Microsoft Ignite 2017 Summary and Announcements

Featured

Ignite 2017 Key takeaways

This was the first year I have not attended Microsoft Ignite, due to unforeseen circumstances. But this didn’t stop me from covering Ignite 2017. So here we go…

ignite 2017

Ignite 2017 this year has about 25k attendees. During the same time as Ignite, they are also running Microsoft Envision. This is more focused to business leaders across industries.  Its main focus is to have Business Leaders understand and manage their organizations in the Digital Age.

Ignite 2017 Attendee Breakout

  • 47 % ITI/IT Pros
  • 34% Developers
  • 19% ITDM.

Top Industries Attended

  • 34% IT and Software (flat YoY)
  • 20% Education
  • 9% Healthcare
  • 9% Manufacturing
  • 9% Professional & Business Services

Ignite Keynotes Summary and Links

ignite 2017

Modern Workplace

ignite 2017

Key Takeaways – Modern Workplace

Expanding Microsoft 365

  • Microsoft 365 Firstline offering and Microsoft 365 Education
  • New Windows 10 S devices from HP, Lenovo, Acer and Fujitsu starting at $275 USD

Intelligent personalized search power by Microsoft Graph

  • Bing for business
  • LinkedIn data integrated with Office 365 profile card
  • Office 365 search & discovery improvements
  • Windows 10 taskbar search

Intelligent Communications vision

  • Bring voice and video + new cognitive and data services into Micro Teams

Advances in Intelligent Security

  • Integrated Adminced threat Protection using Intelligent Security Graph
  • Better data protection and access control across Microsoft 365
  • New Compliance Manager, a single GDPR dashboard

Modernizing Business Process with Cloud and AI

Key Takeaways – Business Applications

New Microsoft Dynamics 365 AI Solutions

  • First solutions for customer care includes a virtual agent for customers, an intelligent assistant for support staff and conversational AI management tools, power by Microsoft AI
  • HP, Macy’s, and Microsoft already using this technology to improve customer satisfaction and handle more requests, more quickly

Modular apps for Dynamics 365

  • New modular apps are lightweight SaS services designed to transform one business process at a time
  • Work with Dynamics 3 business apps or can be used independently
  • Extend existing systems of record, integrate with Office 365 and augment with LinkedIn insights.
  • First to allow talent leaders and hiring managers to address a company’s most important asset, people
  • Attract: focused on recruiting | Onboard: helps you make new employees successful – Available later this year.

Deeper integration for PowerApps and Microsoft Flow + Office 365 and Dynamics 365

  • Rapidly build apps, automate tasks, simplify workflows and solve unique business problems.
  • Allow any business user familiar with InfoPath forms, Access databases or SharePoint list. This allows customers to build apps that help them achieve more, on a single no-code/low code platform.

Apps and Infra/Data and AI

  • Every customer is an AI customer

The Enterprise Cloud

Key Takeaways – Hybrid

Delivering true hybrid consistency

  • Azure Stack shipping through OEM partners including Dell EMC, HPE, and Lenovo
  • Database Migration Service (DMS)

Empowering customer to optimize costs

  • Azure Hybrid Benefit for SQL server
  • Azure Cost Management by CFloudyn – free to all Azure subscriptions

Key Takeaways – Intelligence

Any data, any place

  • SQL Server on Linux Windows and Docker availability with SQL Server 2017 GA’

One convenient workbench for data scientists and AI developers

  • Azure Machine Learning Updates

Build intelligent apps at global scale

  • Azure Cosmos DB and Azure Functions integration

Performance and Scale for mission-critical analytic apps

  • Azure SQL Data Warehouse preview release of new “optimized for compute” performance tier

Cloud for Good – Key takeaways

To empower nonprofits, Microsoft Philanthropies will:

  • Microsoft has announced they met their 2016 commitment to donate $1 billion in cloud computing resources to nonprofits
  • Continue the cloud donations program, and triple the number of nonprofits Microsoft serves over the next three years
  • Launch a new Tech for Social Impact group, and the first offers, announced this week include:
    • Microsoft 365 for Nonprofits
    • Nonprofit Surface discounts for the first time ever

To get more detailed information about these announcements, please see links below or check out the Ignite2017 Site.

Official Microsoft Blog
Office Blogs
EMS Blog
Dynamics Blog
Azure Blog
Hybrid Cloud Blog
Data Platform Blogs

ignite 2017

Until next time, Rob.

Deploying ADFS on Nutanix – Installing and Configuring – Part 2

Deploying and configuring Active Directory Federation Services (ADFS) 2012 R2 for Office 365 can be broken down into 4 blog posts:

  1. Install and Configuring ADFS (this post)
  2. Configuring Name Resolution and additional nodes (Coming Soon)
  3. Install ADFS Proxy (Coming Soon)
  4. Leverage ADFS with Office 365 (Coming Soon)
  5. New automated methods of setting up ADFS with Office 365 (Coming Soon)

Planning And Prerequisites, and Other Fun Details

Prerequisites

Here are is the list of prerequisites from TechNet. But in general, you need to make sure you have a SSL certificate. The certificate must be trusted publicly (chained to a public root certification authority) or explicitly trusted by all computers that require access to the federation service. A wildcard certificate would work or a standard web certificate with the name you desire (i.e. fs.example.com – FS = federation service)

For this lab, you will need a Windows 2012 R2 Server with 4 cores, 4 Gigs of RAM and 100 Gig OS drive.

ADFS Role Planning

The ADFS role should be deployed within the corporate network, and not in the DMZ.  The ADFS proxy role is intended to be installed into the DMZ.

The default topology for Active Directory Federation Services is a federation server farm, using the Windows Internal Database (WID), that consists of up to five federation servers hosting your organization’s Federation Service. In this topology, ADFS uses WID as the store for the configuration database for all federation servers that are joined to that farm. The farm replicates and maintains the Federation Service data in the configuration database across each server in the farm.

Since the availability of Office 365 relies upon the availability of ADFS when the domain is federated there is a strong recommendation to have at least two ADFS servers with a redundant proxy infrastructure. On Nutanix, make sure the ADFS servers are running on different nodes and/or cluster’s for complete site resilience. Running Active Directory Federation Services on Windows 2012 R2 is fully supported across all hypervisors including Acropolis Hypervisor (AHV).

For more information on different designs, please review the design guidance information on TechNet.

Step by Step Install Guide

ADFS is installed as a role as shown below:ADFS-step1 ADFS-step2 ADFS-step3 ADFS-step4 ADFS-step5

Ok, that’s the easy part, now on to configuration.;)

Step by Step Configuration Guide

Welcome Active Directory Federation Services Configuration Wizard…!!
Before you begin your configuration, you must have the following:

  • An Active Directory domain administrator account.
  • A publicly trusted certificate for SSL server authentication installed in IIS before starting wizard.

AD FS prerequisites

ADFS-config-step1 ADFS-config-step2 ADFS-config-step3 ADFS-config-step4 ADFS-config-step5

This server will be configured as the primary server in a new AD FS farm ‘fs.poc.lan’. The configuration will be stored in Windows Internal Database. Windows Internal Database feature will be installed on this server if it is not already installed. All existing configurations in the database will be deleted. A group Managed Service Account POC\adfs$ will be created if it does not already exist and this host will be added as a member. Federation service will be configured to run as POC\adfs$.

ADFS-config-step6

If you click on View script, you can see the automated version:

# Windows PowerShell script for AD FS Deployment
Import-Module ADFS
Install-AdfsFarm
-CertificateThumbprint:"3923273B4862WEE0CBAF3WEWE99125EDBWEWEWC0C5"
-FederationServiceDisplayName:"ADFS POC" `
-FederationServiceName:"fs.poc.lan" `
-GroupServiceAccountIdentifier:"POC\adfs`$" `
-OverwriteConfiguration:$true
ADFS-config-step7
The root key for the group Managed Service Account was created just before running the wizard.. If you have more than one domain controller in your Active Directory forest, the key may not yet have replicated to all domain controllers and therefore the service may not successfully install or start. To avoid service startup problems, wait 10 hours to ensure the key has replicated to all DCs before completing the Active Directory Federation Services Configuration Wizard, executing Install-AdfsFarm or Add-AdfsFarmNode on any other servers in your network, or restarting any AD FS service.

ADFS-config-step8

Verifying that AD FS is working fine:

Checkout your (IdentityProvider) IdP Sign-on landing page by navigating to https://fs./adfs/ls/IdpInitiatedSignon.aspx

ADFS-test-step1

ADFS-test-step2

And that’s how the is ADFS is initially setup, no matter you are a large or small environment, …Next up….Configuring Name Resolution and additional nodes…Until next time….Rob