Tag Archives: azure

.net, development, microsoft, professional

Hands on: SQL Server 2014 with data files in Azure Blob Storage

2 Comments

One intriguing new feature in Micrsosoft’s SQL Server 2014 is the ability to create or attach databases whose files are in Azure blog storage. This sounds like something that would not work at all well: why would you want a database engine to mount files located hundreds or thousands of miles away? However, the feature is apparently baked deeply into SQL Server, according to this white paper (which is essential reading if you want to know more):

SQL Server 2014 integration with Windows Azure blob storage occurs at a deep level, directly into the SQL Server Storage Engine; SQL Server Data Files in Windows Azure is more than a simple adapter mechanism built on top of an existing software layer.

· The Manager Layer includes a new component called XFCB Credential Manager, which manages the security credentials necessary to access the Windows Azure blob containers and provides the necessary security interface; secrets are maintained encrypted and secured in the SQL Server built-in security repository in the master system database.

· The File Control Layer contains a new object called XFCB, which is the Windows Azure extension to the file control block (FCB) used to manage I/O against each single SQL Server data or log file on the NTFS file system; it implements all the APIs that are required for I/O against Windows Azure blob storage.

· At the Storage Layer, the SQL Server I/O Manager is now able to natively generate REST API calls to Windows Azure blob storage with minimal overhead and great efficiency; in addition, this component can generate information about performance counters and extended events (xEvents).

It also seems that the main target usage is SQL Server running on Azure VMs in the same region as the blog storage, removing latency concerns, though the wording of the explanation is curious, implying almost that on-premise connection is supported but should not be:

Although it is theoretically possible and officially supported, using an on-premises SQL Server 2014 installation and database files in Windows Azure blob storage is not recommended due to high network latency, which would hurt performance; for this reason, the main target scenario for this white paper is SQL Server 2014 installed in Windows Azure Virtual Machines (IaaS). This scenario provides immediate benefits for performance, data movement and portability, data virtualization, high availability and disaster recovery, and scalability limits.

If you use blob storage in this way on an Azure VM, then I/O goes through the Virtual Network Driver, whereas an Azure data disk uses the Virtual Disk Driver. This nicety may be the main reason to consider the feature.

I tried both scenarios: on-premise and from an Azure VM. I had some difficulty getting started, despite this seemingly exhaustive tutorial. I followed it, I thought, to the letter, but got either the error:

Unable to open the physical file "https://myaccount.blob.core.windows.net/sqldata/azuredb.mdf". Operating system error 86: "86(The specified network password is not correct.)".

or else

CREATE FILE encountered operating system error 1117(The request could not be performed because of an I/O device error.) while attempting to open or create the physical file https://myaccount.blob.core.windows.net/sqldata/azuredb.mdf

The problem turned out to relate to the Shared Access Signature required. The supposedly exhaustive tutorial merely refers you to the CloudBlobContainer.GetSharedAccessSignature method in the Azure SDK and offers an incomplete code snippet. I wrote C# code for this and was able to generate a Shared Access Signature but it did not work (see above). I found myself in the depths of the Azure SDK, wondering if I should use version 2.1 or 3.0, and whether I should use Microsoft.WindowsAzure.StorageClient.CloudBlobClient or Microsoft.WindowsAzure.Storage.Blob.CloudBlobClient. The tutorial is also not clear about exactly which part of the Shared Access Signature you should store in the SQL Server Credential Manager; it is a multipart string separated by ampersands.

I have still not fully worked it out, but discovered the very helpful Azure Storage Explorer on CodePlex. If you follow the instructions in the white paper referenced above, and use the Azure Storage Explorer to generate the Shared Access Signature, then it works. The project is open source, so with a little effort it should be possible to find and document the exact requirements.

image

I tried creating and using a database from my on-premise SQL Server 2014 and I find the performance remarkably good, considering. There is no doubt some smart caching going on under the covers. Selecting 1000 rows from a table took 11 seconds the first time, and was instant the second time. It seems to me viable, on my brief look, though I am not sure why you would want to do this. However it is a good demonstration of how cloud and on-premise are coming ever-closer.

image

Running from an Azure VM in the same region is a different case, though I would suggest detailed and intensive testing before going into production.

cloud computing, development, internet, microsoft, professional, software development

Microsoft CEO Satya Nadella introduces Microsoft Office for iPad, talks up Azure Active Directory and Office 365 development

New Microsoft CEO Satya Nadella has announced Office for iPad at an event in San Francisco. Office General Manager Julie White gave a demo of Word, Excel and Powerpoint on Apple’s tablet.

image

White made a point of the fidelity of Office documents in Microsoft’s app, as opposed to third party viewers.

image

Excel looks good with a special numeric input tool.

image

Office will be available immediately – well, from 11.00 Pacific Time today – and will be free for viewing, but require an Office 365 subscription for editing. I am not clear yet how that works out for someone who wants full Office for iPad, but does not want to use Office 365; perhaps they will have to create an account just for that purpose.

There was also a focus on Office 365 single sign-on from any device. This is Azure Active Directory, which has several key characteristics:

1. It is used by every Office 365 account.

2. It can be synchronised and/or federated with Active Directory on-premise. Active Directory handles identity and authentication for a large proportion of businesses, small and large, so this is a big deal.

3. Developers can write apps that use Azure Active Directory for authentication. These can be integrated with SharePoint in Office 365, or hosted on Azure as a separate web destination.

While this is not new, it seems to me significant since new cloud applications can integrate seamlessly with the directory already used by the business.

Microsoft already has some support for this in Visual Studio and elsewhere – check out Cloud Business Apps, for example – but it could do more to surface this and make it easy for developers. Nadella talked about SDK support for iOS and other devices.

Microsoft hardly mentioned Android at the event, even though it has a larger market share than iOS. That may be because of the iPad’s popularity in the enterprise, or does it show reluctance to support the platform of a bitter competitor?

Microsoft is late with Office for iPad; it should perhaps have done this two years ago, but was held back by wanting to keep Office as an exclusive for Windows tablets like Surface, as well as arguments with Apple over whether it should share subscription income (I do not know how that has been resolved).

There was also a brief introduction to the Enterprise Mobility Suite, which builds on existing products including Azure Active Directory, InTune (for device management) and Azure Rights Management to form a complete mobility management suite.

Nadella made a confident performance, Office for iPad looks good.

What is coming up at Build, Microsoft’s developer conference next week? Nadella said that we will hear about innovations in Windows, among other things. Following the difficulties Microsoft has had in marketing Windows 8, this will be watched with interest.

.net, microsoft, sql

SQL Server 2014 is done: Hekaton, Azure integration

Microsoft has released SQL Server 2014 to manufacturing (an odd phrase in these diskless days) but which signifies that it is code complete for the initial release. General availability is April 1st.

What do you do if hardware trends enable you to stuff vast amounts of RAM into your server, along with many CPU cores? The answer is that you optimize applications to work mostly in RAM, with disk important as a persistence layer. This contrasts to the approach when you have large amounts of disk space and little RAM, when you focus on loading only as much data into memory as you absolutely need.

The implications for a database server are profound. Instead of a logic that goes something like “read from disk, do something, write to disk” you can address the data directly; it is just a memory pointer.

Now combine that with stored procedures compiled to native code. Performance leaps up, and by much more than you get simply by caching data in RAM, or using fast SSD storage, but still using the old disk-based approach in the database engine.

This is the reasoning behind “Hekaton”, properly known as In-Memory OLTP (online transaction processing), which is a new in-memory database engine that comes with SQL Server 2014.

It is fully integrated. You just have to add a filegroup to a a SQL Server database with the keyword CONTAINS MEMORY_OPTIMIZED_DATA and then create a table with the keyword WITH (MEMORY_OPTIMIZED=ON). And for the stored procedures, use WITH NATIVE_COMPILATION.

The speed-up is as great as you would expect. I have seen demonstrations of 30x or more performance increases, like this one in a demo based on one from the SQL Pass conference, but which I did for myself in one of Microsoft’s “Hands On Labs”:

image

In another demo, on an Azure VM, I got a speed up of 7x. Only seven times faster! Still, hard to complain about those sorts of numbers.

Unfortunately, in-memory OLTP is spoilt by some rather severe limitations in this release. The first problem is that a combination of the need to support native compilation of stored procedures, and other limitations, means that only a subset of T-SQL (the query and management language of SQL Server) is supported. You can see the list of what is not supported here; and it is depressing reading, with lots of keywords that you likely do use at the moment; even IDENTITY is on the list of what does not work.

Another issue is that the ability of In-Memory OLTP to take advantage of hardware is not as extensive as you might hope. Lead program manager Kevin Liu told me at a recent press workshop that the team recommends restricting total data size to 256GB, and that the recommended number of CPU sockets is two. You can get servers today with much more memory and more sockets. It gets complicated though: in a multi-socket server memory has processor affinity and there is a thing called NUMA (Non-Uniform Nemory Access) that describes the way memory is shared between processors.

According to Liu, Microsoft expects to lift these limitations in future releases, as well as improving T-SQL support, but things like this remind you that it is a version one release.

What else is in SQL Server 2014? There is some neat Azure integration, including a managed backup tool that is almost one click to have your data backed up to Azure storage; a brilliant facility for small businesses. You can also use Azure for high availability, creating always-on replicas in Azure VMs.

Data warehouse users will like the new clustered columnstore indexes, which allow you do use a column-oriented table structure for much faster processing of typical report and analysis queries. Columnstore indexes first appeared in SQL Server 2012 but were not updateable. Now they are.

SQL Server is well liked, licensing hassles aside; and even on licensing, Microsoft can always point at Oracle and claim, rightly, to be cheaper and less complex. It has earned a reputation for solid performance. SQL Server 2014 looks as good as ever, even if the management tools now look rather dated – the shell for SQL Server Management Studio uses an old version of Visual Studio, which is one of the reasons. I also suspect the SQL Server team lacks a dialog designer, but doubt that the average database admin cares one jot.

That said, it is difficult to describe this as a must-have upgrade, unless you can make good use of “Hekaton” in-memory OLTP. The porting effort will be worth it presuming you can get it to work. One of the good fits for the technology is managing web app session data, or, as in the example above, rapid processing to display recommendations or customisations on a web site.

I can imaging though that many users will look at Hekaton and decide that it is too much work or too immature for immediate use. What is left for them, apart from some nice Azure integration?

Not a huge amount, it seems to me, making this to my mind a transitional release.

Are you planning to upgrade? I would be interested to know your reasons why or why not.

blogging, linux, microsoft, php, Web

Running WordPress on Windows Azure

I am investigating hosting this site on Windows Azure, partly as a learning exercise, and possibly to enable easier scaling.

I discovered that any web site short of Standard is worthless other than for experimentation and prototyping. I set up a Small Standard Web Site (£48 per month). But what database? I recalled that you can run WordPress with SQL Server and tried using a 1GB SQL Server Web Edition hosted on Azure (£6.35 per month).

In order to use this, I used the Brandoo WordPress configuration which is set up for SQL Server. I later discovered that it uses the WP Db Abstraction plug-in which according to its home page has not been updated for two years. The installation worked, but some plug-ins reported database errors. I imported some posts and found that search was not working; all searches failed with nothing found.

My conclusion is that running WordPress with SQL Server is unwise unless you have no choice. I looked for another solution.

Azure has a Web Site template which uses WordPress and a MySQL database hosted by ClearDB. I would rather not involve another hosting company, so considered other options. One is to run a VM on Azure and to install MySQL on it. If you are doing that, you might as well put WordPress on the same VM at least until the traffic justifies scaling out. So I have created a new Medium Linux VM – two virtual cores, 3.5GB RAM – at £57 per month, with Ubuntu, and installed the LAMP stack and WordPress on that. The cost is similar to the Windows/SQL Server setup, but the VM is a higher specification, since a Small Web Site is 1 virtual core and 1.75GB RAM. You also get full access to the VM, as opposed to the limited access that a Web Site offers. The installation is a bit more effort but performance is better and it looks like this might work.

image

microsoft, mobile, samsung

Samsung evolving KNOX into complete mobile device management solution

Samsung introduced KNOX at the 2013 Mobile World Congress (MWC). It is a secure app and data container for Samsung mobiles, backed by hardware, enabling businesses to run apps that are isolated from a user’s personal apps (which might include badly behaved or even malicious apps). Data is encrypted so that business secrets are safe if the device goes astray.

The core of Knox is a hardware process called TIMA (Trustzone Integrity Measurement). This checks for tampering in the core operating system (trusted boot) and sets a tamper bit if it detects a problem. The tamper bit cannot be set in software alone.

image

A device with KNOX activated can be flipped between personal and business (KNOX) personalities. It is like having two smartphones in one. Whether this is a desirable approach is up for debate, but it does secure business apps and data.

image

We did not hear much about KNOX after last year’s MWC. It was released a few months later, but snags included limited device support (only the latest Samsung devices), the need to prepare apps with a special KNOX wrapper before they could be used, and the need to hire a Samsung partner like Centrify to provide administration tools.

All that has changed following last night’s announcement of the next generation of KNOX. Highlights:

Most apps can now be installed in KNOX without any special wrapper

You can use a third-party container such as Good, Fixmo Safezone, or MobileIron AppConnect in place of the KNOX container, but still using KNOX hardware protection.

Two factor authentication (for example requiring a fingerprint swipe as well as a password to access a KNOX container)

KNOX supports Microsoft’s workplace join (a kind of lightweight domain join) for secure access to Microsoft network resources.

Samsung has introduced a cloud-based Mobile Device Management (MDM) tool called KNOX EMM (Enterprise Mobility Management). This runs on Microsoft’s Azure platform and integrates with Azure Active Directory (which can itself link to on-premise Active Directory) so that small businesses on Office 365, or large businesses which prefer a cloud tool, can manage both Knox and other devices. EMM is primarily aimed at SMEs but apparently can scale up without limit.

EMM will also support non-Samsung devices.

EMM includes an app marketplace allowing businesses to purchase and deploy apps. The example we were shown was the Box cloud storage service.

image

Availability is promised for the second quarter of 2014.

.net, azure, cloud computing, microsoft, sharepoint

New features in Windows Azure, including web site backup, .NET mobile services

Microsoft has announced new features in Windows Azure, its cloud platform, described by VP Scott Guthrie on his blog.

Aside: I agree with this comment to his post:

Thank you Scott for update. I wish dozens of MS folks and MS representatives would have a clue about Azure roadmap to help businesses plan their release schedules / migration plans. Till that happens, this blog will remain the main source of updates and a hint of roadmap.

The changes are significant. ExpressRoute offers connectivity to Azure without going through the public internet. Currently you have to use an Equinix datacentre, Level 3 cloud connect, or an AT&T MPLS (Multiprotocol Label Switching) VPN. For enterprises that can meet the requirements and who are wary about data passing through the internet, or who want better connectivity, it is an interesting option.

Next up is backup and restore for Azure web sites. Azure web sites are a way of deploying web applications, ranging from free to multi-instance with automatic scaling. You need at least a Standard site for serious use, as I explained here.

Now you can set up scheduled backup for both the web site and a supporting database. The feature is in preview but you can try it now using the Azure web management portal.

image

I noticed a couple of things. One is that the storage account used must be in the same subscription as the web site. I also spotted this warning:

image

which states that “frequent backups can increase you database costs by up to 100%”. Still, it is a handy feature.

Azure mobile services, designed to supply data to mobile apps, has been extended to support .NET code (previously you had to use Javascript). If you download the code, notes Guthrie, you find that it is  “simply an ASP.NET Web API project with additional Mobile Service NuGet packages included.”

Mobile Services also have new support for notification hubs and for PhoneGap (a way of building mobile apps using HTML and JavaScript).

Another feature that caught my eye is easy linking of third-party apps to Azure Active Directory (which is also used by Office 365). For example, if you are struggling with SharePoint and its poor clients for Windows, iOS and Android, you might consider using Dropbox for business instead. Now you can integrate Dropbox for Business with your Office 365 user directory by selecting  it from the Azure management portal.

image

azure, microsoft

A closer look at Azure web sites: beware suspension

I am investigating moving this site to Windows Azure. The major benefit would be scalability. Currently it runs on a Linux VM which works very well, but in the event of a major spike in traffic (which is always possible with a news/comment site) it cannot scale.

Windows Azure web sites have nice scalability features. You can add and remove instances, or set up autoscaling based on a schedule or by CPU usage.

Unfortunately this does not come cheap. For autoscaling, you need a Standard web site, which starts at around £35 per month (1 core, 1.75GB RAM) for a Small instance, if you buy a 6 month plan.

Backtracking a little, Azure offers three levels of web site:

  • Free: Shared hosting, 1GB storage, 165MB per day outbound transfer
  • Shared: Shared hosting, 1GB storage, 5GB per day outbound transfer, up to 6 instances. In preview but currently around £7.00 per month per instance
  • Standard: Dedicated hosting, starts at £48 per month pay as you go, £35 per month 6 month plan.

For a quick test, I set up Brandoo WordPress from the Azure app gallery. Brandoo WordPress uses SQL Server rather than MySQL. MySQL on Azure is only available from a third party, ClearDB, which puts me off using it, unless you go a different route and use your own Windows or Linux VM to run it, losing the scalability benefit.

I started with a free web site. I have used free web sites in the past to prototype .NET applications, for which purpose they are excellent. The experience with WordPress was not so good. The site seemed to hang during the WordPress install wizard. My second go was successful, but the site was slow even just navigating the dashboard. Hopeless for any serious use beyond prototyping.

I converted the site to Shared hosting. The price is modest, and I wondered if the ability to scale manually up to 6 instances when needed might be sufficient. The performance improved markedly, compared to the free version. However I noticed these odd metrics in the dashboard: CPU time and Memory Usage, with notes like “Resets in 5 hours” or “Resets in 33 minutes”.

image

In particular, I noted that I had used nearly half of my allocated “Memory usage” just installing an empty WordPress site.

I am not familiar with measuring memory usage per hour and I am not even sure what it means. However, it seems that the consequences of exceeding either the CPU or the memory limit is extreme. The web site is suspended. See for example here:

Something strange happened today. My website on windowsAzure was suspended and inaccessible because my site had exceeded the CPU quotum. I am running the website in shared mode, but I had removed all quota. So why is my website suspended, I thought I would pay for the extra usage, not that my website would be suspended. What is happening here? And what should I do to prevent this from happening again?

See also Jonas Gauffin’s post Azure Failed Me (which has a more positive conclusion than you might expect from the title):

Today I were going to search my blog (http://blog.gauffin.org) about how to do a (almost) a generic type constraint for enums. But instead I got this screen: This site is currently not available. The scary thing is that I’ve got no notification what so ever about my site being down. So I browsed to the manage web site part of Azure and was greeted by the following screen: Suspended. As you see the CPU time has been consumed.

The same problem, I am guessing, hit this user, who has a tutorial on setting up a WordPress blog to Azure, but says at the end not to use it:

Also, even after perfect configuration of the website, Windows Azure was still showing some problems like this “This site is currently not available…” what a joke, the site is in cloud – global cloud – and not available, so when will?

though he apparently did not identify the reason.

It does not seem to me unreasonable that the free option suspends your site; it is free after all. The shared site is low-budget, but still paid for, and it seems to me that the problem of suspension should be spelt out more clearly. If you read:

A web site running in Shared mode benefits from high availability even with a single instance, but you can add up to 6 instances ("scale out") for even greater performance and fault tolerance.

you do not expect that the site will simply stop responding for up to a day if it exceeds CPU or memory limits that are often not easy to predict.

There are thousands of hosting services offering shared hosting or WordPress blogs at low prices, not least WordPress.com, and in general these sites do not get suspended because of exceeding CPU or memory limits.

The conclusion though is that if you want to use Azure for a site whose uptime you care about, you should plan to use no less than a Standard instance.

cloud computing, microsoft, windows

Microsoft financials: record revenue, consumer sales declining in drift towards Enterprise

2 Comments

Microsoft has announced record revenue for its second financial quarter, October-December 2013. Revenue was bumped up by the launch of Xbox One (3.9 million sold) and new Surface hardware. The real stars though were the server products:

  • SQL Server continued to gain market share with revenue growing double-digits.

  • System Center showed continued strength with double-digit revenue growth.

  • Commercial cloud services revenue more than doubled.

  • Office 365 commercial seats and Azure customers both grew triple-digits.

says the press release.

Another plus point is Bing, which Microsoft says now has 18.2% market share in the USA. Search advertising revenue is up 34%.

It is not all good news. While Microsoft is doing fine in server and cloud, the consumer market is not going well, leaving aside the expected boost from a new Xbox launch:

  • Windows OEM non-pro revenue down 20% year on year (that’s consumer PCs)
  • Office consumer revenue down 24% year on year – partly attributed to the shift towards subscription sales of Office 365 Home Premium

As usual, I have put the results into a quick table for easier viewing:

Quarter ending December 31st 2013 vs quarter ending December 31st 2012, $millions

Segment Revenue Change Gross margin Change
Devices and Consumer Licensing 5384 -319 4978 -153
Devices and Consumer Hardware 4729 +1921 411 -351
Devices and Consumer Other 1793 -206 431 -455
Commercial Licensing 10888 +753 10077 +751
Commercial Other 1780 +391 415 +199

The categories are opaque so here is a quick summary:

Devices and Consumer Licensing: non-volume and non-subscription licensing of Windows, Office, Windows Phone, and “ related patent licensing; and certain other patent licensing revenue” – all those Android royalties?

Devices and Consumer Hardware: the Xbox 360, Xbox Live subscriptions, Surface, and Microsoft PC accessories.

Devices and Consumer Other: Resale, including Windows Store, Xbox Live transactions (other than subscriptions), Windows Phone Marketplace; search advertising; display advertising; Office 365 Home Premium subscriptions; Microsoft Studios (games), retail stores.

Commercial Licensing: server products, including Windows Server, Microsoft SQL Server, Visual Studio, System Center, and Windows Embedded; volume licensing of Windows, Office, Exchange, SharePoint, and Lync; Microsoft Dynamics business solutions, excluding Dynamics CRM Online; Skype.

Commercial Other: Enterprise Services, including support and consulting; Office 365 (excluding Office 365 Home Premium), other Microsoft Office online offerings, and Dynamics CRM Online; Windows Azure.

Here is what is notable. Looking at these figures, Microsoft’s cash cow is obvious: licensing server products, Windows and Office to businesses, which is profitable almost to the point of disgrace: gross margin $million 10,077 on sales of $million 10,888. Microsoft breaks this down a little. Hyper-V has gained 5 points of share, it says, and Windows volume licensing is up 10%.

Cloud (Office 365, Azure, Dynamics CRM online) may be growing strongly, but it is a sideshow relative to the on-premises licensing.

How do we reconcile yet another bumper quarter with the Microsoft/Windows is dead meme? The answer is that it is not dead yet, but the shift away from the consumer market and the deep dependency on on-premises licensing are long-term concerns. Microsoft remains vulnerable to disruption from cheap and easy to maintain clients like Google’s Chromebook, tied to non-Microsoft cloud services.

Nevertheless, these figures do show that, for the moment at least, Microsoft can continue to thrive despite the declining PC market, more so that most of its hardware partners.

Postscript: Microsoft’s segments disguise the reality of its gross margins. The cost of “licensing” is small but it is obvious from its figures that Microsoft is not including all the costs of creating and maintaining the products being licensed. If we look at the figures from a year ago, for example, Microsoft reported a gross margin of $million 2121 on revenue of $million 5186 for Server and Tools. That information is no longer provided and as far as I can tell, we can only guess at the cost per segment of its software products . However, looking at the income statements, you can see that overall Microsoft spent $million 2748 on Research and Development, $million 4283 on Sales and Marketing, and $million 1235 on General and administrative in the quarter.

cloud computing, development, microsoft, windows

Microsoft cloud account problems

1 Comment

I am working extensively with Visual Studio 2013, Office 365 and Windows Azure, researching cloud development on Microsoft’s platform. It is in general a reasonable experience, but the way Microsoft manages its cloud accounts is a constant annoyance and sometimes a source of bugs.

The problem is that you cannot manage with just one Microsoft cloud account. I have an MSDN subscription which is a Microsoft account, and an Office 365 subscription for which I log in with an Organizational account, for example. Microsoft accounts are for accounts with Microsoft itself, while Organizational accounts are controlled by my business. The distinction makes some sense, but Internet Explorer does not cope all that well when you are using both, which for development seems unavoidable.

Right now, for example, I have encountered a bug. I want to log in to Office 365, so I browse to http://portal.microsoftonline.com. However, this is redirecting automatically to login.live.com (it should not do this), which is a Microsoft account. So I get this screen:

image

This is for a Microsoft account, which will not work with Office 365. If I now present Organizational account credentials, it says the account is not recognized. If I present valid Microsoft account credentials, I get an error. “Sorry, that didn’t work”.

image

Agreed – but if I now click Sign out, I bounce back to the very same screen. In other words, I cannot sign out.

I have also seen the scenario where you cannot sign out of Office 365. You choose Sign out, Internet Explorer thinks for a moment, then logs you back in automatically. This may be a consequence of checking the mysterious “Keep me signed in” option when logging into Office 365. This should only keep you signed in until you specifically log out, but it can fail in both directions, asking you to sign in again later, or failing to sign you out. “Keep me signed in” is actually required for some features to work properly, such as Open in Explorer (or WebDav) in SharePoint online.

The inability to sign out is a security issue, since you may need to leave your machine, think you have signed out, and find someone else can access your account; though I suppose you can lock your Windows account to overcome this.

It can also be a practical problem. As a developer, you might want to log in with an Office 365 administrator account to configure a new app, and then with a non-administrator account to test. You need to be able to switch accounts for this purpose. It might be better to use a virtual machine for one of the two accounts.

I am not sure what the fix is, though it usually starts working again eventually. As ever, rebooting Windows may well help. Microsoft has a problems when signing out article which hints at some of these problems; it suggests that you to a couple of special logout urls to log out from an organizational account and logout from a Microsoft account but this does not always work. It also suggests clearing all cookies, which is a nuisance because then have to log back in to all your internet accounts, but even this can fail in my experience. Using another browser is a partial workaround. I do not know if you can get this problem in other browsers.

Visual Studio can also get confused. Imagine you are developing an Office 365 application hosted on Azure. You might have a Microsoft account for Azure along with the Organizational account for Office 365. You proceed through a publish wizard which needs both sets of credentials, and you are likely to get an error in my experience.

I can understand that this stuff is complex to get right, but from the user’s perspective logging in and logging out is basic functionality and something Microsoft should get right.rrrrrrrrr