Thursday, July 28, 2016

How to handle SQL command timeouts in .NET code

If you're a .NET programmer you might be familiar with using SqlConnection and SqlCommand objects to perform database queries.

They might look something like this:



You might think the liberal use of 'using' statements disposes of all the resources that might still be lingering around after execution of this method completes. You might think that there are no 'leakages' happening here. This might be true in most cases however this blog post is going to pose a counter-example.

Consider the scenario where just before the process releases the "Exclusive (X) lock" it has on the resource it is INSERTing, the command timeout expires.

Now what happens?

The command timeout expiration event causes SQL execution to stop immediately for this process. The COMMIT command that follows implicitly from the INSERT statement above is never executed. A Senior Escalation Engineer at Microsoft, Bob Dorr, has the following to say about command timeouts:
At the time of the [command timeout] the transaction is not rolled back unless transaction abort (XACT_ABORT) has been enabled.  The client needs to submit a rollback.  If the client does not submit the rollback and continues other processing the transaction remains open and the behavior scope of the application becomes undefined.
What Bob Dorr is saying is that in the above code, MyInsertMethod1, fails to defensively handle the command timeout exception because it does not end the transaction if such an exception occurs. The transaction can be ended by a COMMIT or ROLLBACK. Furthermore, the side effects of this are not good. The transaction still holds onto any locks that it has, or in other words the transaction is still open and it will "leak".

To fix this, we should catch the command timeout exception and explicitly commit or rollback the transaction to close it properly.



"Stale" SQL transactions that are not closed properly can cause poor database performance. They can cause other transactions to block on any locks that they have, thus causing more command timeouts and the problem can snowball.

References




SET IMPLICIT_TRANSACTIONS - https://msdn.microsoft.com/en-us/library/ms187807.aspx

How it Works: Attention, Attention or Should I say Cancel the Query and Be Sure to Process Your Results - http://blogs.msdn.com/b/psssql/archive/2008/07/23/how-it-works-attention-attention-or-should-i-say-cancel-the-query-and-be-sure-to-process-your-results.aspx 

CommandTimeout - How to handle it properly? - http://blog.sqlxdetails.com/commandtimeout-how-to-handle-it-properly/

CommandTimeout - How to handle it properly? - code example - http://blog.sqlxdetails.com/commandtimeout-how-to-handle-it-properly-code-example/

How to Minimize SQL Server Blocking - http://www.sql-server-performance.com/2006/blocking/

Wednesday, June 22, 2016

How to store an e-mail to and from other users in your Inbox using EWS

A few weeks ago I was looking for a way to "spoof" an e-mail in my Inbox using EWS. The e-mail would be to and from users other than myself. Without going into too much detail, the reason for this was I wanted to use my Exchange Inbox as a place to store messages for a group of people, even if I wasn't a sender or recipient of the message, and I didn't want the users to receive these e-mails that I was storing.

I was unlucky then, but yesterday when researching another topic I found the answer in this Microsoft article, How to: Import items by using EWS in Exchange! I hope the wording in the blog post grabs people that are looking for the same thing that I was. I never would have found the above mentioned article from how I was searching in the first place.

The trick is setting a specific property on the EmailMessage that makes it not appear as a Draft before Saving it in my Inbox.


EmailMessage email = new EmailMessage(_ewsService);
// Indicate that this email is not a draft. Otherwise, the email
// will appear as a draft to clients.
ExtendedPropertyDefinition PR_MESSAGE_FLAGS_msgflag_read = new
     ExtendedPropertyDefinition(3591, MapiPropertyType.Integer);
email.SetExtendedProperty(PR_MESSAGE_FLAGS_msgflag_read, 1);
// Set To/From properties to whatever I like
email.From = new EmailAddress("santaclause@northpole.edu");
email.ToRecipients.Add(new
     EmailAddress("easterbunny@greenacres.com");
email.Body = new MessageBody(BodyType.Text, "Hey, need a hand hiding
     candy this year? -S.C.");
email.Save(WellKnownFolderName.Inbox);


What appears is an e-mail in my inbox from Santa Clause to the Easter Bunny. It looks like a normal e-mail not a Draft that I'm working on. The only odd thing (other than it's an e-mail in my Inbox and I'm not a recipient) is that it doesn't appear as an unread e-mail. It looks like an e-mail that I've already read by default.

References

Thursday, June 16, 2016

Developing OAuth with Skype Web SDK: admin pre-requisites

This blog post will cover the system-level steps an Office 365 administrator needs to do in order to "turn on" the Skype Web SDK functionality for code being written with OAuth authentication. Some of these steps may sound familiar if you've read the previous post "UCWA 2.0 and Skype for Business online: Create an Azure AD application". What you will need to accomplish this task is the Sign-on URL and Reply URL for the web application that will be using OAuth and Skype Web SDK. If you're unsure of either of these talk with the developer that will be configuring the web application.

Link Azure and Office 365 accounts together

This step is outside the scope of this article, but it is worth noting. This Microsoft reference "Set up your Office 365 and Azure AD tenant" provides more information.

Create an Azure AD application

To start, this step will be a modified version of the directions from Microsoft's page "Registering your application in Azure AD".  Follow the directions from both sections, register your application with Azure AD and configure your app for OAuth implicit grant flow.

After provisioning the application in step 6, be sure to configure the application's Reply URL. This step isn't mentioned in the Microsoft directions. Another modification is at step 9 under registering your application, select as many of the delegated permissions as desired. For example, the permission "Read and manage Skype for Business user contacts and groups" is required to add or edit contacts and groups in the buddy list. At step 10, do not configure your application to be multi-tenant if it doesn't need to be.

After the above steps are completed, some values from the configuration page should be stored for yourself and others. Any developer or application that will be using the Skype Web SDK will need to know the Client ID and have a Key. To generate a Key, select a duration and save the changes. The Key will appear once it is saved.

Tenant admin consent

Microsoft explains this section best, from their reference "Developing Web SDK applications for Skype for Business Online",
The Skype for Business Online permissions are tenant administrator consent only. For an app to be used by all users of an O365 tenant, a tenant administrator must provide consent. To provide consent for all users in the tenant, construct the following URL for your app as shown in the example below.
Note: update the Client ID and Reply URL (redirect URI) for your app.

https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token
    &client_id= ...
    &redirect_uri=https://app.contoso.com/
    &response_mode=form_post
    &resource=https://webdir.online.lync.com
    &prompt=admin_consent

After the admin grants consent for the tenant, Microsoft will attempt to redirect you to the Reply URL. If you enter the wrong Reply URL, after the admin gives consent a Microsoft error page will appear and in the tiny error message at the bottom it will say, the reply address 'your Reply URL' does not match the reply addresses configured for the application: your Client ID. If the web app is not running at that time, you will see a browser "ERR_CONNECTION_REFUSED" error.

References

https://blogs.msdn.microsoft.com/onenotedev/2015/04/30/set-up-your-office-365-and-azure-ad-tenant/#AssociateO365FromAzure

https://msdn.microsoft.com/en-us/library/office/mt592709(v=office.16).aspx

https://msdn.microsoft.com/en-us/skype/websdk/developwebsdkappsforsfbonline

Thursday, May 26, 2016

UCWA 2.0 and Skype for Business online: Authentication without a browser

Authentication without a browser

Many samples that demonstrate authenticating with UCWA 2.0 use the Office 365 log-in page in the web browser. However, it's also possible to write a C# console application that doesn't require opening a web browser for the user to authenticate. This requires create a native Azure AD application. This quote from the Microsoft article Authentication using Azure AD explains the difference:
"As part of registration, you specify whether your app is a Web application, such as an MVC or Web Forms solution, or a native app, such as a smart phone or other mobile device. Azure AD uses this information to generate resources your app will need to authenticate with Azure."
Once the native app is registered in Azure AD then its time to write the code that does the authentication dance with the UCWA and Skype for Business online servers, which goes something like this.

Authenticating with UCWA 2.0


  1. Make an auto-discovery request to the service endpoint to find the user's UCWA home pool
  2. Request an access token from the server location that the auto-discovery request provided
  3. Make an auto-discovery request with the new access token to the UCWA application resource
    1. Possibly make the above request again if a redirect or user resource is returned instead of an application URL. If the application URL isn't returned, replace the UCWA application resource from the above step with either the redirect resource or user resource.
  4. Once the application services root URL is obtained from the previous step, request an access token from that server
  5. With the new access token, send a POST request to the application resource URL to register your console app with the UCWA server.

There's a helpful StackOverflow post about the above flow, found here.

The trick to getting authentication to work with a headless client is that the username and password need to be available to the program to pass to the resource when requesting an access token, such as:

var ar = await authContext.AcquireTokenAsync(resourceUri, UcSettings.ApplicationId, new UserCredential(UcSettings.Username, UcSettings.Password));

References

https://msdn.microsoft.com/en-us/library/office/mt590891(v=office.16).aspx

http://stackoverflow.com/questions/36394676/sending-im-with-skype-for-business-online-from-console-app

Skype Web SDK

The latest developer API for Skype for Business is the Skype Web SDK. The Skype Web SDK provides a whole host of functions to interact with Skype for Business in Office 365. Unlike UCWA 2.0, the SDK feels more complete for Office 365 with abilities such as adding groups. Another difference is it is programmed in JavaScript!

The SDK doesn't need to be installed as it is hosted on a Skype site. All you need to do is add a <script/> tag in the HTML file, as follows:
<script src="https://swx.cdn.skype.com/shared/v/1.2.15/SkypeBootstrap.min.js"></script>
This is called bootstrapping the JavaScript libraries hosted at the Skype Web SDK entry point which happens to be swx.cdn.skype.com.

Like the Unified Communications Web API (UCWA) 2.0, that has been written about in previous blog posts, the Skype Web SDK authenticates users against Skype for Business on Office 365 servers through Azure Active Directory. The pre-requisite in both these cases is to have an Azure AD app configured to allow API access to the Skype for Business app. More information on how this works with Skype Web SDK can be found here, under "App Registration".

To learn more about what's supported in this developer platform or to inspect the matrix of features offered by the Skype Web SDK, check out this page under "Feature support matrix".

References


https://msdn.microsoft.com/EN-US/library/office/mt622687(v=office.16).aspx

https://msdn.microsoft.com/en-us/library/office/mt670739(v=office.16).aspx

Friday, May 20, 2016

UCWA 2.0 and Skype for Business online: Adding a contact

Authentication and Resources

While authentication using Azure AD and resources in UCWA 2.0 are not the topic of this post, they're necessary to get to the point of adding a contact to the Skype for Business contact list. I found this StackOverflow post very helpful, along with the Microsoft documentation. Also, understanding the nested formation of URL resources can be difficult, this Microsoft documentation is clarifying and can add some much needed visualization to the problem.

Adding a contact to the Skype for Business contact list

To add a new contact to the Skype for Business contact list with UCWA 2.0, a POST request will be made to the "people" resource myGroupMemberships. This path will look something like 
/ucwa/oauth/v1/applications/XXX/people/groupMemberships
This path should be appended to the end of the UCWA application resource URL, such as:
https://webpoolXXXX.infra.lync.com/ucwa/oauth/v1/applications/XXX/people/groupMemberships
The URI of the new contact will be passed as a parameter in this URL. So, if the contact's URI is sip:newContact@acme.com, it will look something like:
https://webpoolXXXX.infra.lync.com/ucwa/oauth/v1/applications/XXX/people/groupMemberships?contactUri=sip%3AnewContact%40acme.com

There is an option to create the new contact in a specific group by including the ID of the group the contact should be added to. This demonstration doesn't include the group ID, so the contact is added to the default group. In the test cases, this was the group "Other Contacts".

All requests to UCWA resources require a bearer token to be present in the authentication header. Also, because the myGroupMemberships resource that's being accessed is in UCWA version 2.0, this version needs to be specified in the POST request with the "X-MS-RequiresMinResourceVersion" header, such as
float version = 2.0F;
client.DefaultRequestHeaders.Add("X-MS-RequiresMinResourceVersion", version.ToString());
If this POST request is made to the correct application URL with the bearer token, and version header, the new contact should appear in the authenticated user's Skype for Business client almost immediately. In rare cases, it might be necessary to log-out and then back in to see the changes.

This MSDN forum post was very helpful for this blog.

References






UCWA 2.0 and Skype for Business online: Create an Azure AD application

UCWA 2.0

Unified Communications Web API (UCWA) 2.0 is the first officially supported API for Skype for Business online. If an application is looking to talk to Skype for Business on Office 365 this is the way to do it, albeit limited. UCWA 2.0 exposes some, but not all, interactions with Skype that may be desired. For example, groups are a read-only resource in this version. While it might be desired to create a new group in a Skype for Business contact list, this is not possible in UCWA 2.0.

Create an Azure AD application for Skype for Business online

These steps will outline how to create an Azure AD (AAD) application that exposes the Skype for Business online API. Follow the steps from both sections in these directions from Microsoft. Make the following modification. At step 9, under "Register your application with Azure AD", select as many of the Delegated permissions as desired. For example, the permission "Read and manage Skype for Business user cont..." is required to get the Skype for Business contacts and to add new contacts to the buddy list. If you're curious to learn more about the difference between Application and Delegated permissions read this page.

References


Thursday, May 12, 2016

Stay connected with your University with just a single click!

Instant Chime addresses the needs of a well-known University, providing them the power to connect with their students in a more efficient way. Chime has empowered their service desk so that students get the help they need faster, eliminating the frustration of waiting. Universities realize that students do not want to waste time searching for answers to issues that could be addressed in minutes. Instant Chime is a simple click-to-chat help desk resolution tool for the productive student.

The IT Computer Support Coordinator with the University using Chime recently stated, “We have been using Chime to support our student population in the library. Since the library has over 300 computers across three floors and we are located on the first floor, Chime has allowed us to provide click-to-chat support to students at various areas in the library. We use it to answer questions, or dispatch a technician to meet with the student. It allows the student to not have to pack everything up then walk over to see us.”

Screen Shot Below:



For more questions visit: http://www.addchime.com/

Monday, April 25, 2016

Creating Outages in Chime

In Chime, you're now able to create outages displaying them in both the web client and system/queue dashboards. You also have the ability to turn an outage into an alert.

Screenshots showing outages being used in Chime:

For more on outages visit: http://www.addchime.com/whats-new.html

Thursday, April 21, 2016

Instant Login Manager for Lync and Skype for Business

Instant Login Manager is a simple app that quickly lets you switch between your Lync and Skype for Business accounts without having to manually sign out of one and into another.
This is perfect for testing Lync accounts that are used by systems or switching between test and production accounts.
Add a new profile by entering your Lync or Skype for Business credentials. Then you can switch back and forth between your profiles at the touch of a button.
Instant Login Manager Screenshot


 Instant Login Manager Demo


Thursday, April 14, 2016

Enterprise IM Alerts

With our newest release of Instant Chime 2.4, we've added enterprise IM alert capabilities. This allows you to easily create and send messages to individuals, groups, or anyone in your organization. You can schedule these messages to deploy instantly, or at a later date and time of your choosing. You also now have the option to choose when the alerts will expire so users who are away don't get bombarded with obsolete communication when they get back. Instant Chime can turn Microsoft Lync® 2013 / Skype for Business® into a massive, instant contact tool to deliver critical information quickly and precisely to the people who need it across your organization.

Demo talking about how enterprise IM alerts work in Chime:

To make this easy, we built the Chime Alert Wizard. The wizard guides you through its simple, 3-step process. It also ensures that all required information is entered correctly, serving as a validation tool to prevent invalid or erroneous alerts from being created. 
3-step process with screenshots provided:
1) Alert Details:
  • Add an alert title
  • Enter the message you wish to be sent

2) Choose Recipients:
  • Search Active Directory for users or groups
  • Add federated users
  • For Chime click-to-chat customers, you can add all queue agents or managers with one click

3) Delivery Options:
  • You can have your alert sent immediately, or use the date picker to select a future time 
  • Choose a time for your alert to expire
  • Select the alert's priority (High priority alerts are delivered to recipients even with a status of 'Away' or 'Busy')
  • Finally, just click send!
For more information regarding enterprise IM alerts visit: http://www.addchime.com/alerts.html