Jump to content
  • entries
    142
  • comments
    0
  • views
    87511

About this blog

Remarks from a Cloud Architect daily encounters

Entries in this blog

DirSync & Mail-Enabled Public Folders Distribution Group Members

Καλησπέρα στην κοινότητα. Μια ακόμα αναμέτρηση με το τέρας του Exchange. Έχουμε και λέμε, εγκατάσταση με Exchange Server 2010, έχω ρυθμίσει Hybrid με Office 365, DirSync, όλα καλά. Έχουν πάει επάνω users, contacts, distribution groups, mail contacts, έχω περάσει και Mail-Enabled Public Folders όλα καλά. Έλα όμως που στα Distribution Group members ενώ έχουν συγχρονίσει όλα τα members δεν έχει φέρει τους Mail-Enabled Public Folders. Τελικά μετά από ψάξιμο και διάφορα περίπλοκα PowerShell scripts ε

proximagr

proximagr

Delete user from Office 365 Hybrid with DirSync

This post is bout Exchange/Office 365 Hybrid Deployments, when for some reason we need to completely delete a user account and mailbox from Office 365 in order to re-sync it.   First you need to exclude the user from DirSync Open the “Synchronization Service Manager” (cn be fount at “C:\Program Files\WindowsAzureActiveDirectorySync\SYNCBUS\Synchronization Service\UIShell\miisclient.exe”) Navigate to “Metaverse Search” and click on “Add Clause” Be sure that you choose Displayname as Attrib

proximagr

proximagr

Custom pfSense on Azure Rm | a complete guide

Custom pfSense on Azure Rm | a complete guide A complete guide on how to create a pfSense VM on a local Hyper-V server, prepare it for Microsoft Azure, upload the disk to Azure and create a multi-NIC VM. Download the latest image from https://www.pfsense.org/download/ Open Hyper-V Manager create a Generation 1 VM. I added 4096 ram, 2 cores, use VHD, add an extra NIC (for second interface) and select the downloaded ISO. (create a fixed VHD as Azure supports only fixed VHDs for custom VMs) Star

proximagr

proximagr

Create migration endpoint | (Cutover & Staging Migration)

<p>Open the Office 365 Exchange Administration Console and go to Recipients > Migration > More > Migration endpoints and click on the plus sign to add a new endpoint.</p> <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png"><imgclass="alignnone size-full wp-image-1002" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png" alt="cme1" width="867" height="275" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/c

proximagr

proximagr

Create Azure File Shares at your ARM template using PowerShell

Create Azure File Shares at your ARM template using PowerShell Using Azure Resource Manage template deployment, you can create a Storage account but you cannot create File Shares. Azure File Shares can be created using the Azure Portal, the Azure PowerShell or the Azure Cli. Mainly, the idea is to run a PowerShell script that will create the File Shares. This script will be invoked inside the ARM Template. In order to use a PowerShell script from a template, the script must be called from a URL.

proximagr

proximagr

Create Azure File Shares at your ARM template using PowerShell

Create Azure File Shares at your ARM template using PowerShell Using Azure Resource Manage template deployment, you can create a Storage account but you cannot create File Shares. Azure File Shares can be created using the Azure Portal, the Azure PowerShell or the Azure Cli. Mainly, the idea is to run a PowerShell script that will create the File Shares. This script will be invoked inside the ARM Template. In order to use a PowerShell script from a template, the script must be called from a URL.

proximagr

proximagr

Create an Ultra High Available on-prem Azure VPN Connection

Create an Ultra High Available on-prem <-> Azure VPN Connection At this post we will see how to make a high available connection between our on-premises network and Azure. This way we will have an Active-Active Dual-Redundancy VPN Connection. The idea behind this is that we have a router/firewall cluster,connected with two ISPs and we want to also have a VPN connection with Azure using both ISPs actively. I call this an end-to-end high available connectivity between our on-premises infrast

proximagr

proximagr

Create a Disk in specific Storage Account and Attach it to a VM in Azure

There are many reasons to have your Disks stored at separate Storage Accounts, per Cloud Service. One is that a Storage Account in Azure provides 20000 IOPS and every disk in Standard Tier 500 IOPS. Azure support suggests to don’t have more than 40 disks per Storage Account. Also you may want to have your disks lined (go to Azure, Cloud Services, selsect a Cloud Service and you can see the “Lined Resources” tab, there you can link storage accounts to the Cloud Service) to the same Cloud Services

proximagr

proximagr

Copy AZURE VHD to other storage account

Copy AZURE VHD to other storage account   #Source storage account $context1 = new-azurestoragecontext -storageaccountname "name_source_account" -storageaccountkey "key_source_account"   #Destination storage account $context2 = new-azurestoragecontext -storageaccountname "name_destination_account" -storageaccountkey "key_destination_account"   #Initiate copy this might take a while Start-AzureStorageBlobCopy -SrcContainer "vhds" -SrcBlob "name_as_found_in_step_one.vhd" -SrcContext $context1

proximagr

proximagr

Connect two or more Azure Virtual Networks using one VPN Gateway

Connect two or more Azure Virtual Networks using one VPN Gateway Peering is a feature that allows to connect two or more virtual networks and act as one bigger network. At this post we will see how we can connect two Azure Virtual Networks, using peering and access the whole network using one VPN Gateway. We can connect Virtual Networks despite if they are in the same Subscription or not. I have created a diagram to help understand the topology. We have a Virtual Network with Site-2-Site VPN w

proximagr

proximagr

Connect PowerShell to Exchange Online

To connect PowerShell to Exchange Online, open the PowerShell and run: $UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/-Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session source: http://www.e-apostolidis.gr/microsoft/connect-to-exchange-online/

proximagr

proximagr

Connect powershell to Azure

First we need to install the Azure PowerShell module from http://go.microsoft.com/fwlink/p/?linkid=320376&clcid=0x409   Then open PowerShell and follow the below commands:   #Get your subscription file - The browser will open, you will need to login to the Azure Subscription and finally it will download the <subscriptonname>.publishsettings file Get-AzurePublishSettingsFile   #Connect to your Subscription Import-AzurePublishSettingsFile -PublishSettingsFile "full path to download

proximagr

proximagr

Configure The Azure Web Application Firewall

Azure Web Application Firewall (WAF) is a function of the Azure Application Gateway that detects and prevents exploits and attacks to a web application. Using a WAF we add an additional security layer in front of our application. To have a sneak peak at the most common web application attacks, take a look at the OWASP Top 10 Most Critical Web Application Security Risks . At my previous posts we have seen how to Protect your Web App using Azure Application Gateway Web Application Firewall and Use

proximagr

proximagr

Compliance Report using Azure Policy

Compliance Report using Azure Policy Azure Policy is a powerful tool for Azure Governance. With Azure Policy we can define rules for all Azure Subscriptions the we manage. We can use this rules for simple limitation actions, like permitting only specific VM Series and Sizes that can be created and also more complex rule sets that helps you standardize the whole Azure deployment. At my previous posts, we learned How to limit the Azure VM Sizes and How to enforce tags for resources creation

proximagr

proximagr

Classic Azure VM Details

<p>I was looking for a way to have a list with many details about VMs of Azure Classic deployment. Some of the details are VM Name, HostName, Service Name, IP address, Instance Size, Availability Set, Operating System, Disk Name (OS), SourceImageName (OS), MediaLink (OS), HostCaching (OS), Subnet, DataDisk Name, DataDisk HostCaching, DataDisk MediaLink, DataDisk Size.</p> <p>I started with PowerShell ISE and some technet search and after a lot of test I created this script:<

proximagr

proximagr

Calculate Azure VHD actual/billing size

<p>Azure blob storage is billed based to how much data you use. So you can have an 1023 GB disk but if you use only 20 GB you will be billed for 20 GB. But, <img src="https://s.w.org/images/core/emoji/72x72/1f642.png"alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> , if you write more data, lets say 50 GB and then you erase them, the free space will not automatically be released.</p> <p>sandrinodimattia, https://github.com/sandrinodimattia, released an

proximagr

proximagr

Bulletproof manage your Azure VMs

Bulletproof manage your Azure VMs Continuing the Azure Security Center posts, today we will see a new feature of the Security Center, called Just in Time VM Access. As best security practice, all the management ports of a Virtual Machine should be closed using Network Security Groups. Only the ports required for any published services should be opened, if any. However there are many occasions that we are requested to open a management port for administration or a service port for some tests for

proximagr

proximagr

Bulletproof manage your Azure VMs

Bulletproof manage your Azure VMs Continuing the Azure Security Center posts, today we will see a new feature of the Security Center, called Just in Time VM Access. As best security practice, all the management ports of a Virtual Machine should be closed using Network Security Groups. Only the ports required for any published services should be opened, if any. However there are many occasions that we are requested to open a management port for administration or a service port for some tests for

proximagr

proximagr

AzureRm | Create Site to Site VPN

<h1><strong>AzureRm | Create Site to Site VPN</strong></h1> <p>This post is part of a general idea, to create an end-to-end high available application infrastructure solution in Azure using internal load balancer with the new AzureRm commands and Azure PowerShell v.1.0 preview.</p> <p>We will create a Gateway, request a Public IP and establish a Site to Site VPN. At the time I am writting this post there is no option to create the VPN ising the Portal, t

proximagr

proximagr

AzureRm | Create Internal Load Balancer with two VMs

AzureRm | Create Internal Load Balancer with two VMs This post is part of a general idea, to create an end-to-end high available application infrastructure solution in Azure using internal load balancer with the new AzureRm commands and Azure PowerShell v.1.0 preview. For this solution I will use: 2x Centos 11 sp4 Web/Application Servers 2x Centos 11 sp4 MySQL Servers 1x Gateway The first part is to create an Internal Load Balancer in Azure to use it for two VMs. This setup is ideal for

proximagr

proximagr

AzureRm | Create External Load Balancer with two VMs

After my previous post, the internal load balancer with two VMs, this is a scenario using the External Load Balancer. The configuration includes a Load Balancer with a Static Public IP at the frond end and two VMs at the back end. The load balancer has two static routes for RDP, one for each VM and one load balance rule, the TCP port 80, common for web sites and applications. It uses a probe that checks a web page on both hosts to verify if they are active.   Lets start. First we need to insta

proximagr

proximagr

Azure Web Farm using IIS & Azure File storage

Azure Web Farm using IIS & Azure File storage This post is my view of a complete guide, from A to Z, including both the Windows Server part and the Azure Portal part on how to build a Web Farm using IIS & Azure File storage. Following this guide you will have a functional two server IIS Web Farm using Azure File storage. To create a Web Server Farm the mail requirement is a high available common storage. I see that when deploying on Azure, a lot of people are using DFSR for common storag

proximagr

proximagr

Azure VM Image

Azure VM Image Following one of my earlier posts, about Azure Managed Disks, lets see how easy it is to create an Azure VM Image from an Azure VM that uses Managed Disks. The first step it to Sysprep/Generalize the source VM. Otherwise the VM that will be created will not start. Select Generalize and “Shutdown”. After that wait the VM to shut down and go to the Azure Porta, at the VM’s blade and click “Capture”. Now, the “Create Image” blade will open. Enter a name, select a Resource Group and

proximagr

proximagr

Azure VM CMD & PowerShell from the Portal

Azure VM CMD & PowerShell from the Portal Today I was trying to troubleshoot an Azure VM. This VM is behind a Network Virtual Appliance (NVA) and at the subnet it has User Defined Routes (UDR) that routes the traffic to the NVA. We was troubleshooting the NVA and it was not possible to connect with RDP to the VM. Serial Console This is an excellent scenario to use the Serial Console. From the Azure Portal, portal.azure.com, navigate to the Azure VMs blade, scroll down to the Support + Troubl

proximagr

proximagr

Azure VM Backup directly from VM’s blade

Azure VM Backup directly from VM’s blade By Pantelis Apostolidis | December 28, 2016 0 Comment   Azure VM Backup directly from VM’s blade Azure makes the VMs’ administration simpler every time. Today we will view a very nice new feature, the Backup shortcut at the VM’s blade. Just click on the VM and select Backup All you have to configure is the Backup Vault name and the Backup policy at the next easy step and press Enable Backup at the bottom of the “Enable backup” blade and that’s all!

proximagr

proximagr

×
×
  • Create New...