ADAL, Native Apps and the “Application Not Found in Directory” Error

It’s been a little while since I’ve written a Native Azure AD app, but as I was doing so today I got poked in the eye again.  I was logging in and using my app no problem with an account from the same tenant where the app was registered in Azure AD.  However when I tried logging in with a user from a different tenant, it failed with the error message “Application with identifier xxx was not found in the directory ‘foo.com'”.

I’ve seen that before but it’s been so long that I had to do some hunting around.  I temporarily was sent off course by a suggestion I found (that seemed strangely familiar) to set the oauth2AllowImplicitFlow property to true.  That turned out to not matter at all, but it did at least get me to take a look at the manifest, rather than at the application properties in the Azure portal.

Once in the manifest I found the property that needed to be updated:  availableToOtherTenants.  Set that to true, tried my app again, and my login with a user from a different tenant worked great.  Just thought I would add this to the blog in case you get stuck in the same spot.  These things always seem to take a bit of effort to figure out.

 

Advertisements

Office365Mon Now Offers Monitoring Out of Regional Data Centers Starting with Germany

Office365Mon

Be in the know. Be in control

Office365Mon is now available to be run out of regional Azure data centers around the globe.  In addition to the US data centers, Office365Mon is available today via Germany data centers.

 logo

At Office365Mon.Com we’ve heard from customers of our Office 365 monitoring service that had certain data sovereignty restrictions placed upon them.  This means that in some areas, there are government regulations that require data for a company in that region, to be stored in that region.

In addition to that, today Office365Mon issues its health probes out of a US-based data center.  Customers can always (and in fact are encouraged) to augment that with our Distributed Probes and Diagnostics feature, which lets you issue probes from any location where you have users.  However, some folks were hoping to have our cloud-based probes issued from a data center closer to where their users live.

Today we’re happy to announce an option that solves both problems – you can now create Office365Mon subscriptions in regional data centers.  Our first data center is available now, and is located in Germany.  This means not only is your subscription created in Germany, and your health probes are issued out of Germany, but also all of the data we capture is also stored in that same German data center.  That allows you to meet data sovereignty requirements in that region, as well as potentially getting cloud-based probes closer to your users.

One of the first things to call out is that all of the features you get from our US-based service, you will also find in our German-based service.  So no matter where you go, you will find feature parity.  If you have users spread across the globe and want to create Office365Mon subscriptions in different geographies, that’s okay too.  One of the cool things we do is pull together data from all of your subscriptions in every data center when we show you our Power BI reports.  For example, here’s a screenshot the Outages report with data from every subscription in every region for our tenant:

powerbiall

Of course, one of the cool things about Power BI is that you also have a slew of filtering and report building features available to you.  Here’s a screenshot of that same report, only this time it’s filtered to show only data from the Office365Mon subscription that we have in Germany:

powerbifiltered

The net of this is that if you know Office365Mon today, it will look, work, and act exactly the same no matter what data center your subscription is located.

The next question we expect to get of course is – that’s great, but what if I want Office365Mon in a different geography?  The answer is…that’s great!  Email us and let us know what you are interested in, and we can provide you with an idea of when it can be done.  As long as the different regions have parity in the Azure features that Office365Mon requires, it should be possible to deploy Office365Mon to virtually any regional Azure data center.

There’s only one real difference with using Office365Mon in a regional data center – you have to work with our support team to enable you to get going.  If you contact us at support@office365mon.com, we will give you all of the details about the on-boarding process, pricing, etc.

We know that this has been in important issue for many of our European friends and customers, so I hope you’ll take a few minutes to take a look at our PDF from our US site or our German site.  Of course, you can also visit our US site directly at https://office365mon.com, or our new German site at https://office365mon.de.

Thanks as always for your great suggestions and ideas!
From Sunny Phoenix,

Steve

Now You Can Monitor OneDrive and Power BI with Office365Mon

Today we’ve released two new features that customers have been asking us about – monitoring for OneDrive for Business and Power BI.  These are just the latest set of services in an ever increasing stable of monitored features and services from Office365Mon.  Let’s take a quick look at each.

OneDrive for Business

Office365Mon has actually been able to monitor OneDrive for Business since our first release over two years ago.  However, many customers weren’t really aware of that and didn’t realize that when you configure monitoring for SharePoint Online, you could just tell it to go monitor a OneDrive site.  What we’ve done is to break OneDrive out as a separate monitored item on your Office365Mon subscription.  This gets you a couple of things – first, now you can monitor both a SharePoint Online site and a OneDrive site with the same subscription.  Second, it also allows us to give you a more granular breakdown of both performance and availability with your SharePoint Online tenant.  For example, here’s a report with the average performance across all Office365Mon customers for the primary Office 365 Services:

overallservice

As you can see with the yellow bar, now you can see what performance is like just on OneDrive sites vs. SharePoint Online sites from all of our customers.  Of course, you’ll also be able to see what performance is like just for your tenant in OneDrive.  We think breaking OneDrive out in this way will give you an even deeper view into the health and performance of your tenant, which is a great thing.

Power BI in Office 365

The second feature we added is brand new, and something that we’ve heard customers ask us about for a while now.  Power BI is increasingly becoming a critical part of the toolset that customers are using, so of course it’s important to know how well it’s performing and when it goes down.  Our new monitoring for Power BI does all of that, just as you’ve come to expect from Office365Mon.  The configuration of Power BI monitoring is drop dead simple, which is also something you’ve come to expect from us.  You literally click a single button – that’s it – as shown in this screenshot below:

powerbiconfig

Once you’ve enabled it, health probes begin a minute or two later; can’t get much easier than that!  Once we start collecting the data, details on performance and availability of Power BI show up in all of the same reports that you’ve already been using.  For example, here’s a screenshot of the recent health probes report, showing you the performance of your monitored resources:

perfmonchart

As you can see, you get the performance of your individual resources that are being monitored – including both Power BI and OneDrive – and that is overlaid on top of a bar chart with the overall numbers from all Office365Mon customers with the average performance for Exchange Online, SharePoint Online, OneDrive and Power BI.  Our goal is always to show you as much relevant data as possible and then give you the opportunity to drill down and filter as best suits your requirements.  Also, like all of our reports, you can add this to your own corporate intranet for anyone you want to be able to see, by using our Dashboard Reports feature.  Meanwhile, should Power BI go down, you can also take comfort in the fact that you’ll get all of the same notifications from us as you do today for all of your other monitored services.  Power BI is just another one of “the team” now, and is monitored just like all of the other features and services we’re keeping an eye on for you.

 

Try it Out

Both the OneDrive and Power BI monitoring features are available for you to try out now.  All existing Office365Mon customers as well as all new customers will have access to these features for 90 days.  New customers can go create an Office365Mon subscription at https://www.office365mon.com.  No payment information is required up front, and if you choose not to use it there’s nothing you need to do – after 90 days we just stop monitoring stuff for you.

For all Office365Mon paid subscriptions, we will continue to monitor OneDrive for you.  Power BI monitoring requires the Enterprise Platinum license.  If you have that, monitoring Power BI will continue for you; if you don’t have that license, you can upgrade to it at any time by going to our Payments page at https://www.office365mon.com/Products/Payments.

 

Thanks Again

As always, thanks again for the many terrific suggestions you all have provided.  We’re always looking for ways in which we can do a better job meeting your needs, and the best way to do that is for you to let us know what’s important to you.  Office365Mon really has a wide range of monitoring features now, so I hope if you haven’t tried it yet, or maybe if it’s been a while since you’ve looked at it, you’ll come by and take it out for a spin for 90 days.  We think you’ll find that it’s well worth the 2 minutes of your time to get things set up and going.

 

From Sunny Phoenix,

Steve

Monitoring Exchange Online Errors You Might Not Otherwise Notice with Office365Mon

We introduced monitoring for the email transport for Office 365 customers back in February of this year after strong demand from our customers (https://samlman.wordpress.com/2017/02/14/know-when-your-office-365-email-gets-stuck-in-transit-from-office365mon/).  We had provided monitoring of the email service itself since Day 1, but if your mailbox is up but the messages you send don’t go out, or the message people send you don’t make it in, then email is of pretty limited value.  As we moved the email transport monitoring service out into production and began gathering more and more data, we started finding a few common errors that many tenants were experiencing, but which are innocuous enough you might not even know that they are happening.

We decided to create some new reports around the email transport monitoring feature to help customers understand better when these situations occur.  Sometimes they point out problems that customers can resolve themselves, and other times it’s just good to understand better when and where the hiccups are in your email service.  In a nutshell, as we capture more data around errors in the transport, we are bubbling up the common errors into these new reports so you can see for yourself when they happen and how frequently they happen.

If you go into the Advanced Reports gallery on our site at https://www.office365mon.com/Reports/advreports, there are new “Recent Email Transport Errors” and “Monthly Email Transport Errors” reports.  The Recent Email Transport Errors report is a simple tabular list of the 100 most recent instances of these common errors described above.  Here’s a sample report:

etRecentErrors

As you can see, we indicate whether the issue was with an inbound or outbound email, when it happened (most recent first), and what the problem was.  This report has already paid off big for one of our customers, because with the information in it they were able to determine that they had an old MX record in DNS, and that MX record pointed to a server that was no longer available.  This showed up in our reports every time that server was selected for us to send mail to it, and as a result they were able to clean that up in their environment.  Some of the other common problems we see are things like Outlook API service is temporarily unavailable, the anti-spam features have incorrectly marked an outbound message as spam (and as a result it gets stuck in the Drafts folder)…happens most frequently with .onmicrosoft.com email accounts by the way, and requests to the service are unauthorized (which could be your access token has expired or Azure Active Directory is temporarily unavailable).  Some things you may be able to fix yourself; other things it’s just good information to have so you are aware of how well your transport features are performing.

The Monthly Email Transport Errors report helps you stay on top of this by presenting a bar chart with a count of each type of error, so you can see how frequently each type of error is occurring in your tenant each month.  Here’s an example of that:

etMonthlyErrors

At Office365Mon our position is you can never have too much good information.  Based on the early results of this reporting, we’re already seeing good outcomes and actionable data for our customers.  If you aren’t set up for Office 365 monitoring yet, please visit our web site at https://www.office365mon.com to get started.  Once you’ve configured basic monitoring, you can turn on email transport monitoring at https://www.office365mon.com/Configure/EmailTransport to get these reports yourself.  We’ll be continuing to mine through the data and expand out the collection of common errors as we see them.

As always, please feel free to send us your feedback at support@office365mon.com and thank you for all of the great ideas you’ve sent us already.

From Sunny Phoenix,

Steve

Monitoring Large Lists in SharePoint Online with Office365Mon

One of the enduring realities I saw over and over in my many years working at Microsoft with SharePoint, is that customers LOVE the lists they can create in SharePoint.  They’re super easy to set up, you can quick do all kinds of sorting, filtering and searching on them, and it requires no technical expertise to get up and running and with them.  This led to another enduring reality, which is that many customers started loving lists TOO much.  I saw many, many customers over the years that had lists that had just exploded in size.  As these lists grew larger, the performance in using them tends to get worse and worse.  This problem was also compounded by the fact that many developers saw SharePoint lists as a quick and easy place to store data for their application.  That meant even bigger lists sizes, and more people using them more often.

Over the years, we developed lots of documentation and options for improving the performance of your lists.  As customers have moved to SharePoint Online in Office 365 though, we would occasionally hear people ask if it had the same large list limitations as SharePoint on premises does…and the answer is yes, it does.  Now as more customers are moving their SharePoint on premises data to SharePoint Online, we see increasing concern about how the lists they do have are going to perform once it’s all up in Office 365.  Fortunately, at Office365Mon, we’ve just released a new feature designed specifically to help you stay on top of this issue.

List Monitoring is a feature that lets you select one or more lists in SharePoint Online for us to monitor.  For the lists that we’re monitoring, we will do a couple of things:  first, we’ll issue health probes for each list that we’re monitoring and render the default view for it to see what the performance is like.  That’s typically one of the first places where you’ll see performance issues with a large list.  You can configure List Monitoring so that it will send you a notification if it takes longer than “x” seconds to render the default view, where “x” is a number that you decide.

The second thing we’ll do is keep tabs on how large the list is, i.e. how many items it contains.  Again, you can set a threshold for us to look for, and when a monitored list gets bigger than that threshold, we’ll send you a notification to alert you to it.  So, for example, if you’re worried about a large list approaching that magic 5,000 item limit, you can have us notify you when it’s getting close.  Here’s a screen shot of where you configure the monitoring thresholds:

MonLargeLists1

Selecting the lists to be monitored is also quite simple – we provide you with a collection of all of the lists in the SharePoint Online site that we’re monitoring, and you can just check boxes next to the lists you want us to monitor for you.  It can be any of the lists that come out of the box with SharePoint, or any custom list that you’ve created:

MonLargeLists2

Once we’ve started monitoring lists for you, not only will we notify you according to the thresholds you’ve configured, but as you’ve come to expect from Office365Mon, we also have a nice set of reports you can use to see where you stand.  To begin with, you can see the performance of the recent health probes we’ve issued against monitored lists in our Average Response Time report.  It shows the performance of all of the resources that we’re monitoring for you, including monitored lists.  We also have a new report that shows you the average performance each month just for your monitored lists:

MonLargeLists3

In addition to that, we have a report that shows you the size of your monitored lists each day, so you can visualize any growth trends that might be happening that you need to get in front of:

MonLargeLists4

We also provide a monthly view of the average size of each monitored list, so you have a longer-term view of how rapidly your lists are growing:

MonLargeLists5

Being aware of large lists and their impact on performance is one of the best ways to ensure a good experience for your users.  I’ve heard many, many times from customers that say “our site is slow”.  There are lots of reasons why that might be, but a couple of the most common reasons are slow query times and large lists.  At Office365Mon we’ve provided monitoring for your query execution time for nearly a year now.  With the new List Monitoring feature, now you can also know when you have large list performance problems.  Once you know that, you can start working on a mitigation strategy – splitting the data out into multiple lists, creating customized views of the data, etc., etc., etc.  There are a lot of different things you can do to work on improving the performance, but if you don’t know you have a problem then you’ll forever be stuck wondering why your users keep telling you that your “site is slow”.  Take advantage of features like these to stay in the know and stay in control of your Office 365 tenant, and keep everyone happy.  Start by visiting us at https://www.office365mon.com and clicking the Configure…List Monitoring menu.

This is yet another feature at Office365Mon that was driven from feedback by our customers.  I hope you’ll take a look at this feature and as always, let us know how we can make it better as well as ways in which we might be able to help you to do Office 365 monitoring even better.

From Sunny Phoenix,

Steve

 

Migrating an Office Task Pane App to a Toolbar Add In

If you’re one of those less-informed people, like myself apparently, you may have recently received an email or otherwise found out that the Office task pane app you published in the Office Store a while ago is no longer in compliance.  It is now a requirement that any task pane apps that were previously submitted – back when that was the only app form factor available – need to be refactored to support the Add In toolbar model.  This announcement was easy to miss since it only appeared rather randomly once on some Office team blog.  Rather ironic given that this comes from the team that provides so many office communications tools.

But I digress…once you find out you need to update your app to support the new model (as well as the old model, since not every single customer is on Office 365 and/or Office 2016), how do you do it?  Unfortunately the fine folks that made this policy change neglected to provide a guide on how to do so.  They merely provide links to very general and fairly vague documentation, so since I just went through this process I thought I would capture it for others who may need to do the same thing.

Here are the steps I went through to move my Outlook task pane app to the Add In toolbar model.

Step 1 – Get the latest version of the Office Tools for Visual Studio

The actual location to get this may vary depending on your locale and version of Visual Studio, so I’ll just leave it at “go get it and install it”.

Step 2 – Start Working with Your Application’s Manifest File

Interestingly enough, once the latest tools are installed, it’s actually gone a step backwards from a tooling perspective.  When I double-click on my app manifest in Visual Studio 2015 now, it no longer opens the visual designer that lets you set attributes in your manifest.  Instead it just opens the underlying Xml file and you get to edit Xml by hand.  I could swear I’ve seen this before…oh wait – I did – like 15 years ago.  Visual Studio does at least provide some editing advantages over Notepad, so there is a certain amount of forward progress.

Step 3 – Update the top-level OfficeApp Element

The main change needed to the manifest file is going to be to add a VersionOverrides node and populate it with the correct data.  Note that you can keep all of your existing content in your Xml file, which you’ll actually want to do to ensure that it is supported on clients that do not have Office 2016.  In order to add the VersionOverrides node though, you first need to update the top-level OfficeApp element.  This is to add some namespaces that are needed to support the content in VersionOverrides.  Here’s an example of my new OfficeApp element:

xml0

One important point to note:  my element includes the “mailappor” namespace and is of type “MailApp”.  If your app is not an Outlook add-in, then the values you will need to add will be different.  While I could try and point you to some documentation, I actually recommend doing this to make sure you have it exactly right (I found the documentation to be a bit painful):  just create a new project in Visual Studio for an Office Add In that is the same type as the one you are updating.  Then you can grab the correct namespaces and types from the Xml file for the manifest it creates.  Much quicker and easier than searching for and through sketchy documentation.

Step 4 – Add the VersionOverrides Node at the END of Your Existing Content

Here’s something that isn’t at all obvious – you can’t just add the VersionOverrides node anywhere in your app’s manifest.  You need to add it at the end – after any Rules you may have (like in a Rule node), which is after your Permissions node.  Your VersionOverrides node may be perfectly formed, but if you place it any higher in the manifest, you will get an Xml validation error and your life will suck.

Step 5 – Add Your VersionOverrides Node and Start Editing

For this step, I’m just going to paste in a big bunch of Xml and then start talking through what it is and how it’s all linked together.  So to begin, here’s the Xml – both some stuff from my original manifest file and the new VersionOverrides node:

  xml1

Okay, let’s start breaking some of this down.

Step 5.1 – The VersionOverrides Node

My VersionOverrides node looks like this:

xml3

The main thing I want to point out here is the namespace.  Again, my app is an Add In for Outlook, so it uses that namespace.  If your app is not for Outlook, it will be different.  Again, look at the content in your sample application you created above to get the correct value.

Step 5.2 – Set All of the Common Property Values

Within the VersionOverrides node, there’s a chunk of properties that will likely be used in different form factors – for example reading a message, composing a message, reading an appointment, etc.   So let’s look at this chunk of Xml:

 xml2

As you can see, these are the resources for your app – icons, icon titles, tool tips, that sort of thing.  You’ll notice that you need icons that are 16×16, 32×32 and 80×80.  Add those to your Add In’s web site and then plug in the Url.

For the functionFile I cheated…just meaning I don’t have any UI-less triggers, so I just plugged in the home page for my Add In’s site.  If you have a javascript file for this, then you would put the Url here.

The ShortStrings and LongStrings section are where you put the strings that will be used for the icon titles and tool tips.  Plug in whatever is appropriate for your app.

Now, here’s an important one – look at the item with the id “messageReadTaskPaneUrl” – THIS is where you plug in the Url that you used before in your original task pane app.  For example, I’m going to paste in side by side here a couple of chunks of Xml from above.  The first one is for my original task pane definition, and the second one is my messageReadTaskPaneUrl node:

xml6

Hey look – the Urls are the same!  Finally, starting to make some sense.

Here’s the big thing that is not clearly called out in the documentation – look at the id’s all of the elements in the resources section.  You’re going to plug these same id’s in when you declare the various form factors your application supports – such as message read, message compose, etc.  Let’s see how that works next.

Step 5.3 – Add Your Form Factor Implementations

This step is what ties it all together.  You create a definition for each form factor you want to support, like Message Read, Message Compose, etc.  I’m going to paste in the Xml for one of my form factors below and then talk through it:

xml7

Let’s look at some of these individual elements now:

  • ExtensionPoint xsi:type – this is what defines the form factor, in this case Message Read
  • Label resid=”groupLabel” – this corresponds to the ShortString I have in the resources section with the id “groupLabel”
  • Label resid=”paneReadButtonLabel” – this corresponds to the ShortString I have in the resources section with the id “paneReadButtonLabel”
  • Title resid=”paneReadSuperTipTitle” – you probably get this by now – corresponds to the id in ShortStrings
  • Description resid=”paneReadSuperTipDescription” – again, guessing you understand here. What you’ll see is the icons you’ve defined show up in the toolbar (in the Outlook 2016 client) or in the Outlook Web Access UI.  In the toolbar the icon will have the title I put in the “paneReadSuperTipTitle”, and when you hover over it you will get a tooltip that contains the paneReadSuperTipDescription.
  • Icon node – you’ll see the three different icons, with each one pointing to the different id’s that were added in the resource section.
  • Action – this is the money node – the SourceLocation has a resid value that points to the id in our Resources section with the Url that we used in our task pane app; in my example that’s https://weatheroutlook.azurewebsites.net/AppRead/Home/HomeRead.html.

That’s really it – once you understand how all the pieces relate to each other in the manifest file, then it’s really pretty simple to add other form factors (or ExtensionPoint nodes as they’re called in the Xml).  After that, you just need to click the Publish item on the shortcut menu for your App project and click the Package the add-in button.  It’s a little silly because all it does is open a window with your manifest’s Xml file.  Then you can click the button at the bottom of the page to Visit the Seller Dashboard, update your manifest, and you’re done!  Just wait for it to get through the validation process successfully and your Office Store application will be updated.

That’s it – hopefully you can use this guide to walk through the process of updating your own applications.  I’ve uploaded my own manifest file so you can see the entire thing and hopefully it will help you see how it all plugs in together – you can get it from https://1drv.ms/u/s!AEFcZajG99GWlIYw.  In case it doesn’t automatically download for you, look for the WeatherOutlook.zip file. Good luck!!

 

Know When Your Office 365 Email Gets Stuck in Transit From Office365Mon

One of the things that we’ve done from day one when monitoring Office 365 is to let you know if your Exchange mailboxes are working or not.  While that’s an absolute necessity and quite valuable, it still left part of the story untold – until now.  One of the things we heard from customers is “my mailbox seems fine, but I sent an email 30 minutes ago and it hasn’t arrived yet”.  Or “I was told they sent me an email a couple of hours ago but I haven’t seen it yet”.  For those that have witnessed this behavior before, you know that sometimes email gets stuck in transit.  Your mailbox may be working fine, but if messages aren’t going out or coming in, then it can be a real problem.

At Office365Mon.Com, we’re addressing this with our new Email Transport Monitoring feature.  The Email Transport Monitoring feature lets you monitor both outbound messages – those that you send – and inbound messages – those that you receive.  You can set a delivery time for each direction, and if our health probe messages don’t arrive within that timeframe, we’ll send you a notification.  Like all of our other notifications at Office365Mon, that can be emails, text messages, and/or our webhook service.

Configuring monitoring for your email transport is incredibly simple.  Go to our web site and start here:  https://www.office365mon.com/Configure/EmailTransport.  This is a screenshot:

configemailtransport

It’s pretty simple – if you want us to monitor email transport, just check the box and tell us how long to wait before notifying you when a message doesn’t show up.  If you don’t check the box, then we won’t monitor it for you.

Once we’ve started monitoring it for you, there are some very nice reports you get.  To begin with, you’ll see the message delivery times for everything we’ve been monitoring over the previous 12 hours:

emailtransportrecent

In addition to that, you get monthly summary numbers so you can see what your delivery times have been:

emailtransportmonthly

Also, we have a report that shows you every message that was so slow it triggered a notification, so you can always review the history of when you had issues.  In addition, you will see email transport performance information rolled up into our Power BI reports.  The raw data for these reports is also available for download from our site if you have the Report Data feature enabled, and you can also programmatically retrieve it via our reporting REST API.

This is another in a long line of customer suggested features we’ve implemented.  Like the others, it’s a super scalable cloud-only monitoring feature that doesn’t require you to install any software, anywhere.  It’s available today as a Preview feature on our site at http://www.office365mon.com.  Just go to the Configure menu and click on Email Transport Monitoring – then check the boxes for the directions you wish to monitor.  All customers get this feature free to try for 90 days so check it out and let us know what you think.  After 90 days you can get this feature with our new Enterprise Platinum license.  See our site at https://www.office365mon.com/Products/Pricing for more details on pricing.

As always, thanks so much for all of the great suggestions.  We listen and continue to build on your needs.

From Sunny Phoenix,

Steve