Jump to content

proximagr

Moderators
  • Posts

    2468
  • Joined

  • Last visited

  • Days Won

    12

Everything posted by proximagr

  1. Microsoft Azure Nested Virtualization | Web Server At my previous post, Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM, I described how to create a Hyper-V VM inside an Azure VM with the new Dv3 and Ev3 VM sizes. Now we will see how to use a Hyper-V Nested VM as a Web Server that is hidden behind the Azure VM to secure access to your web application. Starting we will add the IIS Role at the Nested VM. Go to the Server Manager, add Roles and Features and select the Web Server (IIS) Role. Select the Features that your application requires and Install. After that we will need to Forward the required ports to the Nested VMs. To accomplish this we will need to use PowerShell. At my previews post I created a NAT in order to have network communication between the Host and the Nested VM. We will use that NAT to forward the port 80 and 443 to the Nested VM. At the Host Azure VM open the PowerShell and rum: 1 Get-NetNat From the results we can see the NAT Name. Now we can create the Rules: 1 2 Add-NetNatStaticMapping -NatName "NVMNat" -Protocol TCP -ExternalIPAddress 0.0.0.0 -InternalIPAddress 192.168.168.10 -InternalPort 80 -ExternalPort 80 Add-NetNatStaticMapping -NatName "NVMNat" -Protocol TCP -ExternalIPAddress 0.0.0.0 -InternalIPAddress 192.168.168.10 -InternalPort 443 -ExternalPort 443 A final step is to create a rule at the Azure VM’s NSG to allow port 80 & 443 and also open the ports at the Windows Firewall on both the Host and the Nested VMs. Finally we can browse to the Public IP of the Azure VM and see the IIS Welcome Page of the Nested VM. Just add an https binding to the IIS default website and also browse at the https page. Stay tuned for more usage scenarios for the Microsoft Azure Nested Virtualization!
  2. Microsoft Azure Nested Virtualization | Hyper-V Replica on Azure After my Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post on how to create a Nested VM inside an Azure VM, I am following with how to have Hyper-V Replica on Azure. To accomplish this we will use the Azure VM and the Nested VM from the Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM post. The first step is to create an identical pair of Azure VM and Nested VM to use for replica server. The only requirement is that the two Azure VMs must have network connectivity. As you understand we can have Hyper-V Replica between two Azure VMs at different Azure Regions using VPN. Next, at both Azure VMs open the 443 port at both the NSG and the Windows Firewall. For more security we can add the Public IPs of the VMs as Source. Since the VMs are not part of a domain we need to use Certificate based authentication for the Hyper-V Replica. We will use the New-SelfSignedCertificate command to create both certificates.The certificate process First we need to create a root CA certificate, so login at the first host and run: New-SelfSignedCertificate -Type "Custom" -KeyExportPolicy "Exportable" -Subject "CN=myazurerootca" -CertStoreLocation "Cert:LocalMachineMy" -KeySpec "Signature" -KeyUsage "CertSign" Next, using the certificate Thumbprint of the root CA certificate, create two server certificates, one for each Azure VM. To accomplish this run: New-SelfSignedCertificate -type "Custom" -KeyExportPolicy "Exportable" -Subject "CN=anothertestvm" -CertStoreLocation "Cert:LocalMachineMy" -KeySpec "KeyExchange" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2") -Signer "Cert:LocalMachineMy6A7196D9759FC2F7C49D62E08FA7195310DE5EB7" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider"New-SelfSignedCertificate -type "Custom" -KeyExportPolicy "Exportable" -Subject "CN=anothertestvm2" -CertStoreLocation "Cert:LocalMachineMy" -KeySpec "KeyExchange" -TextExtension @("2.5.29.37={text}1.3.6.1.5.5.7.3.1,1.3.6.1.5.5.7.3.2") -Signer "Cert:LocalMachineMy6A7196D9759FC2F7C49D62E08FA7195310DE5EB7" -Provider "Microsoft Enhanced RSA and AES Cryptographic Provider" The next step is to open the Certificates mmc (Local Computer) and at the Personal container you will find the three certificates created above. Right click each certificate and Export it, including the Private key, to a folder Copy the certificates to the second Azure VM and import them. The root CA certificate needs to be imported to he Trust Root Certification Authorities and the other two to the Personal (or just use automatic placement). Finally we need to disable the Certificate revocation check for Replication on both Azure VMs. To do this run the following command on both Azure VMs: REG ADD "HKLMSOFTWAREMicrosoftWindows NTCurrentVersionVirtualizationReplication" /v DisableCertRevocationCheck /d 1 /t REG_DWORD /f The Hyper-V Replica process Lets start creating the Hyper-V Replica. Since Hyper-V Replica uses computer names, we need to use the host file to bind the Public IPs with the computer names. So, at the first Azure VM, open an elevated Notepad, browse to the path “C:WindowsSystem32driversetc”, and open the “hosts” file. Enter the Public IP of the second Azure VM following by the computer name. Do the same at the second Azure VM. After saving the host file, go to the Hyper-V Settings, go to the “Replication Configuration” and check the “Enable this computer as a Replica Server”. Then check the “Use certificate-based Authentication (HTTPS)” and select the certificate created before. Finally check the “Allow replication from any authenticated servers” and press OK. Do this at both Azure VM Hyper-V Servers. Next go to the Hyper-V manager, right click the Nested VM and choose “Enable Replica”. Enter the name of the second Azure VM and select the certificate. I just used the defaults at all the next screens and finally press finish to enable the replication. Once the replication is enabled you will see the “Replication enabled successfully” message and the Status will change to “Sending Initial Replica”. After a very short period of time, the VM will complete the initial sync. [/url] The post Microsoft Azure Nested Virtualization | Hyper-V Replica on Azure appeared first on Apostolidis IT Corner. Source
  3. Καλημέρα φίλε Αν χάσεις emails τότε με το backup της βάσης θα τα βρεις, με λίγο παίδεμα. Αλλά επειδή ο Exchange είναι άμεσα συνδεδεμένος με το Active Directory, πρέπει να το παίρνεις και αυτό. Αν δεν έχεις κάποιο Backup προϊόν (π.χ. DPM, Veeam κλπ) τότε καλύτερα να χρησιμοποιήσεις το Windows Server backup που είναι application aware (δηλαδή καταλαβαίνει ότι έχεις Exchange και κάνει τα ανάλογα check για το Backup). Εδώ περιγράφετε πού καλά το πως να το χρησιμοποιήσεις: Exchange 2013 https://technet.microsoft.com/en-us/library/dd876854(v=exchg.150).aspx AD DS: https://technet.microsoft.com/en-us/library/cc816584(v=ws.10).aspx ΜΦΧ
  4. Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM With the new Dv3 and Ev3 VM sizes Microsoft has released the Nested Virtualization, meaning you can simply have a Hyper-V VM inside an Azure VM. In this post I am testing the Nested Virtualization functionality creating a Hyper-V VM inside an Azure VM and have Network and Internet Connectivity. Lets get started. First of all we will need a Dv3 or Ev3 VM and for best Nested Virtualization performance make use of SSD Managed Disks. I created a D4s_v3 Standard (4Cores, 16GB Ram, SSD managed disks) and I attached a 1023GB SSD Data Disk for performance. Now remote desktop to the VM to add the Hyper V Role. From the Server Manager, add Roles and Features and add the Hyper-V role Since this is an one NIC VM select the NIC to create the Virtual Switch Change the default Store location to the SSD Data Disk, in this case the E: drive. Finally wait for the installation to complete and reboot the VM. After the VM reboots, Remote Desktop and open the Hyper-V manager. Now we have Hyper-V inside an Azure VM. Lets create a VM. You can download a Trial Windows Server 2016 from https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-2016or use your Subscription (MSDN, EA, etc). I created a VM Called NestedVM01, with 4GB Ram using the Trial Windows Server 2016 ISO After the VM creation setup the Windows Server 2016 with all defaults and login. The first thing to notice is that the Network Interface does not have a valid IP address, since Microsoft Azure will not provide one. In order to have the Nested VM to have Network connectivity we need to use NAT. First change the Virtual Switch to “Internal network” At the Host’s Network interfaces, open the vEthernet NIC and add a static IP, only IP & Mask Now we will need PowerShell, since we cannot configure NAT form the GUI. Open the PowerShell (still at the Host Azure VM) and run New-NetNat –Name NVMNat –InternalIPInterfaceAddressPrefix 192.168.168.0/24 The result: After that we can provide the Nested VMs with IPs form the 192.168.168.0/24 range. So login to the Nested VM and add an IP fron the Range and for Default Gateway add the Host’s IP. For DNS add your AD DNS or a Public DNS server just to have internet. Now from the Nested VM you can ping the Host: And also browse the Internet: Stay tuned, on my next post we will see how we can make the Nested VM a Web Server, a hidden Web Server in a VM inside an Azure VM! Of course this Features opens the door for many more features to test, like Hyper-V Replica, Containers, etc, that we will see in future posts. [/url] The post Microsoft Azure Nested Virtualization | Hyper-V VM inside Azure VM appeared first on Apostolidis IT Corner. Source
  5. Azure VM Image Following one of my earlier posts, about Azure Managed Disks, lets see how easy it is to create an Azure VM Image from an Azure VM that uses Managed Disks. The first step it to Sysprep/Generalize the source VM. Otherwise the VM that will be created will not start. Select Generalize and “Shutdown”. After that wait the VM to shut down and go to the Azure Porta, at the VM’s blade and click “Capture”. Now, the “Create Image” blade will open. Enter a name, select a Resource Group and choose if the source VM will be deleted or not. Then press create. As soon as the Image is created you can find it at the “Images” service. Now lets create a VM from our Image Click the image name from the Images Blade to open the desired image Blade and just press “Create VM”. Of course at the image’s blade we can see if the image is Windows or Linux, if it has any Data Disks and the Location. After clicking the “Create VM” the classic “Create virtual machine” wizard will start, just like any other Virtual Machine creation. You will notice the difference at the final step that shows the name of your image instead of the VM’s OS. If you want to automate the process of creating an Azure VM from your images you can use Azure Template. You can find a quick start template at Azure’s GitHub repository. Create a Virtual Machine from a User Image: https://github.com/Azure/azure-quickstart-templates/tree/master/101-vm-from-user-image
  6. Azure Backup Reports A new feature is in public preview, the Azure Backup Reports. Now we can have the Azure Backup Reports at the OMS Workspace, Event Hub and Power Bi. You can use Power BI to view report dashboard, download reports and create custom reports The configuration has two steps, one to configure the Azure Backup Reports connection with each service and the other is to get the data at each service. First go to a Recovery Services vault and select Backup Reports. Next press the Configure button. The Diagnostic settings blade will open. Change the Status to “On” and select the desired services to collect the Azure Backup Logs. For the Power Bi integration we need a Storage account. So check the “Archive to storage account” option and select a storage account. The storage account must be at the same region as the Azure Backup account. To integrate with OMS check the “Send to Log Analytics” option and select an OMS Workspace. An other option is to stream the Azure Backup logs to event hub. To configure it check the “Stream to an event hub” and select the event hub namespace and policy name. At the bottom part of the configuration blade select the Logs that you want to get. The retention days option is only for the Storage Account configuration. Press save and return to the Backup reports blade. Now press the “Sign in” to connect to Power Bi to configure the Service. At the lower left corner of the Power Bi Portal press “Get Data” At the AppSource press the “Get” button under the Services. Search and select the “Azure Backup” At the connect to Azure Backup page enter the Storage Account name. This is the storage account that we selected at the Azure Backup Reports configuration. Press next and Save. Now the Azure Backup workspace is ready. Be patient, it needs time to start reporting data. If you go back to the Azure Portal, the Backup Reports blade has changed and it only has the option to connect to your Power Bi dashboard. If you browse to your Power Bi dashboard, you can view the Azure Backup Reports Workspace as the below image. For the OMS integration, you only need to go to the Log Search and query “Category=”AzureBackupReport” and you will have all the Azure Backup Report logs. Following the OMS logic you can create a custom View, you can follow this post: Azure Log Analytics
  7. Azure Log Analytics | CPU Performance Monitor In this article we will create a CPU Performance monitor View for our servers at the Azure Log Analytics (OMS) Portal. At the Microsoft Operations Management Suite (OMS) portal press the + button to create a new View The View Designer workspace will open. Select the “Line chart & callout” At the Properties blade enter a Name, something like “CPU Performance Monitor”, add the below query and press Apply Type:Perf CounterName="% Processor Time" InstanceName="_Total" | measure avg(CounterValue)by Computer Interval 10Minutes Pressing Apply you will see at the Preview window the “Name” and the CPU Performance of all the Windows servers that are monitored by OMS agent. The next step is to press the “+ View” tab and add a “Stack of line charts The “Stack of line charts” will add three charts per row and we can use it to add our servers. We will create something like that: So, at the Properties blade add a name and a query for each server needs to be monitored and press Apply. For more than three servers add more “Stack of line charts”. The query is the below, just change the Computer = “server.domain.local” with your servers. Type:Perf CounterName="% Processor Time" InstanceName="_Total" AND Computer ="server.domain.local" | measure Avg(CounterValue) as 'CPU_Percentage' by Computer Interval10Minutes Finally press “Save” at the View Designer The result is a CPU Performance monitor for all servers at the OMS Portal. And when you press it you have the CPU Performance Monitor of all added servers. Stay tuned for the next part
  8. How to disconnect a mailbox & re-assign it to new user in a Hybrid Scenario Scenario objectives: We have an Exchange Hybrid setup between on-premises and Exchange Online (Office 365). All users are synced and the mailbox is located at Exchange Online. We need to separate an existing mailbox from its user account and re-connect this mailbox to a new user account. If the mailbox in this scenario was located at the on-premises Exchange it would be an easy process just using the Exchange Management Console. But in a Hybrid scenario, the process includes many steps since the mailbox is not directory conencted to the Active Directory user account but it is conected to the Azure AD Synced User Account. For the ease of the guide we will name the Existing User Account: OLDUSER and the New User Account: NEWUSER. We will disconnect the Exchange Online Mailbox from the OLDUSER and connect it to the NEWUSER. Step 1. At the on-premises Active Directory, at an OU that is not synced with Azure AD, create the new user account. The “NEWUSER”. Ensure that you do not enter nothing at the email field. Just a user account with no email attributes. Step 2. Move the “OLDUSER” to an OU that is not synced with Azure AD Step 3. Run a Delta Sync. Go to the server that the AD Connect is installed, open the PowerShell and run “Start-ADSyncSyncCycle” Step 4. We need to get the GUID of the NEWUSER. To do so login to a Domain Controller, open PowerShell and run: 1 [system.convert]::ToBase64String((Get-Aduser NEWUSER).objectGUid.ToByteArray()) Copy the GUID to a Notepad Step 5. Open the Office 365 Admin Center and Restore the deleted user “OLDUSER” Go to Users –> Deleted Users –> Select the user “OLDUSER” –>Click Restore Step 6. Connect to Azure AD and set the GUID of the “NEWUSER” to the Office 365 “OLD USER”. Details for connecting to Azure AD “https://technet.microsoft.com/en-us/library/dn975125.aspx“ 1 2 3 Connect-MsolService Set-MsolUser -UserPrincipalName olduser@mydomain.com -ImmutableId vMZGJpW6CUGY09bduJ5dlw== Step 5. Open the Office 365 Admin Center and Delete the old user “OLDUSER” Go to Users –> Active users –> Select the “OLDUSER” –> click Delete user Step 6. Clean the on-premises Active Directory account of the old user “OLDUSER” from all attributes that will be added to the new user, like Proxy addresses, Target, address, Alias name, nickname etc. Step 7. Make the “NEWUSER” user account a Remote Mailbox object At the on-premises Exchange, open the Exchange Management Shell and run: 1 Enable-RemoteMailbox -Identity NEWUSER -DisplayName "NEW USER" -RemoteRoutingAddress newuser@mydomain.onmicrosoft.com -Alias newuser -PrimarySmtpAddressnewuser@mydomain.com Step 8. Move the “NEWUSER” to an OU that is Synced with Azure AD and run a Delta Sync like Step 3. After that the “NEWUSER” active directory account will be connected with the “OLDUSER” Exchange Online mailbox and all attributes of the Exchange Online mailbox will be replaced with the “NEWUSER’s” values. I suppose there are other ways, maybe easier, to accomplish this task, but following this process you will have the desired result without problems. [/url] EmailPrint
  9. High Level Steps to Create a Syslog Server for Azure OMS (Log Analytics) This post is a gathering of TechNet articles and 3rd party blog posts that my college John Dandelis followed to create a linux Syslog server in order to monitor network devices on Operations Management Suite (OMS). Its not a complete step-by-step guide but it is very useful as a reference. -Install Ubuntu server VM. Use any Bash Shell to connect to Ubuntu Server. (http://win-bash.sourceforge.net/) To install Bash shell in windows 10: From updates and security enable for developers, developer mode. From add remove windows components add windows subsystem for Linux. -Connect to Ubuntu server: ssh <syslog username>@<syslogIP> -Setup Ubuntu Syslog https://msandbu.wordpress.com/2016/02/22/monitoring-syslog-from-oms-with-non-oms-agents/ Edit rsyslog.conf file: (to edit press “insert”. To quit press “esc” and type “:q” to quit, “:wq” to save and quit, “:q!” to quit without saving ) sudo vim /etc/rsyslog.conf Uncomment Lines (remove # sign): #$ModLoad imudp #$UDPServerRun 514 -Create a templatefor log receipt Add Lines Before GLOBAL DIRECTIVES $template RemoteLogs,”/var/log/%HOSTNAME%/%PROGRAMNAME%.log” * *,* ?RemoteLogs (The $template RemoteLogs directive (“RemoteLogs” string can be changed to any other descriptive name) forces rsyslog daemon to write log messages to separate local log files in /var/log/, where log file names are defined based on the hostname of the remote sending machine as well as the remote application that generated the logs. The second line (“*.* ?RemoteLogs”) implies that we apply RemoteLogs template to all received logs.) -Restart syslog service sudo service rsyslog restart Install OMS Agent from OMS–>Overview–>Settings–>Connected Sources–>Linux Servers Copy the “DOWNLOAD AND ONBOARD AGENT FOR LINUX” field and paste into Ubuntu Bash. Add Syslog Facilities from Overview–>Settings–>Data–>Syslog local0 or whatever is the device facility you collect logs from. Show Most Recent Logs tail -f /var/log/syslog Χρήσιμα Site: Create syslog in Ubuntu Server http://blogbt.net/index.php/2013/11/syslog-server-on-ubuntu/ </p> Setting up SysLog Server on Ubuntu – BlogBT.net blogbt.net<p>Setting up a syslog server on ubuntu for easy troubleshooting and log keeping VIM Editor: https://stackoverflow.com/questions/11828270/how-to-exit-the-vim-editor Hit the Esc key; vim goes into command mode. Then you can type:qto quit (short for :quit) :q!to quit without saving (short for :quit!) :wqto write and quit (think write and quit) :wq!to write and quit even if file has only read permission (if file does not have write permission: force write) :xto write and quit (similar to :wq, but won’t write if there are no changes) :qato quit all (short for :quitall) OMS Agent for Linux https://github.com/Microsoft/OMS-Agent-for-Linux/blob/master/installer/conf/omsagent.d/syslog.conf https://blogs.technet.microsoft.com/msoms/2016/05/12/syslog-collection-in-operations-management-suite/ Install Azure Power Shell https://docs.microsoft.com/en-us/powershell/azure/install-azurerm-ps?view=azurermps-4.0.0 Install Agent For log analytics https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-linux-agents The post High Level Steps to Create a Syslog Server for Azure OMS (Log Analytics) appeared first on Apostolidis IT Corner. <a href="http://www.e-apostolidis.gr/microsoft/azure/high-level-steps-create-syslog-server-azure-oms-log-analytics/"class='bbc_url' rel='nofollow external'>Source</a>
  10. Azure Managed Disks | Easy Scale, High Available, Secure Azure Managed Disks is almost five months old, start using it, its simple, easy to scale, high available and secure. As Microsoft says, “Let Azure take care of your disks”. The idea is simple, choose the performance tier and the size you want. After that you are free to change your mind! You can change the performance tier (yes, switch between SSD & HDD) and the size just with click. Lets get it started. First of all we need to enable the managed disks at the VM creation. Specifically at the third step select “Yes” at the “Use managed disks” setting. After that you don’t have to wary about storage account, Azure takes care of this. Once the VM is deployed, go to the VM’s blade and click “Disks” and “+ Add data disk” After that, the “Create managed disk” blade opens and there are some interesting settings to choose. Lets have a closer look. First choose a name for the Data Disk, choose a Resource Group and Account type. This is the performance tier, SSD or HDD. Next, at the Source type drop down menu, we can choose to create an empty disk, by selecting the None. Also, we can select to use a Snapshot that we have already created or a Storage blob to select a disk. After that it is the size. The Managed Disks have specific price, IOPS and price. Type the Size in Gigabytes and see the estimated performance instantly. You can find the details here: https://azure.microsoft.com/en-us/pricing/details/managed-disks/ Standard Managed Disks: All standard managed disks have 500 IOPS and 60MB/sec throughput Premium Managed Disks: And what happens with the existing VMs that have “classic” unmanaged disk? No worries, just a bit of PowerShell and you can convert that to managed disks. How to do it? First Stop the VM, not just show down, we need to Stop (Deallocate it). Then run just this line of PowerShell code: ConvertTo-AzureRmVMManagedDisk -ResourceGroupName rgname -VMName vmname Now some magic. SSD to HDD to SSD to HDD and go on! Lets say you have created a Standard disk, HDD, but now you need performance. Just go to the VM blade, first Stop the VM and then select the “Disks” find the disk and change the “Account type” Just save, and voila! you have SSD, from 500 IOPS to 5000 IOPS! Any time, you can Stop the VM and change the disk back to Standard (HDD) Export Some more magic? Click “Export” at the disk properties, set an expiration time and Generate URL. You need to Stop the VM first. A PUBLIC URL is generated. You can use it to download the VHD without having to login to the Portal. Create snapshot At the disk properties click “Crete snapshot” http://www.e-apostolidis.gr/wp-content/uploads/2017/06/img_5938635086f51.png Enter a Name, select Resource group and Account type http://www.e-apostolidis.gr/wp-content/uploads/2017/06/img_5938639b0ffd7.png Now, under the Resources of the Resource Group you will find the Snapshot http://www.e-apostolidis.gr/wp-content/uploads/2017/06/img_59386471e209c.png https://static.addtoany.com/buttons/share_save_171_16.png The post Azure Managed Disks | Easy Scale, High Available, Secure appeared first on Apostolidis IT Corner. Source
  11. Azure Web Farm using IIS & Azure File storage This post is my view of a complete guide, from A to Z, including both the Windows Server part and the Azure Portal part on how to build a Web Farm using IIS & Azure File storage. Following this guide you will have a functional two server IIS Web Farm using Azure File storage. To create a Web Server Farm the mail requirement is a high available common storage. I see that when deploying on Azure, a lot of people are using DFSR for common storage. This solution has two major issues, the first is the cost, because you need at least two Windows Servers and second the replication speed that many times doesn’t cover the web servers needs. Azure File storage provides a very fast, high available and cheap solution to create a web server farm on Azure. Azure File storage supports both SMB 2.1 & 3.0 protocol. Every share can be up to 5TB, storing unlimited number of files and each file can be up to 1TB. Of course we can create as many shares as needed up to 500TB that is the Storage Account limit. Also every share provided 1000 IOPS. For this guide I used one Windows Server 2016 for Domain Controller, two Windows Server 2016 for web servers and one Standard Storage Account for Azure Files. Of course you can create an IIS Web Farm with workgroup server, but I will cover this at an other post. I will skip the part of creating the Azure VMs, the domain and joining the servers on it, so I assume that there is a domain and the other two servers are member servers of the domain. Just a note, when creating the Azure VMs that will be part of the IIS Farm remember to add them to the same Availability Set. This will inform the Azure Fabric to have the VMs to different update & fault domains Step 1. Add the Web Server role From the Server Manager, click Add roles and features and add the “Web Server (IIS)” role and at the next screen add all the features your app needs. Step 2. Add Application Request Routing For more feature and control over the IIS load balance add the Application Request Routing (ARR) using the Web Platform Installer. The Web Platform Installer uses the Internet Explorer engine so I disable the “IE Enhanced Security Configuration” just for the installation and then enable it. You can do it from the Server Manager, at the Server section. Next, open the IIS Manager and at the Actions Panel (on the right) click the “Get New Web Platform Components” Search for “arr”, and add the Application request routing 3.0 Step 3. Create an Azure Storage Account for Azure File Storage To create the Azure File storage shares, go to the Azure Portal, click the + button and create a Standard Storage account (you can just search for storage account) Select General purpose and Standard performance (Premium does not support Azure Files) once the storage account is created, open it and click the “Files” button Click the “+ File share” to add a file share Give it a name and quota limit After clicking OK the share will be created and it will be listed at the shares blade. Click on it to get the connection string and then click Connect to get the access key. At this point copy the “Connecting from Windows” command. We will use this to mount the share to the web servers. Finally click the File Share and at the new blade press “+Add Directory” and create two directories, one Configuration and one Data Step 4. Configure Windows Firewall & NSG Open the port 80 (and nay other requires ports) at the Windows firewall and at the NSGs for the windows firewall, go to the Servers’s control panel, Windows Firewall and click “Advanced Settings” go to the Inbound Rules, add New Rule and select Port Select TCP 80 (and any other needed for your application/site) Allow the rule for all profiles, provide a name and press finish to create the rule For the NSGs , go to the Azure Portal, open the NSGs of the web servers and add an http allow rule like below Step 5. Create the IIS Shared Configuration Go back to the first web server, open Computer Manager and add a new user with username and password the same as the connection string of the Azure Files share. You will need this for the IIS Service to access the Azure File storage share. Add the user to the IIS_IUSRS group Then open the IIS Manager and click the “Shared Configuration” at the Action pane click “Export Configuration” add the Azure File storage Share UNC path and “Connect As” using the share’s credentials Enter a complex encryption key and press ok to export the configuration to the Azure File storage “configuration” share Now we can enable the Shared Configuration, add the Configuration Share path and the same credentials and click apply. it will ask for the encryption key and finally the Shared Configuration will be enabled. You will need to restart the IIS Manager console at this point we can change the path of application pools, ftp applications etc to the Data folder share of the Azure File storage. Just note that you will need to use the UNC path “\azurefilesol.file.core.windows.netiisfarmData” and not any mapped drive. Repeat the above steps to the second web server. At the Shared Configuration don’t export the configuration, just enable the Shared Configuration. Finally we can create the Farm, from the IIS Manager, right click at the “Server Farms” and click “Create Server Farm…” give a farm name, add both servers and press Finish Press NO at the URL rewrite rule auto creation And the farm is ready as mentioned before, deploy your Web Site, Web Application etc to the Data file share, always using the full UNC path “\azurefilesol.file.core.windows.netiisfarmData”. All the website data will reside at the Azure File storage. If you need more than 1000 IOPS create more Azure Files storage shares and divine your website/application data. Run the following command to allow access to the Azure File storage. Change the file://”path” as needed C:WindowsMicrosoft.NETFramework64v4.0.30319>caspol -m -ag 1. -url file://azurefilesol.file.core.windows.net/iisfarm/* FullTrust Step 5. Azure Load Balancer Finally, create a Load Balancer to distribute incomming traffic to the farm. For this guide I will create an External Load Balancer, but also an Internal Load Balancer is supported. First, find and create the Load Balancer from the Azure Portal provide a name, for external load balancer select Public, select Dynamic or Static IP, resource group, location and press Create Then go to the new load balancer and create a health probe create an http probe provide a name, select Availability Set for association and add both the Web Servers finally create a load balancing rule to load balance the TCP port 80 at the farm once the load balance rule is created you can browse the public ip / name of the load balancer Now, browse to the load balancer’s IP and you are good to go! [/url] The post Azure Web Farm using IIS & Azure File storage appeared first on Apostolidis IT Corner. Source
  12. Θα σε απογοητεύσω, αν είχες μόνο physical servers τότε θα μπορούσες να βάλεις τον Process server σε φυσικό μηχάνημα. Στο VMWare replication όμως χρειάζεται o process server να είναι VMware VM "You need a VMware VM running Windows Server 2012 R2 or later" https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-vmware-to-azure https://docs.microsoft.com/en-us/azure/site-recovery/site-recovery-set-up-vmware-to-azure#configuration-server-minimum-requirements
  13. Καλημερα φίλε. Δεν χρειάζεσαι δύο process servers όπως πολύ σωστά λες, απλά ο process server πρέπει να στηθει σε ένα VM μέσα στην esxi υποδομή και όχι σε φυσικο. Αυτός ο process server θα εξυπηρετεί και τα VMware VMs & τα φυσικά. Απλά έχε το νου σου στις απαιτήσεις γιατί χρειάζεται αρκετό capacity και σε CPU & ram & IOPS, μη σου φανούν υπερβολικά αυτά που κάνει recommend η MS.
  14. Για το Single instance VM χρειάζεσαι ένα VM που να υποστιρίζει Premium Storage, δηλαδή SSD. Αυτά είναι τα VMs που έχουν S, Δηλαδή DS, FS, και επίσης κατά τη δημιουργία πρέπει να επιλέξεις SSD για OS disk και φυσικά να έχει Premium storage και για όσα data disks βάλεις αν βάλεις. τώρα για το we guarantee you will have Virtual Machine Connectivity of at least 99.9% ο ορισμός βάση του https://azure.microsoft.com/en-us/support/legal/sla/virtual-machines/v1_6/είναι: "Virtual Machine Connectivity" is bi-directional network traffic between the Virtual Machine and other IP addresses using TCP or UDP network protocols in which the Virtual Machine is configured for allowed traffic. The IP addresses can be IP addresses in the same Cloud Service as the Virtual Machine, IP addresses within the same virtual network as the Virtual Machine or public, routable IP addresses.
  15. Thank you all for participating at my session today at Athens Azure Bootcamp, about how to Protect your data with a modern backup, archive and disaster recovery solution. Bad things happen, even to good people. Protect yourself and avoid costly business interruptions by implementing a modern backup, archive and disaster recovery strategy. See how you can securely extend your on-premises backup storage and data archive solutions to the cloud to reduce cost and complexity, while achieving efficiency and scalability. Be ready with a business continuity plan that includes disaster recovery of all your major IT systems without the expense of secondary infrastructure. You leave this session with a set of recommended architectures showing how to implement a modern backup, archive and disaster recovery solution and an understanding of how to quickly get something in place in your organization. PANTELIS APOSTOLIDIS you can download my presentation from this link: https://1drv.ms/p/s!AvpafHi49lqjgdd4ixVWNS6nqZIZSw
  16. Save 40% on Windows Azure VM made easy creating a new Windows Azure VM you will notice a new selection at the Basics step. It is the Hybrid Use Benefit. Using this benefit you can save up to 40% on a Windows Azure VM cost using your own license with software assurance. You just need to have a Windows Server Standard or Datacenter license with Software Assurance, and it is not restricted to any specific licensing program, it is available to all licenses with Software Assurance. At the final step, the Summary, you will see a notification about the Hybrid Use Benefit, explaining the limitations of the benefit, saying: “Each Windows Server with Software Assurance (either via each 16-Core license or two-processor license) is entitled to two instances of up to 8 cores, or one instance of up to 16 cores. Please always refer to your Windows Server license count with Software Assurance, your Hybrid Use Benefit entitlements, and your Hybrid Use Benefit deployments to use this benefit while maintaining compliance.“ once the Azure VM is ready and login you will notice that the Operating System is not activated so you need to press Activate Windows and add your key to activate the Azure VM for more details visit the official page at https://azure.microsoft.com/en-us/pricing/hybrid-use-benefit/
  17. Global Azure Bootcamp 2017 – Athens Απρίλιος 22 @ 09:00 - 18:30 Αγαπητοί φίλοι, Τον Απρίλιο του 2013 πραγματοποιήθηκε το πρώτο Global Azure Bootcamp σε περισσότερες από 90 περιοχές ανά τον κόσμο. Αυτός ο αριθμός ολοένα και αυξανόταν, για να φτάσει τις 136 περιοχές το 2014, τις 182 το 2015 και 187 το 2016! Στην Ελλάδα διοργανώθηκε για πρώτη φορά το 2014 με μαζική συμμετοχή, η οποία αναμένεται να φτάσει σε… επίπεδα ρεκόρ φέτος, την τέταρτη συνεχή χρονιά διοργάνωσής του. Η κοινότητα των επαγγελματιών πληροφορικής που ασχολούνται με Cloud τεχνολογίες www.azureheads.gr, σε συνεργασία με το autoexec.gr, sqlschool.gr και dotnetzone.gr, βρίσκονται στην ευχάριστη θέση να σας προσφέρουν και φέτος μια εις βάθος παρουσίαση της πλατφόρμας Cloud Computing της Microsoft, Microsoft Azure. Εκτός από τις παρουσιάσεις που θα έχετε την ευκαιρία να παρακολουθήσετε, θα μπορέσετε να αποκτήσετε και τη σχετική κατάρτιση συμμετέχοντας στο lab που θα δημιουργηθεί, προκειμένου να υλοποιηθεί μια παγκόσμια υπολογιστική φάρμα (computation farm) για φιλανθρωπικό σκοπό. Για περισσότερες πληροφορίες, επικεφτείτε την σελίδα μας athens.azurebootcamp.net και δηλώστε συμμετοχή RSVP Τι θα χρειαστείτε Αν αποφασίσετε να συμμετάσχετε στο lab θα χρειαστείτε: Έναν υπολογιστή που να μπορεί να τρέξει Visual Studio 2015 ή 2017 Visual Studio 2015 ή 2017 Το Windows Azure SDK από εδώ https://azure.microsoft.com/en-us/downloads/ Εκτός από τα παραπάνω θα χρειαστείτε μια ενεργή Windows Azure συνδρομή! Υπάρχουν αρκετοί τρόποι για να την αποκτήσετε εάν δεν έχετε ήδη: Ξεκινήστε ένα FREE trial at https://azure.microsoft.com/en-us/free/ ΣΗΜΕΙΩΣΗ: η συνδρομή αυτή είναι ενεργή μόνο για 1 μήνα, οπότε καλό θα ήταν να την ενεργοποιήσετε λιγότερο από ένα μήνα πριν από τις 22 Απριλίου. MSDN benefit! Αν είστε κάτοχος συνδρομής MSDN, BizSpark ή DreamSpark μπορείτε να ενεργοποιήσετε δωρεάν τη Microsoft Azure συνδρομή σας από εδώ msdn.microsoft.com. Αν ωστόσο δεν σας κάνουν τα παραπάνω, μπορείτε απλά να ενεργοποιήσετε μια συνδρομή με χρήση πιστωτικής κάρτας από εδώ azure.microsoft.com. Συχνές Ερωτήσεις Πώς θα έρθω και πού θα παρκάρω; Ελάτε με τον ηλεκτρικό (Πράσινη Γραμμή) μέχρι το ΚΑΤ και μετά με τα πόδια ή με λεωφορείο. Υπάρχει χώρος πάρκινγκ αν έρθετε με αυτοκίνητο.Χρειάζεται προεγγραφή; Ναι, δηλώστε συμμετοχή RSVP.Πόσο κοστίζει η είσοδος; Είναι δωρεάν!Σημείωση Λόγω της αυξημένης ασφάλειας που υπάρχει στο κτίριο, όσοι θελήσουν να παραβρεθούν θα πρέπει να δηλώσουν τη συμμετοχή τους στο σχετικό event στο Meetup. Η δήλωση συμμετοχής ενδείκνυται, καθότι θα δοθεί λίστα με τα ονοματεπώνυμα των συμμετεχόντων για την είσοδό τους στο κτίριο. Επίσης, για την είσοδο στο event, θα χρειαστεί να φέρετε μαζί σας ταυτότητα ή άλλο ισοδύναμο έγγραφο για να γίνει ταυτοποίηση. + ΗΜΕΡΟΛΟΓΙΟ GOOGLE + ΕΙΣΑΓΩΓΗ ICAL Λεπτομέρειες Ημερομηνία: Απρίλιος 22 Ώρα: 09:00 - 18:30 Κατηγορίες Εκδήλωση: autoexec.gr, azureheads.gr, dotNETZone.gr, Events, sqlSchool.gr Ετικέτες Εκδήλωση azure, gab, global azure bootcamp Ιστοσελίδα: http://athens.azurebootcamp.net Διοργανωτές azureheads.gr autoexec.gr dotNETZone.gr sqlschool.gr Χώρος Διεξαγωγής Microsoft Hellas Leof. Kifisias 221 Athens, Marousi 15124 Greece + Χάρτης Google Πηγή: http://www.azureheads.gr/event/global-azure-bootcamp-2017-athens/
  18. Azure AD | Secure Web Application Publishing Application Publishing Azure Active Directory Application Proxy is a very easy and secure way for web application publishing using the extremely secure Azure AD authentication mechanism. There are a tone of features, like SSO and 2 Factor Authentication. But lets see the basic here. You have a web application that you are using internal to your network, not even https, or you have developed a web application and you want an easy and safe way to publish it without having to wary about authentication or VPN. Use the Azure AD Application Proxy following the following simple steps. For this example I have used a Windows Server 2016 with IIS and the SugarCRM application using the IIS Web Platform Installer. The internal link is http://appproxy01/sugarcrm/that opens the SugarCRM login page. Lets start Navigate to Azure Portal and go to Azure Active Directory. Mind that Azure Active Directory Basic or Premium license is required. You can start a trial Azure AD Premium or Enterprise Mobility Suite E3 that includes Azure AD Premium. Fist of all you need to enable Application proxy. Select Enterprise applications –> Application proxy and click Enable & Download the connector clicking the “Connector” link. Next, install the connector to the web server or to an other domain member server. It requires Windows Server 2012 R2. At the installation process it will ask to login with an Azure AD account that has access to publish applications. Once installed, Run the Connector Troubleshooter to verify that the connector will run properly. After the successful installation,back to the Azure Portal the server FQDN and the Public IP will appear under the Default Connector. Now it is time to publish the application. Go to “All applications” –> +ADD –> On-premises application. Give a name, the internal Url that is used to access the application at your local network and press Add. Note the External URL. The next step is to assign users. Following the quick steps, press “Assign a user for testing” an add at least a user and you are ready to test the application. Now lets test the published application Open your favorite browser and navigate the the External URL. You will be navigated to the Microsoft online service logon page. Once authenticated with your Azure AD account the SugarCRM login page will be served. This is the simplest way to publish a web application without having to wary for Authentication and Security. Of course if the application supports active directory authentication then it is very easy to setup SSO, but we will analyze that at the next post.
  19. Azure VM Backup directly from VM’s blade By Pantelis Apostolidis | December 28, 2016 0 Comment Azure VM Backup directly from VM’s blade Azure makes the VMs’ administration simpler every time. Today we will view a very nice new feature, the Backup shortcut at the VM’s blade. Just click on the VM and select Backup All you have to configure is the Backup Vault name and the Backup policy at the next easy step and press Enable Backup at the bottom of the “Enable backup” blade and that’s all!! Now the next time that we will click the Backup shortcut it will show directly the VM’s Backup Settings and run an instant backup. After the first backup we will be able to Restore the VM and also see logging about the backup jobs, like the latest and oldest restore point among others. Stay tuned for more Azure features
  20. Exchange 2013/16 Set Virtual Directories Notes By Pantelis Apostolidis | December 13, 2016 0 Comment You can find all this info at many many blogs allover the internet, I just want to have a note here to have them gathered for ease. Outlook Anywhare Get-OutlookAnywhere | Select Server,ExternalHostname,Internalhostname Get-OutlookAnywhere | Set-OutlookAnywhere -ExternalHostname mail.mydomain.com -InternalHostname mail.mydomain.com -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM MAPI Get-MapiVirtualDirectory | Select Server,ExternalURL,InternalURL | fl Get-MAPIVirtualDirectory | Set-MAPIVirtualDirectory -ExternalUrl https://mail.mydomain.com/mapi-InternalUrl https://mail.mydomain.com/mapi OWA Get-OwaVirtualDirectory | Select Server,ExternalURL,InternalURL | fl Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -ExternalUrl https://mail.mydomain.com/owa-InternalUrl https://mail.mydomain.com/owa ECP Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -ExternalUrl https://mail.mydomain.com/ecp-InternalUrl https://mail.mydomain.com/ecp ActiveSync Get-ActiveSyncVirtualDirectory | select server,externalurl,internalurl | fl Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -ExternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync-InternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync EWS Get-WebServicesVirtualDirectory | Select Server,ExternalURL,InternalURL | fl Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -ExternalUrl https://mail.mydomain.com/EWS/Exchange.asmx-InternalUrl https://mail.mydomain.com/EWS/Exchange.asmx OAB Get-OabVirtualDirectory | Select Server,ExternalURL,InternalURL | fl Get-OabVirtualDirectory | Set-OabVirtualDirectory -ExternalUrl https://mail.mydomain.com/OAB-InternalUrl https://mail.mydomain.com/OAB AUTODISCOVER SCP Get-ClientAccessServer | Select Name,AutoDiscoverServiceInternalURI Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://mail.mydomain.com/Autodiscover/Autodiscover.xml
  21. Auto Start/Stop an Azure VM (ARM) For Azure VMs that are not needed to be running 24/7, we can use Azure Automation to schedule automatic Stop (Deallocate) and Start. First ensure to reserve resources if needed, such as the Private and the Public IP. Now lets see how we will Auto Start/Stop an Azure VM (ARM). First create an Automation Account, go to the Azure Portal, expand more services and search for automation. Then click the “Automation Accounts” At the Automation Accounts press “Add” At the Automation Account creation blade provide a Name, the Subscription, the Resource Group, trhe location and if it is the first Automation Account select Yes to create automatically a Run As account After the creation it will open the new Automation Account’s blade. Here click the “Runbooks” We don’t need to write any scripting since there are available Runbooks at the gallery, so select Browse gallery At the Gallery search for the “Start Azure V2 VMs” and “Stop Azure V2 VMs” Graphical Runbooks. Click the Runbook and a the new blade press Import. Type a unique name and press OK After the import, we will be navigated to the Runbook and we need to Publish it in order to be able to use it. At the Runbook’s blade, press “Edit” And then press Publish After the Publishing the Runbook is ready to Start and add Schedules. Now lets add Schedules to specify the VM and the schedule that will Start. Press “Schedule” Press Link a schedule to your runbook and then Create a new schedule Give a name to the schedule, and then select the Start date and time and the recurrency, at my example it will start the VM everyday at 7:00 am then go to the Parameters and provide the Resourcegroup name and the VM name and press OK. The Runbook is ready. Create more Schedules for all needed VMs. And then repeat the process for the “Stop Azure VM V2” runbook and you will have two Runbooks with many Schedules. To test a Runbook press “Start”. The post Auto Start/Stop an Azure VM (ARM) appeared first on Proxima's IT Corner. Source
  22. <h1>Auto-Shutdown Hyper-V free with USB UPS</h1> <p>Recently i installed a Hyper-V 2012 R2 server (the free version) but my UPS doesn’t support Windows Core. No problem, we have PowerShell!! after some search on various sites – blogs – etc i end up creating the following script. It checks the battery status every 3 minutes, using WMI and when the battery drops below 50% is sends the shutdown signal. As long as you set the VMs to save on shutdown you are OK!</p> <p>I also added a simple mail notification before the shutdown.</p><pre class="crayon-plain-tag">$batterystatus = (get-wmiobject -class CIM_Battery -namespace "rootCIMV2").EstimatedChargeRemaining DO { start-sleep -seconds 180 $batterystatus = (get-wmiobject -class CIM_Battery -namespace "rootCIMV2").EstimatedChargeRemaining $batterystatus } While ($batterystatus -gt 50) $login = "username" $password = "password" | Convertto-SecureString -AsPlainText -Force $credentials = New-Object System.Management.Automation.Pscredential -Argumentlist $login,$password Send-MailMessage -Body "UPS Started - Server will shutdown in 5 minutes" -From mail@domain.com -To mymail@domain.com -Subject "Power Loss - UPS Started" -SmtpServer mail.domain.com -Credential $Credentials shutdown /s /t 300</pre><p> </p> <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fpowershell%2Fauto-shutdown-hyper-v-usb-ups%2F&linkname=Auto-Shutdown%20Hyper-V%20free%20with%20UPS"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fpowershell%2Fauto-shutdown-hyper-v-usb-ups%2F&linkname=Auto-Shutdown%20Hyper-V%20free%20with%20UPS" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fpowershell%2Fauto-shutdown-hyper-v-usb-ups%2F&title=Auto-Shutdown%20Hyper-V%20free%20with%20UPS" data-a2a-url="http://www.e-apostolidis.gr/microsoft/powershell/auto-shutdown-hyper-v-usb-ups/" data-a2a-title="Auto-Shutdown Hyper-V free with UPS"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/powershell/auto-shutdown-hyper-v-usb-ups/">Auto-Shutdown Hyper-V free with UPS</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p> <a href="http://www.e-apostolidis.gr/microsoft/powershell/auto-shutdown-hyper-v-usb-ups/"class='bbc_url' rel='nofollow external'>Source</a>
  23. <p>First we need to create a certificate request</p> <p>Open the Microsoft Exchange Management Console and navigate to Microsoft Exchange -> Server Configuration.</p> <p>On the right panel press the “New Exchange Certificate”</p> <p id="IcnajXr"><img class="alignnone size-full wp-image-1027 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27be99f9e.png"alt="" /></p> <p>The “New Exchange Certificate” wizard will start. Enter a friendly name, just a name to remember what this certificate is about.</p> <p id="JDRaiCG"><img class="alignnone size-full wp-image-1028 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27fdbb3cf.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27fdbb3cf.png 591w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27fdbb3cf-300x130.png 300w" sizes="(max-width: 591px) 100vw, 591px" /></p> <p>no need to check the wildcard option</p> <p id="EtdTZXg"><img class="alignnone size-full wp-image-1029 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2865f2737.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2865f2737.png 582w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2865f2737-300x123.png 300w" sizes="(max-width: 582px) 100vw, 582px" /></p> <p>At the next page select the services that you want, in most cases select all “Client Access Server”,</p> <p id="ZkhorfF"><img class="alignnone size-full wp-image-1031 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b28e1b354b.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b28e1b354b.png 592w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b28e1b354b-300x259.png 300w" sizes="(max-width: 592px) 100vw, 592px" /></p> <p>Next add all the alternative names that you want to include to the certificate</p> <p id="YlDGuRt"><img class="alignnone size-full wp-image-1032 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2937afb28.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2937afb28.png 588w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2937afb28-300x179.png 300w" sizes="(max-width: 588px) 100vw, 588px" /></p> <p>fill the Organization form and select the save path</p> <p id="fQORogU"><img class="alignnone size-full wp-image-1033 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29920a85a.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29920a85a.png 585w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29920a85a-300x242.png 300w" sizes="(max-width: 585px) 100vw, 585px" /></p> <p>finally press “new” to create the certificate request</p> <p id="utNSVvF"><img class="alignnone size-full wp-image-1034 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29c869221.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29c869221.png 589w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29c869221-300x256.png 300w" sizes="(max-width: 589px) 100vw, 589px" /></p> <p>after this at the Exchange Certificates windows of the Exchange Management Console you will see a new item that will say “Pending request”.</p> <p>Open the exported file with notepad and save it as “ASCII” encoding (the original is Unicode)</p> <p id="SZuTWJF"><img class="alignnone size-full wp-image-1035 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b03bfcb1.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b03bfcb1.png 319w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b03bfcb1-300x119.png 300w" sizes="(max-width: 319px) 100vw, 319px" /></p> <p>Now we need to go to our Domain’s Active Directory Certification Authority and open an elevated command prompt.</p> <p>Run the command:</p> <p>certreq.exe -submit -attrib CertificateTemplate:WebServer</p> <p id="UdQDUvn"><img class="alignnone size-full wp-image-1036 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b42f3883.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b42f3883.png 622w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b42f3883-300x37.png 300w" sizes="(max-width: 622px) 100vw, 622px" /></p> <p>It will ask you to select the request file, select the ACHII encoded file</p> <p id="hloRRHj"><img class="alignnone size-full wp-image-1037 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b6875e43.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b6875e43.png 504w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b6875e43-300x105.png 300w" sizes="(max-width: 504px) 100vw, 504px" /></p> <p>and then select the Certification Authority</p> <p id="xKWCLlX"><img class="alignnone size-full wp-image-1038 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2bc027538.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2bc027538.png 371w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2bc027538-300x184.png 300w" sizes="(max-width: 371px) 100vw, 371px" /></p> <p>finally it will produce a cer file.</p> <p>Go back to the Exchange Certificates window of the Exchange Management Console, select the “pending certificate request” and press “complete pending request”. Select the cer file, select the services needed (IIS, SMTP, POP, IMAP) and the wizard will create the certificate and enable it for the services.</p> <p id="tWSVZDr"><img class="alignnone size-full wp-image-1039 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2d1220d47.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2d1220d47.png 606w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2d1220d47-300x51.png 300w" sizes="(max-width: 606px) 100vw, 606px" /></p> <p> </p> <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fexchange%2Fexchange-2010-add-local-domain-ca-certificate%2F&linkname=Exchange%202010%20%7C%20add%20local%20domain%20CA%20certificate"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fexchange%2Fexchange-2010-add-local-domain-ca-certificate%2F&linkname=Exchange%202010%20%7C%20add%20local%20domain%20CA%20certificate" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fexchange%2Fexchange-2010-add-local-domain-ca-certificate%2F&title=Exchange%202010%20%7C%20add%20local%20domain%20CA%20certificate" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/exchange/exchange-2010-add-local-domain-ca-certificate/">Exchange 2010 | add local domain CA certificate</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p> <a href="http://www.e-apostolidis.gr/microsoft/exchange/exchange-2010-add-local-domain-ca-certificate/"class='bbc_url' rel='nofollow external'>Source</a>
  24. <p>Azure blob storage is billed based to how much data you use. So you can have an 1023 GB disk but if you use only 20 GB you will be billed for 20 GB. But, <img src="https://s.w.org/images/core/emoji/72x72/1f642.png"alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> , if you write more data, lets say 50 GB and then you erase them, the free space will not automatically be released.</p> <p>sandrinodimattia, https://github.com/sandrinodimattia, released an app that allows to check the actual size of a VHD on Azure. It works on both ASM and ARM.</p> <p>You can download the executable at: https://github.com/sandrinodimattia/WindowsAzure-VhdSize/releases</p> <p>The command is:</p> <p>wazvhdsize.exe “storageaccountname” “storageaccountaccesskey==” containername</p> <p> </p> <p>Source: https://github.com/sandrinodimattia/WindowsAzure-VhdSize</p> <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fcalculate-azure-vhd-actualbilling-size%2F&linkname=Calculate%20Azure%20VHD%20actual%2Fbilling%20size"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fcalculate-azure-vhd-actualbilling-size%2F&linkname=Calculate%20Azure%20VHD%20actual%2Fbilling%20size" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fcalculate-azure-vhd-actualbilling-size%2F&title=Calculate%20Azure%20VHD%20actual%2Fbilling%20size" id="wpa2a_4"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/azure/calculate-azure-vhd-actualbilling-size/">Calculate Azure VHD actual/billing size</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p> <a href="http://www.e-apostolidis.gr/microsoft/azure/calculate-azure-vhd-actualbilling-size/"class='bbc_url' rel='nofollow external'>Source</a>
  25. <p>Lets say you have an Office 365 account and cloud only users with mailboxes and now you decide that you want to sync it and match the Office 365 users with your Active Directory users.</p> <p>I prepared a lab with one DC and I created a trial Office 365 E3 account with custom domain. I created users with the same username to both. At Active Directory I set the UPN to match the Office 365 user name and also added the email address.</p> <p>Next I enabled directory synchronization from Office 365 and installed Azure AD Connect to DC2. After the initial sync i got this error:</p> <p><em>Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [Mail test1@xxxxx.gr;].</em></p> <p>I realized that Office 365 could not map the users, it was trying to create new. So there must be an attribute that needs correction. The solution came form the following blog:</p> <p>http://blogs.4ward.it/how-to-map-onprem-active-directory-users-to-existing-office365-users/</p> <p>and specifically at the “manual match method” section:</p> <p><em>In order to match the user with the cloud user you have to set the Immutable ID of onPremise Active Directory user’s ObjectGUID to the immutableID value of the Office365 user.</em><br /><em>To retrieve the ObjectGUID you can use the following command:</em></p> <p><em>Ldifde –d “CN=xxx…,OU=xxx,DC=xxxx,DC=xx” –f c:tempexportuser1.txt</em></p> <p><em>“CN=xxx…,OU=xxx,DC=xxxx,DC=xx” is the distinguished name of the user. You can use ADSIEdit or the AD Users & Computer (attribute editor) to find this value</em></p> <p><em>In the Textfile exportuser1.txt look for the ObjectGUID. You will find a string like z2Xbu0xFTUapOeDqHRTN1A==</em></p> <p><em>Then connect to Windows Azure Active Director and use the command</em></p> <p><em>set-MsolUser -UserPrincipalName user1.surname1@customerdomain.com -ImmutableId z2Xbu0xFTUapOeDqHRTN1A==</em></p> <p>After that I just forced a delta sync “Start-ADSyncSyncCycle -PolicyType Delta” , the sync was successful and the users in Office 365 changed from “In Clout” to “Synced with Active Directory”</p> <p> </p> <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/How-to-Map-OnPrem-Active-Directory-users-to-existing-Office365-Users.pdf">Howto Map OnPrem Active Directory users to existing Office365 Users</a></p> <p>source: http://blogs.4ward.it/how-to-map-onprem-active-directory-users-to-existing-office365-users/</p> <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fmatch-onprem-active-directory-users-existing-office365-users%2F&linkname=Match%20OnPrem%20Active%20Directory%20users%20to%20existing%20Office365%20Users"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fmatch-onprem-active-directory-users-existing-office365-users%2F&linkname=Match%20OnPrem%20Active%20Directory%20users%20to%20existing%20Office365%20Users" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fmatch-onprem-active-directory-users-existing-office365-users%2F&title=Match%20OnPrem%20Active%20Directory%20users%20to%20existing%20Office365%20Users" id="wpa2a_6"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/office-365/match-onprem-active-directory-users-existing-office365-users/">Match OnPrem Active Directory users to existing Office365 Users</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p> <a href="http://www.e-apostolidis.gr/microsoft/office-365/match-onprem-active-directory-users-existing-office365-users/"class='bbc_url' rel='nofollow external'>Source</a>
×
×
  • Create New...