Setting up Docker on an Azure VM for Development

One of my goals for 2018 is to ramp up with using containerization as a go to approach to development.  Thus, having a solid development environment that can run Docker is certainly a must.  Just like with many enterprises, Windows 7 or Windows 8.X dominates still and thus you may end up stuck, due to Docker on Windows requirements.

Azure comes to the rescue here with Nested Virtualization feature for Dv3 and Ev3 VMs.

  1. Install a Windows 10 Pro image with Standard_D4_v3 size and make sure its location is either East or West 2.
  2. Install Hyper-V on Windows 10 Pro
    Enable-WindowsOptionalFeature -Online -FeatureName:Microsoft-Hyper-V -All
  3. Install Docker for Windows as per standard instructions.

That was easy.  Don’t forget to turn on auto shutdown for your developer VM to conserve credits.  Cheers!

Advertisements

Sitecore 9 is here

I have been recently delving into the Sitecore CMS due to client’s needs.  It has a pretty close community due to the fact that Sitecore folks wants people to pay money for everything but the platform is growing on me.  Thus, I want to make a few folks aware that Sitecore 9 has been announced, presumably at Symposium 2017.  It has a ton of new features but the most exciting that all of its components are supporting PAAS deployments.  It’s time to take a lap around it in Azure.

Windows Auth with local IIS developer workstation

I was just troubleshooting an issue with legacy code base on my client workstation.  It is IIS 7.5 (guess what OS i am running) with Asp.Net  4.X and v2.0/v3.5 ISAPI registered.

The Asp.Net legacy application is built using windows authentication for security purposes.  When I configured the local code base to publish to local IIS website with a custom name, the website kept on prompting me an error.  For the life of me, I could not figure out the issue.  Setting Application Pool back to “Network Service” from ApplicationPoolIdentity did not fix the issue.

After breaking my head for hours, I finally remembered this little Gem from the past with the help of Google of course.  Basically, for NTLM and Kerberos if the target IIS host is in the domain, it is very strict who is allowed to authenticate via SSPI (fancy acronym for security negotiating).  I will need to update my developer on-boarding script to make sure I either disable loop-back checking or white-list the local custom dev URLs.  Security to insanity!

Modifying user path w/o Admin rights

Just the other day I was asked by a colleague, ” if our corporate laptops are protected that we do not have admin privileges, how are you able to do any development work?  I cannot do anything”.

That’s a great question.  However, MS Windows OS has gone over a few transformations and a lot of applications are written in a way that promotes usage w/o elevation.  Yet, some basic things are still puzzling. For example, user path variable.  The system path should be protected as it is set by admin installation of programs etc, but changing path for a user to ensure that one application can be started quickly w/o knowing the full path should be simple. But, it is anything but simple.

Going to User Accounts is not an option as you will quickly get an error screen either due to elevation restriction or basic GPO set by IT.  But there is another way. You can utilize the rundll32.exe to invoke the GUI directly.


rundll32 sysdm.cpl,EditEnvironmentVariables

I’ll continue exploring more ways to manage my workstation w/o elevation as i spend more time living with new fun policy.

Office 365 Network

In case you are not aware, but the Office 365 Network on Yammer is moving to a new platform, here is the official announcement. Come checkout Office 365 Network Preview and get your profile set up and start monitoring that platform.  It looks pretty good.  Based on the Yammer pin board messages, the network is moving in September.

I am actually excited because at my company the Yammer SSO was very cumbersome and now this will be a thing of the past as the new platform, built on top of Lithium social platform, allows open search and collaboration via open identity providers i.e. Live Id or O365 Identity.

Now, I still think that the best platform for answering the technical support questions is the Microsoft Office Community forum site which, unfortunately, I am only able to monitor scarcely these days.  This new platform is more towards socializing with the developer team and other thought leaders for

Go and explore it now!

Check for Group existence in SharePoint Site

In SharePoint 2013 server side object model (SSOM), it appears that the Method overloads of the SPGroupCollection such as GetByName() or indexer all throw an exception when the group is not found.  However, you can still use reflection to get non throwing version of the methods. In my project I ended up creating an extension method that wraps the reflection based function call.

public static class SPGroupCollectionExtensions
{
  public static SPGroup GetByNameNoThrow(this SPGroupCollection group, string groupName)
  {
    var method = group.GetType().GetMethod("GetByNameNoThrow", BindingFlags.Instance | BindingFlags.NonPublic);
var parameters = new object[] {groupName};
    return (SPGroup)method.Invoke(group, parameters);
   }
}

User Profile Synchronization Service won’t start due to PowerShell profile

Recently, I had been asked by the colleague to help them troubleshoot the issue where User Profile Synchronization service would hang during the attempt start.

There were no error logs except that it would return to Stopped state. We found out that if the account that you login is the same account that you run the User Profile Synchornization Service and that account has a powershell profile, then it causes the issue. It appears that during the start process of the UPS Synch service, it runs the PowerShell runspace with the default shell as opposed to creating its custom shell, so default profiles in your documents folder would be loaded. Thus, the issue.

Best way to resolve is to ensure that even in your dev environment, you must make sure that you’re not running your interactive shell with the account that’s running SharePoint services processes.