Webinar: Microsoft Graph for PowerShell Administrators

Tomorrow, I am kind of going back to my roots for an hour. My friends at Cayosoft (Bob and Andrei – with whom I used to work on QAD cmdlets, the initial community project for Active Directory PowerShell implementation before the official Microsoft one appeared!) asked me to help them with a webinar on the basics of Microsoft Graph and PowerShell SDK for it.

Please join us if you get a chance: Microsoft Graph Basics for PowerShell Admins, Tuesday, July 14, 2 pm EST / 11 am PST.

PowerShell has been designed to provide unified intuitive command-line and scripting administration across many enterprise systems. Ironically, cloud made things difficult again by limiting administration choices and making APIs for cloud systems inconsistent and more dev-oriented.

Now, Microsoft PowerShell SDK (in Preview at the moment) is aiming to bridge that gap.

In this webinar we will explore:

• The basics of PowerShell and Microsoft Graph 
• Connecting to the systems, authentication, and authorization 
• Discoverability of commands, objects, and properties 
• Practical examples of user and group management 
• Current limitations and the ways to work around them 

Please join us: Microsoft Graph Basics for PowerShell Admins, Tuesday, July 14, 2 pm EST / 11 am PST.

APISecurity.io Community & Newsletter Launched

As many of you probably know by now, last month I joined 42 Crunch as VP of Cloud Platform. As one of my first pet projects in the company, today we are launching https://apisecurity.io – so I wanted to take a few minutes to explain our thinking and goals for the project.

API economy is on the rise:

• Twilio just announced that it is acquiring SendGrid for $2 billion,
• Even non-tech companies are becoming more and more API-oriented: Expedia attributes more than 80% of its revenue to APIs,
• IoT is on the rise with smart-everything devices getting into our homes (there is an Alexa-enabled microwave from Amazon now!), workplaces, and cities.

All of this makes API security critical. In fact, Gartner expects that by 2022, APIs will become the most common attack vector out there.

42 Crunch provides end-to-end API security solutions from OpenAPI/Swagger file assessment, to live API scanning, to API firewalls, and has been named Cool Vendor of the Year by Gartner.

APISecurity.io is going to be our community hub for all things API Security. We have just launched it and it hosts a weekly newsletter with the major news from API Security delivered to your mailbox once a week.

See you there!

Fixing “Debug adapter process has terminated unexpectedly” error in VSCode for PowerShell

VSCode is the primary tool that Microsoft provides on Linux and Mac OS to edit and debug PowerShell scripts. Yet, on MacOS, with default installation, you are likely to get the “Debug adapter process has terminated unexpectedly” when you try running your scripts.

However, to fix this issue you simply need to install OpenSSL on your Mac running VSCode as described here.

Once this is done, simply:

1. Click File / Open and open the folder containing the PowerShell script,
2. Click the script that you want to edit in the left-hand pane,
3. Set breakpoints where you want them by clicking on the margin by the corresponding script line,
4. Press F5 or click the run button in the editor:

Happy scripting!

Enabling Intellisense for PowerShell cmdlets in VSCode on Mac OS X

VSCode is the primary way to edit and debug PowerShell scripts on Mac OS and Linux. If you do not have it yet, follow these instructions on GitHub on installing VSCode on Mac OS/Linux/Windows and adding its PowerShell extension.

Once you are done with that, you can create a new or open an existing PS1 file, however, you might still get “No suggestions” error when you try to get intellisense for cmdlets:

This is because this functionality actually requires OpenSSL. Here’s how you add it to your system:

Install Homebrew

Homebrew is Mac’s most popular package manager. To install it:

1. Open a Terminal window,
2. Install Mac OS command-line developer tools (xcode) by pasting the following command and pressing Enter:
   xcode-select --install

   
3. Install Homebrew package manager by pasting the following command:
   ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)"
   
4. Double-check that the installation is successful by running

   brew doctor

   

Install OpenSSL

Now install OpenSSL on Mac OS by simply pasting the following command to the Terminal window:

brew install openssl

 

Verify PowerShell cmdlet intellisense in VSCode

1. Start VSCode,
2. Open a ps1 file or save the file that you have as .ps1,
3. Verify that PowerShell is selected as the language mode at the bottom right of the VSCode window:
4. Type Get- and you will see the intellisense window popping up with the list of available Get- cmdlets:

Run PowerShell on Mac OS X

As you have probably heard by now, Microsoft has just open-sourced PowerShell and made it available for Linux and Mac OS X. In this blog post, I will take you through the steps to download, install and run PowerShell on a Mac.

Download and Install PowerShell for Mac OX

1. Go to PowerShell github project: https://github.com/PowerShell/PowerShell
2. Scroll down to the Get PowerShell section and download .pkg:

3. Locate the newly downloaded file in Downloads, right-click it and click Open:

4. You will be warned that this is a file from the Internet and then prompted for your local administrative password, then go through the installation wizard.

Run PowerShell on Mac OS X

PowerShell is a command-prompt in your terminal window, so to start it:

1. Start the Terminal application,
2. Now you can simply type powershell as a command and this will start the PowerShell engine and move you from the bash prompt ($) to the PowerShell prompt (PS):
   

3. That is it! You can now type a PowerShell command and see the output. For example, here’s Get-Process:
   

If you are new to PowerShell, see the Learning PowerShell page on GitHub.

Download Links for PowerGUI and QAD cmdlets

With Dell’s acquisition of Quest and all the IT reorganization that followed, it is actually not that easy to find these two popular free PowerShell tools any longer. So here are the links that work today (January 30, 2015):

PowerGUI

The download is freely available from Dell’s PowerGUI community.

The community itself also got moved from http://powergui.org to http://en.community.dell.com/techcenter/powergui.

Dell Software is still maintaining the product – as I am writing this the latest version is 3.8 released in April 2014.

UPDATE: Looks like Dell took the community site down but direct download link http://community-downloads.quest.com/powergui/Release/3.8/PowerGUI.3.8.0.129.msi still works.

Quest / QAD cmdlets

This one is a little more tricky to find: https://software.dell.com/register/71110

If this link for some reason changes, all Dell’s freeware and trial links can be found in this catalog: http://software.dell.com/trials/

UPDATE: Looks like this got hidden even further. Not sure where it can be found now. This site seems to have copied and made them available for download though: http://www.powershelladmin.com/wiki/Quest_ActiveRoles_Management_Shell_Download

Happy PowerShelling!

Cloud Track at WSO2Con Europe

WSO2Con Barcelona agenda is now live including the Cloud track near and dear to my heart. Here’s a quick overview of what to expect:

1. Cloud Strategy – track keynote – we will go through all things cloud with WSO2 technology: our work with Apache Stratos, private cloud, dedicated cloud, and our shared public cloud services,
2. Still to-be-announced session on IaaS platforms and how we work with them,
3. Apache Stratos Roadmap and Strategy – Apache Stratos is a community project to which we are one of the key contributors and which we at WSO2 are using a lot internally for our own products and services,
4. WSO2 Private PaaS – the private PaaS platform that we built on top of Apache Stratos,
5. App Factory – our DevOps PaaS that integrates all aspects of application and API development and hosting: from specs and task/issue tracking, to code repository, resource provisioning and management, application lifecycle management (ALM), and production hosting,
6. Public Cloud – we will be for the first time publicly promoting the shared public cloud platform that we are developing for application and API development, management and hosting,
7. How we built WSO2 cloud – our cloud team sharing details of our own cloud design: how we used WSO2 products to assemble and run our public shared cloud – a great source if information if you are considering doing something similar internally or for your clients,
8. Getting more 9s from your cloud operations – the Operations side of how we run our cloud and ensure its high availability,
9. Buyers guide to all things cloud – we will summarize all things cloud on the market today, and perhaps also have customers share their experience in building their own clouds.

Besides the Cloud track, there will also be tracks on Integration, API Management, Application Development, Big Data, Security, Mobile, IT Strategy, and Partner track, plus detailed pre-conference workshops, meetings with the key members of the WSO2 team and much more.

See full agenda here.

Early bird registration is still available.

See you in Barcelona this June!

Poor Man’s Mail-Merge with Gmail

Here’s how you can send a lot of individual personal messages if all you have is a GMail or Google Apps account.

One of the key ways for successful startups or new IT projects is knowing your customers (and partners) and being available to them – so you can quickly collect feedback, learn more about what they are trying to achieve with your platform, and just make sure that they know who to contact when they need to.

Instructions below will help you set up your personal gmail account or Google Apps account to send personalized email like the one you see on the right. Note that this is as personalized as it gets with everything originating from your address (no on-behalfs) and the recipient being the only person in the To list (no BCCs or users seeing addresses of each other).

Phase One: Simple Email Script

1. Open the Google Script developer environment by going to http://script.google.com and clicking the Start Scripting button,

2. Close the welcome screen and you will get your first script created for you:

3. Click the Untitled project name at the top left and give it a proper name – this file will get added to your Google Docs.

4. The simplest script that sends an email to someone will likely look like:

Every email needs to have a recipient, subject and body (the text in the email). Note that you need to add ‘\n\’ at the end of each line to have more than one line in your text. Also, note that besides the plain text – you can have nicely formatted HTML email text – see how I did that in the htmlbody variable.

5. Now click File / Save, and then Run / YourFunctionName to run the script.

The first time you run the script you will be getting a couple prompts to confirm access to gmail. After that the script will run and send the email.

Phase Two: Multiple Emails and Names

Running a script to send just one email is kind of meaningless. Lets modify the script quickly to send many emails at once:

1. Add arrays with names and addresses – e.g.:

var names = ['Bill', 'Susan']
var addresses = ['bill@test.com', 'susan@test.com']

2. Put everything in a FOR loop that goes through the lists:

for (var i=0; i<names.length; i++){
}

3. Use names[i] to put the name into subject and body (if you want) and addresses[i] instead of the recipient in the Gmail call. You code will likely look like:

Phase Three: Get Recipients from a Spreadsheet

Now, if you want to have a spreadsheet rather than the list of recipients in the code, this is also fairly easy to do. Here’s how.

1. Create a Google Spreadsheet like this one and save it:

2. In your script, add the code that opens the spreadsheet (you will the Id of the spreadsheet – copy it from the URL of the spreadsheet in the browser):

var sheet = SpreadsheetApp.openById("1speapm4TJpG5SxRFC94RIkpTzf6vAiZUBGoT7Xrk6Iw");
var data = sheet.getDataRange().getValues();

3. Change the loop to iterate through the cells of the spreadsheet instead of the preset array:

for (var i = 0; i < data.length; i++) {

4. Instead of name use use data[i][0] and instead of email address use data[i][1].

 

That’s it. Now you can send multiple personalized emails from your very own Gmail/Google Apps account.

Checklist for Cloud Service Operations

I knew one software company that failed their SaaS transition because they chose to cut a few corners with the operations. Since they were software engineers, they did not really want to spend time on such mundane tasks as security, auditing, backups and so on. One day they let a disgruntled employee go, the guy went to an internet cafe, logged into the hosting account with the shared admin credentials, and deleted all customer data.

There were no backups or data replicas to bring the data back, no personal admin accounts or procedures to prevent such an incident from happening, and even no monitoring to learn about the issue before customers did. This was the end of this SaaS application – it just never recovered.

Cloud business is more than just putting some code online (and collecting money ;)) Whether you are offering Software-as-a-Service (SaaS) web application, Platform-as-a-Service (PaaS) or Infrastructure-as-a-Service (IaaS) – what you are offering is more than just your code – it is your service.

Even if you do not offer a formal service level agreement (SLA) and have a statement in your Terms of Service that you are not liable for anything, your online application or platform is still a service so your customers expect it to be reliable and secure.

At our recent WSO2Con, Chamith Kumarage delivered an excellent session on how our Cloud DevOps team works. If you are delivering a service online (or considering doing so) – make sure to watch the recording (quick registration required).

Here’s my quick summary of Chamith’s advice:

1. Automate everything: repetitive tasks not only are inefficient and mundane, and eat your time. When done manually they are unreliable. Humans tend to do things slightly differently each time they do them, or not do them at all.

2. Tasks are really parts of processes: when you come up with something that needs to be done, ask yourself what is the process flow for this task? For example, a data backup is really a part of a process that includes:

• Scheduled (e.g. at 1 a.m. every day) script which creates a backup,
• Some sort of monitoring system which verifies that the script ran and the backup got created,
• Notifications on failures and procedures that need to be followed in not,
• Backup testing: automated and/or regular manual recovery drills (if manual then documented and performed by different team members).

3. Design for failure: everything will be failing so make sure that your system can sustain the failures. For example, if your system uses multiple virtual machines in the cloud, keep running a “chaos monkey” script which keeps randomly killing the instances and automated tests which ensure that these instance failures do not affect the overall system (by the way, see how Netflix does that.)

4. Self-healing and success verification are critical for all tasks. Any task and operation can fail (see above) so the system should not get “surprised” but should always automatically validate the action results and if something didn’t go right – implement the healing procedures (start new instances, retry, and so on).

5. Enforce discipline, processes, automation, checklists. Document everything. This will make your processes repeatable and reliable.

“Bus monkey test” (related to the above) if one of your team members gets hit by a bus – all operations should keep working: everything needs to be documented and tried by other team members. (* This is a mental experiment – do not actually hit your team-members by busses :))

6. Monitoring and analytics: the key is not to collect and show tons of data and alerts, but be able to quickly detect abnormal behavior.

7. Communications: your dashboards should quickly and clearly give you the big picture and relevant details. Key metrics and system state should be something that everyone sees and understands, effective drill-downs should make it easy to understand and fix stuff.

8. Agile delivery: waterfall processes in the cloud are bad and stressful.The smaller the changes and the more often and in more automated fashion they are – the more mundane they become: which lowers the risks and improves the skills and reliability. Cloud and big-bang releases do not go well together.

9. Use standard tools and native systems of underlying platforms – do not reinvent the wheels. For example, if the platform gives you SQL-as-a-service (Amazon RDS, Azure SQL and so on) – use those and not your own MySQL running on a virtual machine.

10. Post-mortem analysis is a must. If something did get wrong after all, you need a formal investigation process:

• What happened?
• Why and what needs to be done to prevent this in the future?
• If automated monitoring didn’t catch it, why and what needs to be done to prevent this in the future?
• If validation and self-healing didn’t catch it, why and what needs to be done to prevent this?

Full session recording and slides are available here.

Building WSO2 Cloud

This year I changed my job and became in charge of the Cloud business at WSO2. This means that now on this blog you will have even more “cloud stuff”, so I thought I would start with a quick intro to why I joined WSO2 and our general cloud directions.

Sorry if the stuff below sounds a bit salesy. 🙂

WSO2 started as a middleware company – with an enterprise service bus – WSO2 ESB – that is still one of the leading products in the industry.

For those who do not know, ESB is basically a system that helps connect all the discrepant IT systems that you might have – all talking different protocols, formats, etc. – so you can create your enterprise applications that use all the building blocks that you have in the company.

What made WSO2 cool (besides amazing performance and the fact that everything they produce is open source under Apache license and that all the core product discussions happen in the open, in public newsgroups) is that early on, the company designed the product to be a platform (called Carbon) which has many building blocks (for identity management, various protocols, event processing, transformations, analytics and so on) which the company then used to deliver a huge set of successful products:

• ESB,
• API Manager,
• Identity Manager,
• Business Analytics Monitor,
• Complex Event Processing,
• Private PaaS,
• App Factory,
• Enterprise Mobile Manager,
• and many more.

All of these built from the same Carbon platform – which is very impressive.

This basically pushed the company from middleware provider to become a supplier of one of the most comprehensive platforms that the biggest enterprises are using to turn their IT platforms into Connected Business – unified system serving APIs, mobile apps, portals, applications and services connecting the company’s resources with employees, partners and customers.

Companies like Boeing, eBay, and StubHub are using this platform to run their systems – so inadvertently you have probably been a user of WSO2 technology one way or another.

Now my goal within WSO2 is to extend the reach of our technology to companies which would like to consume it as a service.

Coming from both enterprise and cloud background, I can attest that the collection of technology that WSO2 has is probably the most comprehensive cloud platform in the industry today.

At the moment, this technology gets used mostly in private cloud scenarios. My team is now actively building the public cloud side of the story. Stay tuned!