Windows Azure Adds Active Directory, New Backup Service, Monitoring and Log Improvements
Microsoft has announced the availability of Windows Azure Active Directory that enables you to create and use Active Directory to manage identities and security permissions for your apps from within the Azure management portal. The product team also introduces a new backup service that enables secure offsite backups of Windows Servers in the cloud in addition to several monitoring and diagnostic enhancements.
In order to work with Windows Azure Active Directory, you need to select the Active Directory tab on the left hand side of the Windows Azure Management Portal and click the Create your directory link option to specify a few directory settings. As soon as you complete this step, Windows Azure will automatically provision a new Active Directory for you in the cloud and you can add new users and manage existing users.
With the help of Windows Server Active Directory, it is possible to either maintain a cloud only directory or federate, directory sync your on-premises environment with a Windows Azure Active Directory you are hosting in the cloud. As soon as you add or remove a user within your on-premises Active Directory deployment, the changes are immediately reflected as well in the cloud.
"This is really great for enterprises and organizations that want to have a single place to manage user security," says Scott Guthrie, Corporate Vice President, Microsoft Server and Tools Business.
With the recent release, Microsoft has simplified the workflow involved to grant and revoke directory access permissions to applications by incorporating single-sign-on (SSO) with your enterprise Active Directory.
Windows Azure Active Directory provides support for Security Assertion Markup Language 2.0 (SAML 2.0) which can be used to enable Single Sign-On/Sign-out from any web or mobile application to Windows Azure Active Directory. Moreover, Windows Azure Active Directory also includes support for Active Directory Graph, which provides programmatic access to a directory using REST API endpoints.
"Windows Azure AD is an enterprise grade, high availability cloud service run from 14 datacentre’s spread across the United States, Europe and Asia. Over the last 90 days, Windows Azure AD has processed over 65 billion authentication requests while maintaining 99.97% or better monthly availability. No other cloud directory offers this level of enterprise reliability or proven scale," said Alex Simons, Director of PM, Active Directory.
According to official sources, Windows Azure will provide support for OAuth 2.0/OpenID within the next few months, which enable Single Sign-On/Sign-out support from any web or mobile application to Windows Azure Active Directory.
Microsoft has also announced the new Windows Azure Backup service, which provides support to enable offsite backup protection for Windows Server 2008 R2 SP1, Windows Server 2012, Windows Server 2012 Essentials, and System Center Data Protection Manager 2012 SP1 to Windows Azure. The service provides support for incremental backups, configurable data retention policies, data compression, encryption and data transfer throttling.
In order to create a backup service, login to Windows Azure Management Portal, click the New button, choose the Recovery Services category and then create a Backup Vault. You will then view a tutorial which examines the steps required to be followed to register your Windows Servers.
Once the servers are registered, you can make use of the relevant management interface such as Microsoft Management Console snap-in, System Center Data Protection Manager Console, or Windows Server Essentials Dashboard to configure the scheduled backups and to optionally initiate recoveries.
As mentioned previously, the recent update to Windows Azure includes new monitoring and diagnostic capabilities such as the ability to turn on/off tracing. Moreover, developers will be able to store trace and log information in files that can be easily retrieved via FTP or streamed to developer machines with the ability to monitor the tail of your log files so that you only need to retrieve content appended to them.
The latest Azure update includes support for tracing that integrates with System.Diagnostics library as well as ASP.NET's built-in tracing functionality. Moreover, the real time streaming tools are cross platform and will work with Windows, Mac and Linux environments.
Microsoft has updated the new HDInsight Hadoop service with the ability to view diagnostic metrics in the Windows Azure Management Portal. The operation logs has also been refreshed to display the user account name who performed each operation on the account, which enables you to track who did what on your services.
Moreover, the media services update enables you to choose a wide range of presets when encoding video content within the portal and the default disk size for new VMs has been increased including the ability to specify the default user name for the virtual machine.