Azure Search: Pushing Content to an Index with the .NET SDK.

Blog Series

  1. Azure Search Overview
  2. Pushing Content To An Index with the .NET SDK

I hold the opinion that for a robust indexing strategy, you would likely end up writing a custom batch application between your desired data sources and your defined Azure Search index. The pull method currently only supports data sources that reside in specific Azure data stores (as of Feb 2017):

  • Azure SQL Database
  • SQL Server relational data on an Azure VM
  • Azure DocumentDB
  • Azure Blob storage, Table storage

I would assume many at this time would have desired content in websites databases and LOB applications outside of these Azure data stores.

Azure Search .NET SDK

This article Upload data to Azure Search using the .NET SDK gives great guidance and is what I used, but here’s my specific implementation approach.

To get started, first create a .NET project.Azure Search Pushing Content to an Index with the .NET SDK-1

Install from NuGet
Azure Search Pushing Content to an Index with the .NET SDK-2

My project with the Microsoft.Azure.Search library
Azure Search Pushing Content to an Index with the .NET SDK-3


To start coding, define your search index by creating a model class. I created a generic index schema. I will use this to define and create a new search index in the Azure Search Service. And to hold a list of records of movies as my searchable content.

[SerializePropertyNamesAsCamelCase ]
    public partial class IndexModel
        public string Id { get; set; }

        [IsRetrievable(true), IsSearchable, IsFilterable, IsSortable]
        public string Title { get; set; }

        [IsRetrievable(true), IsSearchable]
        public string Content { get; set; }

        [IsFilterable, IsFacetable, IsSortable]
        public string ContentType { get; set; }

        [IsRetrievable(true)IsFilterable, IsSortable, IsSearchable]
        public string Url { get; set; }

        [IsRetrievable(true)IsFilterable, IsSortable]
        public DateTimeOffset? LastModifiedDate { get; set; }

        [IsRetrievable(true)IsFilterable, IsSortable]
        public string Author { get; set; }


Next, I do 3 major steps in the Main method of the console app

  1. Create mock data, as if this data was retrieved from a data source.
  2. Create and index, if one not already exists, based on the index model class
  3. Update the index with new or updated content.
public static void Main(string[] args)

            // Mock Data
            List<IndexModel> movies = new List<IndexModel>
                new IndexModel()
                    Id = "1000",
                    Title = "Star Wars",
                    Content = "Star Wars is an American epic space opera franchise, centered on a film series created by George Lucas. It depicts the adventures of various characters a long time ago in a galaxy far, far away",
                    LastModifiedDate = new DateTimeOffset(new DateTime(1977, 01, 01)),
                    Url = @""
                new IndexModel()
                    Id = "1001",
                    Title = "Indiana Jones",
                    Content = @"The Indiana Jones franchise is an American media franchise based on the adventures of Dr. Henry 'Indiana' Jones, a fictional archaeologist. It began in 1981 with the film Raiders of the Lost Ark",
                    LastModifiedDate = new DateTimeOffset(new DateTime(1981, 01, 01)),
                    Url = @""
                new IndexModel()
                    Id = "1002",
                    Title = "Rocky",
                    Content = "Rocky Balboa (Sylvester Stallone), a small-time boxer from working-class Philadelphia, is arbitrarily chosen to take on the reigning world heavyweight champion, Apollo Creed (Carl Weathers), when the undefeated fighter's scheduled opponent is injured.",
                    LastModifiedDate = new DateTimeOffset(new DateTime(1976, 01, 01)),
                    Url = @""


            AzureSearch.UpdateIndex("movies", movies);

            Console.WriteLine("Enter any key to exist");

In the Azure Portal, you will see the outcomes

  • The ‘movies’ index has been created along with 3 documents as expected.
    Azure Search Pushing Content to an Index with the .NET SDK-4
  • I find that the document count value takes several minutes’ or more to be updated, but the indexing is immediate.
  • The fields has been defined along with its type and attributes based on the index model class
    Azure Search Pushing Content to an Index with the .NET SDK-5
  • To test the index, use the Search Explorer
    Azure Search Pushing Content to an Index with the .NET SDK-6

For further code snippet details of the following method calls. I made this method dynamic such that you pass in the Type of the index model as T. Then the  FieldBuilder.BuildForType() will build out the index schema.


public static Boolean CreateIndexIfNotExists<T>(string indexName)
            bool isIndexCreated = false;

                List<string> suggesterFieldnames = new List<string>() { "title" };

                var definition = new Index()
                    Name = indexName,
                    Fields = FieldBuilder.BuildForType<T>(),
                    Suggesters = new List<Suggester>() {
                        new Suggester() {
                            Name = "Suggester",
                            SearchMode = SuggesterSearchMode.AnalyzingInfixMatching,
                            SourceFields = suggesterFieldnames

                SearchServiceClient serviceClient = CreateSearchServiceClient();

                if (!serviceClient.Indexes.Exists(indexName))
                    isIndexCreated = true;
                    isIndexCreated = false;

AzureSearch.UpdateIndex("movies", movies);
inner method call:
private static void UploadDocuments(ISearchIndexClient indexClient, List<IndexModel> contentItems)
                var batch = IndexBatch.MergeOrUpload(contentItems);


In conclusion, I generally recommend the push approach using the Azure Search .NET SDK as there are more control and flexibility. As I created a CreateIndex method, you should create a delete index method. This helps during development process as you iterate upon defining your index schema. Even in production scenarios, it can be appropriate to delete your index, re-create index with an updated schema and then re-index your content.

Building My SharePoint 2016 Disaster Recovery Farm Lab on Azure

I have set out to build a SharePoint 2016 disaster recovery farm extending my home-based on-premises SharePoint 2016 farm.

My objectives

  1. Continue to build my networking, windows server and other infrastructure related skills. I come from an application development background.
  2. Build my hands on skills and knowledge with Azure IaaS;
    • Azure Virtual networking, Site-to-site VPN
    • Azure virtual machine management
  3. Gain in depth architecture and system administration knowledge of all the pieces that make up a disaster recovery farm using SQL AlwaysOn (async commit) approach.
    • Understand performance/latency based on asynchronous commit to secondary database replica.

I used the following article as my primary source:
Plan for SQL Server AlwaysOn and Microsoft Azure for SharePoint Server 2013 Disaster Recovery

I tried my best to follow all the steps, but I approached them in a different order per my own DR design.

As a result, the following link are my raw notes and screen shots of some of my detailed steps in building the disaster recovery farm.!13901&authkey=!ANaDqU9cBkj36s0&ithint=file%2cdocx

My naming conventions are not perfectly consistent since I was building on the go. With these notes, it is my hope you can come away with some steps to a working solution.

The following is a summary of key steps in building my disaster recovery lab in Azure.

On-premises Home Network and Azure Network


My personal home network consists of a set of Hyper-V virtual machines with the physical host as a Windows 10 desktop PC. The specifications are Intel Core i5 4 processors, 16 GB RAM, Intel solid-state drive for the virtual machine disks, and D-Link DIR-826L router.

My on-premises environment:

  • homedc virtual machine
    domain controller and DNS
    Decided to serve as a general file server. I don’t have enough RAM and CPU for a dedicated file and backup server. This is not the ideal server topology.
  • homesp virtual machine
    SharePoint 2016 single server farm and SQL 2014SP1 database. SP is installed.
    Single server farm instead of a desired 2-server topology because I don’t have enough CPU and RAM.
  • homerras virtual machine
    Routing and Remote Access Server (RRAS)
    Used to establish site-to-site VPN connectivity with an Azure virtual network. There are other options such as using a hardware VPN router. This server is not domain joined.
  • D-Link router
    Port forwarding feature is leveraged to support site-to-site VPN connectivity.

Azure Disaster Recovery Site

The Microsoft cloud-based disaster recovery site.

  • Virtual Network
    Configured two subnets. One for the SharePoint farm and the other for the Gateway subnet for the site-to-site VPN.
  • rkdc virtual machine
    domain controller and DNS (no domain controller promotion just yet)

Note: At least set this server as a static IP rather than dynamic IP in the Azure portal.

  • rksp virtual machine
    SharePoint 2016 single server (not installed yet)
  • rksql virtual machine
    SQL 2014SP1 database server

Site-to-site VPN and DC Replica


Enable cross network connectivity between the on-premises home network and the Azure virtual network. The other option is using ExpressRoute, which is more suited for production scenarios for its private connection, higher bandwidth, better performance and reliability.

Port forwarding configured in the D-link home router to allow internet connectivity to the homerras server for a VPN connection.

Virtual Network Gateway

Serves as the cross-premises gateway connecting your workloads in the Azure Virtual Network to on-premises sites. This gateway has a public IP address accessible from the internet.

Local Network Gateway

Enables interaction with on-premises VPN devices represented in the Gateway Manager. Therefore, needs to be configured with the home router’s public WAN IP address. The port forwarding setup always communicates to the RRAS server as the VPN device.


Represents a connection between two gateways – the virtual network gateway and the local network gateway.

homerras RRAS Server

Configuration of an interface named as “Remote Router” to have the public IP address 40.114.x.x for the virtual network gateway.

Domain Controller replica on the Azure virtual network

Prerequisite: site-to-site VPN connection needs to be active.

Install a replica Active Directory domain controller (i.e. in the Azure virtual network

Domain join rksp, rksql servers to

Any added DNS records and AD accounts will be synchronized between the two domain controllers.

In testing the VPN connection, any machine connected to the on-premises network was able to ping or RDP, with a domain account, into any other server in the Azure virtual network and vice versa.

SharePoint 2016, WSFC, and SQL Server AlwaysOn


SharePoint 2016

Installed on Azure rksp virtual machine as a single-server farm with mysites host and portal site collection. SharePoint 2016 is already installed on the on-premises farm before the start of this lab.

Windows Server Failover Cluster

Installed Windows Server Failover Cluster feature on homesp and rksql as they are database server roles.

Name: SPSQLCluster
IP Address:

File share cluster quorom is hosted on homedc. This quorom should be on a dedicated file server, but do not have enough memory resources for another VM.

Set Node weight = 1 on primary homesp node

SQL Server AlwaysOn

Enabled SQL AlwaysOn and asynchronous commit configuration. This is recommended  for higher network latency due to the VPN connection and geographic distance between the two sites. Synchronous commit is recommended for network latency of <1ms for SharePoint. When I ping servers across the two environments (Toronto and North Central US), I get an average of about 75ms ranging from 30ms to 110ms.

The supported databases for asynchronous commit in the article Supported high availability and disaster recovery options for SharePoint databases (SharePoint 2013)

The below databases below were deleted in rksql secondary before replication from homesp primary database instance.

Availability groups

  • AG_SPContent
    • MySites
    • PortalContent
  • AG_SPServicesAppsDB
    • App Management
    • Managed Metadata
    • Subscription Settings
    • User Profile
    • User Social
    • Secure Store

Configuration databases are farm specific. Search databases can be updated with a full crawl upon failover.

Availability Listener configuration for each availability group

  • agl_spcontent1 for AG_SPContent
    0.0.8 (on-premises) (azure DR)
  • agl_spservice for AG_SPServicesAppsDB
    0.0.9 (on-premises) (azure DR)


Evaluating AlwaysOn Availability Group in Asynchronous Commit Mode


Failover Test


  1. Manual shut down IIS Web
    sites of SharePoint
    Simulate a failure event such as a IIS shut down
  2. For each Availability Group, failover to secondary replica
    Resume database movement
  3. Adjust WSFC node voting rights
  4. Update DNS records of SharePoint sites to DR
    Start IIS on original primary on-premises site


This can be repeated to failover once again to the on-premises site making it the primary once again.

Comments on Azure costs

Virtual Machines

  • Domain controller and DNS – Basic A1 1 cpu 1.75GB RAM
    • Left running
  • SQL Server database server – Basic A1 2cpu 3.5GB RAM
    • Left running
  • SharePoint 2016 single-server – Basic A4 4CPU 7GB RAM
    • Turned off in cold standby
  • VPN Gateway
    • ~$31CAD/month
    • Pricing is based on time; however, I didn’t find a way to stop or pause usage to save on costs.

I approximate the cost of running the above resources to be $130CAD/month, if the SP VMs are stopped per cold standby methods.

Final Remarks

This has been a great learning experience as I understand how all the little pieces work together. Out in the enterprise world, disaster recovery tends to be lower in priority in a project roadmap or not at all. However, as the business criticality of a technology solution increases, so is the need for a DR solution. Hosting in Azure is a cost effective option since you are actually paying for what you use, especially in cold standby scenarios. Leveraging Azure regions in geographically remote areas are appropriate for mitigating widespread disaster situations such as hurricanes, mass power outages, earthquakes, floods or even outbreaks that can affect a data centre’s operability.

In technology, something’s you do not really know until you build it with your own hands – learning is by doing.

Windows Server 2012 R2 Web Application Proxy and ADFS 3.0 Azure Lab

The following diagrams are based on a lab I built on Microsoft Azure IaaS leveraging Web Application Proxy and ADFS 3.0. to demonstrate single sign-on with claims based applications.

As I come from an application development and architecture background, I learned a great deal with Azure IaaS and system administration with respect to Azure Virtual Networks, Virtual Machines, IP addressing, Azure PowerShell and the Azure management portal, domain controllers, DNS, subnets, certificates and other relevant Windows Server Roles and Features. At the present time of May 2016, I thought I share my notes to help others who may find this helpful in the manner that it is built. Note that I have built this lab in March of 2015 given the Azure’s feature and capabilities at that time.

Lab Architectural Overview

Hosting Infrastructure

  • Microsoft Azure Infrastructure-as-a-Service

Virtual Network

  • One Virtual Network with three subnets
  • Subnet-DC for the domain controller and ADFS server
  • Subnet-Web for web applications and other applications such as SharePoint Server.
  • Subnet-DMZ for the Web Application Proxy

Network Security Groups

  • I didn’t implement any NSG yet, but for proper network security you would have NSG around each subnet to allow/deny traffic based on a set of Access Control List rules.

Windows Domain

  • All servers except for the DMZ are on the same domain, except for the Web Application Proxy server. For trivial reasons of it being in the DMZ and as a proxy server to the internet.

Public domain name

  • I purchased domain name to be used as part of public urls to internal applications.


  • There was a great deal of certificate dependencies between WAP and ADFS and Relying Party (web apps) and token signing. This was a challenging learning point for me and to set things up appropriately and troubleshooting. The detailed topics involved public/private key, export/import certificates, authority chain, thumbprint, certificate subject name, SSL, server authentication, expiry, revocation, browser certificate errors, etc.


Azure Virtual Network configuration involving address spaces and subnets


I setup ADFS and added my simple .NET claims aware web application as a relying party trust.


I conducted the following test:

Logging into the rkweb1 web server (i.e. internal to the network), I opened the browser
1.Enter the url:
2.Redirected to ADFS and then authenticated
3.Redirect back to the ClaimApp with access.


Testing withing internal network:


I configured the Web Application Proxy to publish the following applications to the internet.

Internet-facing External URLs are start with and are mapped to backend URLs starting with for the following applications.


  • .NET claims based application using Windows Identity Foundation.
  • WAP Pre-authentication is ADFS


  • HTML web application with no authentication.
  • WAP Pre-authentication is Pass-through. No authentication.


  • REST API with windows authentication
  • WAP Pre-authentication is ADFS


Accessing ClaimApp from the internet:


Accessing a REST API via a .NET WPF desktop application from the internet. User will be prompted for credentials in a separate dialog per OAuth.


Accessing ClaimApp through iOS Sarafi browser with device registration. In AD there is a dev


In Active Directory, my iPhone mobile device has been registered for added authentication and conditional access rules to applications.

screenshot1464030919794 (1).png

In conclusion, I loved the fact that Azure has become my IT sandbox to learn and build solutions such as this remote access solution. Also, the Web Application Proxy is one of many other options in the market to publish out internal on-premises applications using ADFS to support single sign-on.

Online References that helped me build this lab