I found some tutorials that show a Simple "Device Monitoring" solution using IoTHub -> StreamAnalytics -> PowerBI here and here.
Tried setting up the System as said just use a different Accounts for Azure (private MSDN account) and PowerBI (Work Account), but then i found the following quote.
Note: Make sure that you are logged into the Azure portal with the same account that you use for Power BI when you click Authorize.
Now I can not use the same Account for both because I do not have an active subscription on my work account. And I can not create a PowerBI account with my gmail address (I got no idea why)
Is there any way I can still get the Stream Analytics connected to my PowerBI Account? And if not is there any alternate Dashboard inside Azure which I can use for a Proof of Concept?
You shouldn't need to use the same account for Power BI and the Azure portal. You can authorize another (Work account) for Power BI from the Azure portal when you are signed in to your Azure subscription with a Microsoft account.
You might want to take a look at the Remote Monitoring preconfigured solution as a proof of concept. It deploys a complete end-to-end solution including a custom dashboard and uses IoT Hub and Stream Analytics.
Related
There are some default settings for devices in Azure AD:
- Users may join devices to Azure AD (All-Selected-none)
- Additional local administrators on Azure AD joined devices (Selected-None)
- Require Multi-Factor Auth to join devices
an so on.
I am not able to find any solution to do this PROGRAMMATICALLY.
I went thru all MS Graph (also beta), tried PowerShell - Azure AD, Exchange Online, but without any result.
Only Msol has cmdlet Set-MsolDeviceRegistratioinServicePolicy, which does the job. But not whole job - I can't find how to set users/groups which can be selected.
And anyway, does MS Graph have this functionality?
MS Graph doesn't have this functionality yet. All the operations of Device are list here. Currently we can manage device identity using the Azure portal. You can send your feedback regarding this at the bottom of this link. Hope it helps.
This problem may stem from the dependency on MS accounts for MSDN instead of work accounts, but maybe some one has found a solution?
I use the same email address for both my MS and Work Accounts.
Our Company Subscriptions seems to be linked to our MS Accounts, as does our VSTS accounts. I can sign into Azure Portals using both MS and Work Account. I want to be able to deploy do our company subscription from VSTS.
When I sign into Azure, using my work account, I can see our Azure AD. I am a global admin and can make changes, etc. This is not visible when I sign in using the MS account. It tells me I don't not have access, which I can understand.
In VSTS, I have linked my MS Account to my work account. But I cant access some of the projects # {whatever}.visualstudio.com VSTS sites with my work account, I must use my MS account.
The main problem is when I try to set up a build and deploy from VSTS into the Company Azure Subscription. To achieve this I need to set up a Service Endpoitn to ARM in Azure. So I go ahead and try to do that.
It fails as it says that the account does not have the sufficient privileges needed in Azure Active Directory. Remember, AAD is only accessible when I log into my work account in the azure portal.
One last point, AAD would see my MS account as a guest account, so I thought 'hey, I will add that account to AAD as a guest and assign privileges necessary to perform the tasks I need'. But because the same email address was used for both my MS account and work account, it tells me when I try to add the guest account, that it already exists.
Is there any way around this problem? How can I associate/move all VSTS subscriptions to my work account?
When the VSTS identity you are using does not have access to the Azure subscription your trying to deploy to, the best way to do this is to create your service endpoint manually.
The steps are [here][1]. See the Azure Resource Manager service endpoint -> Manual subscription definition section. It has a few more steps, but once you create that, just use that service endpoint in your build or release definitions & your good to go.
I have an SharePoint Office 365 Developer account and initially it was created using #xyz.onmicrosoft.com account.
Now I have added #xyz.com. All the billing management happen using the admin#xyz.onmicrosoft.com and application access happen using user#xyz.com
Now I am planning to add Azure Pay-As-You-Go subscription but I am confused should I create the Azure portal account using admin#xyz.onmicrosoft.com or user#xyz.com
Is there any best practice or general recommendation available ?
this is completely up to your organization, there are no major advantages of using one or other.
Nevertheless, an "user#xyz.com" account will be friendlier than "user#xyz.onmicrosoft.com".
In our organization, we are using Google Apps for Work for emails, calendar, document repository.
We also have some other services that we are using our google account to authenticate with SSO support. Simply google account is our SSO account that we want to use in all services we are using.
There are few exceptional services that we were not able to setup Google as identity provider. One of them is Azure Services. In azure, you can provision Azure Active Directory and create accounts in it and use that accounts to access many other Azure Services, such as Azure SQL Databases. If you are using Visual Studio Team Service, you can also configure VSTS to backed by AAD, then you can access to VSTS using AAD Account.
My question is, is there a way to configure AAD to delegate authentication on google side ?
If we can do this, then we would be able to use our Google Account to access all azure services
No, Microsoft services pretty much don't support any accounts other than Azure AD & Microsoft Account at this time.
You could set up Azure AD as the Identity Provider for your Google Apps account. I'm sure there would be some tedious steps in the process to get your users moved over but it should work. When your users attempt to login to Google Apps they would get redirected to an Azure AD sign in page and then redirected back to Google.
Some marketing material can be found here:
https://azure.microsoft.com/en-us/marketplace/partners/google/googleapps/
I planning for Power BI Implementation for one of the customers (With 800 Users), they do not have azure subscription nor Azure AD! How shall I get it started? Do I need to ask the customer to Subscribe to Azure? Will the free-tier of Azure AD work? What all the pre-requisites, Please help me
Azure active directory subscription comes for free if you have a paid azure, office 365 , Dynamics CRM subscriptions. You can go register for it and use it.
If the company already uses office 365 then it is quite easy to integrate with powerbi apps.
If azure active directory is the option you can add users or sync local AD users and integrate with Powerbi. You can also setup ADFS for a single sign-on option.
https://powerbi.microsoft.com/en-us/blog/azure-active-directory-and-power-bi/
https://technet.microsoft.com/en-us/library/dn832618.aspx