Azure Active Directory, Microsoft Azure accounts, Graph API and Multi tenant application development.

Last week I did a session about Azure AD and multi tenant application development using Azure AD. Azure AD is a big topic and when we combine that with the other services and account provisioning it becomes huge. In the session I managed to cover the common scenarios in Microsoft Azure account management and application development.

Feeling gloomy and lazy to write all of them in the blog – I have shared the topics I discussed and the presentation. Please feel free to throw your questions here in the comment section. Following list contains the topics covered in the session.

  • Provisioning Azure AD
  • How Azure AD is related to Microsoft Azure and how not.
  • Accessing Azure AD using PowerShell
  • Directory Integration (on premise AD) with Azure AD
  • Azure AD with Office 365
  • Multi tenant application development with Azure AD (both federated and non federated scenarios)
  • Azure AD Graph API and .NET client libraries
  • Branding Azure AD

Windows Azure Scheduler

Windows Azure Scheduler is one of the new feature additions to Windows Azure. This is a cloud based scheduler service which analogous to the Task Scheduler.

Login to you Windows Azure Management Portal, If you do not see the Scheduler tab in the left hand side either you didn’t activate it or the feature is not available in your subscription. If you haven’t activated you can activate it and continue the following; if you don’t have the access to the Scheduler in your subscription don’t worry I’ve provided the screenshots. I always include the screenshots much as possible when writing Windows Azure posts just to explain the features as they are, in case you do not have access to them.


Click on the CREATE SCHEDULER JOB and you will get this nice Azure pop menu


Click CUSTOM CREATE, Select your region and enter a name for your Job Collection. (Note that at the top it says ‘You are creating a Standard Job Collection’ you can change this in the scale tab)


As of now we have Job actions for HTTP, HTTPS and Storage Queue. I used the Storage Queue action. Once you select your storage account and Queue name you should give the permissions to Scheduler Job to access the Queue storage. This can be achieved very easily by generating a Shared Access Signature (SAS) for the Queue.


Next the you can configure the job timing schedules. It has more options; I have selected to run the job every 5 minutes till a specific date starting immediately after the job has been provisioned.


And that’s it. This is the sample message posted by the Job in the Queue.

   1: <?xml version="1.0" encoding="utf-16"?>

   2: <StorageQueueMessage xmlns:xsd=""

   3:     xmlns:xsi="">

   4:   <ExecutionTag>4cf887834d7cd1466f549b2ac2fb56c8</ExecutionTag>

   5:   <ClientRequestId>d36f421b-9338-4e4f-ad89-69dd490530a1</ClientRequestId>

   6:   <ExpectedExecutionTime>2014-04-04T06:15:10</ExpectedExecutionTime>

   7:   <SchedulerJobId>msgQ</SchedulerJobId>

   8:   <SchedulerJobCollectionId>testjob</SchedulerJobCollectionId>

   9:   <Region>Southeast Asia</Region>

  10:   <Message />

  11: </StorageQueueMessage>

You can see the Message tag is empty since I didn’t put any messages. You have the complete control in editing the Job you created.

Uploading a file to Azure Blob

Windows Azure storage provides flexible storage services. Blob storage is one of them which is used to store binary large objects. 

Windows Azure blob has the concepts of containers (which you can think like partitions of a disk). Containers are either private or public.

Private containers are only accessible to the user and application developer with proper storage access keys. Public containers are accessible to all. So just by URL you can access a file stored in the public container.

You can use the Azure Storage Explorer to create and manipulate your Azure storage. It is a handy tool available for free from codeplex. Download link :

The below code sample demonstrates how you can upload a file to a private container named ‘privatecontainer’ in Windows Azure.

   1: private void UploadFileToPrivateContainer()

   2: {

   3:     // get the storage (blob) connection string from the config file

   4:     var storageAccount = Microsoft.WindowsAzure.Storage.CloudStorageAccount.Parse

   5:         (CloudConfigurationManager.GetSetting("StorageConnectionString"));


   7:     // creates a blob client

   8:     CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();


  10:     // creates a container :: container name should be small otherwise you'll get Error 400 Bad Request Error.

  11:     CloudBlobContainer container = blobClient.GetContainerReference("privatecontainer");

  12:     container.CreateIfNotExists();


  14:     // gets the physicall file path to be uploaded from ASP.NET FileUpload content.

  15:     string path = FileUpload1.FileName;


  17:     // creating a blockBlob, if a block blob exists witht the same name then it will be replaced.

  18:     CloudBlockBlob blockBlob = container.GetBlockBlobReference(Path.GetFileName(path));


  20:     var stream = FileUpload1.FileContent;


  22:     // uploads the stream.

  23:     blockBlob.UploadFromStream(stream);


  25:     stream.Close();


  27:     Label1.Text = "Upload Success";

  28: }

I used the Azure Storage Explorer to create the container, you can create it using the code as well.

In order to run the above sample you should have Azure SDK installed and use Nuget Package manager to install the Windows Azure Storage assemblies.

Here’s the code for transfer a file from a private container to public container. Azure storage SDK doesn’t have an operation for move. So here we copy the file to the public container by downloading and re uploading it and deleting the file from the private container.

   1: protected void BtnMove_Click(object sender, EventArgs e)

   2: {

   3:     var storageAccount = Microsoft.WindowsAzure.Storage.CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));

   4:     CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();


   6:     CloudBlobContainer privateContainer = blobClient.GetContainerReference("privatecontainer");


   8:     CloudBlobContainer publicContainer = blobClient.GetContainerReference("testpubliccontainer");


  10:     /*

  11:      * Moving is not available directly, so we download from priavte blob and upload to public blob.

  12:      * and delete the file from private file from private blob

  13:      */ 


  15:     // getting the blob to move.

  16:     // based on my UI user has t type the name of the file he/she wants to move.

  17:     var prblob = privateContainer.ListBlobs(null, false).OfType<CloudBlockBlob>().FirstOrDefault(b => b.Name == TextBox1.Text);


  19:     var stream = prblob.OpenRead();


  21:     var blobref = publicContainer.GetBlockBlobReference(prblob.Name);

  22:     blobref.UploadFromStream(stream);


  24:     stream.Close();


  26:     prblob.DeleteIfExists();           

  27: }

Finally the below code samples how to query the files in a blob.

   1: protected void BtnGetVideos_Click(object sender, EventArgs e)

   2: {

   3:     var storageAccount = Microsoft.WindowsAzure.Storage.CloudStorageAccount.Parse(CloudConfigurationManager.GetSetting("StorageConnectionString"));


   5:     // creates a blob client

   6:     CloudBlobClient blobClient = storageAccount.CreateCloudBlobClient();



   9:     CloudBlobContainer publiccontainer = blobClient.GetContainerReference("testpubliccontainer");

  10:     List<BlobDetails> list2 = new List<BlobDetails>();


  12:     foreach (IListBlobItem item in publiccontainer.ListBlobs(null, false))

  13:     {

  14:         if (item.GetType() == typeof(CloudBlockBlob))

  15:         {

  16:             CloudBlockBlob blob = (CloudBlockBlob)item;

  17:             list2.Add(new BlobDetails() { BlobName = blob.Name, URL = blob.Uri.AbsoluteUri });

  18:         }

  19:     }

  20: }

Microsoft doesn’t embrace it own products

I have noticed few things that makes me feel that MS doesn’t embrace its own products sometimes. For example when MS launched Windows Phone 7 and 7.5 there were massive marketing campaigns about the phone.

But in the Live / Hotmail (now Outlook) login page iPhone was in the middle as a highlighted smartphone which supports Hotmail / Live. Then thankfully someone noticed it and changed it. Later WP was in the middle.

Yesterday I came across a big frustrating problem when dealing with Windows Azure websites. MS has been doing a really great job with Azure and Azure websites deployment provides plenty of options to host the websites. We can pull the website files from various sources and Dropbox is also available. But they don’t have an option to pull a folder from Skydrive to Azure websites, they still have an option for Dropbox.

I cant believe this. Really confused.


After few minutes I saw this tweet.


I really don’t know what’s going on.  But I think this is the real problem in MS now. There’s no communication, everyone does something in their own. But MS is not a company which became big yesterday. They should have and I hope definitely they should be having processes for integration and a streamlined communication between products. I wonder whether they don’t have the processes or someone has forgotten it in the middle.

Windows Azure – VMs

Windows Azure provides the facility to host VMs. This is really a cool thing, because if you want a server infrastructure running you can get it done  in few seconds. Windows Azure provides some pre defined images and it offers the flexibility to include the images we have.

The use of the Azure hosted VM is up to. You can use it in the way you want. For example if you want a test server running in Windows Server 2012, simply you can create one and do the testing. Once the testing is done you can simply delete that.

In this post I have provided the images / screenshots that you might see in the process of creating a VM in Windows Azure.

Red marks are manually added to hide some personal details of the page.

Images in order









Once you create the VM you can connect to it.

There’s a known issue when we delete the VM. It’s better to say it as a work load than an issue, when you delete the VM the associated VHD remains undeleted as storage blob.

You might run into an error like this.


This blog article describes how to solve the issue.

Windows Azure–Table Storage

Windows Azure provides three storage services – Table, Blobs and Queues. Here I explained about the Table Storage. Before getting into the coding stuff let me put some points about the Azure table storage.

Do not get misunderstand the Azure tables with a RDBMS table. In RDBMS table is an entity, but Azure table is a storage service.

We have rows and columns structure in Azure table. A row is called an Entity in Azure table. Columns are called Properties.

There 3 system properties attached to each Azure table, they are Partition Key, Row Key and Timestamp. Ex If you are creating a Azure table with Name, Address properties then your table would have total of 5 properties including the 3 system properties.

What are the System Properties ?

Partition Key – We know Windows Azure is a cloud OS hosted in MS datacenters. Where the applications and services we deploy are distributed among several servers. So when storing data in Windows Azure, partition key allows us to distribute the data among different partitions. (physically these partitions no need to be in different servers, they can be in one particular server as well; but Windows Azure maintains a method of grouping the data)

So If your table has very few numbers of entities, then probably you don’t need to create more partition keys. One is enough.

Still there are plenty of arguments and posts on selecting a proper partition key. Select the partition key in a way that you can balance the load of your table storage.

Partition keys are string values.

Row Key – Row keys are unique within a particular partition. We know partition keys form partitions. Within a partition a row key cannot be duplicated. So the partition key and the row key together forms a the unique identifier for a entity, similar to primary key known as Data Service Key.

Row key is also string value. Normally in the MS sites you can see this kind of row key implementation

RowKey = string.Format("{0:10}_{1}", DateTime.MaxValue.Ticks – DateTime.Now.Ticks, Guid.NewGuid());

This picture will explain you the concept of Partition Key and Row Key



Timestamp – This is fully maintained by the system. Every entity has a version maintained by the system. Timestamp is not a property for application programming uses. It is transparent to the users.

According MS Documentation – Timestamp is a read-only system maintained property which should be treated as an opaque property.

Azure Table Storage More…

An application must use a valid account to access Windows Azure Storage. You can create a new account via the Windows Azure portal web interface. The user will receive a 256-bit secret key once the account is created. This secret key is then used to authenticate user requests to the storage system.

Specifically, a HMAC SHA256 signature for the request is created using this secret key. The signature is passed with each request to authenticate the user requests. The account name is part of the host name in the URL. The hostname for accessing tables is <accountName>

An entity can have at most 255 properties including the mandatory system properties, so we can have our own 252 properties (columns).

Partition Key and Row Key are of string type, and each key is limited to 1KB in size.

Combined size of all data in an entity cannot exceed 1MB. This size includes the size of the property names as well as the size of the property values or their types, which includes the two mandatory key properties (Partition Key and Row Key).

Supported property types are: Binary, Bool, DateTime, Double, GUID, Int, Int64, String.

Cloud Computing

What is cloud computing ? Before getting into the term what is cloud computing ask a question to yourself whether you have experiences working in the cloud. Every day we deal with cloud computing and use it. But the matter is we don’t know that is the cloud computing. The buzz cloud computing was a hot topic in 2007 and 2008. And still plenty of researches and business analyses are going in cloud computing.

Cloud computing is nothing other than using websites and web services for our use. Use in the sense it can be personal,business oriented or any thing else. Simply Facebook provides you a service of social networking. You save photos, videos and your notes in your accounts. You access them whenever you have an Internet connection. So the availability of the resources is high. Your share documents in the Skydrive, again whenever you have the access to Internet you have the access to your documents. And recently the Microsoft started the Office Web App. So the resources you saved and shared float above you like a cloud. Whenever you need them, you access it through the Internet. So cloud computing is not new to us and it is not other than the Internet computing and web services.

There are some buzz stories why we use the term cloud. One is most of the places and text books a cloud symbol is used to represent the Internet. So some say that’s the reason we call it cloud computing. Another story is the resources and the services you need, just float there and available every where like a cloud, and you can access it whenever you want it. Some say this is the reason how the word cloud came. But personally I prefer the 2nd one since it is more reasonable than the first one.

When it comes to cloud it has plenty of advantages

  • Hardware and Software independent. (You just need a machine with Internet connection)
  • High availability of the applications
  • The companies need not to worry about the Server farm requirements
  • Very cost effective
  • And much more..

Please do not get confused between the web hosting and the Cloud computing. Web hosting is getting a domain name from a hosting company and pay the company, then your site is up there in the Internet. Cloud is hosting of course but differs from the normal hosting. When it comes to cloud computing it is a platform and a development environment but a normal hosting doesn’t have those features.

Cloud application provides more scalability for the applications, managing, configuring and much more. Apart from that cloud does not include only web pages (web pages work as front end for the application / service).

Understanding the cloud computing is simple and easy. One simple googling on cloud computing will fetch you thousands of resources.