Updates to Organizational Theming in Microsoft 365 admin center

Updates to Organizational Theming in Microsoft 365 admin center

This article is contributed. See the original author and article here.

We are so excited to announce an enhanced theming experience for tenants. We have started rolling out the improvements and will be generally available by late May 2021. Through the Microsoft 365 admin center, start playing around with colors and logos and assign custom themes to different Microsoft 365 groups in your organization! The organizational theme is what appears in the top navigation bar for people in your organization.


 


Creating a new theme dialogueCreating a new theme dialogue


 


How to get started


To get started, in the Microsoft 365 admin center navigate to Settings > Org Settings > Organizational profile click on Organizational Themes. From there you can add up to 4 custom themes. Each theme can be customized with different logos and colors. Admins can specify theme logos and specify the URL where users will navigate to when they select the logo.


 


Applying a custom themeApplying a custom theme


 


What is exciting about these improvements?



  1. Specify a different logo for dark mode

  2. Create themes for different groups

  3. Get instant accessibility feedback on your theme


 


Read more about the exciting updates here!


 

Best practices for incorporating AZ-900 and AI-900 into the curriculum

Best practices for incorporating AZ-900 and AI-900 into the curriculum

This article is contributed. See the original author and article here.

Best practices for incorporating AZ-900 and AI-900 into the curriculum with the University of Lincoln


Guest post by Derek Foster, Associate Professor in Computer Science at University of Lincoln, Microsoft Learn Educator Ambassador.


The School of Computer Science at the University of Lincoln is investing in ensuring students are equipped for excellent career opportunities in high-growth areas such as Cloud Computing and AI. An enabler of this is offering students certification courses such as AZ-900 Microsoft Azure Fundamentals and AI-900 Microsoft Azure AI Fundamentals as part of their degree programmes. Students at Lincoln have taken over 1500 Microsoft certification exams over the last 3 years with the current focus on the new cloud-based Microsoft Fundamentals courses.


 


 

UniofLincoln.png


 


Embedding certification in an academic programme is an optimal approach for sustaining a graduate pipeline that meets the needs of industry. This can be taken further by offering academic credit for certification, something Lincoln is working on now for its new MSc Cloud Computing programme. Programmes that include certification can be positioned as ‘industry ready’, an attractive attribute for prospective applicants.  Students benefit greatly from the industry-transferable skills they learn during a certification course and provide worthy additions to their graduate CV.


 


Student engagement is key for achieving certification. There are a number of approaches to support positive engagement when rolling out certification as part of a degree programme. These are outlined below:


 


Integrate inside a course– This includes integrating the learning materials of a Microsoft Fundamentals course within the academic course and mapping them to the academic learning objectives. This is the most involved approach and requires careful planning.


 


Intergrated.png


 

 


 


Integrate alongside a course – This approach is based on running a Fundamentals course alongside a separate academic course, with opportunities for sharing similar knowledge and understanding areas between both courses. This is a relatively low-barrier approach and offers a degree of flexibility.


 


 

Intergratealongside.png


 


Integrate as a standalone course – This is the most flexible approach and presents the lowest barriers for integration. A Fundamentals course is typically run as a standalone extra-curricular learning opportunity for your students, or as a short Continuing Professional Development (CPD) course for staff. It is not dependent upon any other academic course and can be run during, or outside a semester.


 


 

Intergatestandalone.png


 


At Lincoln we find that regardless of the approach to rolling out certification, students much preferred certification courses to be run as academic-led, as opposed to student-led where all learning is undertaken independently. We also suggest that if your school is new to certification then start a pilot trial of your preferred Microsoft Fundamentals course and run it as a standalone, extra-curricular course. This will give you the experience and knowledge needed to think about next steps for your school and tighter integration if your programmes.


 


Students are keen to engage with activities during their programme that will enhance their career opportunities and can also support their studies in their academic modules. For example the Microsoft Azure Data Fundamentals course is suitable for aligning with Database and Data Science courses, while the Microsoft Azure AI Fundamentals course is great to align with academic AI courses.


 


Below are some quotes from our students at Lincoln on certification:


 

DaynaReference.png  MichalReference.png


 


Giving students the opportunity to take certification courses and exams as part of their degree programme keen is a fantastic approach to support students with getting ready for industry.  The Microsoft Learn for Educators programme support educators with the tools and knowledge necessary to run certification courses. The School of Computer Science at the University of Lincoln is part of this programme and finds the learning materials and community around it an invaluable resource.


 


If you would like to find out more about incorporating Microsoft Fundamentals certification courses as part of a degree programme then please view the associated webinar here, which was part of the Microsoft Education Skills Webinar series.


Resources on Cloud Curriculum 


Published Papers in the ACM Digital Library



 

End of Year Guides for Educators and IT Admins

End of Year Guides for Educators and IT Admins

This article is contributed. See the original author and article here.

It’s that time of the year for northern hemisphere schools! Time to plan your end of year activities, close out the current school year and ensure you are set-up for success in the new school year or for summer school.


 


Screen Shot 2021-04-28 at 3.55.54 PM.png



Geri Gillespy, from the Microsoft EDU customer engagement team, has collected many of the best practices and resources into a simple End of Year Guide for IT admins and educators to help make this transition as simple as possible. These guides include check lists with ideas for getting your systems ready and cover everything from archiving teams and collecting devices to updating your to communication procedures. There’s even information on supporting summer school programs for students and staff.


 


Download the guides below and start your end of school process today!


 


Download April, 2021 IT Admin Guide


Download April, 2021 Educator Guide


 


As always, we would love to hear from each of you to learn more about how you prepare for the end of a school year. Your unique experiences and insights are extremely valuable to Microsoft product teams and to other educators around the world. Please post your tips, comments and best practices below to share with the community. See you in the communities! 

How to use CI/CD integration to automate the deploy of a Synapse Workspace to multiple environments

How to use CI/CD integration to automate the deploy of a Synapse Workspace to multiple environments

This article is contributed. See the original author and article here.

You’re about to kick-off another exciting project, this time you and your team will be working for the first time in a cloud based data solution using Azure Synapse Analytics. You want to benefit from your team’s past experience when deploying data solutions on-premises: to use DevOps as a preferred software development methodology, and to use three distinct environments:  a Development environment that will serve as a playground, where features can be built, experimented and enhanced as needed; then an intermediate environment, UAT, where it is expected that all these features can be tested as a whole, integrated with other applications, quality ensured and approved by end users; last, a Production environment, where these features can be approved and exposed to users and applications. 
In this article we are going to demonstrate how you can use Azure Synapse Analytics integrated with an Azure DevOps Git repository to achieve these goals. 


  


Before you Start…


 


…make sure you have provisioned and configured the following Azure resources in your local environment:


 


Azure DevOps



  1. Make sure you have an Azure DevOps Organization (https://aex.dev.azure.com/) that is connected to your Tenant’s AAD:

    RuiCunha_0-1617232465418.png


  2. Create a new project under your Azure DevOps Organization. Name the project “synapse-cicd-demo” and for demonstration purposes, keep the project visibility as “Private”. Select “Create” to provision your new project.
    RuiCunha_0-1617352338861.png


  3. Make sure you have installed the “Synapse Workspace Deployment” Microsoft extension in your Azure DevOps Organization. You can check this by navigating to your “Azure DevOps” home page and by clicking on “Organization settings” on the bottom left corner. From the left-menu , under “General” select “Extensions“. Look under the “Installed” extensions. If you don’t have the Synapse Workspace Deployment extension installed, just hit the “Browse Marketplace” button and search for “Synapse Workspace Deployment” (include double quotes in the search bar to narrow your search). Follow the installation instructions.

     




Azure Resource Groups


Create one Resource Group per environment, to logically hold and isolate the provisioned resources (DEV, UAT and PRD).


For each Resource Group, provide the following configuration values :


 


Resource Group Name: rg-cicddemo-<env_suffix>


Region: *Choose the region that is right for you 


 


Azure Synapse Workspace


Create one Azure Synapse Workspace per environment (DEV, UAT and PRD). For each instance of Synapse Workspace, provide the following configuration values :


 


Workspace Name: syn-cicddemo-workspace-<env_suffix>


Resource Group: rg-cicddemo-<env_suffix>


Managed Resource Group: mrg-cicddemo-<env_suffix>


ADLS Gen2 Account Name: dlscicddemo<env_suffix>


File system name: fs-dlscicddemo-<env_suffix>


 


Important Note: When provisioning the Azure Synapse Workspace, keep the “Assign myself the Storage Blob Data Contributor role on the Data Lake Storage Gen2 account to interactively query it in the workspace.” option checked.


 


RuiCunha_0-1617270794825.png



Storage Accounts


Create one ADLS Gen2 Storage Account per environment (DEV, UAT and PRD). For each instance, provide the following configuration values:


 


Resource Group: rg-cicddemo-<env_suffix>


Storage Account Name: stgcicddemo<env_suffix>


Performance: Standard


Account Kind: Storage V2


Replication: LRS


 


RuiCunha_1-1617272755499.png


Azure Key Vault


Create one instance of Azure Key Vault per environment (DEV, UAT and PRD).For each Key Vault instance, provide the following configuration values:


 


Resource Group: rg-cicddemo-<env_suffix>


Key vault Name: akv-cicddemo-<env_suffix>


Permission Model: Vault access policy


 


Add a new access policy:


 


Configure from template: Key & Secret Management


Key Permissions: Select only “Get” & “List”


Secret Permissions: Select only  “Get” & “List”


Select principal: Select the Synapse Workspace principal “syn-cicddemo-workspace-<env_suffix>”  


 


Add a new secret:


 


Upload options: Manual


Name: adls-blob-key


Value: Paste the connection string to your storage account stgcicddemo<env_suffix>.


Note:To obtain the connection string, navigate to the storage account resource page and under Settings, select “Access Keys“.


Select “Show keys” and copy the “Connection String” value under “Key1“.


 


RuiCunha_0-1617272729147.png





RuiCunha_0-1617272848376.png


 


Step 1 : Setup your code repository in Synapse Workspace


Before you proceed with your Synapse artifacts creation, you need to setup the Workspace code repository. Make sure you perform all the actions below using your Development Synapse Workspace only. The UAT and Production environments are Live Synapse Workspaces, they don’t need to be integrated with your Git Repository as changes to the features code are only made in the development workspace. 


 


Follow these steps to start configuring your code repository:


 



  1. In your “syn-cicddemo-workspace-dev” Synapse Workspace,  navigate to the “Manage Hub” and under “Source Control” select “Git Configuration“.

    RuiCunha_0-1617287711762.png


  2. Select “Configure” to start the configuration process.


  3. Select “Azure DevOps Git” as the Repository type and then select your Azure Active Directory. Hit the “Continue” button.


  4. Provide your “Azure DevOps organization name” , your “Project name” and your “Repository name” (both as  “synapse-cicd-demo).  


  5. When prompted for the “Collaboration Branch”, create a new branch and name it “master”. Keep the Publish branch as “workspace_publish” and your Root folder as “/“.


    Note: If you have any existing resources in the workspace you can import those resources to the master branch by checking the “Import existing resources to repository” option. Otherwise you can keep this option unchecked.



    RuiCunha_0-1617351531915.png


  6. Hit the “Apply” button to finish the repository configuration. When prompted to specify the working branch, choose to create a new branch as it will act as your new feature branch. As an example, you can name this working branch as “new_feature”. When you apply your settings you will end up with a similar configuration as below:


    RuiCunha_0-1617351629812.png

     




Step 2 : Create your artifacts in the Development Synapse Workspace


Now it’s time to have some artifacts created in the Development Workspace so they can be automatically deployed to the UAT environment and then to the Production environment.  To achieve that, you need to perform the following steps:   


 


Important note: before you begin, make sure you are working under the “new_feature” branch.


 



  1. Navigate to the “Integrate” Hub and hit the (+) sign to create a new Pipeline.

    RuiCunha_0-1617288738804.png


  2. Rename the pipeline as “p_cicd_demo” and add a “Wait” activity just for demo purposes. When connected to a Git Repository you don’t need to publish your changes as you do in Synapse Live mode, you can commit (save) your changes by selecting “Commit”.
     

  3. Navigate to the “Manage Hub” and select “Linked Services” under “External Connections“. Create a new Linked Service and choose Azure Key Vault as the connector. Name your Linked Service as “LS_AKV” and specify the Base URL  (you can get this URL from your Key Vault Overview page). Before you apply your changes, don’t forget to test your Linked Service connection.

    RuiCunha_0-1617315915578.png


  4. The next step is to create a Linked Service to your storage account. Configure your Linked Service as follows:



RuiCunha_0-1617317352330.png


 





By completing this last step, you should have the following Workspace artifacts created in your “new_feature” branch ready to be delivered to the CI/CD Pipeline:


Pipeline: p_cicd_demo


Linked Services: LS_AKV (Azure Key Vault) and LS_BLOB (Azure Blob Storage)


Step 3 : CI/CD – Synapse Workspace


Now that you have created some Synapse Workspace artifacts to deploy, you need to shift your attention to the CI/CD aspect of Azure Synapse. First, you need to publish your new features into the collaboration branch (“master”) and deploy the ARM templates into the Azure DevOps Git repository (“workspace_publish” branch). These templates will be used to deploy your features in the UAT and PROD environments.


 



  1. Make sure you are using the “new_feature” branch and select “Create pull request”.


    RuiCunha_0-1617317898079.png





  2. You will be redirected to the “Pull Requests” page in your Azure DevOps project. Provide a title for your first pull request and then select “Create” .


  3. You can now proceed by (optionally) approving the pull request and by selecting “Complete” .


  4. Keep the default “Merge Type” settings as “Merge (no fast forward)” and select “Complete Merge”.


  5. After completing the pull request, it’s time to publish our changes to the Workspace and to generate and save the ARM templates in the publish branch (“workspace_publish”).


  6. Back to your Development Synapse Workpace, select the “master branch” and hit the “Publish” button.

    RuiCunha_1-1617318616699.png

     




You can validate that your new artifacts are available in the workspace by switching to Synapse Live mode:

RuiCunha_2-1617318725401.png


 


 


Step 4 : CI/CD – Azure DevOps


Now that you have your code in the Synapse Development Workspace ready to be deployed to a new target environment, it’s now time to prepare all the Azure DevOps configuration to automate this deployment.


 



  1. Navigate to your Azure DevOps project page and from the left-menu, under “Pipelines“, select “Library“. 


  2. Create two Variable Groups: one for UAT (UAT_Environment) and another one for PRD (PROD_Environment). During the configuration of these Variable Groups, add a new variable “Environment” and set the value as “uat” and “prd” respectively.  Apply your changes by selecting “Save“.


    RuiCunha_0-1617319584979.png





  3. The next step is to create a Release Pipeline. From the left-menu, under “Pipelines“, select “Releases” and then select “New Pipeline


  4. When prompted to “Select a template“, start with an “Empty Job” and then name the Stage 1 as “UAT

    RuiCunha_0-1617350107852.png





  5. Select “Variables” tab and then select the “Pipeline variables” blade. As an example, you are going to add these variables below to your release pipeline. These variables are using the newly created Variable Group variable $(Environment) as it will be necessary when overriding template parameters during the deploy of the release to the target environment. Hit the “Save” button to apply your changes 

    RuiCunha_1-1617351444778.png


  6. Now it’s time to add variable groups to our release pipeline. This is done by linking the Release Pipeline to the Variable Groups. In this case, you are going to link the new release pipeline to the “UAT_Environment” and “PROD_Environment” Variable Groups. Select the “Variable groups” tab.

    RuiCunha_0-1617350856886.png





  7. Hit the “Link variable group” button and select “UAT_Environment“. Under Variable group scope, select “Stages” and select the “UAT” stage. Select “Link” to apply your changes and then hit the “Save” action button to save your changes.

    Note: You will link the “PRD_Environment” Variable Group later, when configuring the PRD stage. Just skip it for now.


  8. Select the “Pipeline” tab and select “+ Add” to add an artifact to your Release Pipeline. Provide the following information and hit the “Add” to save your changes.


    RuiCunha_0-1617351402107.png





  9. To configure the “UAT” stage,  select the “Tasks” tab. You are going to add a new task to the “Agent job“. Hit the “+” button to add a new task and then search for “Synapse Workspace Deployment“. Click on the Synapse task and select “Add” to add this extension to your Agent job.


  10. Under the “Agent job” blade, click on the “Synapse deployment task” and provide the following configuration settings:

    Display Name: provide a name for your task
    Template: specify your Workspace ARM template. Hit the (…) action button to navigate to your Artifact folder and select the “TemplateForWorkspace.json” file
    RuiCunha_0-1617353132920.png




    Template parameters: repeat the same process as above, but now you have to select the “TemplateParametersForWorkspace.json” file

    Synapse workspace connection type: provide your subscription (some authorization to configure an Azure service connection might be necessary so if that’s the case, hit the “Authorize” button.

    Synapse workspace resource group: rg-cicddemo-$(Environment)

    Synapse workspace name: syn-cicddemo-workspace-$(Environment)

    OverrideParameters: Specify any ARM parameters that you want to override when deploying from source to target environment. In this example, we will override the workspace name, the key vault URI and the workspace storage account URl. The parameter names can be found in workspace_publish branch (“TemplateParametersForWorkspace.json”).


     


    RuiCunha_2-1617353717021.png

     


    RuiCunha_0-1617353906722.png

     


    Important Notes:
    $(workspacename) , $(keyvaulturl) and $(workspacestorage) : these are the Pipeline Variables you have creates in step 5.
    $(Environment) is the Variable Group variable that you have created in step 2.



    You don’t need to override the Blob Linked Service “LS_BLOB_properties_typeProperties_connectionString_secretName” parameter as the secret name “adls-blob-key” is the same for all environments (for example, it would be necessary to override this parameter if we had defined the secret name as adls-blob-key-dev for DEV, adls-blob-key-uat for UAT or adls-blob-key-prd for PROD).



  11. Once you have completed the task configuration, from the upper right corner, hit the “Save” button and select “Create Release” to initiate the release deployment into the UAT environment.


  12. Click on the “UAT” stage and then select “Create” to create your new release. After creating your release, select “View Releases” and you should now see your new release “Release-1” under the “Releases” tab ready to be deployed. Now you can click on the “UAT” stage name under “Stages” header attribute.

    RuiCunha_0-1617383836213.png


  13. Hit the “Deploy” button to start the deploy of your release

    RuiCunha_1-1617384143626.png


  14. Keep track of the deploy progress by selecting the “Logs” tab. When the deploy gets finished, you can also download the logs for troubleshooting purposes. The deploy of your first release to the UAT Synapse Workspace will probably result in a similar error like shown in these figures:

    RuiCunha_0-1617403280425.png

     


    Click on the error message above to expand the log window to get more details:

    RuiCunha_1-1617403314612.png

     



  15. Most likely this Authorization error is due to missing Synapse RBAC permissions in the target Synapse Workspace (UAT). You need to navigate to the UAT Synapse Workspace “Manage Hub“, select “Access Control” under “Security” and “+ Add” a role assignment to the Service Principal of Azure DevOps service.


  16. Select the “Synapse Artifact Publisher” role and then copy the Service Principal ID from the log error message and paste in the “Select user”. Make sure the Service principal is selected and then hit the “Apply” but to confirm your changes.

    Important Note: To avoid facing a similar error when deploying to the PROD environment, you can repeat these Role Assignment steps in the PROD Synapse Workspace.

    RuiCunha_2-1617403708969.png


Back to the Azure DevOps Release page, we can hit again the “Deploy” button to redeploy the release. Check the “Logs” tab to confirm that all the steps were succeeded.

RuiCunha_3-1617403785730.png


 


RuiCunha_4-1617403796249.png


 


Step 5 : Validate your deploy in UAT Synapse Workspace


Now that your first release was successful, we need to validate the deployment to the UAT Synapse Workspace. Follow these steps:
 



  1. Use the Azure Portal to navigate to the UAT Synapse Workspace


  2. From the left-menu, select the “Integrate Hub” and confirm the deploy of the newly created pipeline “p_cicd_demo


  3. Now select the “Manage Hub“, and confirm the deploy of the newly created Linked Services. Click on the Azure Key Vault Linked Service you will notice that the Base URL is now pointing to the UAT Key Vault address. Test your Linked Service connection to make sure everything is working as expected: you are connecting to the UAT Key Vault. 



RuiCunha_1-1617404268168.png


 





Step 6 : UAT Deploy Automation and Production release management


 


So far, you have successfully configured your DEV Synapse Workspace CI/CD integration and the manual release of your Synapse artifacts from the Development Environment to the UAT environment.


This step will help you automating the deploy of your Development features to the UAT environment and to have them manually approved and triggered to the final PROD environment:


 



  1. Navigate to your Azure DevOps Project, and from the left-menu, under “Pipelines“, select “Releases” and hit the “Edit” button to modify your “New release pipeline


  2.  Mouse over the UAT stage and hit the “Clone” icon to duplicate the UAT stage. 

    RuiCunha_0-1617405786805.png

     



  3. Click on the “Copy of UAT” stage and rename it to “PROD“. Click on the “1 job, 1 task” link on the “PROD” stage. 
    RuiCunha_0-1617406441207.png

     



  4. Select the “Variables” tab and then select “Variable groups“. It’s now time to link the PRD_Environment variable group to the PROD stage. Hit the “Link variable group” button and select the “PRD_Environment” variable group. Make sure you select “PROD” stage under “Variable Group scope” option. Hit the “Link” button to apply your changes. Verify that the scope of each variable group is correct. To adjust the scope of your Variable Groups you just need to mouse over the Variable Group name and click the “More Actions…” button to modify the scope (figure below).

    RuiCunha_0-1617527016084.png

     






  5. Select the “Pipeline” tab. You are going to setup the deployment automation from DEV to UAT by clicking on the Thunderbolt icon on the “DEV” artifact (figure below).


  6. Enable the “Continuous deployment trigger” and under “Branch filters” select the “workspace_publish” branch. By doing this, a release to the UAT environment will be triggered only if there is a Git push that contains one or more commits to this branch. Hit the “Save” button to save your changes.

    RuiCunha_0-1617527465219.png

     



     

  7. Now click the “Pre-deployment conditions” icon on the “PROD” stage. To control the release to Production , in this example you will setup the user(s) (release manager(s)) responsible for approving or rejecting the deployment of your new features from UAT to PROD.

    RuiCunha_2-1617407521211.png

     




Under “Pre-deployment approvals“, specify the user(s) responsible for approving or rejecting the release to PROD environment

RuiCunha_0-1617438557451.png


 


Close the “Pre-deployment conditions” form and select “Save” to apply your changes.

RuiCunha_2-1617438702831.png


 


 


Step 7: End-to-End validation of your CI/CD pipeline


 


Now that you have configured your new release pipeline to deploy your DEV artifacts into UAT and PRD, it’s now time to make a final test and see how things work from an end-to-end perspective. As an example, execute the following actions:


 



  1.   Open you DEV Synapse Workspace “syn-cicddemo-workspace-dev“,  and make sure you select your “new_feature” branch. Edit you Azure Key Vault Linked Service. Type something like “This text will automatically appear in UAT and in PRD if manually approved”  in the Linked Service description and save your changes.


  2.  Select the option to create a new pull request:

    RuiCunha_3-1617439516188.png

     


     

  3. Select “Create” to proceed with the creation of the pull request, and then hit the “Complete” button. When prompted to complete the pull request, keep the default settings and select “Complete merge“.


  4. After completing the Pull Request, you can go back to your DEV Synapse Workspace and select your “master” branch. Hit the “Publish” button to deploy your changes to the Dev Workspace and to publish the ARM templates to your workspace_publish branch. This will trigger your UAT “Release-2“. As you can see, under “Stages” the UAT blue icon represents that the stage is in progress and the PROD stage has not started.

    RuiCunha_1-1617527954401.png

     


    Once the UAT stage is completed, you will notice a blue icon in your PROD stage, and if you mouse over a tooltip will be displayed saying the release approval is pending.

    RuiCunha_2-1617528105682.png

     



       

  5. Hit the “PROD” button and then select “Approve“. A few seconds after your approval, the PROD stage will begin the release deployment to the Production Synapse Workspace. Wait a few seconds until you see both stage icons as successful:

    RuiCunha_0-1617528365489.png

     






  6. Now open the Production Synapse Workspace to confirm the deployment of Synapse Artifacts. Select the “Manage Hub” and under “External connections” select “Linked services“. Open the Linked Service to Azure Key Vault. You’ll notice the Linked Service Description as “This text will automatically appear in UAT and in PRD if manually approved” and you can test your Linked Service connection to the AKV url: “https://kv-cicddemo-prd.vault.azure.net/”.

    Congratulations, you have successfully deployed your Synapse artifacts from the Development environment to the UAT and PROD environments!

    RuiCunha_0-1617570437183.png