I currently use a on premise Microsoft Remote desktop services (session based) to host a few apps and allow users access via RemoteApp.
I'm having to maintain this farm of servers that's becoming more and more cumbersome. Is it possible to use any container platform (AWS, Azure, Kube) to host this layer? Like a bunch of Windows servers with the remote app enabled and just point users there? Each use would use up a container and then tear it down (I prefer it to be single use - so any data stored by the user is destroyed) - and I won't need to worry about patching or managing each of these windows servers individually.
Related
We have a WinForms desktop app that connects to a remote server to pull some data. The remote server hosts a web service on a standard IIS website that queries a SQL Server database installed on the same machine. Today, if the remote server is under maintenance or not available our end-user cannot retrieve the necessary data.
Now I am requested to make this feature fault-tolerant. Here are my questions:
Should I ask for another remote server that runs the same web service and move the DB to a third remote server? So the two web services can connect to the same DB?
Should I consider moving the web service logic to the WinForms desktop app and connect directly to a remote DB paying a first-class 99.99% availability service?
Do AWS or Azure provide a ready-to-use solution that fulfills my requirements?
Is there any other option I didn't consider?
I am creating simple application where I need get and fetch data to DB. As I find out from Xamarin app is standard using of HTTP request to DB instead of directly connect to DB.
I create Azure SQL DB, I create application with connection to this DB. But I cant really find out how it now should works.
There is no many tutorials or they are not fully described.
I read this one https://learn.microsoft.com/en-us/azure/app-service-mobile/app-service-mobile-xamarin-forms-get-started#download-and-run-the-xamarinforms-solution
I find many references on this one but it seems out of date. Everybody recommended download the project from section
Run the Xamarin.Forms solution
On the settings blade for your Mobile App, click Quickstart (under Deployment) > Xamarin.Forms. Under step 3, click Create a new app if it's not already selected. Next click the Download button.
Under this tab I have only references to next tutorials but not any to Project Download. (screenshot below)
https://imgur.com/THCdUE1
Can you give me some advice if I do something wrong? Or link to updated tutorials? I am little desperate from this
Many Thanks
Azure SQL is not an HTTP/s service-- it runs proprietary SQL Server protocol on port 1433, just like on-premise versions of SQL Server.
If you are trying to connect directly to SQL Server from a Xamarin App, you are almost certainly making a mistake. Doing so would require providing credentials to your Xamarin app that can connect directly to your database, which opens your database up for a malicious user to do pretty much whatever they want to. The reason this kind of 2-tier application is dangerous is because the Xamarin app runs on an untrusted device (your user's mobile device), and a malicious user can intercept any data that your application has in memory, including your database credentials. They can then use those credentials to gain access to your database. Unless you were to use unique database credentials for each user (very impractical) and setup very stringent security roles in SQL Server, it'd be impossible to keep a malicious user from accessing the database for all of your other users (which is very, very bad). The other problem is that many networks block traffic on port 1433, or only allow access via an HTTPS proxy server, so your application would not function on many networks if it tried to connect directly to SQL.
This is the answer to your question, but please don't do this:
If you are certain that you have taken care of the security correctly, you should be able to install the System.Data.SqlClient nuget package and use that to communicate with SQL Server as you would with any .NET application. Here's a code example from Microsoft.
This is my opinion on what you should do instead:
The correct way for most Xamarin applications to communicate with Azure SQL database would be via an intermediary application server.
If your application access data specific to a user, should have per-user credentials in it (username and password that get exchanged for an authorization token when the user logs in is a common technique). The Xamarin app would then use HTTPS to make requests to your application server using those user credentials. The application server would validate the user credentials (authenticate that they are legitimate and authorize the data being requested based on who the user is) and make requests to Azure SQL.
If your application only access public data anonymously, then you can make unauthenticated requests to your application server which will blindly request that data from Azure SQL and return it to your client (though it would also return the same data to any attacker on the internet, so be sure if you use this approach you intend all data served to be public to the world).
In both cases, your application server would be the only piece that communicates with Azure SQL. For a .NET application this would typically be done via System.Data.SqlClient or perhaps indirectly through an ORM like Entity Framreworks. The advantage to this 3-tier approach is that the untrusted client tier does not have unrestricted access to your database tier. Only the middle application server tier has the credentials for SQL Server, and it is trusted and runs in a secure environment (a server you manage, not an end-user's mobile device). This means that an attacker cannot intercept the database credentials and misuse them. It also means that your application only requires HTTPS data access to function, so your application will work on almost any network.
This is probably not the answer you are looking for, since it involves authoring an entire application server that has to be hosted by you (Azure App Service would be my recommendation, if you are already using Azure SQL). It also requires you to implement an API on the server, and then write an API client for your Xamarin application. This is no small amount of work.
I have a somewhat unique(though probably not) situation. I have users that access a 3rd party application over a network share. This application connects to an Oracle database. The problem is, we have Production, QA, Test, and Dev databases and separate shares/applications for each, but the application doesn't care what database it connects to. So I have users launching the Test application for testing and they log into the Production database. This causes major issues.
Is there any way to restrict what database they log into by network share?
I tried using TNSNames on each server that houses each version of the application and that works great...if they are running it on the server, but since all users have Oracle installed on their local machines and they run the application from a network share, their Oracle takes over and allows them to connect to any database (using LDAP).
I have hosted a webapp in azure cloud.
My MS sql database is in rackspace which only allows a selected ip to access.
I can add more IPs to allow access to the rackspace database.
Which IP address of the Azure webapp should I add in rackspace?
Is it the customDomain's IP address or something else.
There isn't just one - check out this doc - basically Azure Web Apps run in a server farm that's managed by Microsoft. Unless you use an ASE (app service environment) you can't change this. There are a couple of ways you can do what you're trying to do - either
1 - connect over the internet by opening up the ports on your rackspace VM - this will work, but opens you up to the possibility of a network layer attack from any app that someone hosts in Azure. (so you're relying on authentication rather than network level protection).
2 - use a hybrid connection - this is an app service feature that allows you to download a gateway exe app that runs in your VM in rackspace, and then connects to the app service and creates a secure tunnel to it. Hence, its outbound from your rackspace DC, you don't need to change firewall settings. You can read about it and download the app from the azure portal (in app services). You then configure the connection in your azure web app just as if the rackspace VM was on the same network. (eg. you can use "localhost" if the gateway exe is running on the sql server). This is the approach I'd recommend if you can't move your SQL estate to Azure SQL and hence locate it alongside your web apps.
Is it possible to have a WCF service that is running on Windows Azure communicate with a local / on-premises SQL Server database?
Alternative options we're considering are:
Push the 4 SQL Server databases that the WCF service needs to gather and process data from up to a Azure VM
Create 4 SQL Azure "clones" of the local / on-prem SQL Server databases and use the data sync feature to keep the Azure clones in sync with the local data.
Ideally, we'd like to be able to expose the on-premises database (via the VPN) to the service and hit each of the databases directly.
Yes, you can make outbound connections from any Azure hosted service, whether running in web sites, cloud services or virtual machines. If you need traffic going through a VPN, you'll need to use cloud services or virtual machines, since web sites can't be added to a virtual network.
Actually, an easier solution would be to host your WCF service internally and expose the service via an Azure Service Bus Relay. The service bus relay supports multiple authentication types for securing the service and no VPN is required. There is a good walk-thru here - .NET On-Premises/Cloud Hybrid Application Using Service Bus Relay. We have successfully used this technique to expose several services to third-party vendors.
you can set up Site-to-site VPN as shown in this resource - Step-By-Step: Create a Site-to-Site VPN between your network and Azure
I would think of SQL Data Sync for scheduler times and that too for small amounts of data (at least not in millions)