{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 手持菜刀,她持情操 的问题《Windows Azure Active Directory Backup/Restore [clo》','https://www.manongdao.com/q-1356187.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am looking for a way to backup/restore Windows Azure Active Directory to protect against user error. I recognize the robust nature of Azure and am not concerned with infrastructure failure and the like.
What I am concerned with is protection from a fat finger mistake caused by a member of the DevOps team. For example: an authorized member of the DevOps team is assigned the task of deleting an obsolete Role. However, by accident he deletes the wrong role which contains a complex set of rules.
I need a mechanism to backup the WAAD data so that when the above example occurs, I can take the most recent backup copy and restore the WAAD data back to an acceptable state as it existed prior to the incident. Has anyone come across this scenario? Are there existing API calls that I am missing? Or should I be thinking outside the box here?
相关问题
- running headless chrome in an microsoft azure web
- Docker task in Azure devops won't accept "$(pw
- Register MicroServices in Azure Active Directory (
- Removing VHD's from Azure Resource Manager aft
- Cannot use the Knowledge academic API
相关文章
- SQL Azure Reset autoincrement
- How to cast Azure DocumentDB Document class to my
- Can't get azure web role to run locally using
- Azure WebApp - Unable to auto-detect the runtime s
- How to change region for Azure WebSite
- Azure webjob vs cloud service
- Azure data transfer Identity Column Seed Jumped by
- Download Azure web app?
Microsoft really fell down on this on - third parties do have tools. Basically, they totally ignore issues like creeping corruption, APTs, failures in provisioning,etc.
The goal of Azure is to make it impossible to move away from the Microsoft's overpriced cloud hosting and to block third parties from providing an alternative technology lock in ...
That said, design your architecture to NOT use Azure as an authoritative store and then provision into Azure as a downstream. Front end all Azure services with on-prem shims that can failover to Azure if the on-prem fails - the downstream savings will be huge.
This would be a great area for community developed software. However, beware of Microsoft's blocking any useful development in this space by deprecating components of the sync or locking out third parties. Ultimately, someone big is going to get their AAD wiped out and then something will be done to fix this...
There are PowerShell mechanisms to piecewise backup components, and one could literally run a client side query to maintain a synchronized copy of the state. Some third parties have implemented backup tools, I will look at these to see how functional and complete they are.
The main issue is synchronization of passwords without incurring client licenses.
You could consider using some of the Windows Azure Active Directory PowerShell Cmdlets to save your configuration. The various Get- Cmdlets (see http://technet.microsoft.com/en-us/library/jj151815.aspx) should allow you to save all your configuration settings, users, roles, etc.