Category: Microsoft

PowerShell modul for Azure Blueprint

Today Microsoft releasted the first powershell module for Azure blueprints (at long last ūüôā ).

This first version 0.1.0, has some basic commands like “Get-AzBlueprint”, “Get-AzBlueprintAssignment” , “Remove-AzBlueprintAssignment”, “Set-AzBlueprintAssignment” and “New-AzBlueprintAssignment”.

To install the new module, just do a “install-module -Name az.blueprint”, you will need new Azure PowerShell Az module

To do a Blueprint assigment you would do something like this :

$blueprintName = “TestBluePrint2”
$subscriptionId = “00000000-1111-0000-1111-000000000000″‘
$AssignmentName = “BP-Assignment”
$myBluerpint = Get-AzBlueprint -Name $blueprintName -LatestPublished
$rg = @{ResourceGroup=@{name=’RG-BP-TEST1′}}

New-AzBlueprintAssignment -Name $AssignmentName -Blueprint $myBluerpint -SubscriptionId $subscriptionId -Location “West US” -ResourceGroupParameter $rg

This is a simple Blueprint that creates a resource group and nothing more.

If you want to use a managed identity you just add -UserAssignedIdentity “/subscriptions/00000000-1111-0000-1111-0000000 00000/resourceGroups/my-resource-group/providers/Microsoft.ManagedIdentity/userAssignedIdentities/my-user-defined-identity” the default is to use system-assigned identity.
If your blueprint uses parameter eg. in a ARM template, then you can use the -Parameter @{P1=”v1″; P2=”v2″} parameter.

I think this is a great tool for deploying Azure blueprint and I will be following this closely.


Windows 10 Fall Creators Update comes with SSH build-in – Is putty dead?

¬†Today I found out that Windows 10 Fall Creators Update (10.0.16299), come with a new optional feature, OpenSSH! To install this go to Settings App¬†> Apps¬†> Settings & Apps¬†> Manage Optional Features¬†> Add Feature and select the OpenSSH Client Beta. After installing you can type SSH in a command prompt to use SSH “native” in windows 10. Nice feature Microsoft. I will definitely use this, but I think that putty offers some other functionality that I cannot find in OpenSSH.
   

Howto sync msExchHideFromAddressLists attribute to Office 365

¬†So today I had a customer witch has move there On-prem Exchange to Office 365 (Exchange online). The old Exchange server was long gone and therefore not more Exchange management tools. The customer wanted to hide a user form the global address list (GAL), and had found the msExchHideFromAddressLists attribute in the attribure editor on that user and set it to “TRUE”. However in the user still was showing up in the GAL.
 User properties
When I ran the PowerShell command to see the state of the msExchHideFromAddressLists attribute “get-Mailbox -Identity user@domain.dk | fl HiddenFromAddressListsEnabled” I the result : “HiddenFromAddressListsEnabled : False” back, witch was not what I where looking for. After some poking around I found a post on a MS forum, talking about this and it turned out the “msExchHideFromAddressLists attribute” was not being synced at all and it should be added to the Synchronization rule. You can do this with the “Synchronization Rules Editor” witch can by found on the server with Azure AD Connect install.
 Sync Ruld Editor
In the “Inbound” rule select “in from AD – User Common” click Edit and “No” to continue editing the current rule.
Sync Ruld Editor

Add msExchHideFromAddressLists attribute

Then select “Transformations” and click “Add Transformation” The new transformation should be : FlowType=Direct, Target Attribute=msExchHideFromAddressLists and Source=msExchHideFromAddressLists. Merge type=update. Then click Save. Now from Powershell, on the server with Azure AD Connect sync installed, type “Start-ADSyncSyncCycle -PolicyType Delta” and wait (I waited about 5-8 min.) for the update to take effect. You can the “get-Mailbox -Identity user@domain.dk | fl HiddenFromAddressListsEnabled” command, this should result in: “HiddenFromAddressListsEnabled : True”.
I hope you can use this information and thank you for reading. Leave comment below and have a nice day!

Monitoring VMware with Azure OMS

Im using a Ubuntu server for my setup, there is no requirements for ubuntu linux, it just happens to be the one I’m most familiar with.

Setup syslog forwarding on ESXi Host

First step in setting up the Azure OMS VMware monitoring solution it to setup syslog forwarding from the ESXi host to the Linux ‚Äúproxy‚ÄĚ. This is done through the VMware Web client. Login to the Web client and navigate to -> Host -> Manage under the ‚ÄúAdvanced Settings‚ÄĚ you will find the ‚ÄúSyslog.global.logHost‚ÄĚ. Click Edit and then you need to insert ‚Äútcp://ip-address-of-linux-server:1514‚ÄĚ and click save.

Allow outbound traffic on ESXi host

Now it is time to allow outgoing syslog traffic from the ESXi host to the Linux box. This is also done from the web client. Navigate to the ‚ÄúNetworking‚ÄĚ section and under syslog¬†select syslog and click the action button and then click enable.

Setup Linux ‚Äúproxy‚ÄĚ server (Ubuntu) Install OMS agent Installing the OMS agent is very easy. Login to the OMS portal and navigate to the settings. Under the ‚ÄúConnected Sources‚ÄĚ select the ‚ÄúLinux servers‚ÄĚ. Click the copy button under the “DOWNLOAD AND ONBOARD AGENT FOR LINUX”. Next logon to the linux server via ssh and paste in the commandline you just copied and hit enter.
Setup inbound firewall
Viewing data in Azure VMware Monitoring solution
 

Installing Windows 10 using the media creation tool

Creating the media for a Windows 10 installations have never been easyer. You just have to download the Microsoft media creation tool from Microsoft and then choice installing on a USB or DVD/ISO file. You also have the option to upgrade the PC you are running the tool on.

To make a clean installation of Windows 10 I went with the old-school method of creating a ISO for burning on to at DVD.
First select if you want to install on the PC you are current on or another PC. MCT1
Then select Language, Edition (Home or Pro) and Architecture (32bit or 64bit or both). MCT2q  
¬†Now you will need to make the choice of USB or ISO. For USB you need a minimum 6GB stick on for a midia with both 32bit and 64bit you will need a dual layer DVD. MCT3  
 You will then have to wait for the bits to been downloaded. MCT4
¬†Lastly you can burn the ISO file to at DVD and you’re all done. ūüôā MCT5
 I hope you can use the mini guide and thanks for reading.
 

Recommended hotfixes, updates, and known solutions for Windows Server 2012 R2 Hyper-V

Microsoft Hyper-v         I found this list on a blog from Micosoft with recommended hotfixes, update and more for Window Server 2012 R2. Hyper-V: Update List for Windows Server 2012 R2 Also the KB from Microsoft points out some recommeded hotfixes and update for Windows Server 2012 and Windows Server 2012 R2 Hyper-V Network Virtualization (HNV) environments. Recommended hotfixes, updates, and known solutions for Windows Server 2012 and Windows Server 2012 R2 Hyper-V Network Virtualization (HNV) environments  

Unable to initialize the Microsoft Exchange Information Store service

Okay, so I got this error in the event log (ID 5003) on a Exchange Server 2010, after a update and a reboot of the server. The Information store service could not start up
Event ID 5003: Unable to initialize the Microsoft Exchange Information Store service because the clocks on the client and on the server machine are skewed. This may be caused by a time change either in the client or the server machine, and may require a reboot of that machine. Other than that, verify that your domain is properly configured and is currently online.
time_exchange_cannot_start_services
The time was okay on the server and the DC (PDC) was okay. Then I checked the VMware tools to see if the “Time Sync” Feature of the vmware tools was disabled, and it was. I noticed after a second reboot that the time was off by 10 minutes, and then jumped back to the correct time!?. Then I looked at the VMware vSphere host in the “Time Configuration” the time was of by… you guest it.. 10 minutes! The host was set to sync with an external time server (pool.ntp.org). But the time was off anyway. So I decided to reboot the host, to see if the time was off by 10 minutes after a reboot and it was! Then I did another reboot and jumped in the UEFI (BIOS) of the server and there it was… time in the BIOS was 10 minutes behind. I corrected it and booted the host and now the time on the host and the VM was okay even after a reboot.
I hope that you can use this information, I know where I will look next time there is a time sync issue in a VM. Please leave a comment below if found the useful. Thanks!


The road to MCSE: Server Infrastructure (Passing 70-410 Exam Installing and Configuring Windows Server 2012)

I have decided that I would go for the MCSE: Server Infrastructure, I have be focusing on VMware for a long time now, and I feel it is time to have a look af Microsoft new certification program. The MCSE is no longer called Microsoft Certified Systems Engineer. It‚Äôs called Microsoft Certified Solutions Expert. MCSA has also been changed, and is now called Microsoft Certified Solutions Associate and not Microsoft Certified Systems Administrator. Microsoft has also made an effort by making the certifications with more focus on core competencies for each of the MCSE’s. To become a MCSE you must pass five exam’s, after passing the first three you will become MCSA for Windows Server 2012, this is also a prereq for the MCSE. Below I have listed all the exam needed to become MCSE: Server Infrastructure. MCSA Prereq Exams: MCSE:¬†Server Infrastructure Prereq Exams: I will try to give you, in this post and the ones to flow, all the resources I have found and what to watch out for on the exam to the extend that will not violate the Microsoft Certification Program Agreement. My study resources: When I have taken the 70-410 Exam (and passed it hopefully ūüôā ), I will update this post with a list of the topics that you should be aware of. I will try to focus on some of the new stuff i Windows Server 2012, as well as Hyper-v. But all in all I look at the Skills being measured, and go in depth with the topics that not are my strong sides. Also by learning the material properly you will stand stronger in passing the test. I hope this wil help in any way with you 70-410 exam. Thank you for reading and stay tuned for more posts in my road to MCSE: Server infrastructure. Update 5/11/2013: Okay, so today I was defeated by the mighty IP v6 and its companion application restriction policy. I admit that 14 days exam prep was not enough for me. I will hit the books and study IP v6 and maybe try out a practice test. You are welcome to leave a comment with you experience with practice tests. You also welcome to leave a comment if you have something to add to this post.