web url won't work [think redirect urls]), you can deploy all of the content of the workflow to the host web and then run it from there (no app web needed at all, as a matter of fact, you could delete it completely after deploy).

    How do you do this?  Use the App installing event handler.  As part of the App Model and the Visual Studio project, you can create an App installing event handling web which will get called and pass an access token to make calls back to the app and host webs.  Once you have that, the sky is the limit.  You don't have to deploy your code to the app web, but simply copy it from your web server to the host web.  In this essence, you are simply using the App Model as a "means to an end".  This will eliminate all your app web part IFRAME woes.

  • O365 is not secure

    I used to think it was.  After all the amazing things you read on the O365 Trust Center, you all but think it is Fort Knox (well, at least one part of it is right Bill Baer?) 

    Let me go back to that title. "O365 is not secure...once you start adding users".  Last week I blogged about a security oversight in O365's partner sharing feature.  Basically what this means is that once you accept an invitation from a partner (aka a "user"), you become just another customer in their "customer management" portal. You can read more about this feature here:

    http://blogs.office.com/2014/01/28/introducing-the-new-office-365-partner-admin-center/

    Do you know who else they have as customers and who is accessing your data and when?  No. They don't really have any logs to tell you when a partner is accessing your portal for accountability.  Nor do you know who on the backend is working on your O365 deployment project.  Just too many unknowns to say it is secure.

    O365/Azure Apps

    But that's not the focus of this post.  A few weeks ago, O365 released the O365 APIs for Exchange (Mail, Contacts, Events and Files).  All of this piggybacks on Azure Active Directory for authorization utilizing the Consent Framework.  The Azure AD platform allows you to build an application that can make calls to Azure Active Directory or your O365 data. The permissions of the consent framework can allow an application to read the current mail item, all your mails items, your contacts, your calendar...your files. 

    As a simple example, one of the more impressive abilities is to create a Mail App.  You can do this using Visual Studio 2013 and creating an App for Office project.  This isn't going to be a developer post so I'm not going to show you any code, but simply talk about the importance of "Mail Apps" and your users.

    Once you have a Mail app created, you can deploy it to your O365 instance, or even post it in the Office store.   You can find a small set of mail apps in the following link (these have been publicly deployed to the office store, but you can have rogue apps that simply are registered somewhere in Azure AD and users give them ad hoc permissions):

    http://office.microsoft.com/en-us/store/apps-for-outlook-FX102804983.aspx?app=outlook.exe

    Many of these are poorly designed (for example, the LinkedIn app is a total disaster, the cert is locally generated and not even a public CA).  In some cases, you may find the deployment endpoint isn't even available so the app install fails.  If you were to install one of these apps, you will find that they simply request access to the "current" mail item.  This is the preferred scenario if you were to use these apps.  In some cases however, you may find that the app is given "carte blanche" to your entire mail inbox.

    So back to users and mail apps.  When you are in your Outlook, your users will ultimately find the settings icon and this nice menu item called "Manage Apps":

     

    Clicking on this, they will be taken to the "Exchange" app center.  This is where you see administrator installed apps and user installed apps:

     

    This is JUST for Exchange.  This has nothing to do with the bigger picture of Azure AD Apps and the consent framework.  There are some governance controls implemented in the Exchange app architecture, however, when it comes to Azure AD and your tenant, the story hasn't been written yet. This goes back to the premise of this blog post.  All it takes to make your highly secure O365 environment to be unsecure is:

    • A user
    • An App
    • A click 

    The permissions given to that app can now comprise the integrity of your entire system.  When on-premise, you at least had the ability to prevent incoming requests using your router and DMZ.  In this instance, O365 doesn't have any of that, so once permissions have been given, that's all folks.  So what hacking scenario might come up?

    • Hacker builds an Azure app, puts your company name and logo on it
    • Hacker does some social engineering to find out your name, title, work phone number and other information
    • Hacker asks you to install the app and because it has your logo and company info, your user thinks nothing of it and clicks "trust"
    • Hacker can now gain access to an access token that can be used to download all your email and your my site files

    If you are in defense or government, you know hacking enemy number one is China.  For those of you that think that insensitive to say, you haven't watched the traffic logs with the FBI and CIA as it happens, almost on a daily basis.  But the US is not a good guy when it comes to that stuff either, so all is fair in love and war.

    O365/Azure App Governance

    It is my suggestion, that you disable the ability for users to add apps.  It simply creates security holes that equate to users writing company checks that can't be cashed.  So, with that recommendation, can I provide you the steps to deny a user the ability for users to add apps" in your tenant, *sure*, thanks to some recently surfaced info (see below) Big Smile (thanks to @richdizz, @jthake and @Matthias1o1) In terms of Exchange, there are some user roles in Exchange that you can "remove" to prevent users from deploying apps, these roles are enabled by default:

     

    ------------------------
    [UPDATE 6-5-2014]
    After this post the following was brought to my attention from the O365 team.  It is a non-UI based way to disable all user consent, thanks to the O365 team for pushing this content out!:

    http://blogs.msdn.com/b/exchangedev/archive/2014/06/05/managing-user-consent-for-applications-using-office-365-apis.aspx

    ------------------------

    Even with the above update, what is still not available to us is an Azure AD UI (to make it more apparent of the risk) that allows me to disable apps, and/or designate a "safe/white list" of apps that my users *can* utilize in Exchange or Azure AD.

    Just for kicks, I have created a UserVoice suggestion that more advanced App Governance features (such as a UI and white list) be added to Azure AD and O365, you can vote for it here:

    http://officespdev.uservoice.com/forums/224641-general/suggestions/6010008-create-app-governance-in-o365-azure-ad

    My God, What Have You Done?

    So, this brings up an interesting point.  Last night at the SanSpug.org meeting I announced that we have moved to Auth0.com as our auth mechanism as it provides the most flexibility and telemetry data.  One person asked, what is telemetry data?  I said every time you login, I get data about you (first name, last name, email, blah blah).  It freaked out half the group.  Only one person was educated enough to know which of the supported auth systems had the least amount of data being sent.  So again, this brings up that interesting point I started this paragraph with...do you know what apps you have simply just clicked on the "authorize" button just so you could use the app?  I bet you don't, my god, what have you done?  Think about all those apps across all your services (facebook, twitter, liveid, google, etc).  So in an effort to help you understand just how bad this is going to get with O365, based on how bad it has gotten in a general sense, here is the links to where you can check what you have authorized for each of the major platforms:

    Facebook:

    https://www.facebook.com/settings?tab=applications

    Twitter:

    https://twitter.com/settings/applications

    Google:

    https://security.google.com/settings/security/permissions?pli=1

    LiveID:

    https://account.live.com/consent/Manage

    eBay:

    http://cgi6.ebay.com/ws/eBayISAPI.dll?ManageESubscriptions

    Yammer:

    https://www.yammer.com/YOURDOMAIN/account/applications

    SharePoint:

    I suppose you could say that this page (http://youweburl/_layouts/15/viewlsts.aspx) is as close as it gets?  At a farm level, in O365:

    https://yourdomain-admin.sharepoint.com/_layouts/15/TA_AllAppPrincipals.aspx

    On-premises:

    http://centraladminurl/_admin/AllAppPrincipals.aspx

    Azure AD:

    https://myapps.microsoft.com

    Back to the question..."My god, what have you done?"  After clicking on all those links, I'm sure you have an idea of just how bad the problem has gotten.  Some of you might be surprised to find out that your Hotmail/Outlook.com email and OneDrive (consumer) files have probably already been downloaded and analyzed by that cool app you gave permissions too.  Most of you that read my blogs are the cream of the intellectual crop.  You understand what that "Trust" dialog means.  For the rest of the population, not so much.  The meaning of the word "Trust" has been eroded by fancy graphics and the promise of a simple functionality at the expensive of selling your data soul to the app provider.  That all being said,  its time for enterprise solutions to have a "white list" to keep users from eroding the meaning of "Trust", to anyone's dog or cat.  One last thing on O365, no matter how secure you make the back end, its the front end that matters.

    CJG

  • Apache Cordova, Apache Ripple, Visual Studio 2013 and O365 APIs

    "Mobile first" has become a common theme these days and building code and applications that you can write once and deploy to multiple target platforms is a key to achieving reach and use for your backend platform.  With the O365 APIs being release a few weeks ago, you can now do REST development against O365 exchange services (Mail, Contacts and Calendar, however, no Tasks yet).  A lot of focus has been on putting out samples for the various mobile platforms (Windows Phone and Android as the top two).  That being said, let's take a look at these Android examples and then the new Apache Cordova project templates. 

    Android:

    The Android SDKs that you can download here need some serious help in order to get them loaded into a Java IDE (such as Eclipse Kepler).  For example, not only do you need the Active Directory library, you also need several Google SDKs (yeah, I said Google).  In order to get all the examples working, you need to download the following:

    Once you have all these, you can extract the O365 SDK and you will notice several projects that you can import into Eclipse (you will notice that all of them have errors, this is because you need to add the referenced JAR files to the project build path):

     

    Each project will need the "com.microsoft.adal", "office365-base-sdk", json-2.2.4" and "guava-16.0.1" JARs.  Once you have these added, you will notice that all the projects now show no errors.  You are now free to select a project and run it. The first app is called the "Asset Management" app:

     

    Opening the application allows you to start configuring it:


    The authentication options can be of three types:


    Azure Active Directory (AAD) is the OAuth method. Selecting it will allow you to utilize redirection to O365 login page and then back to your application.  Once you have authenticated, you can click the "Show Cars" button:


    It simply makes a call to a SharePoint picture library called "Cars" (that you have to create and add items too) to show you the picture of the car and its description:

    In addition, there is a "File Discovery" application.  This can be configured by modifying the "Constants.java" file (which is a common thing across the apps) by adding your client id and secret.  Once you have updated the files, running the app will show the following icon:

    Once open, you will see that it queries the discovery service and shows all your services (via the Discovery API):

    Clicking on the Files service will show you your OneDrive for Business Files:

    You may find that you keep getting an exception around the dialog.dismiss method.   This is a bug in the code, all you have to do is wrap it in a try catch block and the code will run ok.

    There is also a mail app (but it doesn't have a .project file so it won't import as a project).  Unfortunately I was never able to get it to work because it kept throwing memory errors, but supposedly you can also get it to show you your mail. You will also need a couple of extra JAR files to get it to compile:

    Apache Cordova:

    Not into building platform specific Apps like the Android ones above?  That's where the Apache Cordova platform comes into play!  If you do a quick Google search, you will find this site:

    http://cordova.apache.org/

    This site simply describes itself as "A platform for building native mobile applications using HTML, CSS and JavaScript".  Basically what that means is that it is a translation middleware of common web standard elements as common inputs and then transform your code to a target such as Android or Windows Phone.  The neat part is that Apache Cordova is now integrated into Visual Studio 2013 Update 2.  You can download the Apache Cordova project extension here:

    http://www.microsoft.com/en-us/download/details.aspx?id=42675

    This will give you the ability to create Hybrid Apps:

     Once you have created a Hybrid App, you will see the following in your Solution Explorer:

    In Visual Studio, you will have a set of target devices and also the ability to specific your debug target:

     

    Notice here, the "Ripple" debugging target.  Before you start debugging, you can modify the supported features of the target device via the App Manifest's "Plugins" tab:

     

     Now this is where things get interesting.  You can right-click the project and select "Add->Connected Service".  From here you can add either "Windows Azure Mobile" or "Office 365" services. 

     

    The view is similar to if you were doing an MVC or Web Application Project, but the output is VERY different.  What you will notice is several folders and JS files are added:

     

    The above "settings.js" does some initialization of the O365 SDK. The remainder of the files have some pretty powerful code in it that all but builds your application logic!

     

    Once you have all of these files in your project, you have to add them to your "index.html" page:

     <body>
        <p>Hello, your application is ready!</p>

        <!-- Cordova reference, this is added to your app when it's built. -->
        <script src="cordova.js"></script>

        <!-- cjg699 references -->
        <script src="./services/mobile services/cjg699/service.js"></script>

        <script src="scripts/jquery-2.1.1.js"></script>
        <script src="services/office365/settings.js"></script>
        <script src="scripts/aadgraph.js"></script>
        <script src="scripts/exchange.js"></script>   
        <script src="scripts/o365adal.js"></script>
        <script src="scripts/utility.js"></script>   
        <script src="scripts/index.js"></script>
        <script src="scripts/o365.js"></script>
       
        <input type="button" id="btnGetEvents" name="btnGetEvents" onclick="GetEvents();" value="Get Events" />
        <br />
        <br />
        <div id="Events">
        </div>
    </body>

    Once that is done, you can add your own O365.js file with your logic.  In this case, I am simply making a call to get the events:

    function GetEvents() {
        var authContext = new O365Auth.Context();
       
        authContext.getIdToken('https://outlook.office365.com/')
        .then((function (token) {

            // authentication succeeded
            var client = new Exchange.Client('https://outlook.office365.com/ews/odata', token.getAccessTokenFn('https://outlook.office365.com'));

            client.me.events.getEvents().fetch()       
            .then(function (events) {
                // get currentPage of calendar events
                var myevents = events.currentPage;

                $("#Events").empty();

                for (i = 0; i < myevents.length; i++)
                {
                    $("#Events").append("Subject: " + myeventsIdea._Subject)
                }           

            }, function (reason) {
                console.log(reason);
            });
        }).bind(this), function (reason) {
            console.log(reason);
        });

    }

     Pressing "F5", Google Chrome will start with the Ripple emulator:

     

    You can now click on the "Get Events" button which will attempt to execute the code, but first direct you to provide consent:


    Clicking on "Get Events", you will see your mail:

     

    One important note, the JavaScript code will cache your access token.  If you didn't get your permissions setup properly, then you'll have a bad token cached.  You will need to call the "SignOut" method to clear the CacheManager and the bad token as they don't expose the CacheManager directly.

    If you wanted to test on Android, you would simply change the drop down target and press "F5" again.  It would then attempt to start the current Android SDK Emulator and upload the APK file, you would see exactly the same UI and button and the same results!

    Unfortunately, at the moment, the JavaScript API for O365 is only provided in the Hybrid Apps project and is not really compatible with the other project types (such as MVC).  Apache Cordova, the Ripple emulator and project templates such as Hybrid and Cloud Business Apps are the future of application development!

  • Azure Access Control Services (ACS) is dead

    I recently went through the exciting process of setting up our SanSpug.org site to support various authentication mechanisms (LiveID, Google, Federated Auth, etc).  I started off using Azure Access Control Services (ACS) because I thought it had everything I could ever want in a login aggregation platform.  However, I soon realized that it just wasn't able to meet the simple needs of a small SharePoint User Group.  And now that I know it can't meet those needs, I doubt it really meets the needs of large organizations either. 

    A bit about ACS

    To be fair,  ACS was the first of its kind.  I remember when it was first released, it was sooooo cool.  It really was.  I built some cool labs off of it (the old UI), then the UI "disappeared" (at least, the link was gone from Azure at one point), only to reappear again in the latest incarnations.  ACS isn't a part of the main Azure portal.  It has its own interface, which has confused me to this day being that all the other services are moving into the current portal.  Here's a screen shot of the two:

     

    Why they are separate probably has to do with (put some random excuse here, but likely because of "legacy" configurations). It would make much more sense that Azure added ACS as its own separate application in the Azure Portal. 

    So what can we do with ACS?  If you are familiar with ADFS, then you get the point.  I can created "Identity Providers", "Relaying party applications" and claims rules between the two.  The latter being one of the strengths of ACS (Quick history lesson, ADFS 1.0 was a real piece of junk, that left only one option, that option being ACS. It could do all the things that ADFS 2.0 was about to do).  So what kinds of identity providers can we add?  Well, here they are:

     

    Hmm, interesting.  So they have preconfigured providers for LiveID, Google and Yahoo.  Fair enough, those don't actually need an application (client id and client secret) created for them.  But "Facebook".  Ummm, that one needs an app created for it to do federated auth.  Ok, let's do it.  Added a facebook app used to be fairly easy back in the day, now the UI sucks.  And the process to get a simple "App Stub" created requires a canvas page?  Whatever.  Fail on facebook's part.  Ok, back to ACS.  So they are allowing us to do federated auth to OAuth providers.  Ok.  So how do I add others?  Like Twitter?  Maybe Yammer?  Oh...YOU CAN'T!  But you can do WS-Federation all day long.  Boring.  Oh, did I mention the Google one doesn't work anymore?  Yeah, Google seems to have disabled the interface that ACS was using.

    Ok, so ACS is dead "to me".  So what do I do now?  Do I build my own?  Ugg, that means I need to register an app in EVERY possible OAuth provider on the planet.  Similar hoops to jump through (approve the app, screen shots, canvas page, terms...ugg, no thank you). 

    Let's do some research, maybe someone built a better ACS?  Maybe someone did all that work to register an app EVERYWHERE? After a few google searches, some tweets...I find....Auth0.com. 

    Auth0 is the ACS killer.  I have no doubt that after the right people at Microsoft see what they have built, Auth0 will be picked up in a M&A transaction.  I'm going to tell the guys to hold out and get 4-5 offers and bid the price up.  I have no doubt, they will go for $100Ms in a liquidity event.  So why are they so cool?  Because you can add ANYTHING!  Check this $^&%^% out!  Database, Social and Enterprise:

    Database (think ASPNETDB - this is a biggy for SP2015 by they way):

     

    Social (oh right...ACS gives us...Facebook...totally lame):

     

    Enterprise:

    Wait...do you see the one at the bottom?  Yeah...that's SharePoint Apps for on-premises (courtesy of Chris Beckett consulting services).  Oh...do you see the O365 and Windows Azure AD one?  Oh yeah...that's Azure AD Apps...umm, so why are you using ACS again?

    Telemetry and Metrics

    Are you freaking kidding me?  ACS would never have thought this up.  You get telemetry on when and how your users are logging in:

     

    The logs are also pretty sweet:

     

    You see the profile JSON response in the Logs that contains the Access Token (if provided) so if you need to debug something, you have everything you need!

     

    Wait...it gets better (but maybe a bit confusing for you that haven't been doing this stuff for a while).  In addition to allowing your Apps access to all these federated OAuth platforms, it itself is an App registry.  You can create your App in the Auth0 interface, which is then exposed as a WS-Federation end point!!!  Holy $%&^&$^!  Forced to use ACS, but you think it sucks like I do?  Hey...add your Auth0 WS-Federation endpoint, and just like one of those "I saw it on TV adds", "Set it and forget it!":

     

    APIs:

    Oh baby...if they weren't already ahead of the competition.  This is the future.  Forget about all those APIs you have to write to and learn.  Why bother with the auth parts?  All you need is to call the API and get that JSON response back.  Here's what they support:

     

    Rules:

    Do you have some ACS rules?  Yeah, they support that too...what they don't have is an ACS rule importer.  That would be so slick. Easily migrate from crappy old ACS, to shiny new Auth0:

     

    Custom Emails:

    Just to add insult to injury...woah...custom emails...custom whatever!  When someone hits your fed auth endpoint...send em an email based off the claims!

     

    Is ACS Dead?  Yeah, to me it is.  To the masses that didn't know any better, consider yourself educated.  As the word spreads, I'm sure there will be a mass ACS exodus very soon!

    Chris

More Posts Next page »

This Blog

Syndication

Powered by Community Server, by Telligent Systems