Microsoft cloud engineer - SharePoint, Office 365, Azure, DotNet, Angular, JavaScript.
Microsoft cloud engineer - SharePoint, Office 365, Azure, DotNet, Angular, JavaScript.

August 2016

Office 365 – How to create a Developer Tenant

I wanted to get started with SharePoint Framework and learned that an Office 365 developer tenant is required.   

Below are the steps I followed with screenshots.  Hope that helps! 



  1. Register with your Microsoft account at
  2. Choose a domain prefix (
  3. Choose an admin username and strong password
  4. Text message verification code
  5. Azure AD is only available for paid subscriptions
  6. Browse admin center and test functionality













Save Encrypted Passwords to Registry for PowerShell

Recently I needed to save passwords to share across scripts and wanted to:

  1. Avoid clear text passwords
  2. Avoid updating anything in each PS1 script file
  3. Securely store in a central place
  4. Make future password updates easy

After testing I found that ConvertTo-SecureString can be used with Set-ItemProperty to encrypt user text input and save to the Registry Current User hive (HKCU).   From here, multiple scripts on that machine can reuse the one central password.   However, it cannot be decrypted from any other machine.    That enables us to share one credential across many PS1 scripts while keeping any password updates centralized and easy to do.    Also, the reference pointer in each script is not a file path, UNC, or network share, but simply “HKCU:\Software” for a reliable lookup pipeline.

Hope you find this useful too.  Cheers! 











param (
Function GetSecurePassword($user) {
	# Registry HKCU folder
	$path = "HKCU:\Software\AdminScript"
	if (!(Test-Path $path)) {md $path | Out-Null}
	$name = $user
	# Do we need to clear old paswords?
	if ($clearSavedPW) {
		Remove-ItemProperty -Path $path -Name $name -Confirm:$false -ErrorAction SilentlyContinue
		Write-Host "Deleted password OK for $name" -Fore Yellow
	# Do we have registry HKCU saved password?
	$hash = (Get-ItemProperty -Path $path -Name $name -ErrorAction SilentlyContinue)."$name"
	# Prompt for input
	if (!$hash) {
		$sec = Read-Host "Enter Password for $name" -AsSecureString
		if (!$sec) {
			Write-Error "Exit - No password given"
		$hash = $sec | ConvertFrom-SecureString
		# Prompt to save to HKCU
		$save = Read-Host "Save to HKCU registry (secure hash) [Y/N]?"
		if ($save -like "Y*") {
			Set-ItemProperty -Path $path -Name $name -Value $hash -Force
			Write-Host "Saved password OK for $name" -Fore Yellow
	# Return
	return $hash
# Example usage for SharePoint Online (Office 365)
Import-Module Microsoft.Online.SharePoint.PowerShell -WarningAction SilentlyContinue
$admin = ""
$pass = GetSecurePassword $admin
$secpw = ConvertTo-SecureString -String $pass -AsPlainText -Force
$c = New-Object System.Management.Automation.PSCredential ($admin, $secpw)
Connect-SPOService -URL "" -Credential $c



What’s in that patch? SharePoint 2013 – August 2016 CU

Ever wondered what fixes are inside of a given CU?   Please see attached PDF with full detail. I wanted a new format for easy reading.   Show management and make the business case for why downtime should be taken to apply CUs.  Also posted at

If you found this helpful, please leave a comment.   




Whats in that patch – SharePoint 2013 – August 2016 CU.PDF

Business Case for Minimal Downtime Patching (MDP)

After watching the Zero Downtime Patching (ZDP) TechNet video, I wanted to share my thoughts about when that is helpful and when a simpler approach is needed.   Ultimately we are given options and asked to balance cost with questions such as:

  • What is the cost of outage/downtime?
  • What is our SLA?
  • What hours do users normally work?
  • What is the cost of High Availability redundant farm topology?
  • What is the support effort to maintain HA farms?
  • What is the VM, licensing, and storage cost?
  • Bottom line – Does the cost of outage exceed the cost of HA?   Or vice versa?


What is ZDP?

  • [TechNet] “Zero Down-Time patching doesn’t demand any server downtime while patching a SharePoint Server 2016 farm, but does require that your farm be set up in a Highly Available (HA) configuration (so that SharePoint roles are hosted on more than one server). That way, patching can be done in batches where certain of the redundant servers are taken out of load balancing, patched, replaced, and tested for soundness before the other servers follow through the same process.  During Zero down-time patching, users can add and edit files and use search just as at any other time.”


What is MDP?

  • I would define Minimal Downtime Patching as “Planning an acceptable window of brief downtime to apply system updates as quickly as possible.”     This implies an SLA less than 99.99% and 365/24 hour availability.   Choosing a time window for a brief outage is already done today by most support teams.   A few hours outage might come at zero cost (if zero active users) and is often an attractive choice compared to the complexity of Highly Available (HA) farm design, implementation, and support.  ZDP is a high cost endeavor, appropriate for scenarios with high cost of downtime.   Absent that, we should consider lower cost options where brief downtime is acceptable with little impact.    Compare two costs and choice what is best for your business.



 Zero Down Time
Minimal Down Time
  • HA topology required
  • More complex
  • More server cost
  • VM, storage, license, and support
  • Detailed procedure
  • Not available to users
  • Full outage during Config Wiz


  • 100% available to users
  • Read & write features
  • Supports any topology
  • Brief outage
  • Works on Dev, Test, small farms
  • Simple
  • No additional servers
  • Single PowerShell console


Overall, use the right tool for the job.  There are good scenarios for both options.  Even with ZDP used on large Production farms, we need other suitable options for lower environments like Dev and Test.






MDP PowerShell Script


© Copyright 2016
@ SPJeff

Return to Top ▲Return to Top ▲