Sap on oracle setup on Azure – Part1

by Contributed | Nov 27, 2020 | Azure, Microsoft, Technology

This article is contributed. See the original author and article here.

Overview

This document covers the step by step procedure to set up and configure SAP on Oracle ASM (Oracle Linux 8.2 /Oracle 19c) on Azure . As this setup involves a large number of steps, it is very easy to miss or misconfigure ,that may result in errors/issues ,which could be very cumbersome to resolve. Hence these steps are covered here in detail. Since we are talking about the Oracle ASM install, scope of this document is restricted to SAP DB instance install.

 High Level Process Flow :

1. Create VMs


2. Patch OS and pre-install


3. Create disks


4. Setup ASM


5. DB Install with SWPM


6. Oracle software installation


7. SBP Oracle DB instance


8. SBP Oracle Grid


9. Confirm patching successful + run Oracle Enterprise Manager

Deploy Linux VMs

via Azure portal

1. Create a Resource Group


2. Create a Virtual network


3. Use the Virtual Network create above


4. Create Virtual Machine 1 for App server . Virtual Machine 2 for ASCS server, Virtual Machine 3 for DB server .Use at least Oracle Linux 8.0 image from azure marketplace image gallery. In this example Oracle Linux 8.2 image is used.

via Azure CLI

     1. Login to Azure

        az login

2. Create a resource group

         az group create –name oraasmtestrg   –location <location>

3. Create a virtual machinesaz group create

App server

az vm create –resource-group oraasmtestrg  –name oraapp1 –image Oracle:Oracle-Linux:ol8_2-gen2:8.2.01 –size Standard_E4s_v3 –admin-username sapadmin –admin-password <password>  –location southeastasia –vnet-name oraasmtestvnet –subnet default

ASCS:

az vm create –resource-group oraasmtestrg  –name oraascs1 –image Oracle:Oracle-Linux:ol8_2-gen2:8.2.01 –size Standard_E4s_v3 –admin-username sapadmin –admin-password <password>  –location southeastasia –vnet-name oraasmtestvnet –subnet default

Database server:

az vm create –resource-group oraasmtestrg –name oradb7 –image Oracle:Oracle-Linux:ol8_2-gen2:8.2.01 –size Standard_E8s_v3 –admin-username sapadmin –admin-password <password> –data-disk-sizes-gb 512 512 512 512 –location southeastasia –os-disk-size-gb 128 –vnet-name oraasmtestvnet –subnet default

Jump server

az vm create –resource-group oradgsap-rg –name oradgjmp-vm –image win2016datacenter–size Standard_E2s_v3 –admin-username sapadmin –admin-password <password> –location < location> –vnet-name oraasmtestvnet –subnet default

It is a good practice to disable the public Ip Addresses of SAP VMs. You can access these VMs from Jump box via private Ip Addresses

OS configuration and pre-install

Resize OS disk 

The default provisioned size of OS disk on Linux Vm on azure is 30GB which is not sufficient for the Oracle install. As the OS selected is Oracle Linux 8.2 which has GPT partition in OS disk, follow the steps here https://docs.microsoft.com/en-us/azure/virtual-machines/linux/resize-os-disk-gpt-partition  to resize the OS Disk with GPT partition

Install ASM libraries 

 Refer Oracle ASMLib Downloads for Oracle Linux 8  For more information about installing Oracle ASM libraries.

• Login as root for install

sudo su –

•  Update the OS

 sudo yum update

• Download and install the Oracle Preinstallation RPM:

# yum -y install oracle-database-preinstall-19c

# rm oracle-database-preinstall-19c-1.0-1.el7.x86_64.rpm

• Install Oracle ASM libraries

yum list | grep oracleasm

• Verify that Oracle ASM is installed:

rpm -qa |grep oracleasm

• This should result in following output

oracleasm-support-2.1.12-1.el8.x86_64

oracleasmlib-2.0.17-1.el8.x86_64

• Verify users and groups were created correctly:

id oracle

• This should result in following output similar to the following:

id=54321(oracle) gid=54321(oinstall) groups=54321(oinstall),54334(asmdba),54322(dba),54323(oper),54324(backupdba),54325(dgdba),54326(kmdba),54330(racdba),54331(sapinst),54332(asmoper),54333(asmadmin)

Setup Oracle ASM

• Create a folder for user oracle and change the owner:

mkdir /oracle

chown oracle:oinstall /oracle

• Setting up the Oracle ASM library driver involves defining the default user (oracle) and default group (oinstall) as well as configuring the drive to start on boot (choose y) and to scan for disks on boot (choose y). You need to answer the prompts from the following command:

# oracleasm configure -i

• The output of this command should look similar to the following, with prompts to be answered:

• View the disk configuration:

cat /proc/partitions

• Enter the following command to load the oracleasm kernel module

# oracleasm init

• Verify the Oracle ASM status:


• 
  

  oracleasm status

  
  


• Format disk /dev/sda, /dev/sdb, /dev/sdc, /dev/sdd  by running the following commands      

   fdisk /dev/sda

   fdisk /dev/sdb

   fdisk /dev/sdc

   fdisk /dev/sdd

• Answer the prompts from the above fdisk commands with:

n for new partition

p for primary partition

1 to select the first partition

press enter for the default first cylinder

press enter for the default last cylinder

press w to write the changes to the partition table

• Create Oracle ASM disks:

oracleasm createdisk DATA_DISK_01 /dev/sda1

oracleasm createdisk DATA_DISK_02 /dev/sdb1

oracleasm createdisk ARCH_DISK_01 /dev/sdc1

oracleasm createdisk RECO_DISK_01 /dev/sdd1

• List Oracle ASM disks:

oracleasm listdisks

• Change the passwords for the root and oracle users:

passwd oracle

passwd root

• Change the directory permissions:

chmod -R 775 /oracle

chown grid:oinstall /oracle

chown oracle:oinstall /dev/sda1

chown oracle:oinstall /dev/sdb1

chown oracle:oinstall /dev/sdc1

chown oracle:oinstall /dev/sdd1

chmod 600 /dev/sda1

chmod 600 /dev/sdb1

chmod 600 /dev/sdc1

chmod 600 /dev/sdf1

DB Instance Install(SWPM)

Before we begin the DB instance install , mount the sapmnt (NFS share) directory which must have been created during the ASCS instance setup.

• Install NFS libraries
             sudo yum -y install nfs-utils

• Create sapmnt directory and mount remote NFS file system
              mkdir /sapmnt
              mount <<ip of NFS server>>:/sapmnt  /sapmnt


• Every host running the SAP installer requires the presence of the C shell command language interpreter as documented a. here. Verify the existence of the /bin/csh script file. When not existing install using following command:
              yum install csh


• Verify that the /bin/csh script file exists using the following command:
              ls -al /bin/csh


• Start the SAP SWPM installer and select the appropriate options:
  Software Provisioning Manager 1.0 SP 29 –> SAP NetWeaver 7.5 –> Oracle à Application Server ABAP–> Distributed System –> Database Instance


• Specify the profile directory

• 
  

   Specify the DBSID and select the ‘Single Instance on Oracle ASM 

  
  


•  

• You may see this error – “Supported Linux distributions for SAP Products…” .This can be safely ignored


• Select 19 as Oracle server and client versions.

• Select ‘Remove database and recreate’ 

• Enter ORACLE_HOME and ORACLE_SID  for GRID and select “Oracle Grid Software not installed”

• Select the Number of parallel jobs based on the CPU cores. The default number is 3               

•  SWPM stops for the installation of Oracle software

 Oracle Grid Install 

• Download the following from SAP portal as documented in SAP Note 509314
  
  
  
  • Oracle Grid installer for Oracle 19
  
  
  • Oracle 19 Software (64-bit)
  
  
  • Latest Oracle Patches 19.0.0.0 
  
  
  
  

An empty folder /oracle/stage/19 is created by SWPM installer. We downloaded the grid and oracle rdbms installer into this folder

• Run the grid installer setup .Login as oracle and unzip the grid installer:
        cd /oracle/stage/19/grid_home
        unzip -q linuxx64_12201_grid_home.zip


• Run the grid installer setup .This would launch Oracle Grid Infrastructure Setup Wizard
        ./gridSetup.shCurrently we have a known issue with Oracle 8.2 install.The Oracle Installer fails with error INS-08101:


• Currently we have a known issue with Oracle 8.2 install.The Oracle Installer fails with error INS-08101:

The work around to resolve this is:
⦁ Set the OS parameter in your terminal to a previous version and re-start the Oracle Universal Installer.
export CV_ASSUME_DISTID=OEL7.8

• Enter the Disk group name for DATA, select the disk path of Data disks and set the discovery path (e.g. ‘dev/oracleasm/disks/):
         


• Specify the password for ASM user accounts (SYS and SNMP)

• Select name of operating system group,which you want to use for system authentication to Oracle ASM

• Select the path for Oracle base

• Select Oracle inventory directory path

• If you choose to run the configuration scripts automatically , specify the ‘root’ user credentials

• Verify the settings and click Next to finish

We have just configured/created  data group named ‘DATA’  .. To configure other disk groups (ARCH and RECO) , we use ASM Configuration Assistant tool.

• To start ASMCA, enter asmca at a command prompt inside the Oracle Grid Infrastructure home.
         cd $ORACLE_HOME/bin
           ./asmca

Oracle DB Installation:

SAP Bundle Patches

Download following SBP patches(19.8) for Oracle RDBMS and GRID, and follow the instructions from respective readme files :

Oracle Database SAP Bundle Patch

•  Following files were downloaded to the database host for Oracle DB SAP Bundle Patch:

SAP19P_2008-70004508.ZIP (this SBP)

GIRU19P_2008-70004508.ZIP (DBRU 19.8.0.0.200714)

OPATCH19P_2008-70004508.ZIP (OPatch 12.2.0.1.21)

•     Follow the instructions in ‘readme’ file (README19P_2008-70004508.HTM ) and install the      SAP Bundle Patch. Main command to install this Patch is:

          env ORACLE_HOME=$IHRDBMS $IHRDBMS/MOPatch/mopatch.sh -v -s SAP19P_2008- 70004508.ZIP

        Oracle Database SAP Bundle Patch for Grid Infrastructure

Downloaded the following files for  SAP Bundle Patch for Grid Infrastructure:

SGR19P_2008-70004550.ZIP (this SBP)

GIRU19P_2008-70004550.ZIP (GIRU 19.8.0.0.200714)

OPATCH19P_2008-70004550.ZIP (OPatch 12.2.0.1.21)

Follow the instructions in the ‘readme’ file(README19P_2008-70004550.HTM) and Install the patches of the SAP Bundle Patch into the grid home. Main command to install this Patch is:

                   env ORACLE_HOME=$OHGRID $OHGRID/MOPatch/mopatch.sh -v -s SGR19P_2008-70004550.ZIP

Continue/complete the DB Instance install (SWPM)

•  SWPM was stopped/paused for the installation of Oracle software . Now that Oracle software(RDBMS, Grid ) and SAP Bundle Patches are installed, we can click ‘Next’ to continue with the installation.

• This completes the Installation of Oracle DB instance with ASM.

• You may verify by running the ASM instance .

• You can verify the setup by running the Oracle Enterprise manager

              https://mydbhost.example.com:5500/em/

for example: 

https://oradb.internal.cloudapp.net:5500/em/

When prompted for your username and password, log in as a user with DBA privilege (such as SYS or SYSTEM)

References (SAP Notes and relevant documents/papers)

• SAP Community WIKI:

1. (https://wiki.scn.sap.com/wiki/display/HOME/SAPonLinuxNotes) has all required SAP Notes for Linux.


2. https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=448467009 describes how to use Oracle Automatic Storage Management (ASM) with your SAP system.

• Azure Virtual Machines planning and implementation for SAP on Linux


• Azure Virtual Machines deployment for SAP on Linux


• Azure Virtual Machines DBMS deployment for SAP on Linux

Are your IaaS DC's Secured in Azure ?

by Contributed | Nov 26, 2020 | Azure, Microsoft, Technology

This article is contributed. See the original author and article here.

Hi Everyone,

Zoheb here again with my colleague Tim Beasley. Today, we will be sharing some best practices to help ensure that your VMs (virtual machines) (including Domain Controllers) are secure in your Azure/Cloud environment.

I would like to start this blog with an African Proverb “If you want to go fast, go alone. If you want to go far go together.”

This proverb is one of the principals we refer to internally at Microsoft (#OneMicrosoft). It helps us utilize the synergy to build / leverage great ideas from other Microsoft employees across the globe.

This proverb sums it up perfectly of what occurred during the creation of this blog post. There were multiple contributors (Tristan Kington, Akhlesh Sharma, Pierre Audonnet and Shobhit Garg) who also helped provide details and additional information in hopes of benefiting our customers.

The Initial Problem I found myself facing – I forgot my Administrator Password!

While working in my lab environment in Azure, I sometimes forget what the Administrator password is (This rarely happens. Am I right? :p). Considering this is an important environment I needed to regain access to, I started thinking about different ways of retrieving my password.

Initially, I tried guessing what password was using a few random ones. However, this did not work (I have Azure AD Password Protection configured in my lab to help protect against known passwords :smiling_face_with_smiling_eyes:). I then tried the VM Password Reset option, but that only works for members of the local Administrators group.

Suddenly, I had an epiphany! I remembered the Extensions setting that is available for VMs running in Azure where you can execute scripts running under the System Context.

To achieve this, I located and selected the Azure Virtual Machine I was targeting and clicked on Extensions which is located under Settings. Here is where I will upload and execute a Custom Script Extension as shown below:

 Figure 1. Click on Extensions.

 Figure 2. Select Custom Script Extension.

 Figure 3. Browse for the custom PowerShell script you wish to upload.

 Figure 4. Select Upload to upload your custom PowerShell script.

As you can see below, I uploaded the testreset.ps1 PowerShell script (to be added as a custom script extension) and ran it on the virtual machine in my lab environment. The PowerShell script uses the native Command Prompt utility Net.exe. In this example, we used Net User to reset the password for an Administrator account named zdcadm using DontKeepe@syPassw0rd$ as the password.

Net User zdcadm DontKeepe@syPassw0rd$

 Figure 5. Custom PowerShell script was uploaded.

After the extension was applied and executed against the VM, it successfully reset the password for my Administrator account (zdcadm), which allowed me to regain access to that VM.

We managed to achieve this because Azure VM Agent is installed by default on any Windows VM deployed from an Azure Marketplace image. When you deploy an Azure Marketplace image from the portal, PowerShell, Command Line Interface, or an Azure Resource Manager template, the Azure VM Agent is also installed.

Though I was happy that this allowed me to log back into the VM, it also started to concern me. So, I started thinking about how this could potentially affect our customers and whether they are protecting their environment from such risks where Privilege escalation can be gained by Azure operators to domain admin (and by extension, domain admin on-prem).

We found similar concerns that were raised / discussed for our traditional infrastructure (Hypervisors) where we provide broad guidance on how to secure them. You can learn more about this by reading the Virtualizing Domain Controllers using Hyper-V Microsoft article.

Why should you be concerned?

You as an organization who have DC’s in Azure or cloud you should check who has access to them in Azure & is the access to Subscription controlled well.

Do you have any Azure Operators who could do Privilege Escalation to become a Domain Admin?

Remember when you let someone else administer a lower layer than your own, you are implicitly trusting that person equivalently to yourself.

The 10 Immutable Laws of Security are applicable everywhere.

Increasingly we see permissions being mis managed in many organization and Identity team is not always managing subscriptions, this can lead to some loose permissions on your resources if left unmonitored/checked.

How can you check who has access to your Domain Controllers or Azure Resources ?

There are many ways you could see who has access to resources, I am listing one of the easier ways where you can get full information from a single dashboard.

Use the Azure Continuous Cloud Optimization dashboard, this can show the Azure RBAC (role-based access control) permissions from all the subscriptions a given Azure account has access to. You will be able to identify the roles applied to all Azure resources and if the subscriptions have custom roles. You can filter the information by:

• Tenant


• Subscription


• Object type


• User

The Solution to this little dilemma:

This made us think about the “Level of Protection” we should recommend to our customers that have important VMs (e.g. Domain Controllers) running in Azure. After several internal discussions along with reviewing publicly available Microsoft documentation, we decided that the following recommendations below will add an extra layer of protection to help secure your Azure IaaS VMs / environment (Not all, but heavy hitters)

1. Force MFA (Azure Multi-Factor Authentication) for Admins with access to Domain Controllers (no matter where they are at – on-premises and cloud) whenever they are accessing Azure Portal.
   
   
   
   1. This will ensure that access to Azure Portal has at least two factor Authentication.
   
   
   2. Use this policy for all the users who have access to Azure Subscription where DC’s are hosted.
      
      
   
   
   
   


2. Use Conditional access policies to define Admins location, Trusted machines to access Azure Portal for Domain Controller Subscriptions.
   
   
   
   1. You can further control the access to the Azure Portal/Subscription by using Conditional Access.
   
   
   2. You could define Trusted location, Trusted devices and many such parameters.
   
   
   3. This will help reduce the access to Domain Controllers.
      
      
   
   
   
   


3. Limit Highly privileged users and use RBAC permissions to allow access to only specific people to DC’s.
   
   
   
   1. This is probably the most crucial point of all, you need to review who has permission to do such an activity and if they really need this.
   
   
   2. You could review this using CCO dashboard.
   
   
   3. Alternatively you could navigate to Azure Portal and look for “Access Control”
   
   
   4. Check for important Role Assignments like “Contributors, Owners etc.
   
   
   5. Review these users on a regular basis
      
      
   
   
   
   


4. Where possible, use a Different Subscription for Domain Controllers or Tier 0 systems.
   
   
   
   1. Effective subscription design helps organizations establish a structure to organize and manage assets in Azure during cloud adoption.
   
   
   2. When possible use a dedicated subscription for all your Tier 0 assets
      
      
   
   
   
   


5. PIM (Azure Active Directory Privileged Identity Management) for elevation to Domain Controller VM Access and follow just enough Administration (Least Privilege principal)
   
   
   
   1. Setup appropriate permissions to the “Azure Resource” through PIM.
   
   
   2. Define Eligible Assignments
   
   
   3. This will ensure that only users who are eligible get access to Domain Controllers in Azure
   
   
   4. Follow Just Enough Administration and least privilege model
      
      
   
   
   
   


6. Use Azure ADDS (Active Directory Domain Services) when possible.
   
   
   
   1. When you create an Azure AD DS managed domain, you define a unique namespace.
   
   
   2. Two Windows Server domain controllers (DCs) are then deployed into your selected Azure region. This deployment of DCs is known as a replica set.
   
   
   3. You do not need to manage, configure, or update these DCs. The Azure platform handles the DCs as part of the managed domain, including backups.
   
   
   4. Since this is managed there is reduced risk also for this
      
      
   
   
   
   


7. Using PAW(Privileged Access Workstations) to access Azure portal
   
   
   
   1. Secured, isolated workstations are critically important for the security of sensitive roles like administrators, developers, and critical service operators.
   
   
   2. Use highly secured user workstations and/or Azure Bastion for administrative tasks for Azure.
   
   
   3. The secured workstations can be centrally managed to enforce secured configuration, including strong authentication, software and hardware baselines, and restricted logical and network access.
   
   
   4. Using conditional access allow only approved machines to have access to Azure portal.
   
   
   5. Alternatively manage these machines through hardened GPO’s & Intune
   
   
   
   

Hope this helps,

Tim & Zoheb

Azure Marketplace new offers – Volume 97

by Contributed | Nov 25, 2020 | Azure, Microsoft, Technology

This article is contributed. See the original author and article here.

We continue to expand the Azure Marketplace ecosystem. For this volume, 81 new offers successfully met the onboarding criteria and went live. See details of the new offers below:

Applications 7 Days to Die – Game Server on Ubuntu 18.04 LTS: Tidal Media offers this pre-configured image of 7 Days to Die game server on Ubuntu 18.04 LTS. 7 Days to Die is an open-world, voxel-based game that combines first-person shooter, survival horror, tower defense, and role-playing games. 7 Days to Die – Game Server on Windows Server 2016: Tidal Media offers this pre-configured image of 7 Days to Die game server on Windows Server 2016. 7 Days to Die is an open-world, voxel-based game that combines first-person shooter, survival horror, tower defense, and role-playing games. AgendaWeb TotalPack: AgendaWeb TotalPack is a cloud-based appointment scheduling solution that enables businesses to manage appointments for their branch locations online. Customers can enter contact information, select a branch, and choose from available dates and times. AIR Blob Explorer: Archive, Index, Retrieve: AIR Blob Explorer is designed to simplify the management of assets on Azure Blob storage. With a customizable skills pipeline, you can enrich the metadata associated with your assets, surfacing documents, videos, and assets that were previously unsearchable. Almentor.net B2B Offer: Almentor FZCO’s Almentor.net offers an online, video-based learning library in Arabic for professional service development. Different subscription and pricing models are available. arabot chatbot for Enterprise: arabot is an AI-powered chatbot from arabot Company LTD that supports English and numerous Arabic dialects. Support conversational experiences between always-on chatbots and your customers via web, mobile, messaging, or voice. Arma 3 – Combat Game Server on Windows Server 2016: Tidal Media offers this pre-configured image of Arma 3 game server on Windows Server 2016. Arma 3 is a massive military sandbox game featuring standalone and multiplayer content, 20 vehicles, 40 weapons, and numerous opportunities for content creation. Aruba ClearPass Policy Manager (CPPM): ClearPass Policy Manager (CPPM) from Aruba Networks provides secure network access control for corporate, guest, bring-your-own-device (BYOD), and IoT devices. Devices on networks can be secured when making wired, wireless, or VPN connections. Astroneer Game Server for Windows Server 2016: Tidal Media offers this pre-configured image of Astroneer game server on Windows Server 2016. Astroneer is set during the 25th century, when players explore outer space, risk their lives in harsh environments, and unearth rare discoveries. Astute Agent: Astute Agent is a consumer engagement CRM designed for consumer relations and customer care teams. Astute Agent’s features include integrated knowledge management, reputation management, workflow automation, and more. Automated Engineered SAP Landscape as Service: Vnomic provides automated, engineered SAP landscape deployments and governance as a service on Microsoft Azure. The end-to-end solution addresses enterprises’ needs with zero touch as they move to SAP HANA and SAP S4HANA. AvidXchange AP Automation: AvidXchange AP and payment automation solution for Microsoft Dynamics GP helps organizations eliminate inefficient, paper-based processes and easily pay their bills. AvidXchange provides bill-capture services, automated workflows, and bill approval from PC or mobile device. Azure Remote Access Management (ARAM): NET BRINEL SA’s Azure Remote Access Management (ARAM) is a cloud-based for secure remote management and support of customers through Azure virtual machines. Beehive – Task Automation Server on Ubuntu 18.04: Tidal Media offers this pre-configured image of Beehive on Ubuntu 18.04. Beehive is an event and agent system that allows you to create agents that perform automated tasks triggered by events and filters. Beehive interfaces with social media platforms, email, RSS, and more. Bindez Social Listening: Bindez Insights monitors and analyzes Facebook pages, producing sentiment analytics about your brand directly and in relation to your industry. This service is available in English and Burmese. CONTROL ACCESS WITH RAPID EMPLOYEE SCREENING: IT Convergence’s CARES (Control Access With Rapid Employee Screening) is an AI-powered solution that processes images from thermal cameras, scanning visitors and detecting their temperature variations without identifying individuals. CARES ensures safety compliance and supports advanced analytics. CorLife: CorLife provides screening, goal setting, education, and targeted coaching to help employees adopt healthy habits. CorLife exists to transform employee mental and physical health. Counter-Strike 1.6 Game Server on Ubuntu 18.04 LTS: Tidal Media offers this pre-configured image of Counter-Strike 1.6 game server on Ubuntu 18.04 LTS. Counter-Strike is a first-person shooter where two teams must fight each other to achieve a set objective. CrunchYard Gluster Cluster – Scalable Data Storage: CrunchYard’s Gluster provides a high-performance data cluster that is ideal for clients with high I/O throughput needs. Built on Microsoft Azure, Gluster creates large, distributed storage solutions suitable for engineering, financial, big data, and other uses. DayZ – Hardcore Game Server on Windows Server 2016: Tidal Media offers this pre-configured image of DayZ game server on Windows Server 2016. DayZ is an open-world survival game with survival mechanics, including hunting, crafting, building, health preservation, and resource management. Document management system – Enovatio Workflow: Enovatio Workflow is an Azure-based document management system designed for companies that strive to optimize business processes and improve workflows, regardless of industry. This product is available in English, German, and Polish. Don’t Starve Together – Game Server on Ubuntu: Tidal Media offers this pre-configured image of Don’t Starve Together game server on Ubuntu. Don’t Starve Together is a multiplayer wilderness survival game, where you gather resources to craft items and structures that match your survival style. DroneInch Drone Automation Platform: DroneInch’s automation software enables companies to plan, operate, analyze, and collaborate together on global drone missions. DroneInch integrates with Azure FarmBeats, enabling customers to view data collected from drones inside the FarmBeats IoT platform. dunnhumby Shop: dunnhumby London’s Shop empowers you to make confident, data-led decisions that improve customer experience and grow sales. Shop provides on-demand access to an array of customer insights relevant to both retailers and brand owners. ECommerce AI by Delvify: Delvify APAC’s ECommerce AI can increase revenues and deliver improved customer experiences using AI-powered visual technology for product recognition, discovery, and personalized recommendations to your customers. EcoStruxure IT Advisor: EcoStruxure IT Advisor is a datacenter infrastructure planning and modeling solution for large enterprises and colocation datacenters. This cloud-based solution provides datacenter managers with thorough insights into their infrastructure to improve profitability, efficiency, and availability. Enersight by Aucerna: Aucerna’s Enersight is a cloud-ready, comprehensive, integrated system for late-stage asset development and operational planning. Enersight was built to help asset level planners, engineers and economists make the right decisions with accurate data and defensible field development models. Excel integration for Jira Server/Data Center: Unlike Jira’s built-in export features, Midori’s Excel for Jira provides native Microsoft Excel exports, spreadsheet reports, and business intelligence for Jira. Improve your internal business processes with seamless Jira data export to Excel. Flogo – Event Processing System on Ubuntu 18.04: Tidal Media offers this pre-configured image of Flogo on Ubuntu 18.04. Flogo is a resource-efficient, Go-based ecosystem for building event-driven apps that enables developers to build once, consume from anywhere, and process using any of the supported actions. FME Server (Distributed Deployment, Windows): FME Server is a web-server application that automates data integration workflows by using the power of FME Desktop. FME is a data integration platform with support for spatial data and integration with over 450 systems. Fun Quick View: Fun Quick Watch is an AI-powered app that helps physical retail stores attract new customers with gamification centered on the customer experience. This app is available only in Chinese. Garry’s Mod Game Server on Windows Server 2016: Tidal Media offers this pre-configured image of Garry’s Mod (GMod) server on Windows Server 2016. GMod is a physics sandbox with no predefined goals. You spawn objects and weld them together to create your own contraptions. gcc-office-addin: Garden City Consultants’ gcc-office-addin SaaS provides the centralized and integrated services to enable GCC Office Add-ins for the online versions of Microsoft Excel and Microsoft Word. GCC Office Add-ins add data visualization options in Excel and productivity tools in Word. Ghost Nodes – Smart Integration of Everything: Gateway Host (GHOST) Nodes is a hybrid and distributed platform with centralized device management and edge intelligence. GHOST Nodes embeds advanced analytics services at endpoints, allowing you to deliver distributed digital services. Huginn – Workflow-Automation Server on Ubuntu: Tidal Media offers this pre-configured image of Huginn on Ubuntu. Huginn is a system for building agents that perform automated tasks for you online, such as reading web pages, watching for events, and taking actions on your behalf. IITC VLearn: IITC VLearn is a customizable, web-based learning management system (LMS) based on the Moodle open-source platform. This Azure-based system integrates with Microsoft Teams and provides a highly functional, secure, flexible, and interoperable digital learning solution. Intel Edge Software Hub: The Intel Edge Software Hub is a one-stop resource that allows developers to find software and tools that make it easier to develop, test, deploy, and maintain solutions at the edge. The solution provides tools and deployment-ready software packages that are pre-tested and pre-validated. Intelligence Platform – Integra Comex: Integra Comex provides information on how to operate in foreign trade, whether in the form of exports, imports, or cargo management. This solution consolidates data and speeds databases updates. This app is available only in Portuguese. Ipro: Ipro Enterprise is an e-discovery platform designed for large, complex, and early data assessments. IPro Enterprise lets your team quickly connect and assess live data without moving it, report, and stream relevant documents directly into review. Jedox for Dynamics 365 Finance & Operations: Jedox enables collaborative planning, budgeting, and forecasting in Microsoft Dynamics 365 by unifying core CRM and ERP processes. Jedox integrates FP&A processes, automates planning, creates continuous augmented forecasts, and more. Katana XR: Katana XR is a cloud-based mixed reality solution for the industrial sector. Katana XR gives project teams the ability to quickly and easily create mixed reality workflows and guides without requiring knowledge of coding. Lead Validation and Scoring for US and Canada: DOTS Lead Validation from Services Objects Inc. is a real-time API service that corrects and appends contact records and provides an actionable lead quality score. The service integrates with Microsoft Dynamics and Microsoft Azure. Left 4 Dead 2 – Game Server on Windows Server 2016: Tidal Media offers this pre-configured image of Left 4 Dead 2 game server on Windows Server 2016. Left 4 Dead 2 is a first-person survival horror game in which four survivors fight their way through levels filled with infected creatures. Mamoru Biz: Mamoru Biz is a business concierge tool that reduces anonymous tasks related to people, goods, and money, such as searching for people at free addresses, cash management in offices, and asset management. This app is available only in Japanese. Minerva Threat Prevention Platform: Minerva Labs LTD’s threat-prevention platform provides a zero-touch preemptive endpoint to defend against modern cyberthreats, such as file-less attacks, scripts, ransomware, malicious document macros, and more. Minerva blocks attacks before infection. Moneythor Data-Driven Banking: The Moneythor solution provides a set of software APIs enabling banks and fintechs to offer improved functionality and experience to their retail and business customers. Moneythor is powered by real-time data, machine learning, and behavioral science techniques. Network File System Server on Windows Server 2016: Tidal Media offers this pre-configured image of Network File System (NFS) service on Windows Server 2016. NFS is a protocol that allows you to share directories and files with Windows and non-Windows clients in a network. Network Monitoring: NeMo is a cloud-based monitoring solution for electricity networks. This Azure-based solution lets you manage conditions and maintenance at distribution grid stations, perform day-to-day forecasting of network quality, and more. This app is available in English and German. NFS Storage File Server on Windows Server 2019: Tidal Media offers this pre-configured image of Network File System (NFS) service on Windows Server 2019. NFS is a protocol that allows you to share directories and files with Windows and non-Windows clients in a network. NuWave Teams Direct Routing Voice: iPilot, an automated portal form NuWave Communications Inc., lets you quickly provision always-on calling plans and related carrier services for Microsoft Teams using shared public switched telephone networks (PSTNs). powercloud | A cloud native billing and CRM SaaS: powercloud GmbH offers a cloud-native, open-source SaaS solution customized for infrastructure and utility companies. powercloud takes care of the meter-to-cash value chain, including billing, regulatory processes, product management, meter data management, debt collection, and accounting. Praelexis Credit: Praelexis Credit offers a streamlined and integrated solution for the end-to-end credit modeling process. The toolkit’s flexibility allows state-of-the-art machine learning techniques to be combined with traditional credit modeling techniques. Prime Foray CSP: Prime Foray’s cloud service provider offering on Microsoft Azure Lighthouse is structured specifically for ISVs of all sizes from startups to public companies. Prime Foray will manage your Azure environment securely and safely, providing round-the-clock support. process.science Process Mining: process.science for Power BI is an add-in for Microsoft Power BI that lets you see your company from new perspectives. This app from process.science GmbH & Co. KG provides an overview of your processes by analyzing your organization’s process events compared with your targets. QuayChain: QuayChain is a digital marketplace for the marine fuel industry. The platform provides buyers, suppliers, and traders an easy, intuitive application for procuring and paying for marine fuel in a global market. Rendezvous desk booking and hoteling software: Rendezvous Workspace Desk Booking from NFS Technology Group makes desk booking an easy and safe process. The mobile app floorplan module makes it easy to select and book desks. This software integrates with Microsoft Outlook and a range of wayfinding and desk panel solutions. Rendezvous Meeting Room Booking Software: Rendezvous Workspace Meeting Booking from NFS Technology Group improves management of meeting room bookings. The software integrates with Microsoft Outlook, Office 365, and Microsoft Exchange and includes mobile and web-based apps. School Affairs Research Analysis Solution (IR Solution): Use these dashboards for Microsoft Power BI to get valuable insights into schools based on data from multiple public sources, including the Ministry of Education’s open data. The dashboard analyzes school enrollment, retirements, and available funds. This app is available in Chinese. SCONE platform for Azure confidential computing: SCONE is a solution platform that supports confidential, cloud-native applications and multi-party confidential computing. Built on Microsoft Azure, SCONE protects your applications including code and data during transmission, at rest, and during computation. SkypetoTeams by Cyclotron: SkypetoTeams.io by Cyclotron Inc. provides a full toolkit to migrate your enterprise from Skype for Business to Microsoft Teams. Features include templatized inputs, support for MFA and non-MFA authentication, and more. SPA: SPA is a document data utilization solution that enables document data conversion and document management automation by using AI-powered OCR. This app is available only in Japanese. Squid Proxy Server with Webmin GUI on Ubuntu 18.04: Tidal Media offers this pre-configured image with Squid proxy server with Webmin GUI on Ubuntu 18.04. Squid speeds up services by caching requests for web, DNS, and other computer traffic for a group of people on a shared network. Swim Continuum SaaS: Swim Continuum is an enterprise-grade platform for building and running continuous intelligence applications at scale. Providing performance and agility under high loads, Swim Continuum efficiently operationalizes high-frequency data analytics on massive amounts of streaming and batch data. SySearch AI Based Search for Healthcare: SySearch is a fully managed cloud search service with built-in AI capabilities that enrich health information to easily identify and explore healthcare data at scale. With SySearch, you can spend more time innovating and less time designing, maintaining, and querying a complex search solution. Team Fortress 2 Game Server on Ubuntu 18.04 LTS: Tidal Media offers this pre-configured image with Team Fortress 2 game server on Ubuntu 18.04. Team Fortress 2 is a multiplayer, first-person shooter video game with support for up to 32 players. Team Fortress 2 Game Server on Windows Server 2016: Tidal Media offers this pre-configured image with Team Fortress 2 game server on Windows Server 2016. Team Fortress 2 is a multiplayer, first-person shooter video game with support for up to 32 players. Tenjin for Enterprise: Tenjin for Enterprise enables virtual assistant creation in a few clicks and deploys the assistant in minutes. Using AI-driven conversational interactions, Tenjin streamlines access to common business services like knowledge, resetting passwords, and escalating support requests. Terraria – Adventure Sandbox Game Server on Ubuntu: Tidal Media offers this pre-configured image with Terraria game server on Ubuntu. Terraria is a sandbox game featuring action and adventure driven by the players choices and creativity. The server can be used for standalone or multiplayer gameplay. TIG: TIG is a next-generation video technology developed by Paronimu Co. Ltd. that allows you to obtain information about an object in a video simply by tapping the object on your smartphone screen. This app is available only in Japanese. Unturned – Adventure Sandbox Game Server on Ubuntu: Tidal Media offers this pre-configured image with Unturned game server on Ubuntu. Unturned is a multiplayer sandbox game in the apocalypse survival genre, in which players must work with friends and forge alliances to survive zombies. Wootric CX | NPS, CSAT and CES surveys: Wootric Customer Experience Management platform helps cloud-based companies increase retention, prioritize product improvements, and engage brand advocates. Wootric analytics and reporting use machine learning to deliver insights from high volumes of feedback. Consulting services AI discovery workshop (4h): If you are curious what type of benefits AI and advanced analytics can bring to your organization, join Unit8 SA for this exploration of AI in consideration of your industry. Unit8 will introduce you to AI services available on Microsoft Azure and help launch your AI journey. App Modernization – 2 week Implementation: Arinco has developed an application modernization accelerator service targeted at organizations that are focused on modernizing their application infrastructure and their developer experience on Azure App Services and Azure DevOps. Apps Modernization Plan: 1WK Assessment: Modernize your apps and realize the benefits of Microsoft Azure with this offering from vNEXT PTY LTD. The vNEXT App Modernization Plan will help you innovate faster, improve reliability, and keep pace with the agility of today’s modern applications. Citrix on Azure WVD: 1 Week Proof of Concept: Sayers experts will guide you through a proof of concept built to satisfy your business requirements and demonstrate the benefits of combining Citrix Virtual Apps and Desktops with Windows Virtual Desktop on Microsoft Azure. Computer Vision on Azure: 2-mths Proof of Concept: SEMANTIVE sp. z o. o. will validate your computer vision use case by building a working prototype deployed to Azure Machine Learning and will provide you with recommendations and a roadmap for next steps. Half-day free workshop on Azure Synapse Analytics: In this free workshop, Softcrylic LLC will help you understand how Azure Synapse Analytics can accelerate the responsiveness of your business by providing a secure, scalable environment for your data to support big data, analytics, business intelligence, and data science. ​ Horizon Cloud on Azure: 3-week Implementation: World Wide Technology (WWT) offers quick-start engagements for customers who want to provide desktops as a service (DaaS) by deploying VMWare Horizon Cloud on Microsoft Azure. WWT experts can demonstrate pre-built integration labs to speed customer evaluation. ISV App Migration – 10 days implementation: Sela Group will assess your on-premises and cloud environments for deployment of your application to the Microsoft Azure Marketplace. Sela will analyze your current situation, provide insights during migration, and support your team during implementation. Offer – QBot Implementation: QBot is an AI-powered program that answers student queries through a conversational chatbot. Integrated with Microsoft Teams, QBot provides a personalized learning experience and collaboration among students and teachers. Portiva Cybersecurity Maturity Assessment: Portiva will provide insight into how you can improve the cloud security of your organization. This assessment will identity cybersecurity risks based on your organization and industrial sector, then classify the risks based on impact and likelihood. This offer is available only in Dutch.