Tag Archives: Microsoft

Exam Prep Resources for Microsoft Azure 70-473 Design and Implement Cloud Data Platform Solutions

I’m currently preparing for 70-473  Design and Implement Cloud Data Platform Solutions exam, so I’ve decided to compile a list of resources which may be useful to prepare for this exam. I’m going to append it with additional materials as I keep working on my preparation and I hope it may be useful to other test takers.

As with any MSFT exam your starting point has to be MSFT exam description page which contains run down of all exam topics as well as links to additional resources, so here it is – Exam 70-473 Designing and Implementing Cloud Data Platform Solutions. You should keep in mind that though this exam has been released in December 2015, it is being updated quarterly, so once in a while you need to check exam page to see if any new topics were added there. At the moment last update to this exam was made in June 2017 and changes are explained in exam 70-473 change document.

Paid resources:

70-473 Cloud Data Platform Solutions course by SoftwareArchitect.ca – this is an affordable (25$) online course which I bought and used during my preparation – good overview of all concepts at a fair price, and when I searched it was only 70-473 specific course from online training vendors which I was able to find. Author goes through all the “skills measured” topics as they stated in exam description. What I dislike about this course is amount of typos and some little issues like mismatch between numbering and naming  of videos in course navigation pane and inside of the videos themselves. One exactly the same video even inserted/listed twice there. So I would describe it as lack of QA/editing problem. My other complain would be lack of hands-on demos, there are some of them in the course but I wanted more. 🙂 Only after completion of the course I found that it is also available on Udemy and there it was priced 9,99$ with discount when I checked – so check both locations and compare prices if you want to try it.

Free resources and video recordings:

Certification Exam Overview: 70-473: Designing and Implementing Cloud Data Platform Solutions MVA course

Cert Exam Prep: Exam 70-473: Cloud Data Platform Solutions – exam overview video by MCT James Herring

Second link is YouTube video, looks like both of these links cover more or less the same material and delivered by the same person, yet YouTube session has newer slides, it seems, and they are not absolutely identical – so watch both of them.

Channel 9 – Keeping Sensitive Data Secure with Always Encrypted

YouTube – Secure your data in Azure SQL Database and SQL Data Warehouse

MSFT documentation:

Resolving Transact-SQL differences during migration to SQL Database

This article covers things which will work in SQL queries run on on-prem SQL Server while won’t work while run against Azure SQL DB. For example things you probably discovery very quickly is that USE statement is not supported.

Azure SQL Database – Controlling and granting database access

Article explains unrestricted administrative accounts, server-level administrative roles and non-administrator users + “access paths”.

Sizes for Windows virtual machines in Azure

General purpose virtual machine sizes

High performance compute VM sizes

You may expect questions around VM sizing based on given requirements so need to remember which series has premium storage and which not along with some other things which you can learn from the articles above.

Securing your SQL Database

Always Encrypted (Database Engine)

Always Encrypted Wizard

This article explains 2 very important things you should be aware of: key storage options and Always Encrypted Terms.

SQL Database dynamic data masking

Azure Blog – Microsoft Azure SQL Database provides unparalleled data security in the cloud with Always Encrypted

Azure SQL has loads of security features and you supposed to know them all 🙂 At least when to use, along with requirements and limitations.

Azure Cosmos DB: SQL API getting started tutorial

Get started with Azure Table storage and the Azure Cosmos DB Table API using .NET

ADO.NET Overview


How to verify AD DS FFL/DFL and how to rollback to a lower levels

Microsoft Active Directory Services evolves with each edition of Windows Server and whenever you do initial install of AD DS or upgrade your DC servers there is an option/decision for you to set/upgrade Domain and Forest functional levels (I will further refer those ad DFL and FFL respectively). Each new level introduces some new features and starting from 2008 R2 there is an option to do a rollback to lower levels. This is possible only if you not enabled certain features which require current FFL/DFL (think of AD recycle bin etc.).

In short it means that from Server 2012 R2 DFL/FFL you can rollback as far down as to Server 2008 (certain limitation are applicable here). In the following TechNet article: “Understanding Active Directory Domain Services (AD DS) Functional Levels” you can find details on features available on each functional level as well as neat table describing possible rollback options. In this blog post I want to describe how you can check your current FFL/DFL and perform rollback to lower level.

Most of the features are included in DFL, and those may have FFL requirements. To give you an idea of which features are become available with newer DFL:

Server 2008: DFS replication support for WS 2003 SYSVOL, Domain-based DFS namespaces (includes support for access-based enumeration and increased scalability), AES128/256 for Kerberos, Last Interactive Logon Information, Fine-grained password policies, Personal Virtual Desktops.

Seriver 2008 R2: Authentication mechanism assurance (packages info about logon method type into Kerberos token), automatic SPN management for services running on specific computer under the context of Managed Service Account when the name of machine account changes

Server 2008 R2 FFL: Active Directory recycle bin

Server 2012: KDC support for claims, compound authentication and Kerberos armoring

Server 2012 R2: DC-side protections for Protected Users, Authentication Pilicies, Authentication Policy Silos

Now to the practical part of this blog post. How to check current FFL/DFL:

1) GUI way. Access “Active Directory Domains and Trusts” snap-in and right click on your domain to access its properties. On General tab you will be able to see DFL/FFL:

AD DS DFL-FFL level 012) PowerShell mehod 1. This method does not require admin or domain admin rights, and can be used even with a limited user on a domain-joined workstation with Powershell v2/v3 or newer. It also does not require any third party tools or Powershell modules (e.g. Microsoft Powershell AD Module).

This script will return 3 numberic values which can be interpreted using the following table:

3) PowerShell method 2. Requires Microsoft PowerShell AD Module.

This script gives easily readable output instead of numbers you get with method (2).

How to rollback to lower FFL/DFL:

While you can raise FFL/DFL via GUI using  “Active Directory Domains and Trusts” snap-in you cannot lower it using GUI and have to use PowerShell for this. Here is command you have to use:

Order is important: first forest, then domain. Depending on your current DFL/FFL valuee for ForestMode/DomainMode parameters include the following: Windows 2012, Windows 2008R2, Windows2008.

As possibility to lower FFL/DFL was introduced in Server 2008 R2 you cannot go lower than Server 2008. So in case for your tests you need something like Server 2003 or Windows 2000 in terms of FFL/DFL you have to install AD DS from scratch.


Older versions of IE no longer supported by MSFT starting from 12.01.2016

Microsoft announced that it ends support for old versions of IE 12.01.2016, this means that:

– The only Microsoft supported browser starting from this date is IE11, and only it will continue to receive security updates, compatibility fixes, and technical support on Windows 7, Windows 8.1, and Windows 10.

– IE 8/9/10 are no longer supported, i.e. they will work but given the fact that there will be no security patches or other fixes will be provided using this in enterprise (or IMO at home also) doesn’t seem to be a good idea.

Microsoft communicated that this change will take place about an year ago, but as usual some companies will be unprepared for this, as it was the case for end of support for Windows XP, for example (US NAVY paid $9m to MSFT and still(!) continues to receive support for XP). See related article on techrepublic.com: Internet Explorer: How Microsoft scaling back support is leaving big orgs playing catchup.

The only problem here is that some older versions of Windows can’t upgrade to this browser but those versions of Windows itself reached end of support. Though there some intrepid enterprises who not going to do away with XP, I think it is inevitable as it really becomes not cost effective anymore how strongly you don’t want to pay for upgrade or avoid “pain” of migration.

I guess MSFT tries to focus more on quality and speed of their browser, as backward compatibility burden goes largely under-appreciated by general public which tends to criticize MSFT browser performance severely just not realizing that it is an iceberg with its largest part heavily shaped by backward compatibility burden is hidden under water and affect it agility. So MSFT kind of doing great job for their Enterprise customers but in the end everybody displeased by performance and other stuff doing their comparison with no backward-compatibility burden whatsoever which roll-out updates in high-frequency DevOps fashion.

In case you are using K2 smartforms it is also affect you as K2 compatibility matrix going to reflect that. It doesn’t mean that K2 smartforms suddenly stop working in old browsers, but it does mean that K2 also stop to release fixes or patches for these older versions of Internet Explorer. I.e. K2 support still going to assist you with troubleshooting issues you may face on older versions of IE and helping with finding possible workarounds to those, but no fixes or patches will be built for newly found bugs – in such cases you will be required to upgrade to IE11.

Those changes from K2 side are driven by Microsoft support policy change as K2 works on top of Microsoft technologies and tend to focus on quality and build components for supported/current versions of Microsoft technology stack components.

Please refer to official K2 Technical Bulletin communicating this change. You may see that compatibility matrix for K2 smartforms is also updated and both Design and Runtime Browser sections get new footnotes for IE 8/9/10:

End of support for old IE versions

P.S. But we may also see some backlash and corrections from MSFT side maybe. It seems that there was something similar with decisions like EoL for InfoPath or releasing SharePoint as cloud only product which were reconsidered… Though I think with IE it is more justified for MSFT to stick to this decision.


Windows Server 2016 TP3

I recently find a tiny bit of time to build a VM with the latest version of Windows Server 2016 Technical Preview which is TP3. Earlier builds were available under name Windows Server 10 Technical Preview. For details on what’s new in this release you may refer here.

Windows Server 2016 TP3

So insall UI looks very familiar if you ever installed Windows 10 and the very first window is something well familiar to all, nothing has been changed here. But second one demonstrates couple of major changes:

Windows Server 2016 TP3 Install Options

So default installation option entitled Windows Server 2016 does not contain “Core” in its name but this is actually what used to be known as “Core” installation option. Second option – “Windows Server 2016 (Server with Desktop Experience)” is our beloved full-fledged GUI version. And what is crucial here is that with Server 2016 this install type decision not reversible without re-installation. So once again: Unlike some previous releases of Windows Server, your choice of Server Core (which is new normal/default) vs. Server with Desktop Experience at the time of installation is not convertible to the other mode. And as you can clearly see from screenshot above the “Minimal Server Interface” and “Server with a GUI” modes present in Windows Server 2012 R2 are not available in this release.

Server 2016 also includes 3rd installation option which is not exposed in Setup Wizard – Nano Server, and you install it by configuring a VHD (details here).

To give you an idea of how new installation options compare against each other following picture can be useful (source):

Windows Server 2016 Install Types

And once installed with GUI your Server 2016 TP3 will look (no surprises here) very similar to Windows 10:

Windows Server 2016 TP3 Installed


Windows client certification upgrade

It’s been a while since I last time taken Windows client certification exams. Well I’m certified on Windows client starting from the Windows XP/MCDST certification, and actually did all the upgrades all the way up to Windows 7. But it seems that now is quite good time to either took or refresh Microsoft Client certification as Microsoft suggests you to Step Up to Windows 10 challenge. To put things simply it means that if you earn a Microsoft Certified Solutions Associate (MCSA) certification in Windows 8 between February 15, 2015, and May 31, 2015, and you’ll be eligible to take a Windows 10 exam (Exam 697) for free.

So I decided to participate and for me it should take only 70-689 upgrade exam which I already paid for and scheduled – challenge accepted 🙂 .

MCSA Windows 8.1

So I guess as a part of my preparation to 70-689 I will write series of posts covering exam objectives and everything it is necessary to know about Windows 8.1 (at least in terms of passing certification exam). I think this is also good idea for me as since last time I seriously learnt client side stuff was at the time of Windows XP, next there were upgrade exams with lesser amount of learning and preparation, with Windows 8.1 and soon to be released Windows 10 windows client OS amassed critical mass of changes and features which are warranting for thorough learning and review.