Adding an Azure subscription to App Controller - Service Unavailable

I noticed today that I hadn't re-added my Windows Azure subscription to my App Controller deployment in my testlab and so clicked the link on the overview page to add it back.
After entering the relevant details such as Subscription ID, Certificate pfx file and password, I was greeted by a not too helpful error message of "Service Unavailable" with no further details.

 

After scratching my head and trying several things such as deleting the certificate and re-adding it to Azure, checking firewalls etc I remembered this server had just had a restart.

 

I checked the services to make sure everything had started up ok and noticed that the App Controller Windows Azure Provider service wasn't started.

 

 

I started the service, tried adding the subscription again and voilà! It works.

 

I hope this helps someone else if they get this generic undetailed message.

Intune common logon without ADFS (Aka Password "sync")

Recently Microsoft released a new version of it's DirSync tool that enables organisations to synchronise it's Active Directory (AD) User accounts across into the Azure Directory Services used by Intune, Office 365, CRM etc.

This has previously only enabled organisations to reduce the administrative burden of having to recreate all of their accounts for those users they wanted to access online services, but they then had to either issue separate passwords or implement Active Directory Federation Services (ADFS) to offer a truly seamless single sign-on experience for the users.

With this latest release from Microsoft, they have now introduced the ability to also push passwords up into the Azure DS.  Notice the push aspect, not synchronised as the password cannot be changed in the cloud and replicate back into your AD.

While I wouldn't class this as true Single Sign-on (SSO) as your still effectively authenticating against a different directory service, it's still a great option for Microsoft to have added, giving great flexibility for those organisations that want to take the first steps or who can't/don't know how to deploy ADFS.

Nothing has majorly changed during the install (New Azure logo and Install Directory), so rather than re-inventing the wheel, check out the post link below that I did for installing DirSync. I've then run through the differences in the new version below the other post link.

http://systemscentre.blogspot.co.uk/2013/01/system-center-2012-configuration_12.html

The first thing to note is that you cannot "upgrade" the client as you will be presented with a dialog blocking you from continuing if an older version is installed, so remove the old version first.

The main installation/configuration screen change is this one, which provides the option to push your passwords up along with your users.

Tick the option box to Enable Password Sync and that's it done!

The user account sync element still runs on a 3 hour schedule, but passwords are set to sync within minutes of a change in your local AD.

Intune users can find the new version of DirSync at this link (Requires sign on with an Intune Admin Account):
https://account.manage.microsoft.com/DirSync/DirectorySynchronization.aspx

The TechNet Library article on Implementing Password Sync can be found here:
http://technet.microsoft.com/en-us/library/dn246918.aspx