Jump to content


  • Posts

  • Joined

  • Last visited

  • Days Won


Blog Entries posted by proximagr

  1. proximagr
    Connect two or more Azure Virtual Networks using one VPN Gateway
    Peering is a feature that allows to connect two or more virtual networks and act as one bigger network. At this post we will see how we can connect two Azure Virtual Networks, using peering and access the whole network using one VPN Gateway. We can connect Virtual Networks despite if they are in the same Subscription or not.
    I have created a diagram to help understand the topology.

    We have a Virtual Network with Site-2-Site VPN wto On Premises. It can also have Point-2-Site connection configured. The VNET A. We have another Virtual Network at the Same Subscription that we want to connect each other. The VNET B. Also we can have a third Virtual Network at a different subscription. The VNET C.

    In sort we need those peerings with the specific settings:
    At the VNETA Peering VNETA to VNETB with “Allow Gateway transit” At the VNETA Peering VNETA to VNET At the VNETB Peering VNETB to VNETA with “Use Remote Gateway” At the VNETB Peering VNETB to VNETC At the VNETC Peering VNETC to VNETA with “Use Remote Gateway” At the VNETC Peering VNETC to VNETB

    In order to be able to connect all those networks and also access them using the VPN Connection there are four requirements:
    The account that will be used to create the peering must have the “Network Contributor” Role. The Address Space must be different on each other and not overlap. All other Virtual Networks, except the one that has the VPN Connection must NOT have a VPN Gateway deployed. Of course at the local VPN device (router) we need to add the address spaces of all the Virtual Networks that we need to access.
    Lets lab it:
    HQ –> The on-premises network VNET A –> The Virtual Network that has the VPN Gateway (At my lab is named “devvn”) VNET B –> THe virtual network at a different subscription of the Gateway (At my lab is named “Network prtg-rsg-vnet”) VNET C –> The virtual network at the same subscription as the Gateway Network (At my lab is named “provsevnet)

    The on-premises network is connected with Site-to-site (IPsec) VPN to the VNETA

    Now we need to connect VNETA and VNETB using Vnet Peering. in order to have a Peering connection we need to create a connection from VNETA to VNETB and one from VNETB to VNETA.
    Open the VNETA Virtual Network, go to the Peerings setting and press +ADD
    Select the VNETB and check the “Allow Gateway transit” to allow the peer virtual network to use your virtual network gateway

    Then go to the VNETB, go to the Peerings setting and click +ADD.
    Select the VNETA Virtual Network and check the “Use Remote Gateway” to use the peer’s virtual network gateway. This way the VNETB will use the VNETA’s Gateway.

    Now we can contact the VNETB network from our on-premises network
    a multi-ping screenshot:
    From (VNETB) to (on-premises) & the opposite From 10..1.2.4 (VNETA) to (VNETB) & to (on-premises)

    The next step is to create a cross-subscription peering VNETA with VNETC
    Open the VNETA and create a peering by selecting the VNETC from the other Subscription and check the “allow gateway transit”

    Then go to the VNETC and create a peer with the VNETA and check the “use remote gaeway”

    With the two above connections we have connectivity between the on-premises network and the VNETC.
    The final step, to enable the connectivity between VNETB & VNETC. To accomplish this just create one peer from the VNETB to VNETC and one from VNETC to VNETB.
    Ping inception:

    In order to have client VPN connectivity to the whole network, create a Point-2-Site VPN at the VNETA. You can follow this guide: Azure Start Point | Point-to-Site VPN
    If you like my content you can follow my blog: e-apostolidis.gr
  2. proximagr
    <h1>Azure Private Link | Private connection to Azure PaaS</h1>
    <p> </p>
    <p>Azure Private Link is a new service, currently in Preview, that provides private connectivity from a virtual network or an on-premises network with Site-2-Site VPN to Azure platform as a service (PaaS) Microsoft services. Azure Private Link makes the networking a lot more simple improving the security and eliminating the need for public access.</p>
    <p id="nAIxogs"><img class="alignnone size-full wp-image-2844 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d8145c21e8f8.png"alt="" /></p>
    <p> </p>
    <p><span style="font-size: 12px;">image from: <a href="https://azure.microsoft.com/en-us/services/private-link/">https://azure.microsoft.com/en-us/services/private-link/</a></span></p>
    <p>Azure Private Link is a Service mapped to Azure Virtual Networks through a private endpoint. This means that all traffic is routed internally, using private IPs and connectivity, eliminating the exposure to threats. Using Private Link helps an organization to meed the compliance standards.</p>
    <p>Azure Private Link is a Global service. It does not have regional restrictions. You can connect privately services from all the Azure Regions around the globe.</p>
    <h2>Lets Lab It!</h2>
    <p>Let’s see in practice how we can connect from an Azure VM and from our on-premises computer using VPN to an Azure SQL Database using private IPs. For the Lab I already have a Virtual Machine running Windows Server 2019 and an Azure SQL Database. The SQL Database is not connected to any networks.</p>
    <p>Open the Azure Portal, press New and search for “Private Link”, select it and press “Create”</p>
    <p id="wWRgRfz"><img class="alignnone size-full wp-image-2824 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d812bccdb08c.png"alt="" /></p>
    <p>A nice “Getting started page” will open. Click the “Build a private connection to a service”</p>
    <p id="YGbIKKC"><img class="alignnone size-full wp-image-2825 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d812c222bb50.png"alt="" /></p>
    <p id="hySxSQb"><img class="alignnone size-full wp-image-2826 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d812c2e18651.png"alt="" /></p>
    <p>The “Create a private endpoint” wizard will open. Select a name for the Private Link and a Region and press Next to go to the second step.</p>
    <p id="vCwjsPb"><img class="alignnone size-full wp-image-2832 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d8130185f27f.png"alt="" /></p>
    <p>At the second step, select to connect to the azure resource in my directory, and select the subscription where the Azure SQL Database resides. Then select the SQL Server.</p>
    <p id="qmxqrJF"><img class="alignnone size-full wp-image-2833 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d81303297eff.png"alt="" /></p>
    <p>At the third step, select the VIrtual Network that the Private Link will be created. I selected the network where my Virtual Machine resides. If you don’t have your own DNS server select Yes to create an Azure private DNS zone.</p>
    <p id="nfoqivE"><img class="alignnone size-full wp-image-2835 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d813077e1d38.png"alt="" /></p>
    <p>At the final step, review the settings and create the Private Link</p>
    <p id="lHsjjBi"><img class="alignnone size-full wp-image-2836 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d81309adc037.png"alt="" /></p>
    <p>After the resource creation, you can check the DNS for the Azure SQL Server Private IP Address!</p>
    <p id="cSPyGGM"><img class="alignnone size-full wp-image-2837 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d81317ff3814.png"alt="" /></p>
    <p>And at the SQL Server, at the “Private endpoint connections” section you will see the new Private Link.</p>
    <p id="YnyPGra"><img class="alignnone size-full wp-image-2839 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d8132886dbdc.png"alt="" /></p>
    <p>Open a Remote Desktop Connection to the Azure VM, and run a nslookup for the SQL Server name. In my case the command is:</p>
    <p>PS C:> nslookup plsqlsrv.database.windows.net<br />Server: UnKnown<br />Address:</p>
    <p>Non-authoritative answer:<br />Name: plsqlsrv.privatelink.database.windows.net<br />Address:<br />Aliases: plsqlsrv.database.windows.net</p>
    <p id="zdWsPaP"><img class="alignnone size-full wp-image-2838 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d8131e47f882.png"alt="" /></p>
    <p>And it returned the Private IP address of the SQL Server.</p>
    <p>From my computer, i tried to connect to the Azure SQL Server, using the name plsqlsrv.database.windows.net and the connection failed since my Public IP Address is not allowed to access the server.</p>
    <p id="YMuBmUq"><img class="alignnone size-full wp-image-2840 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d813f72173a6.png"alt="" /></p>
    <p>From the Azure VM I managed to connect successfully and of course internally!</p>
    <p id="nVbBsVv"><img class="alignnone size-full wp-image-2841 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d813fab7a6a1.png"alt="" /></p>
    <p>After that, I added a Virtual Network Gateway to the Network and created a Point to Site VPN connection from my local computer to Azure. You can check my guide on how to do this: <a href="https://www.e-apostolidis.gr/microsoft/azure-start-point-point-to-site-vpn/"target="_blank" rel="noopener noreferrer">https://www.e-apostolidis.gr/microsoft/azure/azure-start-point-point-to-site-vpn/</a></p>
    <p>In order to connect to the Azure SQL you need to either use a local DNS server to map the SQl Server name to the Azure SQL IP or add an entry to the local host file for testing.</p>
    <p id="VbhUQVD"><img class="alignnone size-full wp-image-2849 " src="https://www.e-apostolidis.gr/wp-content/uploads/2019/09/img_5d8150b51c2d2.png"alt="" /></p>
    <p>Azure Private Link is in Preview and currently supports Azure SQL Database and Storage accounts. Additional services coming in preview in next 3-6 months:</p>
    <li>· Cosmos DB</li>
    <li>· App Service Vnet Integration + App Service Environment</li>
    <li>· Azure Kubernetes Service</li>
    <li>· Azure Key Vault</li>
    <li>· PostgreSQL</li>
    <li>· MySQL</li>
    <li>· Maria DB</li>
    <p> </p>
    <p><a href="https://azure.microsoft.com/en-us/services/private-link/">https://azure.microsoft.com/en-us/services/private-link/</a></p>
    <p><a href="https://azure.microsoft.com/en-au/blog/announcing-azure-private-link/">https://azure.microsoft.com/en-au/blog/announcing-azure-private-link/</a></p>
    <p> </p>
    <p><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fazure-private-link-private-connection-to-azure-paas%2F&linkname=Azure%20Private%20Link%20%7C%20Private%20connection%20to%20Azure%20PaaS"title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_print" href="https://www.addtoany.com/add_to/print?linkurl=https%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fazure-private-link-private-connection-to-azure-paas%2F&linkname=Azure%20Private%20Link%20%7C%20Private%20connection%20to%20Azure%20PaaS" title="Print" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share#url=https%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fazure-private-link-private-connection-to-azure-paas%2F&title=Azure%20Private%20Link%20%7C%20Private%20connection%20to%20Azure%20PaaS" data-a2a-url="https://www.e-apostolidis.gr/microsoft/azure/azure-private-link-private-connection-to-azure-paas/" data-a2a-title="Azure Private Link | Private connection to Azure PaaS"><img src="https://static.addtoany.com/buttons/share_save_171_16.png" alt="Share"></a></p><p>The post <a rel="nofollow" href="https://www.e-apostolidis.gr/microsoft/azure/azure-private-link-private-connection-to-azure-paas/">Azure Private Link | Private connection to Azure PaaS</a> appeared first on <a rel="nofollow" href="https://www.e-apostolidis.gr">Apostolidis IT Corner</a>.</p>

    <a href="https://www.e-apostolidis.gr/microsoft/azure/azure-private-link-private-connection-to-azure-paas/"class='bbc_url' rel='nofollow external'>Source</a>
  3. proximagr
    Free e-book: Azure Strategy and Implementation Guide
    Microsoft Azure is giving free a Strategy and Implementation guide for Azure. This e-book provides guidance, architecture and advises to implement and integrate cloud technologies.
    This guide is directed to system administrators, cloud architects and project managers. It has for chapters, the Governance, the Architecture, the Application development and operations and the Service management.
    It will help you for starting with Azure or just doing a research regarding any cloud implementations.
    You can download your free copy from this link: https://azure.microsoft.com/en-us/resources/azure-strategy-and-implementation-guide/en-us/
    The post Free e-book: Azure Strategy and Implementation Guide appeared first on Apostolidis IT Corner.

  4. proximagr
    Get early access to large disks support of Azure Backup & more
    Azure Backup’s 1TB limitation at last is over! Now you can backup VMs with disk sizes up to 4TB(4095GB), both managed and unmanaged. Also has improvements on backup and recovery performance that you can find here.
    Starting today login to the Portal, go to your Recovery Services vault and you will a notification saying “Support for >1TB disk VMs and improvements to backup and restore speed ->”

    Click the notification and the “Upgrade to new VM Backup stack” will open. Here click “Upgrade” to complete the upgrade.

    You can also upgrade all the Recovery Services vaults of a subscription using Azure PowerShell
    1. Select the subscription:
    Get-AzureRmSubscription –SubscriptionName "SubscriptionName" | Select-AzureRmSubscription
    2. Register this subscription for the upgrade:
    Register-AzureRmProviderFeature -FeatureName "InstantBackupandRecovery" –ProviderNamespace Microsoft.RecoveryServices
    The post Get early access to large disks support of Azure Backup & more appeared first on Apostolidis IT Corner.

  5. proximagr
    SQL Failover Cluster with AlwaysOn Availability Groups
    Πάμε τώρα για το τελευταίο κομμάτι του lab, να προσθέσουμε AlwaysOn Availability Group στο υπάρχον SQL WSFC.
    Windows Server 2012 R2 Failover Cluster with FreeNAS 9.3 (Page 1, Page 2) Microsoft SQL 2012 on Failover Cluster (Page 1, Page 2, Page 3) Add AlwaysOn AG to SQL Failover Cluster Instance (Page 1, Page 2, Page 3)

    Add AlwaysOn AG to SQL Failover Cluster Instance (Page 2)

    Επίσης σε αυτό το σημείο να αναφέρω ότι επειδή χρησιμοποιούμε ένα Named instance, κάθε φορά που ξεκινάει το SQL Server service καταχωρεί ένα SPN record το οποίο χρειάζεται για να μπορέσουν οι εφαρμογές να κάνουν authenticate με τον SQL Server. Για να μπορέσει να γίνει αυτό πρέπει το account που τρέχει το SQL Server service να έχει δικαίωμα να διαβάζει και να γράφει serviceprinipalnames στο Active Directory. Στο lab χρησιμοποίησα Domain Admin account οπότε το SPN καταχωρείται σωστά.

    Μπορούμε πλέον να ξεκινήσουμε την διαδικασία να βάλουμε την βάση μας σε AlwaysOn Availability Group.
    Από το active node του WSFC ανοίγουμε το SQL Management Studio και συνδεόμαστε στο SCL Cluster Instance, στο LAB “SQLFCI”. Πρώτα κάνουμε ένα backup την βάση μας, μιας που είναι προαπαιτούμενο για να προχωρήσουμε. Παίρνουμε το backup και το κάνουμε restore στο τρίτο Node, Win2012R203 στο lab αλλά προσοχή, επιλέγουμε στο restore Options / Recovery state / RESTORE WITH NORECOVERY

    Αφού ολοκληρωθεί το restore η βάση θα πρέπει να έχει δημιουργηθεί και να είναι σε (Restoring…)

    Μετά πηγαίνουμε στο πρώτο Node, Win2012R201 στο lab, SQL Management Studio, στο “AlwaysOn High Availability” και με δεξί click στο Availability Groups πατάμε “New Availability Group Wizard…”

    Ανοίγει ο Wizard και μετά το πρώτο next δίνουμε Availability group name

    Στο επόμενο βήμα επιλέγουμε την βάση που θέλουμε να βάλουμε σε Availability Group

    Στο επόμενο βήμα πρέπει να ορίσουμε replicas. Έχει ήδη το SQFCI, και μάλιστα μας ενημερώνει ότι επειδή είναι Failover Cluster Instance δεν υποστηρίζει automatic failover. Αυτό σημαίνει ότι όταν χάσουμε όλο το Cluster (SQL Cluster Instance) θα πρέπει να πάμε στο τρίτο Node (Win2012R203 στο lab) στο SQL management studio / AlwaysON High Availability / Availability Groups / και με δεξί click πάνω στο “AG Aname” κάνουμε manual failover.

    Κάνουμε connect στο τρίτο Node, Win2012R203\MSSQLAG

    Αφού προστεθεί και ο Win2012R203, επιλέγουμε Readable Secondary και ανάλογα την χρήση επιλέγουμε Synchronous ή όχι Commit. Όπως είπα και στην αρχή του πρώτου Post, “Η ιδέα είναι να έχουμε ένα SQL Flailover Cluster στο Primary Site και στο υπάρχον Cluster να προσθέσουμε ένα AlwaysOn Availability group για το DR” η χρήση του Availability Group είναι για DR Site για να αποφύγουμε latency στο Commit το αφήνουμε unchecked. Έτσι θα έχουμε asynchronous commit και θα αποφύγουμε το latency με ένα “φόβο” για Data Loss τη στιγμή που θα χρειαστεί Failover.
    Τέλος πατάμε Next.

    Στην επόμενη καρτέλα επιλέγουμε το «Join only” αφού έχουμε κάνει ήδη restore την βάση, και πατάμε Next

    Συνέχεια στην επόμενη σελίδα
    Πηγή http://www.e-apostolidis.gr/%ce%b5%ce%bb%ce%bb%ce%b7%ce%bd%ce%b9%ce%ba%ce%ac/add-alwayson-ag-to-sql-failover-cluster-instance/
  6. proximagr
    Azure Web Farm using IIS & Azure File storage
    This post is my view of a complete guide, from A to Z, including both the Windows Server part and the Azure Portal part on how to build a Web Farm using IIS & Azure File storage. Following this guide you will have a functional two server IIS Web Farm using Azure File storage.
    To create a Web Server Farm the mail requirement is a high available common storage. I see that when deploying on Azure, a lot of people are using DFSR for common storage. This solution has two major issues, the first is the cost, because you need at least two Windows Servers and second the replication speed that many times doesn’t cover the web servers needs.
    Azure File storage provides a very fast, high available and cheap solution to create a web server farm on Azure.
    Azure File storage supports both SMB 2.1 & 3.0 protocol. Every share can be up to 5TB, storing unlimited number of files and each file can be up to 1TB. Of course we can create as many shares as needed up to 500TB that is the Storage Account limit. Also every share provided 1000 IOPS.
    For this guide I used one Windows Server 2016 for Domain Controller, two Windows Server 2016 for web servers and one Standard Storage Account for Azure Files. Of course you can create an IIS Web Farm with workgroup server, but I will cover this at an other post.
    I will skip the part of creating the Azure VMs, the domain and joining the servers on it, so I assume that there is a domain and the other two servers are member servers of the domain.
    Just a note, when creating the Azure VMs that will be part of the IIS Farm remember to add them to the same Availability Set. This will inform the Azure Fabric to have the VMs to different update & fault domains
    Step 1. Add the Web Server role
    From the Server Manager, click Add roles and features and add the “Web Server (IIS)” role and at the next screen add all the features your app needs.
    Step 2. Add Application Request Routing
    For more feature and control over the IIS load balance add the Application Request Routing (ARR) using the Web Platform Installer. The Web Platform Installer uses the Internet Explorer engine so I disable the “IE Enhanced Security Configuration” just for the installation and then enable it. You can do it from the Server Manager, at the Server section.

    Next, open the IIS Manager and at the Actions Panel (on the right) click the “Get New Web Platform Components”

    Search for “arr”, and add the Application request routing 3.0
    Step 3. Create an Azure Storage Account for Azure File Storage
    To create the Azure File storage shares, go to the Azure Portal, click the + button and create a Standard Storage account (you can just search for storage account)

    Select General purpose and Standard performance (Premium does not support Azure Files)

    once the storage account is created, open it and click the “Files” button

    Click the “+ File share” to add a file share

    Give it a name and quota limit

    After clicking OK the share will be created and it will be listed at the shares blade.

    Click on it to get the connection string and then click Connect to get the access key. At this point copy the “Connecting from Windows” command. We will use this to mount the share to the web servers.

    Finally click the File Share and at the new blade press “+Add Directory” and create two directories, one Configuration and one Data
    Step 4. Configure Windows Firewall & NSG
    Open the port 80 (and nay other requires ports) at the Windows firewall and at the NSGs
    for the windows firewall, go to the Servers’s control panel, Windows Firewall and click “Advanced Settings”

    go to the Inbound Rules, add New Rule and select Port

    Select TCP 80 (and any other needed for your application/site)

    Allow the rule for all profiles, provide a name and press finish to create the rule

    For the NSGs , go to the Azure Portal, open the NSGs of the web servers and add an http allow rule like below
    Step 5. Create the IIS Shared Configuration
    Go back to the first web server, open Computer Manager and add a new user with username and password the same as the connection string of the Azure Files share. You will need this for the IIS Service to access the Azure File storage share.

    Add the user to the IIS_IUSRS group

    Then open the IIS Manager and click the “Shared Configuration”

    at the Action pane click “Export Configuration”

    add the Azure File storage Share UNC path and “Connect As” using the share’s credentials

    Enter a complex encryption key and press ok to export the configuration to the Azure File storage “configuration” share

    Now we can enable the Shared Configuration, add the Configuration Share path and the same credentials and click apply.

    it will ask for the encryption key and finally the Shared Configuration will be enabled. You will need to restart the IIS Manager console

    at this point we can change the path of application pools, ftp applications etc to the Data folder share of the Azure File storage. Just note that you will need to use the UNC path “\azurefilesol.file.core.windows.netiisfarmData” and not any mapped drive.
    Repeat the above steps to the second web server. At the Shared Configuration don’t export the configuration, just enable the Shared Configuration.
    Finally we can create the Farm, from the IIS Manager, right click at the “Server Farms” and click “Create Server Farm…”

    give a farm name,

    add both servers and press Finish

    Press NO at the URL rewrite rule auto creation

    And the farm is ready

    as mentioned before, deploy your Web Site, Web Application etc to the Data file share, always using the full UNC path “\azurefilesol.file.core.windows.netiisfarmData”. All the website data will reside at the Azure File storage.
    If you need more than 1000 IOPS create more Azure Files storage shares and divine your website/application data.
    Run the following command to allow access to the Azure File storage. Change the file://”path” as needed
    C:WindowsMicrosoft.NETFramework64v4.0.30319>caspol -m -ag 1. -url file://azurefilesol.file.core.windows.net/iisfarm/* FullTrust
    Step 5. Azure Load Balancer
    Finally, create a Load Balancer to distribute incomming traffic to the farm. For this guide I will create an External Load Balancer, but also an Internal Load Balancer is supported.
    First, find and create the Load Balancer from the Azure Portal

    provide a name, for external load balancer select Public, select Dynamic or Static IP, resource group, location and press Create

    Then go to the new load balancer and create a health probe

    create an http probe

    provide a name, select Availability Set for association and add both the Web Servers

    finally create a load balancing rule to load balance the TCP port 80 at the farm

    once the load balance rule is created you can browse the public ip / name of the load balancer

    Now, browse to the load balancer’s IP and you are good to go!

    The post Azure Web Farm using IIS & Azure File storage appeared first on Apostolidis IT Corner.

  7. proximagr
    Exchange 2013/16 Set Virtual Directories Notes

    By Pantelis Apostolidis | December 13, 2016
    0 Comment
    You can find all this info at many many blogs allover the internet, I just want to have a note here to have them gathered for ease.
    Outlook Anywhare
    Get-OutlookAnywhere | Select Server,ExternalHostname,Internalhostname
    Get-OutlookAnywhere | Set-OutlookAnywhere -ExternalHostname mail.mydomain.com -InternalHostname mail.mydomain.com -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM
    Get-MapiVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
    Get-MAPIVirtualDirectory | Set-MAPIVirtualDirectory -ExternalUrl https://mail.mydomain.com/mapi-InternalUrl https://mail.mydomain.com/mapi
    Get-OwaVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
    Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -ExternalUrl https://mail.mydomain.com/owa-InternalUrl https://mail.mydomain.com/owa
    Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -ExternalUrl https://mail.mydomain.com/ecp-InternalUrl https://mail.mydomain.com/ecp

    Get-ActiveSyncVirtualDirectory | select server,externalurl,internalurl | fl
    Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -ExternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync-InternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync
    Get-WebServicesVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
    Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -ExternalUrl https://mail.mydomain.com/EWS/Exchange.asmx-InternalUrl https://mail.mydomain.com/EWS/Exchange.asmx
    Get-OabVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
    Get-OabVirtualDirectory | Set-OabVirtualDirectory -ExternalUrl https://mail.mydomain.com/OAB-InternalUrl https://mail.mydomain.com/OAB
    Get-ClientAccessServer | Select Name,AutoDiscoverServiceInternalURI
    Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://mail.mydomain.com/Autodiscover/Autodiscover.xml
  8. proximagr
    Azure AD | Secure Web Application Publishing
    Application Publishing
    Azure Active Directory Application Proxy is a very easy and secure way for web application publishing using the extremely secure Azure AD authentication mechanism. There are a tone of features, like SSO and 2 Factor Authentication. But lets see the basic here. You have a web application that you are using internal to your network, not even https, or you have developed a web application and you want an easy and safe way to publish it without having to wary about authentication or VPN. Use the Azure AD Application Proxy following the following simple steps.
    For this example I have used a Windows Server 2016 with IIS and the SugarCRM application using the IIS Web Platform Installer. The internal link is http://appproxy01/sugarcrm/that opens the SugarCRM login page.
    Lets start
    Navigate to Azure Portal and go to Azure Active Directory. Mind that Azure Active Directory Basic or Premium license is required. You can start a trial Azure AD Premium or Enterprise Mobility Suite E3 that includes Azure AD Premium.
    Fist of all you need to enable Application proxy. Select Enterprise applications –> Application proxy and click Enable & Download the connector clicking the “Connector” link.

    Next, install the connector to the web server or to an other domain member server. It requires Windows Server 2012 R2.

    At the installation process it will ask to login with an Azure AD account that has access to publish applications.
    Once installed, Run the Connector Troubleshooter to verify that the connector will run properly.

    After the successful installation,back to the Azure Portal the server FQDN and the Public IP will appear under the Default Connector.

    Now it is time to publish the application. Go to “All applications” –> +ADD –> On-premises application.

    Give a name, the internal Url that is used to access the application at your local network and press Add. Note the External URL.

    The next step is to assign users. Following the quick steps, press “Assign a user for testing”

    an add at least a user and you are ready to test the application.
    Now lets test the published application
    Open your favorite browser and navigate the the External URL. You will be navigated to the Microsoft online service logon page. Once authenticated with your Azure AD account the SugarCRM login page will be served.

    This is the simplest way to publish a web application without having to wary for Authentication and Security.
    Of course if the application supports active directory authentication then it is very easy to setup SSO, but we will analyze that at the next post.
  9. proximagr
    Azure VM Backup directly from VM’s blade

    By Pantelis Apostolidis | December 28, 2016
    0 Comment
    Azure VM Backup directly from VM’s blade
    Azure makes the VMs’ administration simpler every time. Today we will view a very nice new feature, the Backup shortcut at the VM’s blade.
    Just click on the VM and select Backup

    All you have to configure is the Backup Vault name and the Backup policy at the next easy step and press Enable Backup at the bottom of the “Enable backup” blade and that’s all!!

    Now the next time that we will click the Backup shortcut it will show directly the VM’s Backup Settings and run an instant backup. After the first backup we will be able to Restore the VM and also see logging about the backup jobs, like the latest and oldest restore point among others.

    Stay tuned for more Azure features
  10. proximagr
    Azure VM Image
    Following one of my earlier posts, about Azure Managed Disks, lets see how easy it is to create an Azure VM Image from an Azure VM that uses Managed Disks.
    The first step it to Sysprep/Generalize the source VM. Otherwise the VM that will be created will not start. Select Generalize and “Shutdown”.

    After that wait the VM to shut down and go to the Azure Porta, at the VM’s blade and click “Capture”.

    Now, the “Create Image” blade will open. Enter a name, select a Resource Group and choose if the source VM will be deleted or not. Then press create.

    As soon as the Image is created you can find it at the “Images” service.

    Now lets create a VM from our Image
    Click the image name from the Images Blade to open the desired image Blade and just press “Create VM”.
    Of course at the image’s blade we can see if the image is Windows or Linux, if it has any Data Disks and the Location.

    After clicking the “Create VM” the classic “Create virtual machine” wizard will start, just like any other Virtual Machine creation. You will notice the difference at the final step that shows the name of your image instead of the VM’s OS.

    If you want to automate the process of creating an Azure VM from your images you can use Azure Template. You can find a quick start template at Azure’s GitHub repository.
    Create a Virtual Machine from a User Image: https://github.com/Azure/azure-quickstart-templates/tree/master/101-vm-from-user-image
  11. proximagr
    Microsoft Azure Nested Virtualization | Web Server
    At my previous post, Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM, I described how to create a Hyper-V VM inside an Azure VM with the new Dv3 and Ev3 VM sizes. Now we will see how to use a Hyper-V Nested VM as a Web Server that is hidden behind the Azure VM to secure access to your web application.
    Starting we will add the IIS Role at the Nested VM. Go to the Server Manager, add Roles and Features and select the Web Server (IIS) Role.

    Select the Features that your application requires and Install.
    After that we will need to Forward the required ports to the Nested VMs. To accomplish this we will need to use PowerShell.
    At my previews post I created a NAT in order to have network communication between the Host and the Nested VM. We will use that NAT to forward the port 80 and 443 to the Nested VM.
    At the Host Azure VM open the PowerShell and rum:


    From the results we can see the NAT Name.

    Now we can create the Rules:



    Add-NetNatStaticMapping -NatName "NVMNat" -Protocol TCP -ExternalIPAddress -InternalIPAddress -InternalPort 80 -ExternalPort 80
    Add-NetNatStaticMapping -NatName "NVMNat" -Protocol TCP -ExternalIPAddress -InternalIPAddress -InternalPort 443 -ExternalPort 443

    A final step is to create a rule at the Azure VM’s NSG to allow port 80 & 443 and also open the ports at the Windows Firewall on both the Host and the Nested VMs.

    Finally we can browse to the Public IP of the Azure VM and see the IIS Welcome Page of the Nested VM.

    Just add an https binding to the IIS default website and also browse at the https page.

    Stay tuned for more usage scenarios for the Microsoft Azure Nested Virtualization!
  12. proximagr
    Microsoft Azure Nested Virtualization | VM in Nested VM in Azure VM
    After my main Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post, we saw two usage scenarios. One is running Hyper-V Replica and the other is running Web Server in nested VM on Azure. Now lets have some fun and try to run a VM nested inside a VM nested inside an Azure VM. As a fellow said, VM inception!
    We will use again the nested VM that we created at the Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post. First we need to run two commands, one command to enable the virtualization and one to enable the MAC address spoofing. More details you can find at the Nested Virtualization Microsoft article

    Set-VMProcessor -VMName <VMName> -ExposeVirtualizationExtensions $true
    Get-VMNetworkAdapter -VMName <VMName> | Set-VMNetworkAdapter -MacAddressSpoofing On

    After running the above commands we can go to the Server Manger and add the Hyper-V role.

    I just click next accepting all the defaults. One exception, I checked the NIC to use it for Virtual Switch.

    Finally we have a Hyper-V VM that is nested inside a Hyper-V VM that is nested inside an Azure VM

  13. proximagr
    Add multiple managed disks to Azure RM VM
    In this post I have created a PowerShell script to help add multiple managed disks to an Azure RM Virtual Machine.
    The script to add multiple managed disks will prompt you to login to an Azure RM account, then it will query the subscriptions and ask you to select the desired. After that it will query the available VMs and promt to select the target VM from the VM list.
    At this point I am checking the OS disk and define the storage type of the data disk. If we need to change the storage type we can check the comments at step 4. e.g. If the OS disk is Premium and you want Standard data disks.
    The next step is to ask for disk size. You can check the sizes and billing here: https://docs.microsoft.com/en-us/azure/virtual-machines/windows/managed-disks-overview#pricing-and-billing
    Finally it will ask for the number of the disk we need to create. After this input the script will create the disks, attach them to the VM and update it. The Script:






































    # 1. You need to login to the Azure Rm Account


    # 2. The script will query the Subscriptions that the login account has access and will promt the user to select the target Subscription from the drop down list

    $subscription = Get-AzureRmSubscription | Out-GridView -Title "Select a Subscription" -PassThru
    Select-AzureRmSubscription -SubscriptionId $subscription.Id

    # 3. The script will query the available VMs and promt to select the target VM from the VM list

    $vm = Get-AzureRmVM | Out-GridView -Title "Select the Virtual Machine to add Data Disks to" -PassThru

    # 4. I set the storage type based on the OS disk. If you want to spesify somehting else you can cahnge this to: $storageType = StandardLRS or PremiumLRS etc.

    $storageType = $VM.StorageProfile.OsDisk.ManagedDisk.StorageAccountType

    # 5. The script will promt for disk size, in GB

    $diskSizeinGB = Read-Host "Enter Size for each Data Disk in GB"

    $diskConfig = New-AzureRmDiskConfig -AccountType $storageType -Location $vm.Location -CreateOption Empty -DiskSizeGB $diskSizeinGB

    # 6. Enter how many data disks you need to create

    $diskquantity = Read-Host "How many disks you need to create?"

    for($i = 1; $i -le $diskquantity; $i++)
    $diskName = $vm.Name + "-DataDisk-" + $i.ToString()
    $DataDisk = New-AzureRmDisk -DiskName $diskName -Disk $diskConfig -ResourceGroupName $vm.ResourceGroupName
    $lun = $i - 1
    Add-AzureRmVMDataDisk -VM $vm -Name $DiskName -CreateOption Attach -ManagedDiskId $DataDisk.Id -Lun $lun

    Update-AzureRmVM -VM $vm -ResourceGroupName $vm.ResourceGroupName
    You can download the script from here: AddManagedDisks
  14. proximagr
    Azure Backup Reports
    A new feature is in public preview, the Azure Backup Reports. Now we can have the Azure Backup Reports at the OMS Workspace, Event Hub and Power Bi. You can use Power BI to view report dashboard, download reports and create custom reports
    The configuration has two steps, one to configure the Azure Backup Reports connection with each service and the other is to get the data at each service.
    First go to a Recovery Services vault and select Backup Reports. Next press the Configure button.

    The Diagnostic settings blade will open. Change the Status to “On” and select the desired services to collect the Azure Backup Logs.

    For the Power Bi integration we need a Storage account. So check the “Archive to storage account” option and select a storage account. The storage account must be at the same region as the Azure Backup account.

    To integrate with OMS check the “Send to Log Analytics” option and select an OMS Workspace.

    An other option is to stream the Azure Backup logs to event hub. To configure it check the “Stream to an event hub” and select the event hub namespace and policy name.

    At the bottom part of the configuration blade select the Logs that you want to get. The retention days option is only for the Storage Account configuration.

    Press save and return to the Backup reports blade. Now press the “Sign in” to connect to Power Bi to configure the Service.

    At the lower left corner of the Power Bi Portal press “Get Data”

    At the AppSource press the “Get” button under the Services.

    Search and select the “Azure Backup”

    At the connect to Azure Backup page enter the Storage Account name. This is the storage account that we selected at the Azure Backup Reports configuration.

    Press next and Save. Now the Azure Backup workspace is ready. Be patient, it needs time to start reporting data.

    If you go back to the Azure Portal, the Backup Reports blade has changed and it only has the option to connect to your Power Bi dashboard.

    If you browse to your Power Bi dashboard, you can view the Azure Backup Reports Workspace as the below image.

    For the OMS integration, you only need to go to the Log Search and query “Category=”AzureBackupReport” and you will have all the Azure Backup Report logs. Following the OMS logic you can create a custom View, you can follow this post: Azure Log Analytics

  15. proximagr
    Microsoft Azure Nested Virtualization | Hyper-V Replica on Azure
    After my Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post on how to create a Nested VM inside an Azure VM, I am following with how to have Hyper-V Replica on Azure.
    To accomplish this we will use the Azure VM and the Nested VM from the Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post. The first step is to create an identical pair of Azure VM and Nested VM to use for replica server. The only requirement is that the two Azure VMs must have network connectivity. As you understand we can have Hyper-V Replica between two Azure VMs at different Azure Regions using VPN.
    Next, at both Azure VMs open the 443 port at both the NSG and the Windows Firewall. For more security we can add the Public IPs of the VMs as Source.
    Since the VMs are not part of a domain we need to use Certificate based authentication for the Hyper-V Replica. We will use the New-SelfSignedCertificate command to create both certificates.The certificate process
    First we need to create a root CA certificate, so login at the first host and run:
    New-SelfSignedCertificate -Type "Custom" -KeyExportPolicy "Exportable" -Subject "CN=myazurerootca" -CertStoreLocation "Cert:LocalMachineMy" -KeySpec "Signature" -KeyUsage "CertSign"

    Next, using the certificate Thumbprint of the root CA certificate, create two server certificates, one for each Azure VM. To accomplish this run:
    New-SelfSignedCertificate -type "Custom" -KeyExportPolicy "Exportable" -Subject "CN=anothertestvm" -CertStoreLocation "Cert:LocalMachineMy" -KeySpec "KeyExchange" -TextExtension @("{text},") -Signer "Cert:LocalMachineMy6A7196D9759FC2F7C49D62E08FA7195310DE5EB7" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"New-SelfSignedCertificate -type "Custom" -KeyExportPolicy "Exportable" -Subject "CN=anothertestvm2" -CertStoreLocation "Cert:LocalMachineMy" -KeySpec "KeyExchange" -TextExtension @("{text},") -Signer "Cert:LocalMachineMy6A7196D9759FC2F7C49D62E08FA7195310DE5EB7" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"

    The next step is to open the Certificates mmc (Local Computer) and at the Personal container you will find the three certificates created above.

    Right click each certificate and Export it, including the Private key, to a folder

    Copy the certificates to the second Azure VM and import them. The root CA certificate needs to be imported to he Trust Root Certification Authorities and the other two to the Personal (or just use automatic placement).

    Finally we need to disable the Certificate revocation check for Replication on both Azure VMs. To do this run the following command on both Azure VMs:
    REG ADD "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionVirtualizationReplication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f
    The Hyper-V Replica process
    Lets start creating the Hyper-V Replica. Since Hyper-V Replica uses computer names, we need to use the host file to bind the Public IPs with the computer names. So, at the first Azure VM, open an elevated Notepad, browse to the path “C:WindowsSystem32driversetc”, and open the “hosts” file. Enter the Public IP of the second Azure VM following by the computer name. Do the same at the second Azure VM.

    After saving the host file, go to the Hyper-V Settings, go to the “Replication Configuration” and check the “Enable this computer as a Replica Server”. Then check the “Use certificate-based Authentication (HTTPS)” and select the certificate created before. Finally check the “Allow replication from any authenticated servers” and press OK. Do this at both Azure VM Hyper-V Servers.

    Next go to the Hyper-V manager, right click the Nested VM and choose “Enable Replica”. Enter the name of the second Azure VM and select the certificate.

    I just used the defaults at all the next screens and finally press finish to enable the replication.

    Once the replication is enabled you will see the “Replication enabled successfully” message and the Status will change to “Sending Initial Replica”.

    After a very short period of time, the VM will complete the initial sync.

    The post Microsoft Azure Nested Virtualization | Hyper-V Replica on Azure appeared first on Apostolidis IT Corner.

  16. proximagr
    Azure Log Analytics | CPU Performance Monitor
    In this article we will create a CPU Performance monitor View for our servers at the Azure Log Analytics (OMS) Portal.

    At the Microsoft Operations Management Suite (OMS) portal press the + button to create a new View

    The View Designer workspace will open. Select the “Line chart & callout”

    At the Properties blade enter a Name, something like “CPU Performance Monitor”, add the below query and press Apply
    Type:Perf CounterName="% Processor Time" InstanceName="_Total" | measure avg(CounterValue)by Computer Interval 10Minutes

    Pressing Apply you will see at the Preview window the “Name” and the CPU Performance of all the Windows servers that are monitored by OMS agent.

    The next step is to press the “+ View” tab and add a “Stack of line charts

    The “Stack of line charts” will add three charts per row and we can use it to add our servers. We will create something like that:

    So, at the Properties blade add a name and a query for each server needs to be monitored and press Apply. For more than three servers add more “Stack of line charts”.
    The query is the below, just change the Computer = “server.domain.local” with your servers.
    Type:Perf CounterName="% Processor Time" InstanceName="_Total" AND Computer ="server.domain.local" | measure Avg(CounterValue) as 'CPU_Percentage' by Computer Interval10Minutes

    Finally press “Save” at the View Designer

    The result is a CPU Performance monitor for all servers at the OMS Portal.

    And when you press it you have the CPU Performance Monitor of all added servers.

    Stay tuned for the next part
  17. proximagr
    <div class="text geshifilter-text">this is something very common lately and always I follow this post: <a href="http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2">http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2</a></div>
    <div class="text geshifilter-text"></div>
    <div class="geshifilter">
    <div class="text geshifilter-text">Netsh<br />DHCP<br />Server \<DHCP_2003_Server_IP_Address><br />Export c:export2k3dhcp-database all</div>
    <p>Performing this task will create a file in the c:export folder named 2k3dhcp-database</p>
    <p>Copy this file to the computer running Windows Server 2012 R2 that will function as the new DHCP server. You’ll need to install the DHCP server role on this computer and authorize the DHCP server in Active Directory before performing the following actions.</p>
    <p>Open an elevated command prompt and run the following commands (this assumes you’ve copied the file to a folder named c:import)</p>
    <div class="geshifilter">
    <div class="text geshifilter-text">Net stop DHCPserver<br />Del c:windowssystem32DHCPDHCP.mdb<br />Net start DHCPserver<br />Netsh<br />DHCP<br />Server \<DHCP_2012R2_Server_IP_Address><br />Import c:import2k3dhcp-database<br />Exit<br />Net stop DHCPserver<br />Net start DHCPserver</div>
    <div class="text geshifilter-text">source: <a href="http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2">http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2</a></div>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fmigrating-dhcp-server-2003-server-2012-r2%2F&linkname=Migrating%20DHCP%20from%20Server%202003%20to%20Server%202012%20R2"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fmigrating-dhcp-server-2003-server-2012-r2%2F&linkname=Migrating%20DHCP%20from%20Server%202003%20to%20Server%202012%20R2" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fmigrating-dhcp-server-2003-server-2012-r2%2F&title=Migrating%20DHCP%20from%20Server%202003%20to%20Server%202012%20R2" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/migrating-dhcp-server-2003-server-2012-r2/">Migrating DHCP from Server 2003 to Server 2012 R2</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>

    <a href="http://www.e-apostolidis.gr/microsoft/migrating-dhcp-server-2003-server-2012-r2/"class='bbc_url' rel='nofollow external'>Source</a>
  18. proximagr
    <div>– These are listed OBJECT first, then COUNTER</div>
    <div>– Memory – Available MBytes</div>
    <div>– Paging File – % Usage</div>
    <div>– Physical Disk – Avg. Disk sec/Read</div>
    <div>– Physical Disk – Avg. Disk sec/Write</div>
    <div>– Physical Disk – Disk Reads/sec</div>
    <div>– Physical Disk – Disk Writes/sec</div>
    <div>– Processor – % Processor Time</div>
    <div>– SQLServer: General Statistics – User Connections</div>
    <div>– SQLServer: Memory Manager – Memory Grants Pending</div>
    <div>– SQLServer: SQL Statistics – Batch Requests/sec</div>
    <div>– SQLServer: SQL Statistics – Compilations/sec</div>
    <div>– SQLServer: SQL Statistics – Recompilations/sec</div>
    <div>– System – Processor Queue Length</div>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fservers%2Fsql-server-performance-monitor-counters%2F&linkname=SQL%20Server%20Performance%20Monitor%20Counters"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fservers%2Fsql-server-performance-monitor-counters%2F&linkname=SQL%20Server%20Performance%20Monitor%20Counters" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fservers%2Fsql-server-performance-monitor-counters%2F&title=SQL%20Server%20Performance%20Monitor%20Counters" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/servers/sql-server-performance-monitor-counters/">SQL Server Performance Monitor Counters</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>

    <a href="http://www.e-apostolidis.gr/microsoft/servers/sql-server-performance-monitor-counters/"class='bbc_url' rel='nofollow external'>Source</a>
  19. proximagr
    <p>Open the Office 365 Exchange Administration Console and go to Recipients > Migration > More > Migration endpoints and click on the plus sign to add a new endpoint.</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png"><imgclass="alignnone size-full wp-image-1002" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png" alt="cme1" width="867" height="275" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png 867w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1-300x95.png 300w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1-768x244.png 768w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1-660x209.png 660w" sizes="(max-width: 867px) 100vw, 867px" /></a></p>
    <p>Select the type of migration endpoint (Outlook Anywhere) and enter the details requested:</p>
    <li>An email address that will be migrated – this is used to test mailbox access during configuration</li>
    <li>Account with privileges – usually a Domain Administrator, but it can be another user, in which case you must assign permissions as specified here</li>
    <li>The privileged account you specify will be used to autodiscover the connection settings and test access to the mailbox specified above.</li>
    <p>Click next and verify that the correct details have been populated in the next dialogue box:</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2.png"><imgclass="alignnone size-full wp-image-1003" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2.png" alt="cme2" width="335" height="325" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2.png 335w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2-300x291.png 300w" sizes="(max-width: 335px) 100vw, 335px" /></a></p>
    <p>Now that the endpoint has been tested you just need to define values for the number of concurrent migrations and supply a descriptive name for the endpoint.</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3.png"><imgclass="alignnone size-full wp-image-1004" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3.png" alt="cme3" width="352" height="292" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3.png 352w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3-300x249.png 300w" sizes="(max-width: 352px) 100vw, 352px" /></a></p>
    <p> </p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fcreate-migration-endpoint-cutover-staging-migration%2F&linkname=Create%20migration%20endpoint%20%7C%20%28Cutover%20%26%20Staging%20Migration%29"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fcreate-migration-endpoint-cutover-staging-migration%2F&linkname=Create%20migration%20endpoint%20%7C%20%28Cutover%20%26%20Staging%20Migration%29" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fcreate-migration-endpoint-cutover-staging-migration%2F&title=Create%20migration%20endpoint%20%7C%20%28Cutover%20%26%20Staging%20Migration%29" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/office-365/create-migration-endpoint-cutover-staging-migration/">Create migration endpoint | (Cutover & Staging Migration)</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>

    <a href="http://www.e-apostolidis.gr/microsoft/office-365/create-migration-endpoint-cutover-staging-migration/"class='bbc_url' rel='nofollow external'>Source</a>
  20. proximagr
    The exchangeserverpro.com site has the below excellent articles,
    to create the certificate request:
    to compete the pending request:and to enable it:
    The post Exchange 2013 Add public certificate and enable it appeared first on Proxima's IT Corner.

    <a href="http://www.e-apostolidis.gr/microsoft/exchange/exchange-2013-add-public-certificate-enable/"class='bbc_url' rel='nofollow external'>Source</a>
  21. proximagr
    Azure Storage | Static Web Site
    Το Microsoft Azure ανακοίνωσε την δυνατότητα να φιλοξενεί στατικές ιστοσελίδες απευθείας στο Blob Storage, με το κόστος του Blob Storage! Τι σημαίνει αυτό? Για 1 GB χώρο και 100000 views το κόστος είναι περίπου 0,05 ευρώ το μήνα!
    Στις στατικές ιστοσελίδες μπορούμε επίσης εκτός από στατικό περιεχόμενο να έχουμε και CLient Side Scripting οπως JavaScript αλλά όχι Server Side Scripting. Επίσης μπορούμε να δώσουμε και μια Custom σελίδα που θα γυρίζει αντί για 404.
    Μπορείτε να υπολογίσετε το κόστος με το Azure Prising Calculator Στο link https://azure.microsoft.com/en-us/pricing/calculator/

    Τι χρειαζόμαστε? απλά ένα Storage Account V2.

    Μόλις δημιουργηθεί το Storage Account, πρώτα ενεργοποιούμε το Static website από τα Settings του Storage Account. Μόλις πατήσουμε Save θα δημιουργηθεί ένα Virtual Directory με το όνομα $web. Το πατάμε για να μπούμε μέσα στο Blob για να ανεβάσουμε το περιεχόμενο μας. Επίσης σημειώνουμε το Primary endpoint γιατί είναι και το URL του Site μας.

    Για να ανεβάσουμε content στο $web Blob μπορούμε να χρησιμοποιήσουμε τον Storage Explorer

    και είμαστε έτοιμοι. Κάνουμε Browse στο URL του Static website, στο παρδειγμά μου είναι το https://proximagr.z6.web.core.windows.net/

    Φυσικά μπορούμε να βάλουμε το δικό μας Domain. Πρώτα φτιάχνουμε ένα CNAME που θα κάνει Point στο Endpoint και μετά πηγαίνουμε στο Custom Domain όπου δίνουμε το CNAME μας.

    και το αποτέλεσμα:

  22. proximagr
    Monitor & Alert for your Azure VM
    Lets see how easy it is to monitor and create an alert, in order to be notified when your VMs are restarted, when they start, stop, get high CPU usage, memory and much more.
    First navigate to the Azure Portal https://portal.azure.com, and then click the Monitor button.

    You will be navigated to the Monitor blade. At the center of the screen you will see three mail buttons, each starts a wizard.

    Click the “Create Alert” under the Explore monitoring essentials, the first of the three buttons.

    The create rule wizard will start. First you need to Select target.

    Select the subscription, at the Filter resource type select Virtual machines and select the VM from the Resource list.

    Once you press the target VM you will see a preview of the selection and the available signals.

    After the alert target, select the criteria

    At the configure signal login blade, select the signal from the list. I have selected the Restart Virtual Machine.

    Once you select the signal you can select the severity level and also you will see the preview of the condition.

    After that give a name and a description for the alert. Also select the resource group where the alert will be saved and if you want the alert to be enabled upon creation.

    The next step is to create an action group. The action group is the list of accounts to get the notifications when the alert is triggered. The notification can be email, SMS, Push Notifications and Voice call. You can add many action groups and many action in each group.

    Now the alert is ready. Once the alert is triggered you will be notified. At this example I added an email alert and once the VM restarted I received the following email:

    More Microsoft Azure guides at Apostolidis IT Corner
    The post Monitor & Alert for your Azure VM appeared first on Apostolidis IT Corner.

  23. proximagr
    Azure Start Point | Point-to-Site VPN
    In this post series we will go through some basic steps on how to start with Microsoft Azure. At this post we will see how we can create Point-to-Site VPN connection with Azure.
    If you don’t have an Azure Subscription, you can easily create a free trial by just going to https://azure.microsoft.com/en-us/free/
    Create typical a VIrtual Network

    In order to create Point-to-Site VPN connection it needs a Virtual Network Gateway. Go to the Virtual Network, Subnets and add a Gateway Subnet.

    FInally we can add the Virtual Network Gateway. From the portal, create a Virtual Network Gateway resource and add it to the previously created Virtual Network.

    The Virtual Network Gateway can take up to 45 minutes to be created.
    Once the Virtual Network Gateway is created we need one more step. To configure Point-to-site. Open the Virtual Network Gateway and press configure.

    We will need a root and a client self-signed certificate to complete the setup. Using a WIndows 10 or Windows Server 2016 machine we can make use of the New-SelfSignedCertificate cmdlet that makes the process easy. The whole process is described here: https://docs.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-certificates-point-to-site
    For the root certificate run the below PowerShell using ISE:





    $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
    -Subject "CN=prodevrootcert" -KeyExportPolicy Exportable `
    -HashAlgorithm sha256 -KeyLength 2048 `
    -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign
    For the client certificate run the below PowerShell using ISE:





    $cert = New-SelfSignedCertificate -Type Custom -KeySpec Signature `
    -Subject "CN=prodevrootcert" -KeyExportPolicy Exportable `
    -HashAlgorithm sha256 -KeyLength 2048 `
    -CertStoreLocation "Cert:\CurrentUser\My" -KeyUsageProperty Sign -KeyUsage CertSign
    Export the root certificate public key in cer format using MMC, open the Certificates snap-in and select “current user”. Find the root certificate under Personal –> Certificates and right click –> All Tasks export

    Select to “not export the private key” and use Base64 encoded.

    Export the client certificate by selecting “export the private key” , select the “include all certificates in the certification path” and the “enable certificate privacy”. Add a password and export it to pfx file.

    this pfx file must be installed to all the client computers that will use this Point-to-Site connection.
    Now lets go back to the Point-to-Site configuration page. Add an address pool that the VPN clients will use. This subnet must be different from the Virtual Network address space.

    Then open the root certificate, the cer file, using notepad, copy the text between the Begin and End marks.

    Paste the certificate text to the “Root certificated” –> Public certificate data” field and add a name to the “Name” field.

    Press Save and the “Download VPN Client” button will be enabled and we can download the VPN client.
    In order to establish the VPN connection we need to install the VPN Client and the Client “pfx” certificate to the workstation.
  24. proximagr
    Azure Storage | Static Web Site
    Το Microsoft Azure ανακοίνωσε την δυνατότητα να φιλοξενεί στατικές ιστοσελίδες απευθείας στο Blob Storage, με το κόστος του Blob Storage! Τι σημαίνει αυτό? Για 1 GB χώρο και 100000 views το κόστος είναι περίπου 0,05 ευρώ το μήνα!
    Στις στατικές ιστοσελίδες μπορούμε επίσης εκτός από στατικό περιεχόμενο να έχουμε και CLient Side Scripting οπως JavaScript αλλά όχι Server Side Scripting. Επίσης μπορούμε να δώσουμε και μια Custom σελίδα που θα γυρίζει αντί για 404.
    Μπορείτε να υπολογίσετε το κόστος με το Azure Prising Calculator Στο link https://azure.microsoft.com/en-us/pricing/calculator/

    Τι χρειαζόμαστε? απλά ένα Storage Account V2.

    Μόλις δημιουργηθεί το Storage Account, πρώτα ενεργοποιούμε το Static website από τα Settings του Storage Account. Μόλις πατήσουμε Save θα δημιουργηθεί ένα Virtual Directory με το όνομα $web. Το πατάμε για να μπούμε μέσα στο Blob για να ανεβάσουμε το περιεχόμενο μας. Επίσης σημειώνουμε το Primary endpoint γιατί είναι και το URL του Site μας.

    Για να ανεβάσουμε content στο $web Blob μπορούμε να χρησιμοποιήσουμε τον Storage Explorer

    και είμαστε έτοιμοι. Κάνουμε Browse στο URL του Static website, στο παρδειγμά μου είναι το https://proximagr.z6.web.core.windows.net/

    Φυσικά μπορούμε να βάλουμε το δικό μας Domain. Πρώτα φτιάχνουμε ένα CNAME που θα κάνει Point στο Endpoint και μετά πηγαίνουμε στο Custom Domain όπου δίνουμε το CNAME μας.

    και το αποτέλεσμα:

    The post Azure Storage | Static Web Site appeared first on Apostolidis IT Corner.

  25. proximagr
    Azure Start Point | Your first Web App
    In this post series we will go through some basic steps on how to start with Microsoft Azure. For start we will create a Web App.
    If you don’t have an Azure Subscription, you can easily create a free trial by just going to https://azure.microsoft.com/en-us/free/
    Let’s create our first Web App. Go to the Azure Portal by navigating to https://portal.azure.com and click “+ Create a resource”

    At the search box write “Web App” and press enter

    At the search results. click the “Web App” and at the next screen just press “Create”

    The “Web App Create” wizard will open. Enter a name for the App. This will be the Public name of your App. Azure by default provides the domain *.azurewebsites.net for free.

    So in my example the prowebdev.azurewebsites.net will be the URL of my App
    Select the Azure Subscription that will used to bill the Web App and a Resource Group. The Resource Group is used to organize the resources and provide role based access control among other.
    OS: Select the Operating System platform that will host your Web App. This can be Windows, Linux or a Docker Container. For the test I will select Windows.
    As you can see the wizard has selected an App Service Plan by default with a random name and location. The App Service Plan is actually the Web Server that will host out Web App. Click on the “App Service Plan/Location”
    Add a name for the Web Server, select the Location that is nearest to you (or your clients) and the Pricing Tier.
    By pressing OK you will return to the Web App create wizard and press Create. Now you can monitor the creating process of the App form the “Notifications” option at the top right of the portal, it is the button that has a ringing bell image. First you will see the “Deployment in progress…” message and as soon as the App is ready you will see the “Deployment completed” message.
    Now if you go to the Resource group you will see two resources. The App Service and the App Service Plan. In high level, the App Service Plan is the web server and the App Service is the Web Application.

    Now click the App Service and at its blade you can see your applications URL.

    Click the URL and you will see the Demo page

  • Create New...