Active Directory Interview Questions & Answers
1) Mention what is Active Directory?An active directory is a directory structure used on Microsoft Windows based servers and computers to store data and information about networks and domains.
2) Mention what are the new features in Active Directory (AD) of Windows server 2012?
- dcpromo (Domain Controller Promoter) with improved wizard: It allows you to view all the steps and review the detailed results during the installation process
- Enhanced Administrative Center: Compared to the earlier version of active directory, the administrative center is well designed in Windows 2012. The exchange management console is well designed
- Recycle bin goes GUI: In windows server 12, there are now many ways to enable the active directory recycle bin through the GUI in the Active Directory Administrative Center, which was not possible with the earlier version
- Fine grained password policies (FGPP): In windows server 12 implementing FGPP is much easier compared to an earlier It allows you to create different password policies in the same domain
- Windows Power Shell History Viewer: You can view the Windows PowerShell commands that relates to the actions you execute in the Active Directory Administrative Center UI
The default protocol used in directory services is LDAP ( Lightweight Directory Access Protocol).
4) Explain the term FOREST in AD?
Forest is used to define an assembly of AD domains that share a single schema for the AD. All DC’s in the forest share this schema and is replicated in a hierarchical fashion among them.
5) Explain what is SYSVOL?
The SysVOL folder keeps the server’s copy of the domain’s public files. The contents such as users, group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain.
6) Mention what is the difference between domain admin groups and enterprise admins group in AD?
Enterprise Admin Group
Domain Admin Group
- Members of this group have complete control of all domains in the forest
- By default, this group belongs to the administrators group on all domain controllers in the forest
- As such this group has full control of the forest, add users with caution
- Members of this group have complete control of the domain
- By default, this group is a member of the administrators group on all domain controllers, workstations and member servers at the time they are linked to the domain
- As such the group has full control in the domain, add users with caution
System state data contains
- Contains startup files
- Registry
- Com + Registration Database
- Memory page file
- System files
- AD information
- SYSVOL Folder
- Cluster service information
Kerberos is an authentication protocol for network. It is built to offer strong authentication for server/client applications by using secret-key cryptography.
9) Explain where does the AD database is held? What other folders are related to AD?
AD database is saved in %systemroot%/ntds. In the same folder, you can also see other files; these are the main files controlling the AD structures they are
- dit
- log
- res 1.log
- log
- chk
PDC Emulators: There is one PDC emulator per domain, and when there is a failed authentication attempt, it is forwarded to PDC emulator. It acts as a “tie-breaker” and it controls the time sync across the domain.
These are the parameters through which we can know whether PDC emulator is working or not.
- Time is not syncing
- User’s accounts are not locked out
- Windows NT BDCs are not getting updates
- If pre-windows 2000 computers are unable to change their passwords
Lingering objects can exists if a domain controller does not replicate for an interval of time that is longer than the tombstone lifetime (TSL).
12) Mention what is TOMBSTONE lifetime?
Tombstone lifetime in an Active Directory determines how long a deleted object is retained in Active Directory. The deleted objects in Active Directory is stored in a special object referred as TOMBSTONE. Usually, windows will use a 60- day tombstone lifetime if time is not set in the forest configuration.
13) Explain what is Active Directory Schema?
Schema is an active directory component describes all the attributes and objects that the directory service uses to store data.
14) Explain what is a child DC?
CDC or child DC is a sub domain controller under root domain controller which share name space
15) Explain what is RID Master?
RID master stands for Relative Identifier for assigning unique IDs to the object created in AD.
16) Mention what are the components of AD?
Components of AD includes
- Logical Structure: Trees, Forest, Domains and OU
- Physical Structures: Domain controller and Sites
Infrastructure Master is accountable for updating information about the user and group and global catalogue.
Preparing for Azure Interview Questions
Are you preparing for Azure interview questions as you get ready to make your next cloud computing move? If so, read on for practice Azure interview questions and answers. We can’t promise you that you’ll be asked all these questions, nor can we tell you exactly what you’ll be asked, but preparing ahead of time with these will help you get mentally ready for the experience. And remember: although the cloud computing job market is booming and plenty of businesses are hiring Azure cloud architects, you will still have competition for that job. Be ready to make your best first impression by preparing for that interview.
Q: Why did you choose a career in cloud computing?
A: These types of Azure interview questions require a thoughtful, honest response. By thinking through your answer ahead of time, you’ll be ready to say something your interviewer will approve of. Show that you care about the field and that you have a passion for cloud computing and the problems it can solve.
Q: Why did you choose Microsoft Azure and not AWS?
A: Your response to this question is based on your own background and experience. Maybe you come from a developer background so Azure appealed to you. Maybe your first cloud computing role just happened to be with Azure. As with the question above, the key here is to be ready to give an intelligent answer to the question.
Q: How does Microsoft Azure compare to AWS?
A: This might be a matter of opinion for you, so answer as you see fit. In general, people say Azure is a better choice because it’s a Microsoft product, making it easier for organizations already using Windows Server, SQL Server, and Exchange to move to the cloud. In addition, because of Microsoft’s deep knowledge of developer tools, Azure offers multiple app deployment options for developers which makes it stand out against AWS.
Q: How did you learn Azure?
A: Did you learn Azure through a certification? Through on-the-job experience? A little of each? However you learned it, make sure to demonstrate to the interviewer that you have practical experience (if you’re new to the field) and that you are continuing to learn.
Q: Tell me about a problem you solved at your prior job.
A: This is something to spend some time on when you’re preparing responses to possible Azure interview questions. As a cloud architect, you need to show that you are a good listener and problem solver, as well as a good communicator. Yes, you need to know the technology, but cloud computing does not usually involve sitting isolated in a cubicle. You’ll have stakeholders to listen to, problems to solve, and options to present. When you answer questions like these, try to convey that you are a team player and good communicator, in addition to being a really good Azure architect!
Q: What are the different storage options with Azure?
A: Should your interview start to get technical, there are countless questions you might be asked. You can’t predict them. We can’t predict them. So we’ve brainstormed some possible Azure interview questions and answers for you to study, prepare for and practice. Do this, and you’ll walk into your interview with much more confidence! Now, onto the different storage options with Azure. These options include a blog, table, and queue options. Be prepared to expand on the benefits of each as well.
Q: What is the benefit of the Azure CDN?
A: The Content Delivery Network (or CDN) in Azure offers the same benefits as other CDNs: it can be used to reduce load times and bandwidth as well as speed up responsiveness.
Q: What is Azure Virtual Network?
A: Azure Virtual Network enables Azure resources like Virtual Machines to securely communicate with each other, with the Internet and with on-site networks. It lets you implement multiple virtual networks, as well as filter or even route network traffic, and to connect virtual networks to each other.
Q: What are Azure Virtual Machines used for?
A: Speaking of virtual, Azure Virtual Machines are used in the same way any virtual machines are used: to add computing power without adding hardware. Azure supports Windows Server (of course), Linux, SAP, Oracle, IBM and SQL Server.
Q: What is Azure Cloud Service?
A: Azure Cloud Service lets you deploy a multi-tier web application in Azure, with multiple roles to distribute processing and enable flexible scaling of your application. It lets you support more complex multi-tier architectures.
Q: What is Azure Active Directory?
A: Azure Active Directory is an Identity and Access Management system, similar to other active directories. It lets you grant employee access to specific products and services within your network.
Q: What is PowerShell and how is it used?
A: Windows PowerShell has been around for a long time. It can be used to automate tedious tasks. Azure PowerShell is used to manage and administer Azure resources from the command line, as well as to build automation scripts for use with the resource manager.
Q: Explain HDInsight.
A: Azure HDInsight is a cloud service that makes it easy, fast and cost-effective to process massive amounts of data using open-source frameworks like Hadoop, Spark, Hive, LLAP, Kafka, Storm and R. HDInsight can enable a broad range of scenarios, including ETL, data warehousing, and Machine Learning, to name a few.
1. What is meant by Microsoft Azure and Azure diagnostic?
Answer: This is one of the most basic Azure cloud interview questions asked very often. Microsoft Azure is a cloud computing interface that is implemented by Microsoft so as to get benefited from the cloud computing.
Azure diagnostics is an API based system that collects the data to diagnose the application which is constantly running. It tunes with the verbose monitoring by enabling roles of the cloud services.
2. What is meant by cloud computing?
Answer: This is a basic question that finds its mention in most of the Microsoft Azure interview questions eBook. Cloud Computing is the high-level abstraction procedure that focuses on the business logic. This is a service delivered via the internet that aids you with the computing services without laying much importance on the infrastructural needs just like the electric supply.
3. What is the scalability of the cloud computing?
Answer: If the above question appears as the Azure cloud interview questions your most appropriate answer will be scaling is one of the advantages that are of two types;
· Vertical scaling, where the configuration yields to increase the existing capacity of the machine. Just like expanding the size of the RAM from 4GB to 32GB.
· Horizontal Scaling, an aspect where the physical aspect is increased like putting multiple machines at work instead of replacing the existing machine.
4. What are the advantages of cloud computing?
Answer: There are several advantages of cloud computing which are as follows;
· The versatility of the system can be altered if the business requires certain modification.
· They are highly available which increases its end users to get benefited by every inch.
· The system is capable of tolerating fault of a single part and overcomes it by remaining completely functional.
· The service allows you to pay only when the system is in use. You can easily reallocate the system when you use them and get saved from the charge.
· The system has brought into light the payment for the operation rather than the investment in the machines.
5. What is meant by PaaS, SaaS, and IaaS?
Answer: These are the basic terms while dealing with the cloud services and are commonly asked in an Azure interview:
· PaaS stands for Platform as a Service that enables you to get a platform to deliver without directly giving authorization to the OS software.
· SaaS stands for Software as a Service is devoid of platform infrastructure software that can be used without direct purchase.
· IaaS stands for Infrastructure as a Service which enables you to get the hardware from the provider as the desired service which can be configured by the user.
6. Explain the different deployment model of the cloud?
Answer: When asked as the Azure cloud interview question you should answer it in the following way. There are various deployment models for the cloud;
· Private Cloud Deployment Model is one where you own the infrastructure and the cloud provider enables you to get the service exclusively.
· Public Cloud Deployment Model is one where you get the multi-tenant infrastructure from the service provider exclusively.
· Hybrid Cloud Deployment Model is a set up of intermixed public and private data in which the confidential data will be served in-house and the public directed website is there to address the public.
7. What are the main functions of the Azure Cloud Service?
Answer: The main functions of the Azure Cloud Service are;
· It is designed to host the running application and at the same time manage the background running application.
· The application of web processing is termed as “web role” whereas the background processing is termed as the “worker role”.
8. State the purpose of the cloud configuration file?
Answer: There is a primary .csfg file available with each and every cloud service. The main purpose of this file is
· They hold the main copy of certificates.
· They have the storage of user-defined settings.
· There are a number of instances in any service project.
9. Which services are used to manage the resources in Azure?
Answer: When asked as Azure cloud interview questions, it should be answered that the Azure resource manager is the infrastructure that is involved in to manage deploys or deleting all the resources.
10. What do you mean by roles?
Answer: This is another basic yet important question asked as the Azure Interview Questions which should be answered in the following way:
Roles in cloud management are often termed to be nothing servers that are linked to managing and balancing the platform as service machine that collaborates works to attain the goal.
11. What are the different types of roles?
Answer: There are basically three different types of roles;
· Web Role that is used to deploy website by making use of language which is supported by the IIS platform customized to run the web application.
· VM Role is used to schedule the window services and task. It is done by the user through customization of the machine on which the worker’s role is running.
· Worker Role is to execute the process that runs in the background by deploying the website.
General Azure Interview Questions and Answers
So, you have gone through all the basic questions, now let’s take a step ahead and move to some general Azure interview questions. Interviewer generally asks these questions to check the knowledge of the candidate on various aspects.
12. What do you mean by a domain?
Answer: This is one of the common Azure Interview Questions that may be asked which should be answered as follows the interconnected and interlinked nodes that are often a measure undertaken by the organization is known as the domain. These relations are carried by only one point of the organization.
13. Explain the fault domain.
Answer: This is one of the common Azure interview questions which should be answered that it is a logical working domain in which the underlying hardware is sharing a common power source and switch network. This means that when VMs is created the Azure distributes the VM across the fault domain that limits the potential impact of hardware failure, power interruption or outages of the network.
14. Discuss Update Domain.
Answer: It is a logical group that undergoes maintenance by rebooting the system. The system automatically distributes the created VMs all across the updated domain that enables the user to run any one of the application while the Azure platform is undergoing maintenance. The update domain does not work sequentially to the manual rebooting.
15. Differentiate between the verbose and minimal monitoring.
Answer: Verbose monitoring collects metrics based on the performance that enables close analysis of data that fed during the processing of application whereas the minimal monitoring is a default configuration that makes the use of the performance counters gathered from the operating system of the host. Proceed to the more Azure cloud interview questions that are quite common.
16. What do you mean by a BLOB and what are their types?
Answer: BLOB is a Binary Large Object that is composed of any size and type of file. They are mainly of two types-the page and the block blob.
17. What is meant by the block blob and page BLOB?
Answer: Blob is a block that is having a specific block ID. Each block in this block BLOB comprises of the 4MB and maximum size of this BLOB limits to 200 GB. Whereas the Page blob contains pages in which data range is determined by the offsets. The maximum limit is 1TB where a single page is of the size 1TB.
18. Differentiate between the Windows Azure bus queues and Windows Azure queues?
Answer: Windows Azure queues take care of the storage infrastructure of Windows Azure. The features include the REST based Peek/Get/Put interface that enables the users to get persistent messaging in-between the services and reliability.
Bus queues are a broader aspect of the messaging infrastructure with publishing and subscribing the integrating patterns of remote web service.
19. What is meant by the DeadLetter queue?
Answer: Messages are transferred to the DeadLetter queue in the following situation;
· When the delivery count has exceeded for a message that is on a queue.
· When the expiry date of the message has crossed and the entire expired message is held in a queue.
· When there is an evaluation exception set by default and the subscription is enabled with dead letter filter.
20. Explain the Window Azure platform?
Answer: It is collectively a PaaS developed by the Microsoft programmed to run a deployment vehicle and a runtime for the data center to host the cloud computing. Let’s proceed to the next general Azure Interview Questions that may be asked.
21. How is the price of the Azure subscription placed?
Answer: The prices vary in accordance with the product type. The various pricing models are;
· The free model where our customers can avail the system exempted from the market fee.
· The BYOL scheme where the Azure is fetched the Azure with a fee that is not encircled around the limits of market price.
· The trial of the free software where the client gets the full version with an advanced feature for a limited period of time. With the expiration of the introductory period, you will be charged standard rates.
· Usage Based Fee that is billed in accordance with the service that you have taken. Like if you are subscribed for the virtual image then hourly fees may be charged.
· Monthly bills are activated if you sign a particular plan. The fee is not allocated for cancellation or mid-month unused service.
22. What are the sizes of the Azure VM?
Answer: It is another basic question that finds its place in the series of top Microsoft Azure interview questions. The Windows Azure is destined to balance a variety of sizes. Most of the VM sizes are:
· The extra large computer has 8*1.6 GHz of Instance size, with instance storage of 2040 GB, CPU memory of 14 GB. The I/O performance is high.
· The large computer has 4*1.6 GHz of Instance size, with instance storage of 1000 GB, CPU memory of 7 GB. The I/O performance is high.
· The medium computer has 2*1.6 GHz of Instance size, with instance storage of 490 GB, CPU memory of 3.5 GB. The I/O performance is high.
· Small computer has 1.6 GHz of Instance size, with instance storage of 225 GB, CPU memory of 1.75 GB. The I/O performance is moderate.
· The extra small computer has 1.0 GHz of Instance size of 20 GB, with instance storage of 20 GB, CPU memory of 768MB. The I/O performance is low.
23. What is meant by table storage?
Answer: It is an interface that is capable of storing bulk amount of structured but non-relational data. It is a service of the NoSQL data store that takes authenticated calls from either outside or inside the Azure cloud. The table is a collaborated entity that in turn is a set of properties which is a paired up of name and value.
24. Differentiate between the repository and the powerhouse server?
Answer: Repository servers are those which are in lieu of the integrity, consistency, and uniformity whereas the powerhouse server governs the integration of different aspects of the database repository.
25. What is meant by the enterprise warehousing?
Answer: It is the phenomenon where the data is developed by the organization having access at a single point throughout the globe. The warehousing enables the server to get linked to a single point with the assistance of periodic handling.
26. What do you mean by lookup transformation?
Answer: Lookup transformation aids to determine source qualifier. It can be active or passive lookup transformation. The process is yield to get the access the relevant information or the data.
27. What is meant by the connected lookups?
Answer: In the unconnected lookup, the input is directly taken from the transformation that takes part in the flow of data. The connected data lookup is built as both a static and dynamic cache. This can be oriented via multiple ports that can give the output. It is defined by user defined entity.
28. What is meant by the unconnected lookups?
Answer: The answer to this Microsoft Azure interview question should be that in the unconnected lookups the input is taken by the LKP operation. Nature is dynamic having a single output port. User-defined values are disregarded in the unconnected lookups.
29. What is meant by the command task?
Answer: Command task is an operational window that sets off the flow of one or multiple command shell while the system is still running.
30. What are the PowerCenter commands that can be used in Informatica?
Answer: The languages for transformation that can be provided with some basic comment signifiers that are;
· Slashes (//)
· Dashes (–)
If these common signifiers are absent in the line the power integration service will ignore the text.
31. What is the difference between copy and shortcut?
Answer: The answer to this Microsoft Azure interview question will be copied is transferring an object from one to another folder that takes double space. There is no change that corresponds to the original object.
The shortcut is a dynamic link of the object that saves the space reflecting changes in the original object.
32. What do you mean by a service fabric in Azure?
Answer: This is one of the advanced Microsoft azure interview questions that should be answered by stating Service fabric is a middleware platform of the following generation that gives the more scalable outcome. It renders with the more managed and reliable enterprise.
33. What are the benefits of the traffic manager in Windows Azure?
Answer: Traffic manager is allocated to control the distribution of the user to deploy the cloud service. The benefit of the traffic manager constitutes;
· It makes the application to be available worldwide through automated traffic control machinery.
· The traffic managing service contributes to high performance by loading the page faster and convenient usage.
· There is no lag of time to maintain or upgrade the existing system. The system keeps running in the back while the system takes time for up gradation.
· The configuration is made easy through the Azure portal.
SQL Azure Interview Questions and Answers
While going for an Azure interview, it is common to come across database related questions i.e. SQL-based. So, let’s get prepared for that too. Just go through the following SQL Azure interview questions.
34. Discuss the different database types in SQL Azure?
Answer: This is one of the commonly asked SQL Azure interview questions that must be answered by stating that there are two major type of database in SQL Azure;
· Web Edition – It is having a limit of 5GB SQL that is related to the relational database. The basic advantage is that they can be self-maintained, tolerant to a fault and highly available.
· Business-based Edition – they support 50GB of T-SQL that is self-managed, tolerant to a fault and highly available. They are suited for the custom web applications or ISV application.
35. How is Azure Resource Manager beneficial over the classic services?
Answer: The benefits of the Azure Resource Manager that overshadows the benefit of the classic services are;
· The resources need not be managed, deployed or monitored one at a time. They are chain deployment activities throughout the lifecycle without the need for individual data handling.
· The data is also deployed at a consistent pace with the ARM service. It enables the user to use a declarative template that indicates the deployment.
· Since the role-based control is present in the management platform that provides you with the access to the resources that leads you to control.
· You can mark dependencies between the resources that enable you to get the correct order of deployment.
· The resources may be tagged and organized logically so that it is convenient to follow up the billing of your company.
36. Enlist the monitoring features that are present in the SharePoint 2010?
Answer: This is one of the SQL Azure interview questions that should be answered by stating that the SharePoint 2010 is a diagnostic logging that takes into the data that are a direct indication of the state of the system. Sometimes it also specifies some timer tasks that are performed to monitor the collected information. The features include;
· It collects the data on event log, timer service, and performance counter.
· They are involved with data that are search usage.
· They provide matrices that are yielding a collection of sites.
37. State the class that can be used to retrieve data?
Answer: The class that can be used to get data from more than one list is the SPSite Data Query that is able to query data that are present in more than one list all across the diverse web collections. It is featured to aggregate data without the external links and only through the SharePoint.
38. Compare the STS and SPS and state its important features?
Answer: SPS is the SharePoint Portal Service which manages the documents and has a search engine more efficient in penetrating the multiple sources of content.
STS stands for the SharePoint team management. As the name suggests they are better for the document management for a large organization and has a moderate search engine.
39. Explain MOSS?
Answer: The answer to this SQL Microsoft Azure interview question for experienced will be MOSS is abbreviated for Microsoft Office SharePoint Server that constitutes a complete version of the portal platform that yields the user to manage, share and even create the document.
40. What is the difference between a library and a list?
Answer: The library is an interface that yields one to manage and store a document that can be created using Excel, PowerPoint or Word. The list is the representation of the item in a tabulated format using column and rows. Lists are not used to make a document but can attach documents.
41. What do you mean by SAS?
Answer: This is one of the common SQL Azure interview questions that should be answered by stating that SAS is an abbreviation for Statistical analytical System which is a software suite performing analysis of multiple variables. It is in linked to the predictive analysis, data handling, advanced analytics or corporative intelligence. It produces a smooth interface that offers graphical and clicks based solution. It is user-friendly for the technical or the non-technical with advanced features.
42. State some features of SAS?
Answer: There is some interlinked feature of SAS which includes;
· It provides the user access to manage the resources just like that of the DBMS.
· It is leading with the leading analytical to carry out different business services and products.
· It enables easy visualization and interpretation with the use of graphs and its breaks the complex panels into simple plots.
· It is very efficient in delivering the business analysis which leads to manufacturing the products that can be distributed worldwide.
43. Describe the common architecture of SharePoint 2010?
Answer: There are three main architectural design of the SharePoint 2010 which includes;
· The enterprise farm which is uncommon as it completely is dedicated to the service and aids via the automated management with the feasible isolation of data.
· There is a single farm that is associated with multiple services whose potential advantages are management via individual service application which enables with a more complex targeting of sites to a particular application of service.
· Lastly, the single farms employed in single service are very common and at the same time easy to deploy. The application service is simple to be allocated with fullest resource utilization and management.
44. Describe the log analytics?
Answer: This question can be asked among the SQL Azure interview questions. The operational management service of the Log Analytics provides the entire requirement that runs the particular service. It manifests automation, security, log analytics and availability at a particular dashboard. It generates Power data source that enables the user to get the visuals of the raw data. It is introduced in three different tiers of prices that include free, premium and standard. You enjoy the convenience of searching the data at a single dashboard and export the results.
Advanced Azure Interview Questions and Answers
In the series of Azure interview questions, here we bring some advanced Azure interview questions for you with the detailed answers. Preparing through these questions will prepare you to crack the tough to tough interview.
43. State what will you do in case of a drive failure?
Answer: This is one of the another Microsoft Azure interview questions for experienced that should be answered in the following manner. When there is an instance that the drive has failed the following step should be performed;
· The first is that the drive should be not mounted enabling the object storage to function without fail.
· The second scenario is replacing the drive in which the desired step will be remounting, formatting the drive.
44. State what should be done in case of a service failure?
Answer: In the case of the service failure the following steps need to be performed;
· Ensure that the object s services have stopped running which will enable the object services to withstand the failure.
· To complete the last lap of work pending you can allow the system object storage remain functional by making the machined to again get back to online. Once they are started, the online replication will instantly activate with the missing updated files.
· If you are incapable to replace drive then do remove the drive and let the system stay not mounted.
45. Give a clear overview of API in Azure?
Answer: The Test Analytics in API is a web service that is built with the Azure learning. It is an effective tool to analyze the unstructured data like the extraction of the key phrase. It runs with the binomial scoring unit that is either 0 or 1 where 1 corresponds to a positive and 0 corresponds to a negative viewpoint. The advantage is that it does not need any assistance with designing and training which imply that the data is in the hands of directly the user. Proceed to find more Microsoft Azure interview questions for experienced.
46. Explain how does a character analytics API function?
Answer: The working of the character analytics of API does not account for the characterization of words like good or bad. It uses the advanced feature through which the processing of natural language is mediated.
47. Differentiate between the PROC SUMMARY and PROC MEANS?
Answer: This is one of the stars marked questions found in the list of top Microsoft Azure interview questions and answers pdf.
PROC MEANS refers to the subgroup statist created in the persistence of the BY statement that will be involved. The data here is sorted beforehand with the assistance of BY variables.
PROC SUMMARY is the aid of statistics giving all varieties of information running simultaneously and is produced for every subgroup automatically. The information in the outlet is not created.
50. If the client gets disconnected from cache with the services state the probable cause?
Answer: If the client gets disconnected the causal factor can be distributed into two categories;
The cause on the operator side;
· There might be a failure in the transfer of the standard cache from one node to the other.
· While the service was processing and dispatching the cache got deployed.
· There was a server update or an automated VM maintenance.
The fault on the client side;
· The application of the client accidentally got redeployed.
· The application on the client side got auto-scaling.
· The layer of the network on the client side altered.
· There was a transient error on the network node.
· The bound operation took more time.
· The upper limit of the bandwidth was reached.
SQL Azure Interview Questions and Answers
Are you an SQL Azure expert looking for a job? There are a number of companies offering the job for those who have the skills for SQL Azure. However, the competition level is also high in the IT sector at the present time and you will need to prepare in the perfect way to crack the interview for the job.
SQL Azure is a cloud-based database service from Microsoft and it provides the freedom to the business owners to store and secure the data in the cloud databases.
Most Common SQL Azure Interview Questions and Answers
If you are going to face an interview for the job of SQL Azure expert in any of the organizations, it is very important to prepare well for it and you have to know about some of the most common SQL Azure interview questions that will be asked in the interview.
If you will get prepared for the interview with good knowledge of all these questions, you will definitely get help to beat the competition that you will face during the interview. Here, you will find some of the top SQL Azure interview questions and answers that will definitely give you the right solution to get the job opportunity as an expert of SQL Azure in the best organizations.
1. What is SQL Azure?
Answer: SQL Azure is the cloud-based relational database that is offered by Microsoft. The service is based on SQL server technology and it is used in a Microsoft data center that is hardware owned and maintained by Microsoft.
It is the very basic question about SQL Azure database and you may get this question not only among top SQL Azure interview questions but also among the Microsoft Azure interview questions for experienced.
2. What will happen when SQL Azure database will reach the max size?
Answer: If the SQL Azure database will reach the max size, data read or fetch operations will still work on it but create, insert or update operations will stop with it. You can choose to drop, delete or truncate the data in this condition.
3. What are the limitations of SQL Azure database size currently?
Answer: At the current time, the maximum SQL Azure database size can be 250 GB (s0, s1, s2, and s3) or 500GB (p1, p2, p3, and p6 ) or 4TB (p11 and p15).
4. In SQL Azure, which encryption security is available?
Answer: In SQL Azure, SSL connections are supported only.
SET encryption = TRUE
5. What is SQL Azure firewall?
Answer: As you know, security is one of the main concerns at the present time in the IT sector. It will be one of the latest SQL Azure interview questions that you may need to face during the interview. SQL Azure Firewall is used as a security mechanism that will work to block the requests based on the IP address.
6. How many of the databases can you create in the single server?
Answer: In the single SQL Azure server, it is possible to create 150 databases that will include a master database as well.
7. How many servers can you create in the single subscription?
Answer: In the single subscription, it is possible to create six servers while using SQL Azure.
8. Can you explain about the SQL Azure security?
Answer: SQL Azure services will allow you to block the request that will be based on IP address by using the SQL Azure firewall. It will use the SQL server authentication process that will authenticate the connections. By default, SQL Azure connections are SSL encrypted.
9. What will be the differences between business edition and web edition?
Answer: The max size of the SQL Azure web edition will be 5 GB and the size of the business edition will be up to 50 GB. It is possible to increase or decrease web edition database size of 1GB and you will be able to increase or decrease the size of the business edition up to 10 GB.
10. What will be the process to migrate to SQL Azure from SQL server?
Answer: If you are going to face an interview for SQL Azure job, you may find it as one of the best SQL Azure interview questions. If you want to migrate from SQL server to SQL Azure, you can use SSIS or BCP. For the schema migration, generate script wizard will be used and you can also use the tool named as SQL Azure Migration Wizard for it.
This is one of the most common Microsoft Azure interview questions for experienced candidates who have worked on the SQL Azure database. If you have some previous experience on the Azure platform, you should prepare yourself with the answer to this question.
The bulk copy program utility (bcp) bulk copies data between an instance of Microsoft SQL Server and a data file in a user-specified format. The bcp utility can be used to import large numbers of new rows into SQL Server tables or to export data out of tables into data files. Except when used with the queryout option, the utility requires no knowledge of Transact-SQL. To import data into a table, you must either use a format file created for that table or understand the structure of the table and the types of data that are valid for its columns.
SQL Server Integration Services
Microsoft Integration Services is a platform for building enterprise-level data integration and data transformations solutions. Use Integration Services to solve complex business problems by copying or downloading files, loading data warehouses, cleansing and mining data, and managing SQL Server objects and data.
Integration Services can extract and transform data from a wide variety of sources such as XML data files, flat files, and relational data sources, and then load the data into one or more destinations.
Integration Services includes a rich set of built-in tasks and transformations, graphical tools for building packages, and the Integration Services Catalog database, where you store, run, and manage packages.
You can use the graphical Integration Services tools to create solutions without writing a single line of code. You can also program the extensive Integration Services object model to create packages programmatically and code custom tasks and other package objects.
11. Which tools are available for the management of SQL Azure service and databases?
Answer: For the management of the SQL Azure database, the SQL server management server 2008 R2 is available. You can also use Silverlight app having integration with Azure management portal for the management of SQL Azure service and databases.
12. How will you sync SQL Azure with on-premise SQL server?
Answer: It is possible to use No code solution named as DATA SYNC to sync SQL Azure with on-premise SQL server. It is also possible to develop the custom solutions by using SYNC Framework for it.
SQL Azure allows users to run their SQL server workloads as a hosted service (PaaS). So, you may also come across some of the PaaS interview questions in the SQL Azure interview. Read few and get yourself ready for everything.
13. How will you back up the SQL Azure data?
Answer: Backup is important to handle the issues of hardware and 3 database replicas are used in SQL Azure for backup. For the errors based on user level, the COPY command is used for the creation of SQL Azure database replica. It is also possible to back up the data of SQL Azure to any local SQL server with the use of SSIS, BCP etc.
14. On which factors current pricing model for SQL Azure consumption depend?
Answer: The charges for consumption of SQL Azure are currently based on the following two factors
· Size
· Data Transfer
15. How will you handle the data sets having a size larger than 50 GB?
Answer: If you want to appear in an interview, it may be one of the latest SQL Azure interview questions that you will face. You will need to build a custom solution on application level to handle out of scale SQL Azure database. According to the Microsoft, you will be assisted by SQL Azure Federations for scaling out of the SQL Azure database. Scaling out of data means that the data will be split into smaller subsets and will be spread to multiple databases.
16. How can you improve the performance of SQL Azure databases?
Answer: To improve the performance of SQL Azure databases, you can tune the database by using the information from the execution plan as well as statistics of the query. It is possible to use dynamic management views of SQL Azure for the monitoring and management of the SQL Azure database. Network latency and bandwidth also affect the performance of the SQL Azure database so it can be used to improve the performance.
17. What is the code new application topology?
Answer: The code in your application topology will mean that the database and Windows Azure hosting services are consuming the data hosted in the same Azure data center.
18. What are the latest updates for SQL Azure services?
Answer: For the SQL Azure services, the latest updates will include the multiple servers for every subscription. There are also updates for SQL Azure administrator support and to create the firewall rules for a server with IP detection.
You may also have read this question among PaaS interview questions and Microsoft Azure interview questions and answers pdf that covers top questions to crack the Azure interview. This type of general questions are very common among Azure interview so don’t miss the latest updates of SQL Azure services while preparing for Microsoft Azure interview.
19. When will the workload on SQL schedule get throttled?
Answer: If the database will reach the maximum size then the operations for insert, update, and create will get throttled. There are also policies that will not allow the workload to exploit the shared physical server.
20. What are the benefits of a Sharded Database?
Answer: Followings are some of the benefits of the sharded database –
· Allows users to take benefit of maximum resources within the cloud
· Reduces the chances of a single point of failure
· Reduces SQL Azure throttling and I/O bottlenecks
· Enables users to have their own database, to access other databases, and to share database
· Benefits users by offering low-cost cloud resources on-demand basis and releasing when done
1. Question 1. What Is Sql Azure?
Answer :
Microsoft SQL Azure is a cloud-based relational database service that is built on SQL Server technologies and runs in Microsoft data centers on hardware that is owned, hosted, and maintained by Microsoft.
2. Question 2. What Is Sql Azure Federations?
Answer :
SQL Azure federation provides tools that allow developers to scale out (by sharding) in SQL Azure.
Here are some of the benefits of a sharded database:
o Taking advantage of greater resources within the cloud on demand.
o Allowing customers to have their own database, to share databases or to access many databases.
o Reducing the exposure of a single point of failure.
o Benefiting from the lower costs of using cloud resources on an as-needed basis and releasing them when done.
o Reducing I/O bottlenecks and SQL Azure throttling.
3. Question 3. What Is Sharding?
Answer :
o It is a technique for partitioning large data sets, which improves performance and scalability.
o It also enables distributed querying of data across multiple tenants.
4. Question 4. What Is Federation Root Database?
Answer :
The federation root database is a SQL Azure database that contains metadata about the federations. It’s the first thing you need to create when setting up your own federation
example:
CREATE DATABASE [fedRoot] COLLATE French_CI_AS (MAXSIZE = 100 GB, EDITION = 'business')
5. Question 5. What Is Federation?
Answer :
The federation is where you define the data type (e.g., Customer ID, Product ID) you’ll shard on.
As with creating the root database, you can create a federation through the SQL Azure database management portal,
with SQLAzureMW or by using this T-SQL script while connected to your root database:
CREATE FEDERATION <FederationName>(<DistributionKeyName> <DistributionType> RANGE)
In this example,
<FederationName> is the name of the federation (not the name of the physical database, which is a System-GUID).
<DistributionKeyName> is the name for the distribution key,
and <DistributionType> is the distribution data type that data will be sharded on.
The valid distribution data types are int, bigint, uniqueidentifier and varbinary (up to 900).
6. Question 6. What Is Federation Member?
Answer :
The federation member is the shard (i.e., the database containing a specific range of information).
T-SQL script:
USE FEDERATION ROOT WITH RESET
GO
ALTER FEDERATION <Federation Name> SPLIT AT (<Distribution KeyName>=<script point>)
7. Question 7. How To Scale Out A Federation By Sql Statement?
Answer :
ALTER FEDERATION <FederationName> SPLIT AT (<DistributionKeyName>=<value>)
8. Question 8. What Is Sql Azure Firewall?
Answer :
SQL Azure firewall is a security mechanism that blocks requests based on its IP address.
9. Question 9. What Is The Difference Between Web Edition And Business Edition?
Answer :
SQL Azure Web edition database Max Size is 5 GB whereas the business edition supports Max Size up to 50 GB.
The size of a web edition database can be increased (/decreased) in the increments (/decrements) of 1 GB
where as the size of a business edition can be increased in the increments of 10 GB.
10. Question 10. How Many Databases Can We Create In A Single Server?
Answer :
150 databases (including master database) can be created in a single SQL Azure server.
11. Question 11. How Many Servers Can We Create In A Single Subscription?
Answer :
As of now, we can create six servers under a single subscription.
12. Question 12. How Many Replicas Are Maintained For Each Sql Azure Db?
Answer :
3 replicas are maintained for each logical DB.
Single primary is observed as the replica where actual read/write take place. Once this goes down, another replica is upgraded automatically as a single primary.
13. Question 13. What Is The Index Requirement In Sql Azure?
Answer :
All tables must have clustered index. You can't have a table without clustered index.
14. Question 14. What Is Cloud Computing?
Answer :
Cloud Computing:
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction.
15. Question 15. How Is Sql Azure Different Than Sql Server?
Answer :
SQL Azure is a cloud based service and so it has own set of pros and cons when compared to SQL server. SQL Azure service benefits includes on demand provisioning, high availability, reduced management overhead and scalability. But SQL Azure abstracts some details from the subscriber which can be good or bad which depends on the context of the need.
16. Question 16. How Many Replicas Are Maintained For Each Sql Azure Database?
Answer :
For each database, three replicas are maintained for each database that one provisions. One of them is primary replica. All read/write happen on primary replica and other replicas are kept in sync with primary replica. If for some reason, primary goes down, other replica is promoted to primary. All this happens under the hood.
17. Question 17. How Can We Migrate From Sql Server To Sql Azure?
Answer :
For Data Migration, we can use BCP or SSIS. And for schema Migration we can use Generate Script Wizard. Also, we could use a Tool called SQL Azure migration wizard available on codeplex.
18. Question 18. Which Tools Are Available To Manage Sql Azure Databases And Servers?
Answer :
We can manage SQL Azure database using SQL server management server 2008 R2. Also, we can manage SQL Azure databases and servers through a Silverlight app integrated in Azure management portal.
19. Question 19. Tell Me Something About Security And Sql Azure?
Answer :
SQL Azure service allows blocking a request based on its IP address through SQL Azure firewall. It uses SQL server Authentication mechanism to authenticate connections. Also connections to SQL Azure are SSL-encrypted by default.
20. Question 20. How Do We Synchronize On Premise Sql Server With Sql Azure?
Answer :
We could use a No code solution called DATA SYNC (currently in community technology preview) to synchronize on-premise SQL server with SQL Azure. We can also develop custom solutions using SYNC framework.
21. Question 21. How Do We Backup Sql Azure Data?
Answer :
SQL Azure keeps three replicas of a database to tackle hardware level issues. To tackle user level errors, we can use COPY command that allows us to create a replica of a SQL Azure database. We can also backup SQL Azure data to local SQL server using BCP, SSIS, etc. but as of now, point in time recovery is not supported.
22. Question 22. What Is The Current Pricing Model Of Sql Azure?
Answer :
Charges for SQL Azure consumption is based on
o Size
o Data Transfer.
23. Question 23. What Is The Current Limitation Of The Size Of Sql Azure Db?
Answer :
Maximum size of a SQL Azure database is 50 GB.
24. Question 24. How Do You Handle Datasets Larger Than 50 Gb?
Answer :
As of now, we have to build custom solution at application level that can handle scale out of underlying SQL Azure databases. But Microsoft has announced, SQL Azure Federations that will assist scaling out of SQL Azure databases. And scale out means that we are splitting the data into smaller subsets spread across multiple databases.
25. Question 25. What Happens When The Sql Azure Database Reaches Max Size?
Answer :
Read operations continue to work but create/insert/update operations are throttled. You can drop/delete/truncate data.
26. Question 26. How Do You Improve The Performance Of A Sql Azure Database?
Answer :
We can tune a SQL Azure database using information available from execution plan and statistics of a query. We could use SQL Azure Dynamic Management views to monitor and manage SQL Azure database.
Also, SQL Azure performance is affected by network latency and bandwidth. Considering this, code in application topology gives the best performance.
27. Question 27. What Is Code Near Application Topology?
Answer :
Code near application topology means that the SQL Azure database and the windows azure hosted service consuming the data are hosted in the same Azure datacenter.
28. Question 28. What Were The Latest Updates To Sql Azure Service?
Answer :
Latest SQL Azure updates include multiple servers per subscription, SQL Azure co administrator support, creating Firewall rules for servers with IP detect.
29. Question 29. When Does A Workload On Sql Azure Get Throttled?
Answer :
When database reaches its maximum size update /insert /create operations get throttled. Also there are policies in place that does not allow to a workload to exploit a shared physical server. In other words, the policies make sure that all workload get a fair share of shared physical server. Now, a workload can get soft throttled that means that the workload has crossed the safety threshold. A workload can also got hard throttled which means that a SQL Azure machine is out of resources and it does not accept new connections. We can know more about what happened by decoding reason codes.
Section 1: General Cloud Questions
1. What are the different types of services offered in the cloud?
| IAAS VS PAAS VS SAAS | ||
| IAAS | PAAS | SAAS |
| In infrastructure as a service, you get the raw hardware from your cloud provider as a service i.e you get a server which you can configure with your own will. | Platform as a Service, gives you a platform to publish without giving the access to the underlying software or OS. | You get software as a service in Azure, i.e no infrastructure, no platform, simple software that you can use without purchasing it. |
| For Example: Azure VM, Amazon EC2. | For example: Web Apps, Mobile Apps in Azure. | For example: when you launch a VM on Azure, you are not buying the OS, you are basically renting it for the time you will be running that instance. |
2. What is cloud computing?
Explanation: It is the use of servers on the internet to “store”, “manage” and “process” data. The difference is, instead of using your own servers, you are using someone else’s servers to do your task, paying them for the amount of time you use it for.
3. What are the different cloud deployment models?
Explanation: Following are the three cloud deployment models:
Public Cloud: The infrastructure is owned by your cloud provider and the server that you are using could be a multi-tenant system.
Private Cloud: The infrastructure is owned by you or your cloud provider gives you that service exclusively. For eg: Hosting your website on your servers, or hosting your website with the cloud provider on a dedicated server.
Hybrid Cloud: When you use both Public Cloud, Private Cloud together, it is called Hybrid Cloud. For Example: Using your in-house servers for confidential data, and the public cloud for hosting your company’s public facing website. This type of setup would be a hybrid cloud.
4. I have some private servers on my premises, also I have distributed some of my workload on the public cloud, what is this architecture called?
1. Virtual Private Network
2. Private Cloud
3. Virtual Private Cloud
4. Hybrid Cloud
Answer: D. Hybrid Cloud
Explanation: This type of architecture would be a hybrid cloud. Why? Because we are using both, the public cloud, and on premises servers i.e the private cloud. To make this hybrid architecture easy to use, wouldn’t it be better if your private and public cloud were all on the same network (virtually). This is established by including your public cloud servers in a virtual private cloud, and connecting virtual cloud with your on premise servers using a VPN (Virtual Private Network).
Section 2: Basic Azure Questions
5. What is Microsoft Azure and why is it used?
Explanation: As discussed above, the companies which provide the cloud service are called the Cloud Providers. There are a lot of cloud providers out there, out of them one is Microsoft Azure. It is used for accessing Microsoft’s infrastructure for cloud.
6. Which service in Azure is used to manage resources in Azure?
1. Application Insights
2. Azure Resource Manager
3. Azure Portal
4. Log Analytics
Answer: B Azure Resource Manager
Explanation: Azure Resource Manager is used to “manage” infrastructures which involve a no. of azure services. It can be used to deploy, manage and delete all the resources together using a simple JSON script.
7. Which of the following web applications can be deployed with Azure?
1. ASP.NET
2. PHP
3. WCF
4. All of the mentioned
Answer: D All of the mentioned
Explanation: Microsoft also has released SDKs for both Java and Ruby to allow applications written in those languages to place calls to the Azure Service Platform API to the AppFabric Service.
Section 3: Azure Interview Questions
8. What are Roles and why do we use them?
Explanation: Roles are nothing servers in layman terms. These servers are managed, load balanced, Platform as a Service virtual machines that work together to achieve a common goal.
There are 3 types of roles in Microsoft Azure:
· Web Role
· Worker Role
· VM Role
Let’s discuss each of these roles in detail:
· Web Role – A web role is basically used to deploy a website, using languages supported by the IIS platform like, PHP, .NET etc. It is configured and customized to run web applications.
· Worker Role – A worker role is more like an help to the Web role, it used to execute background processes unlike the Web Role which is used to deploy the website.
· VM Role – The VM role is used by a user to schedule tasks and other windows services. This role can be used to customize the machines on which the web and worker role is running.
9. A _________ role is a virtual machine instance running Microsoft IIS Web server that can accept and respond to HTTP or HTTPS requests.
1. Web
2. Server
3. Worker
4. Client
Answer: A. Web
Explanation: The answer should be Web Roles, there are no roles such as Server or Client roles. Also, Worker roles can only communicate with Azure Storage or through direct connections to clients.
10. Is it possible to create a Virtual Machine using Azure Resource Manager in a Virtual Network that was created using classic deployment?
Explanation: This is not supported. You cannot use Azure Resource Manager to deploy a virtual machine into a virtual network that was created using classic deployment.
11. What are virtual machine scale sets in Azure?
Explanation: Virtual machine scale sets are Azure compute resource that you can use to deploy and manage a set of identical VMs. With all the VMs configured the same, scale sets are designed to support true autoscale, and no pre-provisioning of VMs is required. So it’s easier to build large-scale services that target big compute, big data, and containerized workloads.
12. Are data disks supported within scale sets?
Explanation: Yes. A scale set can define an attached data disk configuration that applies to all VMs in the set. Other options for storing data include:
· Azure files (SMB shared drives)
· OS drive
· Temp drive (local, not backed by Azure Storage)
· Azure data service (for example, Azure tables, Azure blobs)
· External data service (for example, remote database)
13. What is an Availability Set?
Explanation: An availability set is a logical grouping of VMs that allows Azure to understand how your application is built to provide redundancy and availability. It is recommended that two or more VMs are created within an availability set to provide for a highly available application and to meet the 99.95% Azure SLA. When a single VM is used with Azure Premium Storage, the Azure SLA applies for unplanned maintenance events.
14. What are Fault Domains?
Explanation: A fault domain is a logical group of underlying hardware that share a common power source and network switch, similar to a rack within an on-premise data-centers. As you create VMs within an availability set, the Azure platform automatically distributes your VMs across these fault domains. This approach limits the impact of potential physical hardware failures, network outages, or power interruptions.
15. What are Update Domains?
Explanation: An update domain is a logical group of underlying hardware that can undergo maintenance or can be rebooted at the same time. As you create VMs within an availability set, the Azure platform automatically distributes your VMs across these update domains. This approach ensures that at least one instance of your application always remains running as the Azure platform undergoes periodic maintenance. The order of update domains being rebooted may not proceed sequentially during planned maintenance, but only one update domain is rebooted at a time.
16. What are Network Security Groups?
Explanation: A network security group (NSG) contains a list of Access Control List (ACL) rules that allow or deny network traffic to subnets, NICs, or both. NSGs can be associated with either subnets or individual NICs connected to a subnet. When an NSG is associated with a subnet, the ACL rules apply to all the VMs in that subnet. In addition, traffic to an individual NIC can be restricted by associating an NSG directly to a NIC.
17. Do scale sets work with Azure availability sets?
Explanation: Yes. A scale set is an implicit availability set with 5 fault domains and 5 update domains. Scale sets of more than 100 VMs span multiple placement groups, which are equivalent to multiple availability sets. An availability set of VMs can exist in the same virtual network as a scale set of VMs. A common configuration is to put control node VMs (which often require unique configuration) in an availability set and put data nodes in the scale set.
18. What is a break-fix issue?
Explanation: Technical problems are called break-fix issue, it is an industry term which refers to “work involved in supporting a technology when it fails in the normal course of its function, which requires intervention by a support organization to be restored to working order”.
19. Why is Azure Active Directory used?
Explanation: Azure Active Directory is an Identity and Access Management system. It is used to grant access to your employees to specific products and services in your network. For example: Salesforce.com, twitter etc. Azure AD has some in-built support for applications in its gallery which can be added directly.
20. What happens when you exhaust the maximum failed attempts for authenticating yourself via Azure AD?
Explanation: We use a more sophisticated strategy to lock accounts. This is based on the IP address of the request and the passwords entered. The duration of the lockout also increases based on the likelihood that it is an attack.
21. Where can I find a list of applications that are pre-integrated with Azure AD and their capabilities?
Explanation: Azure AD has around 2600 pre-integrated applications. All pre-integrated applications support single sign-on (SSO). SSO let you use your organizational credentials to access your apps. Some of the applications also support automated provisioning and de-provisioning.
22. How can I use applications with Azure AD that I’m using on-premises?
Explanation: Azure AD gives you an easy and secure way to connect to the web applications you choose. You can access these applications in the same way you access your SaaS apps in Azure AD, no need for a VPN to change your network infrastructure.
23. What is Azure Service Fabric?
Explanation: Azure Service Fabric is a distributed systems platform that makes it easy to package, deploy, and manage scalable and reliable micro-services. Service Fabric also addresses the significant challenges in developing and managing cloud applications. Developers and administrators can avoid complex infrastructure problems and focus on implementing mission-critical, demanding workloads that are scalable, reliable, and manageable. Service Fabric represents the next-generation middleware platform for building and managing these enterprise-class, tier-1, cloud-scale applications.
24. What is a VNet?
Explanation: VNet is a representation of your own network in the cloud. It logically isolates your instances launched in the cloud, from the rest of your resources.
25. What are the differences between Subscription Administrator and Directory Administrator?
Explanation: By default, one is assigned the Subscription Administrator role when he/she signs up for Azure. A subscription admin can use either a Microsoft account or a work or school account from the directory that the Azure subscription is associated with. This role is authorized to manage services in the Azure portal. If others need to sign in and access services by using the same subscription, you can add them as co-admins.
Azure AD has a different set of admin roles to manage the directory and identity-related features. These admins will have access to various features in the Azure portal or the Azure classic portal. The admin’s role determines what they can do, like create or edit users, assign administrative roles to others, reset user passwords, manage user licenses, or manage domains.
26. Are there any scale limitations for customers using managed disks?
Explanation: Managed Disks eliminates the limits associated with storage accounts. However, the number of managed disks per subscription is limited to 2000 by default.
27. What is the difference between Service Bus Queues and Storage Queues?
Explanation: The Azure Storage Queue is simple and the developer experience is quite good. It uses the local Azure Storage Emulator and debugging is made quite easy. The tooling for Azure Storage Queues allows you to easily peek at the top 32 messages and if the messages are in XML or Json, you’re able to visualize their contents directly from Visual Studio Furthermore, these queues can be purged of their contents, which is especially useful during development and QA efforts.
The Azure Service Bus Queues are evolved and surrounded by many useful mechanisms that make it enterprise worthy! They are built into the Service Bus and are able to forward messages to other Queues and Topics. They have a built-in dead-letter queue and messages have a time to live that you control, hence messages don’t automatically disappear after 7 days.
Furthermore, Azure Service Bus Queues have the ability of deleting themselves after a configurable amount of idle time. This feature is very practical when you create Queues for each user, because if a user hasn’t interacted with a Queue for the past month, it automatically gets clean it up. Its also a great way to drive costs down. You shouldn’t have to pay for storage that you don’t need. These Queues are limited to a maximum of 80gb. Once you’ve reached this limit your application will start receiving exceptions.
28. What is Azure Redis Cache?
Redis is an open source (BSD licensed), in-memory data structure store, used as a database, cacheand message broker. Azure Redis Cache is based on the popular open-source Redis cache. It gives you access to a secure, dedicated Redis cache, managed by Microsoft, and accessible from any application within Azure. It supports data structures such as strings, hashes, lists, sets, sorted sets with range queries, bitmaps, hyperloglogs and geospatial indexes with radius queries.
29. Why doesn’t Azure Redis Cache have an MSDN class library reference like some of the other Azure services?
Explanation: Microsoft Azure Redis Cache is based on the popular open source Redis Cache and can be accessed by a wide variety of Redis clients for many programming languages. Each client has its own API that makes calls to the Redis cache instance using Redis commands.
Because each client is different, there is not one centralized class reference on MSDN, and each client maintains its own reference documentation. In addition to the reference documentation, there are several tutorials showing how to get started with Azure Redis Cache using different languages and cache clients.
30. What are Redis databases?
Explanation: Redis Databases are just a logical separation of data within the same Redis instance. The cache memory is shared between all the databases and actual memory consumption of a given database depends on the keys/values stored in that database. For example, a C6 cache has 53 GB of memory. You can choose to put all 53 GB into one database or you can split it up between multiple databases.
31. Is it possible to add an existing VM to an availability set?
Explanation: No. If you want your VM to be part of an availability set, you need to create the VM within the set. There currently no way to add a VM to an availability set after it has been created.
32. What are the username requirements when creating a VM?
Explanation: Usernames can be a maximum of 20 characters in length and cannot end in a period (“.”).
The following usernames are not allowed:
33. What are the password requirements when creating a VM?
Explanation: Passwords must be 12 – 123 characters in length and meet 3 out of the following 4 complexity requirements:
· Have lower characters
· Have upper characters
· Have a digit
· Have a special character (Regex match [\W_])
The following passwords are not allowed:
34. How much storage can I use with a virtual machine?
Explanation: Each data disk can be up to 1 TB. The number of data disks which you can use depends on the size of the virtual machine.
Azure Managed Disks are the new and recommended disk storage offerings for use with Azure Virtual Machines for persistent storage of data. You can use multiple Managed Disks with each Virtual Machine. Managed Disks offer two types of durable storage options: Premium and Standard Managed Disks.
Azure storage accounts can also provide storage for the operating system disk and any data disks. Each disk is a .vhd file stored as a page blob.
35. How can one create a Virtual Machine in Powershell?
# Define a credential object
$cred = Get-Credential
# Create a virtual machine configuration
$vmConfig = New-AzureRmVMConfig -VMName myVM -VMSize Standard_DS2 |
` Set-AzureRmVMOperatingSystem -Windows -ComputerName myVM -Credential $cred |
` Set-AzureRmVMSourceImage -PublisherName MicrosoftWindowsServer -Offer WindowsServer `
-Skus 2016-Datacenter -Version latest | Add-AzureRmVMNetworkInterface -Id $nic.Id
36. How to create a Network Security Group and a Network Security Group Rule?
# Create an inbound network security group rule for port 3389
$nsgRuleRDP = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleRDP -Protocol Tcp `
-Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 3389 -Access Allow
# Create an inbound network security group rule for port 80
$nsgRuleWeb = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleWWW -Protocol Tcp `
-Direction Inbound -Priority 1001 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 80 -Access Allow
# Create a network security group
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName myResourceGroup -Location EastUS `
-Name myNetworkSecurityGroup -SecurityRules $nsgRuleRDP,$nsgRuleWeb
37. How to create a new storage account and container using Power Shell?
$storageName = "st" + (Get-Random)
New-AzureRmStorageAccount -ResourceGroupName "myResourceGroup" -AccountName $storageName -Location "West US" -SkuName "Standard_LRS" -Kind Storage
$accountKey = (Get-AzureRmStorageAccountKey -ResourceGroupName myResourceGroup -Name $storageName).Value[0]
$context = New-AzureStorageContext -StorageAccountName $storageName -StorageAccountKey $accountKey
New-AzureStorageContainer -Name "templates" -Context $context -Permission Container
38. How can one create a VM in Azure CLI?
az vm create ` --resource-group myResourceGroup ` --name myVM --image win2016datacenter ` --admin-username azureuser ` --admin-password myPassword12
9. What are the various power states of a VM?
40. How can you retrieve the state of a particular VM?
Get-AzureRmVM `
-ResourceGroupName myResourceGroup `
-Name myVM `
-Status | Select @{n="Status"; e={$_.Statuses[1].Code}}
41. How can you stop a VM using Power Shell?
Stop-AzureRmVM -ResourceGroupName myResourceGroupVM -Name "myVM" -Force
42. Why was my client disconnected from the cache?
Explanation: The following are some common reason for a cache disconnect.
· Client-side causes
· The client application was redeployed.
· The client application performed a scaling operation.
· In the case of Cloud Services or Web Apps, this may be due to auto-scaling.
· The networking layer on the client side changed.
· Transient errors occurred in the client or in the network nodes between the client and the server.
· The bandwidth threshold limits were reached.
· CPU bound operations took too long to complete.
· Server-side causes
· On the standard cache offering, the Azure Redis Cache service initiated a fail-over from the primary node to the secondary node.
· Azure was patching the instance where the cache was deployed
· This can be for Redis server updates or general VM maintenance.
43. What is Azure Search?
Explanation: Azure Search is a cloud search-as-a-service solution that delegates server and infrastructure management to Microsoft, leaving you with a ready-to-use service that you can populate with your data and then use to add search to your web or mobile application. Azure Search allows you to easily add a robust search experience to your applications using a simple REST API or .NET SDK without managing search infrastructure or becoming an expert in search.
44. My web app still uses an old Docker container image after I’ve updated the image on Docker Hub. Does Azure support continuous integration/deployment of custom containers?
Explanation: Yes, it does. For private registries, you can update the container by stopping and then re-starting your web app. Alternatively, you can also change or add a dummy application setting to force an update of your container.
45. What are the expected values for the Startup File section when I configure the runtime stack?
Explanation: For Node.Js, you specify the PM2 configuration file or your script file. For .NET Core, specify your compiled DLL name. For Ruby, you can specify the Ruby script that you want to initialize your app with.
46. How are Azure Marketplace subscriptions priced?
Explanation:
Pricing will vary based on product types. ISV software charges and Azure infrastructure costs are charged separately through your Azure subscription. Pricing models include:
BYOL Model: Bring-your-own-license. You obtain outside of the Azure Marketplace, the right to access or use the offering and are not charged Azure Marketplace fees for use of the offering in the Azure Marketplace.
Free: Free SKU. Customers are not charged Azure Marketplace fees for use of the offering.
Free Software Trial: Full-featured version of the offer that is promotionally free for a limited period of time. You will not be charged Azure Marketplace fees for use of the offering during a trial period. Upon expiration of the trial period, customers will automatically be charged based on standard rates for use of the offering.
Usage-Based: You are charged or billed based on the extent of your use of the offering. For Virtual Machines Images, you are charged an hourly Azure Marketplace fee. For Data Services, Developer services, and APIs, you are charged per unit of measurement as defined by the offering.
Monthly Fee: You are charged or billed a fixed monthly fee for a subscription to the offering (from the date of subscription start for that particular plan). The monthly fee is not prorated for mid-month cancellations or unused services.
47. What is the difference between “price,” “software price,” and “total price” in the cost structure for Virtual Machine offers in the Azure Marketplace?
Explanation: “Price” refers to the cost of the Azure Virtual Machine to run the software. “Software price” refers to the cost of the publisher software running on an Azure Virtual Machine. “Total price” refers to the combined total cost of the Azure Virtual Machine and the publisher software running on an Azure Virtual Machine.
48. What are stateful and stateless microservices for Service Fabric?
Explanation: Service Fabric enables you to build applications that consist of microservices. Stateless microservices (such as protocol gateways and web proxies) do not maintain a mutable state outside a request and its response from the service. Azure Cloud Services worker roles are an example of a stateless service. Stateful microservices (such as user accounts, databases, devices, shopping carts, and queues) maintain a mutable, authoritative state beyond the request and its response. Today’s Internet-scale applications consist of a combination of stateless and stateful microservices.
49. What is the meaning of application partitions?
Explanation: The application partitions are a part of the Active Directory system and having said so, they are directory partitions which are replicated to domain controllers. Usually, domain controllers that are included in the process of directory partitions hold a replica of that directory partition. The attributes and values of application partitions is that you can replicated them to any specific domain controller in a forest, meaning that it could lessen replication traffic. While the domain directory partitions transfer all their data to all of the domains, the application partitions can focus on only one in the domain area. This makes application partitions redundant and more available.
50. What are special Azure Regions?
Explanation: Azure has some special regions that you may wish to use when buildingyour applications for compliance or legal purposes. These special regions include:
· US Gov Virginia and US Gov Iowa
· A physical and logical network-isolated instance of Azure for US government agencies and partners, operated by screened US persons. Includes additional compliance certifications such as FedRAMP and DISA.
· China East and China North
· These regions are available through a unique partnership between Microsoft and 21Vianet, whereby Microsoft does not directly maintain the datacenters.
· Germany Central and Germany Northeast
· These regions are available via a data trustee model whereby customer data remains in Germany under control of T-Systems, a Deutsche Telekom company, acting as the German data trustee.
Azure and Windows PowerShell: The Basics
Please note that you can work with Azure using the following methods:
· Azure Portal: The portal allows you to browse resources, modify settings, create new resources, and monitor your resources.
· Azure Windows PowerShell: The Azure PowerShell Module will help you to manage your Azure resources. You can use it on your local machine or in your web browser.
· Azure CLI: Azure CLI (command line interface) is the next generation multi-platform command line experience for managing Azure resources. You can use it on MacOS, Linux and Windows. You also can use it in a web browser.
· Azure REST API: Representational State Transfer (REST) APIs are service endpoints that support sets of HTTP operations (methods), which provide create, retrieve, update, or delete access to the service’s resources. Note that I will not cover this method in this series.
As you can see, Windows PowerShell is not the only method available to work with Azure. In this series, I will also provide Azure CLI commands when it’s possible. Azure CLI is simpler than PowerShell but the main advantage of PowerShell is the community. You will notice that there are many PowerShell script examples available for Azure.
Before going deeper into Azure services, this first article will cover the basics by describing how to login to Azure and how to configure your scripting environment. I hope you will find this series interesting and helpful.
Using the Azure Cloud Shell
Azure Cloud Shell is one method to manage your Azure resources that are available without installing anything on your local system. It provides secure terminal access to a virtual machine without the need to install and maintain the machine yourself. In fact, the virtual machine is created and deleted as needed. Azure Cloud Shell can be accessed within a web browser through the Azure Portal, and you can use it with both PowerShell and Azure CLI commands. With Azure Cloud Shell, you always have the most up-to-date version of the tools available and you don’t have to install or update it. Azure Cloud Shell requires an Azure File Share to persist files, so Azure will create a new storage account for you and this will incur a small monthly cost. First, login to the Azure Portal https://portal.azure.com as shown in Figure 1 and click on the Cloud Shell icon.
Figure 1 – Azure Cloud Shell icon
Wait a few seconds and a PowerShell console will appear. It will take a minute or to authenticate as shown in Figure 2, but authentication is automatic
Figure 2 – Azure Cloud Shell using Windows PowerShell
Note that you can select PowerShell or Bash from the shell drop-down list to manage your Azure resources. Figure 3 shows the Bash option. Azure Cloud Shell gives you the flexibility of choosing the shell experience that best suits the way you work. If you are a Linux user, then you can opt for a Bash experience, while Windows users can opt for Windows PowerShell. Remember that Azure Cloud Shell is designed to be a flexible and cross-platform tool.
Figure 3 – Azure Cloud Shell using Bash
In my case, I will always use the PowerShell console instead of the Bash console. From this console you can use the Azure PowerShell Module or Azure CLI. Run the following PowerShell command to get the subscription ID, subscription name, and home tenant for the subscriptions that the current account can access.
| Azure:\ PS Azure:\> Get-AzureRmSubscription Name : Visual Studio Enterprise Id : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx TenantId : yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy State : Enabled |
You can also use Azure CLI to get the same information by running the following command:
| Azure:\ PS Azure:\> az account list --output table Name CloudName SubscriptionId State IsDefault ------------------------ ----------- ------------------------------------ ------- --------- Visual Studio Enterprise AzureCloud xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx Enabled True |
Configuring the Local Scripting Environment
The other option, and possibly the most common, is using the local computer to write and run scripts. Let’s start by installing Azure CLI. You can install Azure CLI on MacOS, Linux, and Windows.
To run Azure CLI on your workstation, you must download the MSI from: https://aka.ms/InstallAzureCliWindows. Once the installation is completed, open a PowerShell console and type the following command to confirm that Azure CLI is available:
| Windows PowerShell Copyright (C) 2016 Microsoft Corporation. All rights reserved. PS C:\Users\Nicolas> az /\ / \ _____ _ _ __ ___ / /\ \ |_ / | | | \'__/ _ \ / ____ \ / /| |_| | | | __/ /_/ \_\/___|\__,_|_| \___| Welcome to the cool new Azure CLI! Here are the base commands: account : Manage subscriptions. acr : Manage Azure Container Registries. acs : Manage Azure Container Services. ad : Synchronize on-premises directories and manage Azure Active Directory resources. appservice : Manage your App Service plans. batch : Manage Azure Batch. billing : Manage Azure Billing. cdn : Manage Azure Content Delivery Networks (CDN). cloud : Manage the registered Azure clouds. cognitiveservices: Manage Cognitive Services accounts in Azure Resource Manager. component : Manage and update Azure CLI 2.0 components. configure : Configure Azure CLI 2.0 or view your configuration. The command is interactive, so just type `az configure` and respond to the prompts. consumption : Manage Azure Consumption. container : (Preview) Manage Azure Container Instances. […] Note that output has been truncated. |
One thing to notice is the Azure CLI version. Run the following command to check the installed version:
| PS C:\Users\Nicolas> az --version azure-cli (2.0.16) |
There are two main versions of Azure CLI in use. If you are using the classic Azure Service Manager (ASM) deployments, you will need Azure CLI 1.0. In version 1.0, the commands start with azure. If you use, instead, the newer and preferred Azure Resource Manager (ARM) deployments, you will use Azure CLI 2.0, and the commands begin with az. Now let’s install the Azure PowerShell module. I think using the PowerShell Gallery is the easiest and fastest way to install it. Open your PowerShell console as an administrator and use the following PowerShell command :
| PS > Install-Module AzureRM |
Let’s confirm if the module is installed:
| PS C:\WINDOWS\system32> Get-Module -ListAvailable *Azure* Directory: C:\Program Files\WindowsPowerShell\Modules ModuleType Version Name ExportedCommands ---------- ------- ---- ---------------- Script 0.5.0 Azure.AnalysisServices {Add-AzureAnalysisServicesAccount,.. Script 0.4.2 Azure.AnalysisServices {Add-AzureAnalysisServicesAccount,.. Script 4.0.2 Azure.Storage {Get-AzureStorageTable, New-.. Script 3.2.1 Azure.Storage {Get-AzureStorageTable, New-.. Script 0.6.0 AzurePSDrive Script 5.1.1 AzureRM Script 4.2.1 AzureRM {New-AzureRmAnalysisServicesServer,.. […] Note that output has been truncated. |
Remember to update the Azure PowerShell module on a regular basis using the Update-Modulecmdlet.
Login to Azure
You can now begin scripting your Azure tasks! The first thing to do is to be able to login on Azure. The easiest way to perform this task is to use the Login-AzureRMLogin cmdlet. With no other parameters provided, this will pop up a login box where you can enter your Azure credentials. Then, it will create an authentication context for your PowerShell Session:
| PS C:\WINDOWS\system32> Login-AzureRmAccount Environment : AzureCloud Account : mail@domain.com TenantId : yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy SubscriptionId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx SubscriptionName : Visual Studio Enterprise CurrentStorageAccount : |
If you are using it against the classic Azure Portal you can use the Install-Module Azure command and then use the following command to login: Add-AzureAccount.
To view some details about your session, run the Get-AzureRmContext cmdlet.
Automating Azure Login with PowerShell
After few days of working with Azure, you will notice that the login step is boring. Fortunately, you can automate this step by saving your Azure RM context in a JSON file. The Save-AzureRmContext cmdlet saves the current authentication information for use in other PowerShell sessions. Running this cmdlet has security implications for your Azure environment, so you need to be sure that your context file is stored in a safe location.
First you must run the Login-AzureRmAccount cmdlet and next, run the following command:
| PS > Save-AzureRmContext -Path "C:\AzureProfile.json" |
Thanks to this JSON file, you can now login to Azure very quickly. I will first check that I am not logged in to my Azure subscription:
| PS C:\Users\Nicolas> Get-AzureRmVM Get-AzureRmVM: Run Login-AzureRmAccount to login. At line:1 char:1 + get-azurermvm + ~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (:) [Get-AzureRmVM], PSInvalidOperationException + FullyQualifiedErrorId : InvalidOperation,Microsoft.Azure.Commands.Compute.GetAzureVMCommand |
The error message shows that I’m not logged in. Now I can use my JSON file using the Import-AzureRmContext cmdlet:
| PS C:\Users\Nicolas> Import-AzureRmContext -Path "C:\AzureProfile.json" Environment : AzureCloud Account : mail@domain.com TenantId : yyyyyyyy-yyyy-yyyy-yyyy-yyyyyyyyyyyy SubscriptionId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx SubscriptionName : Visual Studio Enterprise CurrentStorageAccount : |
Done! Now, I can list my Azure Virtual Machines available in my subscription:
| PS C:\Users\Nicolas> Get-AzureRmVM ResourceGroupName Name Location VmSize OsType ProvisioningState ----------------- ---- -------- ------ ------ ----------------- NICO-RG01 Win10-1709 westeurope Standard_D2_v2 Windows Succeeded NICO-RG02 Win2016-1709 westeurope Standard_D1_v2 Windows Succeeded |
The Login-AzureRmAccount cmdlet is an Alias for Add-AzureRmAccount cmdlet, so they both do the same thing. The Add-AzureAccount cmdlet is the old service management (classic) command for accessing Azure, which you would use if you needed to access classic resources. The Login-AzureRmAccount cmdlet is used for access to the new ARM services.
Here is another important point to notice. If you try to run the following command it will bring up a Windows login dialog in which you must enter your Azure credentials:
| PS > $cred = Get-Credential PS > Login-AzureRmAccount –Credential $cred |
You may get the following error:
| Login-AzureRmAccount : Sequence contains no elements At line:4 char:1 + Login-AzureRmAccount -Credential $cred + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (:) [Add-AzureRmAccount], AadAuthenticationFailedException + FullyQualifiedErrorId : Microsoft.Azure.Commands.Profile.AddAzureRMAccountCommand |
If you get this error, it means that you probably used your Hotmail or Live account. Unfortunately, this is a platform limitation because Microsoft accounts cannot be used in the non-interactive flow. You must use a work/school account, but if you don’t have one, the advice for automating you login is to use your JSON file to automate the login processor or to create an Azure RM service principal using the New-AzureRmADServicePrincipal cmdlet. I will cover this point in the next article.
We have covered very basic tasks such as:
· Login on Azure
· Automating the login process
· Installing the Azure PowerShell Module.
The basics are important in order to start working with Azure, and that is the reason why I selected this topic to begin this new series. For those of you who are wondering which method they must use to manage Azure resources, well that’s a good question because “it depends”. It depends on your preferences and your scripting skills. I would advise you to use the Azure PowerShell Module because, in my point of view, it’s easier to work with Azure and PowerShell. If you usually work with PowerShell in your job, you will save time. On top of that, as PowerShell is the Microsoft Shell created to manage Microsoft products, I think it is reasonable to use it with Azure as well. Of course, you have many good choices, so feel free to use your preferred method.
What is Azure Active Directory?
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service, which helps your employees' sign in and access resources in:
· External resources, such as Microsoft Office 365, the Azure portal, and thousands of other SaaS applications.
· Internal resources, such as apps on your corporate network and intranet, along with any cloud apps developed by your own organization.
You can use the various Microsoft Cloud for Enterprise Architects Series posters to better understand the core identity services in Azure, Azure AD, and Office 365.
Who uses Azure AD?
Azure AD is intended for:
· IT admins. As an IT admin, you can use Azure AD to control access to your apps and your app resources, based on your business requirements. For example, you can use Azure AD to require multi-factor authentication when accessing important organizational resources. Additionally, you can use Azure AD to automate user provisioning between your existing Windows Server AD and your cloud apps, including Office 365. Finally, Azure AD gives you powerful tools to automatically help protect user identities and credentials and to meet your access governance requirements. To get started, sign up for a free 30-day Azure Active Directory Premium trial.
· App developers. As an app developer, Azure AD gives you a standards-based approach for adding single sign-on (SSO) to your app, allowing it to work with a user's pre-existing credentials. Azure AD also provides APIs that can help you build personalized app experiences using existing organizational data. To get started, sign up for a free 30-day Azure Active Directory Premium trial. For more information, you can also see Azure Active Directory for developers.
· Microsoft 365, Office 365, Azure, or Dynamics CRM Online subscribers. As a subscriber, you're already using Azure AD. Each Microsoft 365, Office 365, Azure, and Dynamics CRM Online tenant is automatically an Azure AD tenant. You can immediately start to manage access to your integrated cloud apps.
What are the Azure AD licenses?
Microsoft Online business services, such as Office 365 or Microsoft Azure, require Azure AD for sign-in and to help with identity protection. If you subscribe to any Microsoft Online business service, you automatically get Azure AD with access to all the free features.
To enhance your Azure AD implementation, you can also add paid capabilities by upgrading to Azure Active Directory Basic, Premium P1, or Premium P2 licenses. Azure AD paid licenses are built on top of your existing free directory, providing self-service, enhanced monitoring, security reporting, and secure access for your mobile users.
Note
For the pricing options of these licenses, see Azure Active Directory Pricing.
Azure Active Directory Premium P1, Premium P2, and Azure Active Directory Basic are not currently supported in China. For more information about Azure AD pricing, contact the Azure Active Directory Forum.
· Azure Active Directory Free. Provides user and group management, on-premises directory synchronization, basic reports, and single sign-on across Azure, Office 365, and many popular SaaS apps.
· Azure Active Directory Basic. In addition to the Free features, Basic also provides cloud-centric app access, group-based access management, self-service password reset for cloud apps, and Azure AD Application Proxy, which lets you publish on-premises web apps using Azure AD.
· Azure Active Directory Premium P1. In addition to the Free and Basic features, P1 also lets your hybrid users access both on-premises and cloud resources. It also supports advanced administration, such as dynamic groups, self-service group management, Microsoft Identity Manager (an on-premises identity and access management suite) and cloud write-back capabilities, which allow self-service password reset for your on-premises users.
· Azure Active Directory Premium P2. In addition to the Free, Basic, and P1 features, P2 also offers Azure Active Directory Identity Protection to help provide risk-based conditional access to your apps and critical company data and Privileged Identity Management to help discover, restrict, and monitor administrators and their access to resources and to provide just-in-time access when needed.
· "Pay as you go" feature licenses. You can also get additional feature licenses, such as Azure Active Directory Business-to-Customer (B2C). B2C can help you provide identity and access management solutions for your customer-facing apps. For more information, see Azure Active Directory B2C documentation.
For more information about associating an Azure subscription to Azure AD, see How to: Associate or add an Azure subscription to Azure Active Directory and for more information about assigning licenses to your users, see How to: Assign or remove Azure Active Directory licenses.
Terminology
To better understand Azure AD and its documentation, we recommend reviewing the following terms.
Term or concept
Description
Azure subscription
Used to pay for Azure cloud services. You can have many subscriptions and they're linked to a credit card.
Azure tenant
A dedicated and trusted instance of Azure AD that's automatically created when your organization signs up for a Microsoft cloud service subscription, such as Microsoft Azure, Microsoft Intune, or Office 365. An Azure tenant represents a single organization.
Single tenant
Azure tenants that access other services in a dedicated environment are considered single tenant.
Multi-tenant
Azure tenants that access other services in a shared environment, across multiple organizations, are considered multi-tenant.
Azure AD directory
Each Azure tenant has a dedicated and trusted Azure AD directory. The Azure AD directory includes the tenant's users, groups, and apps and is used to perform identity and access management functions for tenant resources.
Azure AD account
An identity created through Azure AD or another Microsoft cloud service, such as Office 365. Identities are stored in Azure AD and accessible to your organization's cloud service subscriptions. This account is also sometimes called a Work or school account.
Custom domain
Every new Azure AD directory comes with an initial domain name, domainname.onmicrosoft.com. In addition to that initial name, you can also add your organization's domain names, which include the names you use to do business and your users use to access your organization's resources, to the list. Adding custom domain names helps you to create user names that are familiar to your users, such as alain@contoso.com.
Account Administrator
This classic subscription administrator role is conceptually the billing owner of a subscription. This role has access to the Azure Account Center and enables you to manage all subscriptions in an account. For more information, see Classic subscription administrator roles, Azure Role-based access control (RBAC) roles, and Azure AD administrator roles.
Service Administrator
This classic subscription administrator role enables you to manage all Azure resources, including access. This role has the equivalent access of a user who is assigned the Owner role at the subscription scope. For more information, see Classic subscription administrator roles, Azure RBAC roles, and Azure AD administrator roles.
Owner
This role helps you manage all Azure resources, including access. This role is built on a newer authorization system called role-base access control (RBAC) that provides fine-grained access management to Azure resources. For more information, see Classic subscription administrator roles, Azure RBAC roles, and Azure AD administrator roles.
Azure AD Global administrator
This administrator role is automatically assigned to whomever created the Azure AD tenant. Global administrators can do all of the administrative functions for Azure AD and any services that federate to Azure AD, such as Exchange Online, SharePoint Online, and Skype for Business Online. You can have multiple Global administrators, but only Global administrators can assign administrator roles (including assigning other Global administrators) to users.
Note
This administrator role is called Global administrator in the Azure portal, but it's called Company administrator in Microsoft Graph API, Azure AD Graph API, and Azure AD PowerShell.
For more information about the various administrator roles, see Administrator role permissions in Azure Active Directory.
Microsoft account (also called, MSA)
Personal accounts that provide access to your consumer-oriented Microsoft products and cloud services, such as Outlook, OneDrive, Xbox LIVE, or Office 365. Your Microsoft account is created and stored in the Microsoft consumer identity account system that's run by Microsoft.
Which features work in Azure AD?
After you choose your Azure AD license, you'll get access to some or all of the following features for your organization:
Category
Description
Application management
Manage your cloud and on-premises apps using Application Proxy, single sign-on, the My Apps portal (also known as the Access panel), and Software as a Service (SaaS) apps. For more information, see How to provide secure remote access to on-premises applications and Application Management documentation.
Authentication
Manage Azure Active Directory self-service password reset, Multi-Factor Authentication, custom banned password list, and smart lockout. For more information, see Azure AD Authentication documentation.
Business-to-Business (B2B)
Manage your guest users and external partners, while maintaining control over your own corporate data. For more information, see Azure Active Directory B2B documentation.
Business-to-Customer (B2C)
Customize and control how users sign up, sign in, and manage their profiles when using your apps. For more information, see Azure Active Directory B2C documentation.
Conditional access
Manage access to your cloud apps. For more information, see Azure AD Conditional Access documentation.
Azure Active Directory for developers
Build apps that sign in all Microsoft identities, get tokens to call Microsoft Graph, other Microsoft APIs, or custom APIs. For more information, see Microsoft identity platform (Azure Active Directory for developers).
Device Management
Manage how your cloud or on-premises devices access your corporate data. For more information, see Azure AD Device Management documentation.
Domain services
Join Azure virtual machines to a domain without using domain controllers. For more information, see Azure AD Domain Services documentation.
Enterprise users
Manage license assignment, access to apps, and set up delegates using groups and administrator roles. For more information, see Azure Active Directory user management documentation.
Hybrid identity
Use Azure Active Directory Connect and Connect Health to provide a single user identity for authentication and authorization to all resources, regardless of location (cloud or on-premises). For more information, see Hybrid identity documentation.
Identity governance
Manage your organization's identity through employee, business partner, vendor, service, and app access controls. You can also perform access reviews. For more information, see Azure AD identity governance documentation and Azure AD access reviews.
Identity protection
Detect potential vulnerabilities affecting your organization's identities, configure policies to respond to suspicious actions, and then take appropriate action to resolve them. For more information, see Azure AD Identity Protection.
Managed identities for Azure resources
Provides your Azure services with an automatically managed identity in Azure AD that can authenticate any Azure AD-supported authentication service, including Key Vault. For more information, see What is managed identities for Azure resources?.
Privileged identity management (PIM)
Manage, control, and monitor access within your organization. This feature includes access to resources in Azure AD and Azure, and other Microsoft Online Services, like Office 365 or Intune. For more information, see Azure AD Privileged Identity Management.
Reports and monitoring
Gain insights into the security and usage patterns in your environment. For more information, see Azure Active Directory reports and monitoring.
What is Blob?
BLOB stands for Binary Large Object. Blob is file of any type and size.
The Azure Blob Storage offers two types of blobs –
- Block Blob
- Page Blob
What is the difference between Block Blob vs Page Blob?
Block blobs are comprised of blocks, each of which is identified by a block ID.
You create or modify a block blob by uploading a set of blocks and committing them by their block IDs.
If you are uploading a block blob that is no more than 64 MB in size, you can also upload it in its entirety with a single Put Blob operation. -Each block can be a maximum of 4 MB in size. The maximum size for a block blob in version 2009-09-19 is 200 GB, or up to 50,000 blocks.
Page blobs are a collection of pages. A page is a range of data that is identified by its offset from the start of the blob. To create a page blob, you initialize the page blob by calling Put Blob and specifying its maximum size.
-The maximum size for a page blob is 1 TB. A page written to a page blob may be up to 1 TB in size.
what to use block blobs for: streaming video. “The application must provide random read/write access” which is supported by Page Blobs
What is the difference between Windows Azure Queues and Windows Azure Service Bus Queues?
Windows Azure supports two types of queue mechanisms: Windows Azure Queues and Service Bus Queues.
Windows Azure Queues, which are part of the Windows Azure storage infrastructure, feature a simple REST-based Get/Put/Peek interface, providing reliable, persistent messaging within and between services.
Service Bus Queues are part of a broader Windows Azure messaging infrastructure dead-letterrts queuing as well as publish/subscribe, Web service remoting, and integration patterns.
HTTP://WCFPRO.WORDPRESS.COM/2010/12/06/COMMUNICATION-IN-WINDOWS-AZURE/
HTTP://MSDN.MICROSOFT.COM/EN-US/LIBRARY/WINDOWSAZURE/HH767287.ASPX
What is DeadLetter queue?
- Messages are placed on the dead-letter sub-queue by the messaging system in the following scenarios.
- When a message expires and dead-lettering for expired messages is set to true in a queue or subscription.
- When the max delivery count for a message is exceeded on a queue or subscription.
- When a filter evaluation exception occurs in a subscription and dead-lettering is enabled on filter evaluation exceptions.
Windows Azure will handle the load balancing for all of the instances that are created. The VM sizes are as follows:
Compute Instance Size CPU Memory Instance Storage I/O Performance
Extra Small 1.0 Ghz 768 MB 20 GB Low
Small 1.6 GHz 1.75 GB 225 GB Moderate
Medium 2 x 1.6 GHz 3.5 GB 490 GB High
Large 4 x 1.6 GHz 7 GB 1,000 GB High
Extra large 8 x 1.6 GHz 14 GB 2,040 GB High
What is table storage in Windows Azure?
The Windows Azure Table storage service stores large amounts of structured data.
The service is a NoSQL datastore which accepts authenticated calls from inside and outside the Windows Azure cloud.
Windows Azure tables are ideal for storing structured, non-relational data
Table: A table is a collection of entities. Tables don’t enforce a schema on entities, which means a single table can contain entities that have different sets of properties. An account can contain many tables
Entity: An entity is a set of properties, similar to a database row. An entity can be up to 1MB in size.
Properties: A property is a name-value pair. Each entity can include up to 252 properties to store data. Each entity also has 3 system properties that specify a partition key, a row key, and a timestamp.
Entities with the same partition key can be queried more quickly, and inserted/updated in atomic operations. An entity’s row key is its unique identifier within a partition.
Trading binary options with Olymptrade has been a nightmare for the past couple of months. After denying my request for a withdrawal countless times, I was finally able to recover all my money with the help of an expert I read about online. Happy to share my experience and also to enlighten people on how I was able to get my money back. you can reach out to them on assuredrecover.com
ReplyDeleteWe are a part of the success story for many of our customer's successful cloud Migrations.
ReplyDeleteCloud Migration services
Aws Cloud Migration services
Azure Cloud Migration services
Thanks for sharing
ReplyDeleteWindows Azure Admin Online Training
It is very so much valuable content DevOps Training in Bangalore | Certification | Online Training Course institute | DevOps Training in Hyderabad | Certification | Online Training Course institute | DevOps Training in Coimbatore | Certification | Online Training Course institute | DevOps Online Training | Certification | Devops Training Online
ReplyDeleteWonderful Cloud AWS Training
ReplyDeleteHello, an amazing Information dude. Thanks for sharing this nice information with us. Course AZ-801: Configuring Windows Server Hybrid Advanced Services
ReplyDeleteVery informative and impressive post you have written, this is quite interesting and i have went through it completely, an upgraded information is shared, keep sharing such valuable information. Docker Owast Container
ReplyDelete