Office 365 and Yammer Administrators

I recently completed a Philly MTC Tech Talk on Yammer Administration.  You can see the video here.  This talk was mainly about the Yammer administrative tools available in an Enterprise version of Yammer.  I did start out with some steps on enabling your Yammer Enterprise instance.  These steps are all listed on the Activation pages of http://success.yammer.com site.

Life will go easier for you if you follow the steps and assign a Global Administrator who does not have a generic username prior to activation.  Yammer only assigns named users from the O365 Global Administrator group as Verified Admins on Yammer.  So the default MOD Administrator account, with the username ‘admin’ is not listed as an Admin in Yammer.  That is why you need to identify and assign one as part of the steps in provisioning the Enterprise instance. 

I have found that you can do this after the fact.  I had a previous demo instance where I did not follow the order exactly and this resulted in not being able to see the admin menu.  I removed and readded my named user to the Global Administrator group, and they now had access to the Yammer Admin area.

It is important to note that any Global Administrator you assign in O365 are automatically Verified Administrators in Yammer.  This means they have access to all data in the Yammer environment, public and private.  They can also export data, manage users and manage integrations.  You might expect the GAs to need access to the later functions, but the viewing of private data can be a concern to some networks.

Often administrators will have two accounts, their normal domain account and an admin account with the additional permissions an admin requires.  Given the current limitation with assigning administrator permissions to accounts beginning with ‘admin’, you can create Global Administrator accounts in the format of ‘admin-username’.  Creating an account this way will not add it as a Verified Administrator in Yammer.  This is not a solution, but for some networks, this may be enough.  There does need to be a better solution going forward

If you need to create Network Admins, this is done on the Admin tab of the Admin area.  Enter the email address of the person, select the appropriate pressure and click the Submit button.  Network Admins can also be promoted to Verified Admin in the same area.  Administration of Yammer Admins assigned by the Global Administrator group can only be managed in the O365 Admin area for Users and Groups.  You can see the differences in the screenshot below.

CurrentAdmins 

As always, put your questions below or find me on twitter.

Yammer: Accounts and External Networks

Typically, access to Yammer comes from the account associated with your company’s Yammer instance.  This is your company email address and the domain of that email address is the name of your Yammer Home Network.  For example, sign in with me@mycompany.com and your home network is mycompany.com.  You can see this in the url as it will be https://www.yammer.com/mycompany.com/.

In addition to the home network, you can participate in external networks.  An external network provides the same features as your home network but includes people outside the mycompany.com domain.  These people can be invited by someone from the home network, or if the network is public, a user can request access.

There are number of great reasons to participate in external networks.  Microsoft and Yammer Teams use these heavily to collect feedback, provide support and share information with the community.  External networks are also a great way to connect with your customers by creating your company’s own separate external networks for project engagements or events like tradeshows and conferences.  In general, any use case where you want to securely collaborate with people outside of your corporate home network is a good reason to explore external networks.

Memberships to external networks are tied to the account used to request access to the external networks.  In the typical case, this is your home network account.  You are logged into the mycompany.com home network and then request access to an external network.  The approval is associated with your mycompany.com account and this works well.

A problem arises if you should leave mycompany.com.  As part of mycompany’s processes, mycompany.com disables your domain account if they configured Directory Synchronization or if not configured, someone manually starts the disable process of your account in Yammer.  You now no longer have access to the home network, mycompany.com.  You also no longer have access to any external networks associated with that account.

You can see this by accessing an external network directly through the url.  I recently changed companies and my previous account had access to the Office 365 IT Pro Network.  The direct url to this network is https://www.yammer.com/itpronetwork/.  Accessing this url with my previous company Yammer credentials gives the following notice.

O365NetworkNotice

So as a Yammer user, what can you do.  What I am now doing when needing access to external networks is to make the request using my personal email which just happens to be associated with my Microsoft Account, although any personal email account seems to work.  This is a good fix for those who are at a company where they are not using Yammer (at least not yet!).  I also would only use this for access to external networks that go beyond employment at any one company, like the Office 365 Technical Network or Yammer Developer Network.

There is a downside to this if you are using your corporate account to access your company’s Yammer network.  You will need to logout/login to switch between corporate and external networks as the browser can only hold one yammer connection at a time.  You can keep multiple yammer connections open by using normal and private mode for the same browser or by connecting with two different browser applications, like IE and Chrome.

What I would like to see is a change to the yammer account where it is based on my Microsoft Account so it provides access to external networks I have associated with it regardless of where I am employed.  This new yammer account also has one home network, which is tied to my corporate account.  This way if I change companies, external access remains but the home network is blocked until I enter a new set of credentials for the home network.  Just a thought.

Tweet me or post any questions you have here.

June 2014 Schedule

June is Code Camp month! Lot’s of preparation still underway.

Here is the list of events I plan to attend for June.

Thursday, June 5: Philly Game Works (Microsoft – Malvern, PA) – Have not been able to get out to this new group. They meet once a month and you can check out there site and find them on Meet up if you are interested in attending.

Tuesday, June 10: TriState SharePoint User Group (Microsoft – Malvern, PA) – I am taking over this meeting. I am presenting on SharePoint Social. I have a separate blog post that will describe the talk going up before the end of the week. In addition to doing the main talk, I am also doing the ‘On SharePoint Development’ session as well, where we will look at how to develop against the Yammer API.

Saturday and Sunday, June 21 & 22: Philly .net Code Camp (Valley Forge Casino – Valley Forge, PA) – Session is scheduled for 1:30 on Saturday, but this topic will likely change. I will be around the rest of the weekend as well. There is still room if you are interested in attending. There is a great list of Microsoft community and local speakers presenting some great content. (How did I get in here? J)

Lite month as the Philly .net team is focused on Code Camp, so no monthly meetings. They will pick up again in July.

SQL Azure – Create Login

I’ve been working on an application based on Azure tools. This has been in my instance of Azure and things have gone well. I need to bring another person into the project, but don’t want to share my database credentials. I don’t SQL Management Studio installed on this machine and the web access version inside the Azure portal does not show any way to create or modify users, at least at the time of this writing.

I do have the ability to run SQL commands in the query window. Here are the steps it took to create a new user and give access to the database.

In the Server Explorer tools in Visual Studio 2013, click the Connect to Database icon. The classic database connection box is displayed. Complete the information for the server, username and password. For the Database enter master. You need to connect to the master database to create the login and the user.

Once connected, open a new query window and run the following commands one at a time.

Create login myNewAccount with password = ‘somestringoftext’;

Create user myNewAccount for login myNewAccount ;

This creates the login on the server and creates a user in the master database. Change the connection to point to the database you need to provide access. Launch a New Query window. Don’t use the old one as it points to the master database.

Create user myNewAccount  for login myNewAccount ;

Exec sp_addrolemember 'db_owner', myNewAccount 

 

Again, these statements must be run separately and not in a batch. I would run the query with the statement I did not need commented out with ‘—’.

I wanted to provide db_owner permissions, but any role can be added.

Yammer Analytics – Basic Reports

New post over on Perficient’s Microsoft blog about accessing and understanding Yammer’s basic reports.  This is part 1 of 3 leading up to SPSPhilly presentation on Yammer Analytics.

 

Access Services in SharePoint 2013

This is a brief recap of my Philly .net Code Camp 2013.1 presentation.

Detailed information about the requirements and configuration of Access Services can be found in this TechNet wiki. It is important to note that this functionality requires the following versions of the related applications.

  • Access 2013
  • SharePoint 2013 Enterprise Edition
  • SQL Server 2012

Access 2013 still provides the classic ‘Desktop’ databases we built over the past 20 years. The new version also includes a ‘Web App’ database which creates a SharePoint hosted app for the web front-end and a SQL Server database for storing the content. This is a huge change from the 2010 version of Access Services were the tables were converted to SharePoint Lists. SPLists provide a better scalability story than the traditional desktop database, but still have the list throttling limitations inherent in a SP List. Moving the table content to SQL Server addresses both the scalability and size issue by providing a true relational database engine to support the data. The use of SQL Server is completely transparent to the user as this communication is handled by Access Services communicating directly to SQL Server.

Access 2013 also provides some templates to get the process started. Many of the templates come in both desktop and web app versions. It is important to note as there is no switching from one version to the other after the template is chosen. There is also no upgrade path from previous versions of Access databases into the Web App database. This may be one reason why SharePoint 2013 still contains a legacy service for hosting Access 2010 web databases that come over in a content migration. Also desktop databases can contain VBA code behinds. So while the Access database artifacts all have complementary SQL Server objects, there is no analogous object for VBA code in Access 2013 Web Apps. This presents one of the limitations to the current implementation that changes are more configuration than customization via code. I think this is an area that will be improved in further releases, most likely by allowing javascript and CSS changes as opposed to c#/VB code behind files.

Let’s talk about the SQL Server component. As mentioned this must be a SQL Server 2012 database. It is also recommended that Access Services use a SQL Server instance separate from the SharePoint Farm instance. This will provide isolation for your Access Web App databases in case you need to connect to these databases through other means. A packaged web app deployed to the SharePoint Apps site creates an instance specific database each time the app is added to a site so these databases can quickly multiply. The Configuration Wizard will use the existing SharePoint Farm Database as the location for storing Access Web App databases. This can be managed in the Access Services page under Manage Service Applications in Central Admin. It is important to note that the databases created for the Access Web Apps are not included in any of the SharePoint Farm backups. These databases must be included in your disaster recovery scenarios for your environment to ensure this data is protected.

On the SharePoint side, the custom web app, once deployed to the app store and added to a site, takes on the properties of the hosted site. SharePoint permissions work on the Access Web App just like they would on a SharePoint list. Any site specific branding is also applied when viewing the Access Web App.

There is more coming on this subject as we had some good discussion and interesting questions raised during the session.

Entity Framework Questions from Philly PluralSight Study Group

This is format post of a discussion posted on Linked PluralSight Study Group

We had some good discussion last night with the topic of data in MVC applications and Entity Framework. Two questions that came up were about creating primary key field and creating a nullable int.

First, how is the primary key determined when running the upgrade-database command in Entity Framework migrations?  If you create a class and only specify strings, like this class here

    public class SomeClass
    {
        public string Username { get; set; }
        public string Email { get; set; }
    }

This will throw an error because there is no property that entity framework can point to as the primary key.  If you think back to the examples in the video, they primary fields were named id or had the class name + id as the property name.  They also had a type of ‘int’. 

So does this mean you have to use this convention to get the database created in EF?  No, it just means you need to leverage of the .net Framework in DataAnnotations.  You can specify the keyword [Key] to denote the property you wish to use as the primary key.  This allows you to specify any name you choose.  It even works with properties that are not ‘int’, so this class here,

    public class FooClass
    {
        public string Username { get; set; }
        [Key]
        public string myIdField { get; set; }
    }

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

will create a primary key on the FooClass table for the myIdField property.

Applying automatic migration: 201301232131173_AutomaticMigration.
CREATE TABLE [dbo].[FooClasses] (
    [myIdField] [nvarchar](128) NOT NULL,
    [Username] [nvarchar](max),
    CONSTRAINT [PK_dbo.FooClasses] PRIMARY KEY ([myIdField])
)

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

The second question was if you make an int property nullable, by using int? in the property statement, like in this class here,

    public class NoIdClass
    {
        public string Username { get; set; }
        public string Email { get; set; }
        public int NoIdClassId { get; set; }
        public int? NumberOfChildren { get; set; }
        public int UserAge { get; set; }
    }

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

would this result in a nullable int field in the database?  The answer is yes, it does.  Here is the SQL statement from the Package Manager Console.

Applying automatic migration: 201301232116310_AutomaticMigration.
ALTER TABLE [dbo].[NoIdClasses] ADD [NumberOfChildren] [int]

.csharpcode, .csharpcode pre
{
font-size: small;
color: black;
font-family: consolas, “Courier New”, courier, monospace;
background-color: #ffffff;
/*white-space: pre;*/
}
.csharpcode pre { margin: 0em; }
.csharpcode .rem { color: #008000; }
.csharpcode .kwrd { color: #0000ff; }
.csharpcode .str { color: #006080; }
.csharpcode .op { color: #0000c0; }
.csharpcode .preproc { color: #cc6633; }
.csharpcode .asp { background-color: #ffff00; }
.csharpcode .html { color: #800000; }
.csharpcode .attr { color: #ff0000; }
.csharpcode .alt
{
background-color: #f4f4f4;
width: 100%;
margin: 0em;
}
.csharpcode .lnum { color: #606060; }

Viewing the table in SQL shows this structure.

image

Hope this helps!  Let me know your experiences in working with these features.

Follow

Get every new post delivered to your Inbox.

Join 314 other followers

%d bloggers like this: