Jump to content

proximagr

Moderators
  • Posts

    2468
  • Joined

  • Last visited

  • Days Won

    12

Blog Entries posted by proximagr

  1. proximagr
    Azure VM Image
    Following one of my earlier posts, about Azure Managed Disks, lets see how easy it is to create an Azure VM Image from an Azure VM that uses Managed Disks.
    The first step it to Sysprep/Generalize the source VM. Otherwise the VM that will be created will not start. Select Generalize and “Shutdown”.

    After that wait the VM to shut down and go to the Azure Porta, at the VM’s blade and click “Capture”.

    Now, the “Create Image” blade will open. Enter a name, select a Resource Group and choose if the source VM will be deleted or not. Then press create.

    As soon as the Image is created you can find it at the “Images” service.

    Now lets create a VM from our Image
    Click the image name from the Images Blade to open the desired image Blade and just press “Create VM”.
    Of course at the image’s blade we can see if the image is Windows or Linux, if it has any Data Disks and the Location.

    After clicking the “Create VM” the classic “Create virtual machine” wizard will start, just like any other Virtual Machine creation. You will notice the difference at the final step that shows the name of your image instead of the VM’s OS.

    If you want to automate the process of creating an Azure VM from your images you can use Azure Template. You can find a quick start template at Azure’s GitHub repository.
    Create a Virtual Machine from a User Image: https://github.com/Azure/azure-quickstart-templates/tree/master/101-vm-from-user-image
  2. proximagr
    Azure Backup Reports
    A new feature is in public preview, the Azure Backup Reports. Now we can have the Azure Backup Reports at the OMS Workspace, Event Hub and Power Bi. You can use Power BI to view report dashboard, download reports and create custom reports
    The configuration has two steps, one to configure the Azure Backup Reports connection with each service and the other is to get the data at each service.
    First go to a Recovery Services vault and select Backup Reports. Next press the Configure button.

    The Diagnostic settings blade will open. Change the Status to “On” and select the desired services to collect the Azure Backup Logs.

    For the Power Bi integration we need a Storage account. So check the “Archive to storage account” option and select a storage account. The storage account must be at the same region as the Azure Backup account.

    To integrate with OMS check the “Send to Log Analytics” option and select an OMS Workspace.

    An other option is to stream the Azure Backup logs to event hub. To configure it check the “Stream to an event hub” and select the event hub namespace and policy name.

    At the bottom part of the configuration blade select the Logs that you want to get. The retention days option is only for the Storage Account configuration.

    Press save and return to the Backup reports blade. Now press the “Sign in” to connect to Power Bi to configure the Service.

    At the lower left corner of the Power Bi Portal press “Get Data”

    At the AppSource press the “Get” button under the Services.

    Search and select the “Azure Backup”

    At the connect to Azure Backup page enter the Storage Account name. This is the storage account that we selected at the Azure Backup Reports configuration.

    Press next and Save. Now the Azure Backup workspace is ready. Be patient, it needs time to start reporting data.

    If you go back to the Azure Portal, the Backup Reports blade has changed and it only has the option to connect to your Power Bi dashboard.

    If you browse to your Power Bi dashboard, you can view the Azure Backup Reports Workspace as the below image.

    For the OMS integration, you only need to go to the Log Search and query “Category=”AzureBackupReport” and you will have all the Azure Backup Report logs. Following the OMS logic you can create a custom View, you can follow this post: Azure Log Analytics

  3. proximagr
    Azure Log Analytics | CPU Performance Monitor
    In this article we will create a CPU Performance monitor View for our servers at the Azure Log Analytics (OMS) Portal.

    At the Microsoft Operations Management Suite (OMS) portal press the + button to create a new View

    The View Designer workspace will open. Select the “Line chart & callout”

    At the Properties blade enter a Name, something like “CPU Performance Monitor”, add the below query and press Apply
    Type:Perf CounterName="% Processor Time" InstanceName="_Total" | measure avg(CounterValue)by Computer Interval 10Minutes

    Pressing Apply you will see at the Preview window the “Name” and the CPU Performance of all the Windows servers that are monitored by OMS agent.

    The next step is to press the “+ View” tab and add a “Stack of line charts

    The “Stack of line charts” will add three charts per row and we can use it to add our servers. We will create something like that:

    So, at the Properties blade add a name and a query for each server needs to be monitored and press Apply. For more than three servers add more “Stack of line charts”.
    The query is the below, just change the Computer = “server.domain.local” with your servers.
    Type:Perf CounterName="% Processor Time" InstanceName="_Total" AND Computer ="server.domain.local" | measure Avg(CounterValue) as 'CPU_Percentage' by Computer Interval10Minutes

    Finally press “Save” at the View Designer

    The result is a CPU Performance monitor for all servers at the OMS Portal.

    And when you press it you have the CPU Performance Monitor of all added servers.


    Stay tuned for the next part
  4. proximagr
    How to disconnect a mailbox & re-assign it to new user in a Hybrid Scenario
    Scenario objectives: We have an Exchange Hybrid setup between on-premises and Exchange Online (Office 365). All users are synced and the mailbox is located at Exchange Online.
    We need to separate an existing mailbox from its user account and re-connect this mailbox to a new user account. If the mailbox in this scenario was located at the on-premises Exchange it would be an easy process just using the Exchange Management Console. But in a Hybrid scenario, the process includes many steps since the mailbox is not directory conencted to the Active Directory user account but it is conected to the Azure AD Synced User Account.
    For the ease of the guide we will name the Existing User Account: OLDUSER and the New User Account: NEWUSER.
    We will disconnect the Exchange Online Mailbox from the OLDUSER and connect it to the NEWUSER.
    Step 1.
    At the on-premises Active Directory, at an OU that is not synced with Azure AD, create the new user account. The “NEWUSER”. Ensure that you do not enter nothing at the email field. Just a user account with no email attributes.
    Step 2.
    Move the “OLDUSER” to an OU that is not synced with Azure AD
    Step 3.
    Run a Delta Sync. Go to the server that the AD Connect is installed, open the PowerShell and run “Start-ADSyncSyncCycle”
    Step 4.
    We need to get the GUID of the NEWUSER. To do so login to a Domain Controller, open PowerShell and run:

     



    1



    [system.convert]::ToBase64String((Get-Aduser NEWUSER).objectGUid.ToByteArray())
     

    Copy the GUID to a Notepad
    Step 5.
    Open the Office 365 Admin Center and Restore the deleted user “OLDUSER”
    Go to Users –> Deleted Users –> Select the user “OLDUSER” –>Click Restore

    Step 6.
    Connect to Azure AD and set the GUID of the “NEWUSER” to the Office 365 “OLD USER”. Details for connecting to Azure AD “https://technet.microsoft.com/en-us/library/dn975125.aspx“

     



    1



    2



    3



    Connect-MsolService

    Set-MsolUser -UserPrincipalName [email protected] -ImmutableId vMZGJpW6CUGY09bduJ5dlw==
     

    Step 5.
    Open the Office 365 Admin Center and Delete the old user “OLDUSER”
    Go to Users –> Active users –> Select the “OLDUSER” –> click Delete user

    Step 6.
    Clean the on-premises Active Directory account of the old user “OLDUSER” from all attributes that will be added to the new user, like Proxy addresses, Target, address, Alias name, nickname etc.
    Step 7.
    Make the “NEWUSER” user account a Remote Mailbox object
    At the on-premises Exchange, open the Exchange Management Shell and run:

     



    1



    Enable-RemoteMailbox -Identity NEWUSER -DisplayName "NEW USER" -RemoteRoutingAddress [email protected] -Alias newuser [email protected]
     
    Step 8.
    Move the “NEWUSER” to an OU that is Synced with Azure AD and run a Delta Sync like Step 3.
    After that the “NEWUSER” active directory account will be connected with the “OLDUSER” Exchange Online mailbox and all attributes of the Exchange Online mailbox will be replaced with the “NEWUSER’s” values.
     
    I suppose there are other ways, maybe easier, to accomplish this task, but following this process you will have the desired result without problems.
     

    [/url]
    EmailPrint
  5. proximagr
    High Level Steps to Create a Syslog Server for Azure OMS (Log Analytics)
     
    This post is a gathering of TechNet articles and 3rd party blog posts that my college John Dandelis followed to create a linux Syslog server in order to monitor network devices on Operations Management Suite (OMS). Its not a complete step-by-step guide but it is very useful as a reference.
     
    -Install Ubuntu server VM.
    Use any Bash Shell to connect to Ubuntu Server. (http://win-bash.sourceforge.net/)
    To install Bash shell in windows 10: From updates and security enable for developers, developer mode. From add remove windows components add windows subsystem for Linux.
     
    -Connect to Ubuntu server: ssh <syslog username>@<syslogIP>
     
    -Setup Ubuntu Syslog
    https://msandbu.wordpress.com/2016/02/22/monitoring-syslog-from-oms-with-non-oms-agents/
     
    Edit rsyslog.conf file: (to edit press “insert”. To quit press “esc” and type “:q” to quit, “:wq” to save and quit, “:q!” to quit without saving )
    sudo vim /etc/rsyslog.conf
     
    Uncomment Lines (remove # sign):
    #$ModLoad imudp
    #$UDPServerRun 514
     
    -Create a templatefor log receipt
    Add Lines Before GLOBAL DIRECTIVES
    $template RemoteLogs,”/var/log/%HOSTNAME%/%PROGRAMNAME%.log” *
    *,* ?RemoteLogs
     
    (The $template RemoteLogs directive (“RemoteLogs” string can be changed to any other descriptive name) forces rsyslog daemon to write log messages to separate local log files in /var/log/, where log file names are defined based on the hostname of the remote sending machine as well as the remote application that generated the logs. The second line (“*.* ?RemoteLogs”) implies that we apply RemoteLogs template to all received logs.)
     
    -Restart syslog service
    sudo service rsyslog restart
     
    Install OMS Agent from OMS–>Overview–>Settings–>Connected Sources–>Linux Servers
    Copy the “DOWNLOAD AND ONBOARD AGENT FOR LINUX” field and paste into Ubuntu Bash.
     
    Add Syslog Facilities from Overview–>Settings–>Data–>Syslog
    local0 or whatever is the device facility you collect logs from.
     
    Show Most Recent Logs
    tail -f /var/log/syslog
     

    Χρήσιμα Site:
     
    Create syslog in Ubuntu Server
    http://blogbt.net/index.php/2013/11/syslog-server-on-ubuntu/ </p>
    Setting up SysLog Server on Ubuntu – BlogBT.net
    blogbt.net<p>Setting up a syslog server on ubuntu for easy troubleshooting and log keeping
     

    VIM Editor:
    https://stackoverflow.com/questions/11828270/how-to-exit-the-vim-editor
    Hit the Esc key; vim goes into command mode. Then you can type:qto quit (short for :quit) :q!to quit without saving (short for :quit!) :wqto write and quit (think write and quit) :wq!to write and quit even if file has only read permission (if file does not have write permission: force write) :xto write and quit (similar to :wq, but won’t write if there are no changes) :qato quit all (short for :quitall)
    OMS Agent for Linux
    https://github.com/Microsoft/OMS-Agent-for-Linux/blob/master/installer/conf/omsagent.d/syslog.conf
     
    https://blogs.technet.microsoft.com/msoms/2016/05/12/syslog-collection-in-operations-management-suite/
     
    Install Azure Power Shell
    https://docs.microsoft.com/en-us/powershell/azure/install-azurerm-ps?view=azurermps-4.0.0
     
    Install Agent For log analytics
    https://docs.microsoft.com/en-us/azure/log-analytics/log-analytics-linux-agents
     

    The post High Level Steps to Create a Syslog Server for Azure OMS (Log Analytics) appeared first on Apostolidis IT Corner.


    <a href="http://www.e-apostolidis.gr/microsoft/azure/high-level-steps-create-syslog-server-azure-oms-log-analytics/"class='bbc_url' rel='nofollow external'>Source</a>
  6. proximagr
    Azure Managed Disks | Easy Scale, High Available, Secure
    Azure Managed Disks is almost five months old, start using it, its simple, easy to scale, high available and secure. As Microsoft says, “Let Azure take care of your disks”.
    The idea is simple, choose the performance tier and the size you want. After that you are free to change your mind! You can change the performance tier (yes, switch between SSD & HDD) and the size just with click.
    Lets get it started. First of all we need to enable the managed disks at the VM creation. Specifically at the third step select “Yes” at the “Use managed disks” setting. After that you don’t have to wary about storage account, Azure takes care of this.

    Once the VM is deployed, go to the VM’s blade and click “Disks” and “+ Add data disk”

    After that, the “Create managed disk” blade opens and there are some interesting settings to choose. Lets have a closer look.

    First choose a name for the Data Disk, choose a Resource Group and Account type. This is the performance tier, SSD or HDD.
    Next, at the Source type drop down menu, we can choose to create an empty disk, by selecting the None. Also, we can select to use a Snapshot that we have already created or a Storage blob to select a disk.

    After that it is the size. The Managed Disks have specific price, IOPS and price. Type the Size in Gigabytes and see the estimated performance instantly.
    You can find the details here: https://azure.microsoft.com/en-us/pricing/details/managed-disks/
    Standard Managed Disks:

    All standard managed disks have 500 IOPS and 60MB/sec throughput
    Premium Managed Disks:

    And what happens with the existing VMs that have “classic” unmanaged disk? No worries, just a bit of PowerShell and you can convert that to managed disks.
    How to do it? First Stop the VM, not just show down, we need to Stop (Deallocate it). Then run just this line of PowerShell code:
    ConvertTo-AzureRmVMManagedDisk -ResourceGroupName rgname -VMName vmname
    Now some magic. SSD to HDD to SSD to HDD and go on!
    Lets say you have created a Standard disk, HDD, but now you need performance. Just go to the VM blade, first Stop the VM and then select the “Disks” find the disk and change the “Account type”

    Just save, and voila! you have SSD, from 500 IOPS to 5000 IOPS! Any time, you can Stop the VM and change the disk back to Standard (HDD)
    Export
    Some more magic? Click “Export” at the disk properties, set an expiration time and Generate URL. You need to Stop the VM first.

    A PUBLIC URL is generated. You can use it to download the VHD without having to login to the Portal.
    Create snapshot
    At the disk properties click “Crete snapshot”
    http://www.e-apostolidis.gr/wp-content/uploads/2017/06/img_5938635086f51.png
    Enter a Name, select Resource group and Account type
    http://www.e-apostolidis.gr/wp-content/uploads/2017/06/img_5938639b0ffd7.png
    Now, under the Resources of the Resource Group you will find the Snapshot
    http://www.e-apostolidis.gr/wp-content/uploads/2017/06/img_59386471e209c.png
     

    https://static.addtoany.com/buttons/share_save_171_16.png
    The post Azure Managed Disks | Easy Scale, High Available, Secure appeared first on Apostolidis IT Corner.
     
    Source
  7. proximagr
    Azure Web Farm using IIS & Azure File storage
    This post is my view of a complete guide, from A to Z, including both the Windows Server part and the Azure Portal part on how to build a Web Farm using IIS & Azure File storage. Following this guide you will have a functional two server IIS Web Farm using Azure File storage.
    To create a Web Server Farm the mail requirement is a high available common storage. I see that when deploying on Azure, a lot of people are using DFSR for common storage. This solution has two major issues, the first is the cost, because you need at least two Windows Servers and second the replication speed that many times doesn’t cover the web servers needs.
    Azure File storage provides a very fast, high available and cheap solution to create a web server farm on Azure.
    Azure File storage supports both SMB 2.1 & 3.0 protocol. Every share can be up to 5TB, storing unlimited number of files and each file can be up to 1TB. Of course we can create as many shares as needed up to 500TB that is the Storage Account limit. Also every share provided 1000 IOPS.
    For this guide I used one Windows Server 2016 for Domain Controller, two Windows Server 2016 for web servers and one Standard Storage Account for Azure Files. Of course you can create an IIS Web Farm with workgroup server, but I will cover this at an other post.
    I will skip the part of creating the Azure VMs, the domain and joining the servers on it, so I assume that there is a domain and the other two servers are member servers of the domain.
    Just a note, when creating the Azure VMs that will be part of the IIS Farm remember to add them to the same Availability Set. This will inform the Azure Fabric to have the VMs to different update & fault domains
    Step 1. Add the Web Server role
    From the Server Manager, click Add roles and features and add the “Web Server (IIS)” role and at the next screen add all the features your app needs.
    Step 2. Add Application Request Routing
    For more feature and control over the IIS load balance add the Application Request Routing (ARR) using the Web Platform Installer. The Web Platform Installer uses the Internet Explorer engine so I disable the “IE Enhanced Security Configuration” just for the installation and then enable it. You can do it from the Server Manager, at the Server section.

    Next, open the IIS Manager and at the Actions Panel (on the right) click the “Get New Web Platform Components”


    Search for “arr”, and add the Application request routing 3.0
    Step 3. Create an Azure Storage Account for Azure File Storage
    To create the Azure File storage shares, go to the Azure Portal, click the + button and create a Standard Storage account (you can just search for storage account)

    Select General purpose and Standard performance (Premium does not support Azure Files)

    once the storage account is created, open it and click the “Files” button

    Click the “+ File share” to add a file share

    Give it a name and quota limit

    After clicking OK the share will be created and it will be listed at the shares blade.

    Click on it to get the connection string and then click Connect to get the access key. At this point copy the “Connecting from Windows” command. We will use this to mount the share to the web servers.

    Finally click the File Share and at the new blade press “+Add Directory” and create two directories, one Configuration and one Data
    Step 4. Configure Windows Firewall & NSG
    Open the port 80 (and nay other requires ports) at the Windows firewall and at the NSGs
    for the windows firewall, go to the Servers’s control panel, Windows Firewall and click “Advanced Settings”

    go to the Inbound Rules, add New Rule and select Port

    Select TCP 80 (and any other needed for your application/site)

    Allow the rule for all profiles, provide a name and press finish to create the rule

    For the NSGs , go to the Azure Portal, open the NSGs of the web servers and add an http allow rule like below
    Step 5. Create the IIS Shared Configuration
    Go back to the first web server, open Computer Manager and add a new user with username and password the same as the connection string of the Azure Files share. You will need this for the IIS Service to access the Azure File storage share.

    Add the user to the IIS_IUSRS group

    Then open the IIS Manager and click the “Shared Configuration”

    at the Action pane click “Export Configuration”

    add the Azure File storage Share UNC path and “Connect As” using the share’s credentials

    Enter a complex encryption key and press ok to export the configuration to the Azure File storage “configuration” share

    Now we can enable the Shared Configuration, add the Configuration Share path and the same credentials and click apply.

    it will ask for the encryption key and finally the Shared Configuration will be enabled. You will need to restart the IIS Manager console

    at this point we can change the path of application pools, ftp applications etc to the Data folder share of the Azure File storage. Just note that you will need to use the UNC path “\azurefilesol.file.core.windows.netiisfarmData” and not any mapped drive.
    Repeat the above steps to the second web server. At the Shared Configuration don’t export the configuration, just enable the Shared Configuration.
    Finally we can create the Farm, from the IIS Manager, right click at the “Server Farms” and click “Create Server Farm…”

    give a farm name,

    add both servers and press Finish

    Press NO at the URL rewrite rule auto creation

    And the farm is ready

    as mentioned before, deploy your Web Site, Web Application etc to the Data file share, always using the full UNC path “\azurefilesol.file.core.windows.netiisfarmData”. All the website data will reside at the Azure File storage.
    If you need more than 1000 IOPS create more Azure Files storage shares and divine your website/application data.
    Run the following command to allow access to the Azure File storage. Change the file://”path” as needed
    C:WindowsMicrosoft.NETFramework64v4.0.30319>caspol -m -ag 1. -url file://azurefilesol.file.core.windows.net/iisfarm/* FullTrust
    Step 5. Azure Load Balancer
    Finally, create a Load Balancer to distribute incomming traffic to the farm. For this guide I will create an External Load Balancer, but also an Internal Load Balancer is supported.
    First, find and create the Load Balancer from the Azure Portal

    provide a name, for external load balancer select Public, select Dynamic or Static IP, resource group, location and press Create

    Then go to the new load balancer and create a health probe

    create an http probe

    provide a name, select Availability Set for association and add both the Web Servers

    finally create a load balancing rule to load balance the TCP port 80 at the farm

    once the load balance rule is created you can browse the public ip / name of the load balancer

    Now, browse to the load balancer’s IP and you are good to go!

     
    [/url]
    The post Azure Web Farm using IIS & Azure File storage appeared first on Apostolidis IT Corner.


    Source
  8. proximagr
    Thank you all for participating at my session today at Athens Azure Bootcamp, about how to Protect your data with a modern backup, archive and disaster recovery solution.
     

     
    Bad things happen, even to good people. Protect yourself and avoid costly business interruptions by implementing a modern backup, archive and disaster recovery strategy. See how you can securely extend your on-premises backup storage and data archive solutions to the cloud to reduce cost and complexity, while achieving efficiency and scalability. Be ready with a business continuity plan that includes disaster recovery of all your major IT systems without the expense of secondary infrastructure. You leave this session with a set of recommended architectures showing how to implement a modern backup, archive and disaster recovery solution and an understanding of how to quickly get something in place in your organization.
     
    PANTELIS APOSTOLIDIS
     
    you can download my presentation from this link: https://1drv.ms/p/s!AvpafHi49lqjgdd4ixVWNS6nqZIZSw
  9. proximagr
    Save 40% on Windows Azure VM made easy
    creating a new Windows Azure VM you will notice a new selection at the Basics step. It is the Hybrid Use Benefit. Using this benefit you can save up to 40% on a Windows Azure VM cost using your own license with software assurance. You just need to have a Windows Server Standard or Datacenter license with Software Assurance, and it is not restricted to any specific licensing program, it is available to all licenses with Software Assurance.
    At the final step, the Summary, you will see a notification about the Hybrid Use Benefit, explaining the limitations of the benefit, saying:
    “Each Windows Server with Software Assurance (either via each 16-Core license or two-processor license) is entitled to two instances of up to 8 cores, or one instance of up to 16 cores. Please always refer to your Windows Server license count with Software Assurance, your Hybrid Use Benefit entitlements, and your Hybrid Use Benefit deployments to use this benefit while maintaining compliance.“


    once the Azure VM is ready and login you will notice that the Operating System is not activated

    so you need to press Activate Windows and add your key to activate the Azure VM

    for more details visit the official page at https://azure.microsoft.com/en-us/pricing/hybrid-use-benefit/
  10. proximagr
    Azure AD | Secure Web Application Publishing
    Application Publishing
    Azure Active Directory Application Proxy is a very easy and secure way for web application publishing using the extremely secure Azure AD authentication mechanism. There are a tone of features, like SSO and 2 Factor Authentication. But lets see the basic here. You have a web application that you are using internal to your network, not even https, or you have developed a web application and you want an easy and safe way to publish it without having to wary about authentication or VPN. Use the Azure AD Application Proxy following the following simple steps.
    For this example I have used a Windows Server 2016 with IIS and the SugarCRM application using the IIS Web Platform Installer. The internal link is http://appproxy01/sugarcrm/that opens the SugarCRM login page.
    Lets start
    Navigate to Azure Portal and go to Azure Active Directory. Mind that Azure Active Directory Basic or Premium license is required. You can start a trial Azure AD Premium or Enterprise Mobility Suite E3 that includes Azure AD Premium.
    Fist of all you need to enable Application proxy. Select Enterprise applications –> Application proxy and click Enable & Download the connector clicking the “Connector” link.

    Next, install the connector to the web server or to an other domain member server. It requires Windows Server 2012 R2.

    At the installation process it will ask to login with an Azure AD account that has access to publish applications.
    Once installed, Run the Connector Troubleshooter to verify that the connector will run properly.

    After the successful installation,back to the Azure Portal the server FQDN and the Public IP will appear under the Default Connector.

    Now it is time to publish the application. Go to “All applications” –> +ADD –> On-premises application.

    Give a name, the internal Url that is used to access the application at your local network and press Add. Note the External URL.

    The next step is to assign users. Following the quick steps, press “Assign a user for testing”

    an add at least a user and you are ready to test the application.
    Now lets test the published application
    Open your favorite browser and navigate the the External URL. You will be navigated to the Microsoft online service logon page. Once authenticated with your Azure AD account the SugarCRM login page will be served.

    This is the simplest way to publish a web application without having to wary for Authentication and Security.
    Of course if the application supports active directory authentication then it is very easy to setup SSO, but we will analyze that at the next post.
  11. proximagr
    Azure VM Backup directly from VM’s blade

    By Pantelis Apostolidis | December 28, 2016
    0 Comment
     
    Azure VM Backup directly from VM’s blade
    Azure makes the VMs’ administration simpler every time. Today we will view a very nice new feature, the Backup shortcut at the VM’s blade.
    Just click on the VM and select Backup

    All you have to configure is the Backup Vault name and the Backup policy at the next easy step and press Enable Backup at the bottom of the “Enable backup” blade and that’s all!!

    Now the next time that we will click the Backup shortcut it will show directly the VM’s Backup Settings and run an instant backup. After the first backup we will be able to Restore the VM and also see logging about the backup jobs, like the latest and oldest restore point among others.

    Stay tuned for more Azure features
  12. proximagr
    Exchange 2013/16 Set Virtual Directories Notes

    By Pantelis Apostolidis | December 13, 2016
    0 Comment
     
    You can find all this info at many many blogs allover the internet, I just want to have a note here to have them gathered for ease.
     
    Outlook Anywhare
    Get-OutlookAnywhere | Select Server,ExternalHostname,Internalhostname
     
    Get-OutlookAnywhere | Set-OutlookAnywhere -ExternalHostname mail.mydomain.com -InternalHostname mail.mydomain.com -ExternalClientsRequireSsl $true -InternalClientsRequireSsl $true -DefaultAuthenticationMethod NTLM
     
    MAPI
    Get-MapiVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
     
    Get-MAPIVirtualDirectory | Set-MAPIVirtualDirectory -ExternalUrl https://mail.mydomain.com/mapi-InternalUrl https://mail.mydomain.com/mapi
     
    OWA
    Get-OwaVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
     
    Get-OwaVirtualDirectory | Set-OwaVirtualDirectory -ExternalUrl https://mail.mydomain.com/owa-InternalUrl https://mail.mydomain.com/owa
     
    ECP
    Get-EcpVirtualDirectory | Set-EcpVirtualDirectory -ExternalUrl https://mail.mydomain.com/ecp-InternalUrl https://mail.mydomain.com/ecp
     

    ActiveSync
    Get-ActiveSyncVirtualDirectory | select server,externalurl,internalurl | fl
     
    Get-ActiveSyncVirtualDirectory | Set-ActiveSyncVirtualDirectory -ExternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync-InternalUrl https://mail.mydomain.com/Microsoft-Server-ActiveSync
     
    EWS
    Get-WebServicesVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
     
    Get-WebServicesVirtualDirectory | Set-WebServicesVirtualDirectory -ExternalUrl https://mail.mydomain.com/EWS/Exchange.asmx-InternalUrl https://mail.mydomain.com/EWS/Exchange.asmx
     
    OAB
    Get-OabVirtualDirectory | Select Server,ExternalURL,InternalURL | fl
     
    Get-OabVirtualDirectory | Set-OabVirtualDirectory -ExternalUrl https://mail.mydomain.com/OAB-InternalUrl https://mail.mydomain.com/OAB
     
    AUTODISCOVER SCP
    Get-ClientAccessServer | Select Name,AutoDiscoverServiceInternalURI
     
    Get-ClientAccessServer | Set-ClientAccessServer -AutoDiscoverServiceInternalUri https://mail.mydomain.com/Autodiscover/Autodiscover.xml
  13. proximagr
    Auto Start/Stop an Azure VM (ARM)
    For Azure VMs that are not needed to be running 24/7, we can use Azure Automation to schedule automatic Stop (Deallocate) and Start. First ensure to reserve resources if needed, such as the Private and the Public IP.
    Now lets see how we will Auto Start/Stop an Azure VM (ARM). First create an Automation Account, go to the Azure Portal, expand more services and search for automation. Then click the “Automation Accounts”

    At the Automation Accounts press “Add”

    At the Automation Account creation blade provide a Name, the Subscription, the Resource Group, trhe location and if it is the first Automation Account select Yes to create automatically a Run As account

    After the creation it will open the new Automation Account’s blade. Here click the “Runbooks”

    We don’t need to write any scripting since there are available Runbooks at the gallery, so select Browse gallery

    At the Gallery search for the “Start Azure V2 VMs” and “Stop Azure V2 VMs” Graphical Runbooks.


    Click the Runbook and a the new blade press Import. Type a unique name and press OK

    After the import, we will be navigated to the Runbook and we need to Publish it in order to be able to use it. At the Runbook’s blade, press “Edit”

    And then press Publish

    After the Publishing the Runbook is ready to Start and add Schedules. Now lets add Schedules to specify the VM and the schedule that will Start. Press “Schedule”

    Press Link a schedule to your runbook and then Create a new schedule

    Give a name to the schedule, and then select the Start date and time and the recurrency, at my example it will start the VM everyday at 7:00 am

    then go to the Parameters and provide the Resourcegroup name and the VM name and press OK.

    The Runbook is ready. Create more Schedules for all needed VMs. And then repeat the process for the “Stop Azure VM V2” runbook and you will have two Runbooks with many Schedules. To test a Runbook press “Start”.

     

    The post Auto Start/Stop an Azure VM (ARM) appeared first on Proxima's IT Corner.


    Source
  14. proximagr
    <h1>Auto-Shutdown Hyper-V free with USB UPS</h1>
    <p>Recently i installed a Hyper-V 2012 R2 server (the free version) but my UPS doesn’t support Windows Core. No problem, we have PowerShell!! after some search on various sites – blogs – etc i end up creating the following script. It checks the battery status every 3 minutes, using WMI and when the battery drops below 50% is sends the shutdown signal. As long as you set the VMs to save on shutdown you are OK!</p>
    <p>I also added a simple mail notification before the shutdown.</p><pre class="crayon-plain-tag">$batterystatus = (get-wmiobject -class CIM_Battery -namespace "rootCIMV2").EstimatedChargeRemaining
    DO
    {
    start-sleep -seconds 180
    $batterystatus = (get-wmiobject -class CIM_Battery -namespace "rootCIMV2").EstimatedChargeRemaining
    $batterystatus
    } While ($batterystatus -gt 50)
    $login = "username"
    $password = "password" | Convertto-SecureString -AsPlainText -Force
    $credentials = New-Object System.Management.Automation.Pscredential -Argumentlist $login,$password
    Send-MailMessage -Body "UPS Started - Server will shutdown in 5 minutes" -From [email protected] -To [email protected] -Subject "Power Loss - UPS Started" -SmtpServer mail.domain.com -Credential $Credentials
    shutdown /s /t 300</pre><p> </p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fpowershell%2Fauto-shutdown-hyper-v-usb-ups%2F&linkname=Auto-Shutdown%20Hyper-V%20free%20with%20UPS"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fpowershell%2Fauto-shutdown-hyper-v-usb-ups%2F&linkname=Auto-Shutdown%20Hyper-V%20free%20with%20UPS" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fpowershell%2Fauto-shutdown-hyper-v-usb-ups%2F&title=Auto-Shutdown%20Hyper-V%20free%20with%20UPS" data-a2a-url="http://www.e-apostolidis.gr/microsoft/powershell/auto-shutdown-hyper-v-usb-ups/" data-a2a-title="Auto-Shutdown Hyper-V free with UPS"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/powershell/auto-shutdown-hyper-v-usb-ups/">Auto-Shutdown Hyper-V free with UPS</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/powershell/auto-shutdown-hyper-v-usb-ups/"class='bbc_url' rel='nofollow external'>Source</a>
  15. proximagr
    <p>First we need to create a certificate request</p>
    <p>Open the Microsoft Exchange Management Console and navigate to Microsoft Exchange -> Server Configuration.</p>
    <p>On the right panel press the “New Exchange Certificate”</p>
    <p id="IcnajXr"><img class="alignnone size-full wp-image-1027 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27be99f9e.png"alt="" /></p>
    <p>The “New Exchange Certificate” wizard will start. Enter a friendly name, just a name to remember what this certificate is about.</p>
    <p id="JDRaiCG"><img class="alignnone size-full wp-image-1028 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27fdbb3cf.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27fdbb3cf.png 591w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b27fdbb3cf-300x130.png 300w" sizes="(max-width: 591px) 100vw, 591px" /></p>
    <p>no need to check the wildcard option</p>
    <p id="EtdTZXg"><img class="alignnone size-full wp-image-1029 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2865f2737.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2865f2737.png 582w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2865f2737-300x123.png 300w" sizes="(max-width: 582px) 100vw, 582px" /></p>
    <p>At the next page select the services that you want, in most cases select all “Client Access Server”,</p>
    <p id="ZkhorfF"><img class="alignnone size-full wp-image-1031 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b28e1b354b.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b28e1b354b.png 592w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b28e1b354b-300x259.png 300w" sizes="(max-width: 592px) 100vw, 592px" /></p>
    <p>Next add all the alternative names that you want to include to the certificate</p>
    <p id="YlDGuRt"><img class="alignnone size-full wp-image-1032 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2937afb28.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2937afb28.png 588w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2937afb28-300x179.png 300w" sizes="(max-width: 588px) 100vw, 588px" /></p>
    <p>fill the Organization form and select the save path</p>
    <p id="fQORogU"><img class="alignnone size-full wp-image-1033 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29920a85a.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29920a85a.png 585w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29920a85a-300x242.png 300w" sizes="(max-width: 585px) 100vw, 585px" /></p>
    <p>finally press “new” to create the certificate request</p>
    <p id="utNSVvF"><img class="alignnone size-full wp-image-1034 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29c869221.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29c869221.png 589w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b29c869221-300x256.png 300w" sizes="(max-width: 589px) 100vw, 589px" /></p>
    <p>after this at the Exchange Certificates windows of the Exchange Management Console you will see a new item that will say “Pending request”.</p>
    <p>Open the exported file with notepad and save it as “ASCII” encoding (the original is Unicode)</p>
    <p id="SZuTWJF"><img class="alignnone size-full wp-image-1035 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b03bfcb1.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b03bfcb1.png 319w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b03bfcb1-300x119.png 300w" sizes="(max-width: 319px) 100vw, 319px" /></p>
    <p>Now we need to go to our Domain’s Active Directory Certification Authority and open an elevated command prompt.</p>
    <p>Run the command:</p>
    <p>certreq.exe -submit -attrib CertificateTemplate:WebServer</p>
    <p id="UdQDUvn"><img class="alignnone size-full wp-image-1036 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b42f3883.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b42f3883.png 622w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b42f3883-300x37.png 300w" sizes="(max-width: 622px) 100vw, 622px" /></p>
    <p>It will ask you to select the request file, select the ACHII encoded file</p>
    <p id="hloRRHj"><img class="alignnone size-full wp-image-1037 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b6875e43.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b6875e43.png 504w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2b6875e43-300x105.png 300w" sizes="(max-width: 504px) 100vw, 504px" /></p>
    <p>and then select the Certification Authority</p>
    <p id="xKWCLlX"><img class="alignnone size-full wp-image-1038 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2bc027538.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2bc027538.png 371w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2bc027538-300x184.png 300w" sizes="(max-width: 371px) 100vw, 371px" /></p>
    <p>finally it will produce a cer file.</p>
    <p>Go back to the Exchange Certificates window of the Exchange Management Console, select the “pending certificate request” and press “complete pending request”. Select the cer file, select the services needed (IIS, SMTP, POP, IMAP) and the wizard will create the certificate and enable it for the services.</p>
    <p id="tWSVZDr"><img class="alignnone size-full wp-image-1039 " src="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2d1220d47.png"alt="" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2d1220d47.png 606w, http://www.e-apostolidis.gr/wp-content/uploads/2016/07/img_579b2d1220d47-300x51.png 300w" sizes="(max-width: 606px) 100vw, 606px" /></p>
    <p> </p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fexchange%2Fexchange-2010-add-local-domain-ca-certificate%2F&linkname=Exchange%202010%20%7C%20add%20local%20domain%20CA%20certificate"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fexchange%2Fexchange-2010-add-local-domain-ca-certificate%2F&linkname=Exchange%202010%20%7C%20add%20local%20domain%20CA%20certificate" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fexchange%2Fexchange-2010-add-local-domain-ca-certificate%2F&title=Exchange%202010%20%7C%20add%20local%20domain%20CA%20certificate" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/exchange/exchange-2010-add-local-domain-ca-certificate/">Exchange 2010 | add local domain CA certificate</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/exchange/exchange-2010-add-local-domain-ca-certificate/"class='bbc_url' rel='nofollow external'>Source</a>
  16. proximagr
    <p>Azure blob storage is billed based to how much data you use. So you can have an 1023 GB disk but if you use only 20 GB you will be billed for 20 GB. But, <img src="https://s.w.org/images/core/emoji/72x72/1f642.png"alt="?" class="wp-smiley" style="height: 1em; max-height: 1em;" /> , if you write more data, lets say 50 GB and then you erase them, the free space will not automatically be released.</p>
    <p>sandrinodimattia, https://github.com/sandrinodimattia, released an app that allows to check the actual size of a VHD on Azure. It works on both ASM and ARM.</p>
    <p>You can download the executable at: https://github.com/sandrinodimattia/WindowsAzure-VhdSize/releases</p>
    <p>The command is:</p>
    <p>wazvhdsize.exe “storageaccountname” “storageaccountaccesskey==” containername</p>
    <p> </p>
    <p>Source: https://github.com/sandrinodimattia/WindowsAzure-VhdSize</p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fcalculate-azure-vhd-actualbilling-size%2F&linkname=Calculate%20Azure%20VHD%20actual%2Fbilling%20size"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fcalculate-azure-vhd-actualbilling-size%2F&linkname=Calculate%20Azure%20VHD%20actual%2Fbilling%20size" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fcalculate-azure-vhd-actualbilling-size%2F&title=Calculate%20Azure%20VHD%20actual%2Fbilling%20size" id="wpa2a_4"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/azure/calculate-azure-vhd-actualbilling-size/">Calculate Azure VHD actual/billing size</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/azure/calculate-azure-vhd-actualbilling-size/"class='bbc_url' rel='nofollow external'>Source</a>
  17. proximagr
    <p>Lets say you have an Office 365 account and cloud only users with mailboxes and now you decide that you want to sync it and match the Office 365 users with your Active Directory users.</p>
    <p>I prepared a lab with one DC and I created a trial Office 365 E3 account with custom domain. I created users with the same username to both. At Active Directory I set the UPN to match the Office 365 user name and also added the email address.</p>
    <p>Next I enabled directory synchronization from Office 365 and installed Azure AD Connect to DC2. After the initial sync i got this error:</p>
    <p><em>Unable to update this object because the following attributes associated with this object have values that may already be associated with another object in your local directory services: [Mail [email protected];].</em></p>
    <p>I realized that Office 365 could not map the users, it was trying to create new. So there must be an attribute that needs correction. The solution came form the following blog:</p>
    <p>http://blogs.4ward.it/how-to-map-onprem-active-directory-users-to-existing-office365-users/</p>
    <p>and specifically at the “manual match method” section:</p>
    <p><em>In order to match the user with the cloud user you have to set the Immutable ID of onPremise Active Directory user’s ObjectGUID to the immutableID value of the Office365 user.</em><br /><em>To retrieve the ObjectGUID you can use the following command:</em></p>
    <p><em>Ldifde –d “CN=xxx…,OU=xxx,DC=xxxx,DC=xx” –f c:tempexportuser1.txt</em></p>
    <p><em>“CN=xxx…,OU=xxx,DC=xxxx,DC=xx” is the distinguished name of the user. You can use ADSIEdit or the AD Users & Computer (attribute editor) to find this value</em></p>
    <p><em>In the Textfile exportuser1.txt look for the ObjectGUID. You will find a string like z2Xbu0xFTUapOeDqHRTN1A==</em></p>
    <p><em>Then connect to Windows Azure Active Director and use the command</em></p>
    <p><em>set-MsolUser -UserPrincipalName [email protected] -ImmutableId z2Xbu0xFTUapOeDqHRTN1A==</em></p>
    <p>After that I just forced a delta sync “Start-ADSyncSyncCycle -PolicyType Delta” , the sync was successful and the users in Office 365 changed from “In Clout” to “Synced with Active Directory”</p>
    <p> </p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/07/How-to-Map-OnPrem-Active-Directory-users-to-existing-Office365-Users.pdf">Howto Map OnPrem Active Directory users to existing Office365 Users</a></p>
    <p>source: http://blogs.4ward.it/how-to-map-onprem-active-directory-users-to-existing-office365-users/</p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fmatch-onprem-active-directory-users-existing-office365-users%2F&linkname=Match%20OnPrem%20Active%20Directory%20users%20to%20existing%20Office365%20Users"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fmatch-onprem-active-directory-users-existing-office365-users%2F&linkname=Match%20OnPrem%20Active%20Directory%20users%20to%20existing%20Office365%20Users" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fmatch-onprem-active-directory-users-existing-office365-users%2F&title=Match%20OnPrem%20Active%20Directory%20users%20to%20existing%20Office365%20Users" id="wpa2a_6"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/office-365/match-onprem-active-directory-users-existing-office365-users/">Match OnPrem Active Directory users to existing Office365 Users</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/office-365/match-onprem-active-directory-users-existing-office365-users/"class='bbc_url' rel='nofollow external'>Source</a>
  18. proximagr
    <div class="text geshifilter-text">this is something very common lately and always I follow this post: <a href="http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2">http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2</a></div>
    <div class="text geshifilter-text"></div>
    <div class="geshifilter">
    <div class="text geshifilter-text">Netsh<br />DHCP<br />Server \<DHCP_2003_Server_IP_Address><br />Export c:export2k3dhcp-database all</div>
    </div>
    <p>Performing this task will create a file in the c:export folder named 2k3dhcp-database</p>
    <p>Copy this file to the computer running Windows Server 2012 R2 that will function as the new DHCP server. You’ll need to install the DHCP server role on this computer and authorize the DHCP server in Active Directory before performing the following actions.</p>
    <p>Open an elevated command prompt and run the following commands (this assumes you’ve copied the file to a folder named c:import)</p>
    <div class="geshifilter">
    <div class="text geshifilter-text">Net stop DHCPserver<br />Del c:windowssystem32DHCPDHCP.mdb<br />Net start DHCPserver<br />Netsh<br />DHCP<br />Server \<DHCP_2012R2_Server_IP_Address><br />Import c:import2k3dhcp-database<br />Exit<br />Net stop DHCPserver<br />Net start DHCPserver</div>
    </div>
    <div class="text geshifilter-text">source: <a href="http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2">http://windowsitpro.com/windows-server-2003-end-support/migrating-dhcp-server-2003-server-2012-r2</a></div>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fmigrating-dhcp-server-2003-server-2012-r2%2F&linkname=Migrating%20DHCP%20from%20Server%202003%20to%20Server%202012%20R2"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fmigrating-dhcp-server-2003-server-2012-r2%2F&linkname=Migrating%20DHCP%20from%20Server%202003%20to%20Server%202012%20R2" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fmigrating-dhcp-server-2003-server-2012-r2%2F&title=Migrating%20DHCP%20from%20Server%202003%20to%20Server%202012%20R2" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/migrating-dhcp-server-2003-server-2012-r2/">Migrating DHCP from Server 2003 to Server 2012 R2</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/migrating-dhcp-server-2003-server-2012-r2/"class='bbc_url' rel='nofollow external'>Source</a>
  19. proximagr
    <div>THE BEST SQL SERVER PERFORMANCE MONITOR COUNTERS TO ANALYZE</div>
    <div></div>
    <div>– These are listed OBJECT first, then COUNTER</div>
    <div>– Memory – Available MBytes</div>
    <div>– Paging File – % Usage</div>
    <div>– Physical Disk – Avg. Disk sec/Read</div>
    <div>– Physical Disk – Avg. Disk sec/Write</div>
    <div>– Physical Disk – Disk Reads/sec</div>
    <div>– Physical Disk – Disk Writes/sec</div>
    <div>– Processor – % Processor Time</div>
    <div>– SQLServer: General Statistics – User Connections</div>
    <div>– SQLServer: Memory Manager – Memory Grants Pending</div>
    <div>– SQLServer: SQL Statistics – Batch Requests/sec</div>
    <div>– SQLServer: SQL Statistics – Compilations/sec</div>
    <div>– SQLServer: SQL Statistics – Recompilations/sec</div>
    <div>– System – Processor Queue Length</div>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fservers%2Fsql-server-performance-monitor-counters%2F&linkname=SQL%20Server%20Performance%20Monitor%20Counters"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fservers%2Fsql-server-performance-monitor-counters%2F&linkname=SQL%20Server%20Performance%20Monitor%20Counters" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fservers%2Fsql-server-performance-monitor-counters%2F&title=SQL%20Server%20Performance%20Monitor%20Counters" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/servers/sql-server-performance-monitor-counters/">SQL Server Performance Monitor Counters</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/servers/sql-server-performance-monitor-counters/"class='bbc_url' rel='nofollow external'>Source</a>
  20. proximagr
    <p>Open the Office 365 Exchange Administration Console and go to Recipients > Migration > More > Migration endpoints and click on the plus sign to add a new endpoint.</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png"><imgclass="alignnone size-full wp-image-1002" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png" alt="cme1" width="867" height="275" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1.png 867w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1-300x95.png 300w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1-768x244.png 768w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme1-660x209.png 660w" sizes="(max-width: 867px) 100vw, 867px" /></a></p>
    <p>Select the type of migration endpoint (Outlook Anywhere) and enter the details requested:</p>
    <ul>
    <li>An email address that will be migrated – this is used to test mailbox access during configuration</li>
    <li>Account with privileges – usually a Domain Administrator, but it can be another user, in which case you must assign permissions as specified here</li>
    <li>The privileged account you specify will be used to autodiscover the connection settings and test access to the mailbox specified above.</li>
    </ul>
    <p>Click next and verify that the correct details have been populated in the next dialogue box:</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2.png"><imgclass="alignnone size-full wp-image-1003" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2.png" alt="cme2" width="335" height="325" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2.png 335w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme2-300x291.png 300w" sizes="(max-width: 335px) 100vw, 335px" /></a></p>
    <p>Now that the endpoint has been tested you just need to define values for the number of concurrent migrations and supply a descriptive name for the endpoint.</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3.png"><imgclass="alignnone size-full wp-image-1004" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3.png" alt="cme3" width="352" height="292" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3.png 352w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/cme3-300x249.png 300w" sizes="(max-width: 352px) 100vw, 352px" /></a></p>
    <p> </p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fcreate-migration-endpoint-cutover-staging-migration%2F&linkname=Create%20migration%20endpoint%20%7C%20%28Cutover%20%26%20Staging%20Migration%29"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fcreate-migration-endpoint-cutover-staging-migration%2F&linkname=Create%20migration%20endpoint%20%7C%20%28Cutover%20%26%20Staging%20Migration%29" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Foffice-365%2Fcreate-migration-endpoint-cutover-staging-migration%2F&title=Create%20migration%20endpoint%20%7C%20%28Cutover%20%26%20Staging%20Migration%29" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/office-365/create-migration-endpoint-cutover-staging-migration/">Create migration endpoint | (Cutover & Staging Migration)</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/office-365/create-migration-endpoint-cutover-staging-migration/"class='bbc_url' rel='nofollow external'>Source</a>
  21. proximagr
    The exchangeserverpro.com site has the below excellent articles,
    to create the certificate request:
    to compete the pending request:and to enable it:
    The post Exchange 2013 Add public certificate and enable it appeared first on Proxima's IT Corner.

    <a href="http://www.e-apostolidis.gr/microsoft/exchange/exchange-2013-add-public-certificate-enable/"class='bbc_url' rel='nofollow external'>Source</a>
  22. proximagr
    <p>I was looking for a way to have a list with many details about VMs of Azure Classic deployment. Some of the details are VM Name, HostName, Service Name, IP address, Instance Size, Availability Set, Operating System, Disk Name (OS), SourceImageName (OS), MediaLink (OS), HostCaching (OS), Subnet, DataDisk Name, DataDisk HostCaching, DataDisk MediaLink, DataDisk Size.</p>
    <p>I started with PowerShell ISE and some technet search and after a lot of test I created this script:</p><pre class="crayon-plain-tag">Add-AzureAccount
    Select-AzureSubscription -SubscriptionId xxxxxxx-xxxxxxxx-xxxxxx-xxxxxx
    $VMlist = ForEach ($VM in (Get-AzureVM))
    { Get-AzureOSDisk -VM $VM | Select @{Label="VM";Expression={$VM.Name}},`
    @{Label="HostName";Expression={$VM.HostName}},`
    @{Label="Service";Expression={$VM.ServiceName}},`
    @{Label="IP";Expression={$VM.IpAddress}},`
    @{Label="InstanceSize";Expression={$VM.InstanceSize}},`
    @{Label="AvailabilitySet";Expression={$VM.AvailabilitySetName}},`
    OS,DiskName,SourceImageName,MediaLink,HostCaching, `
    @{Label="Subnet";Expression={(Get-AzureSubnet -VM $VM)}},`
    @{Label="DataDiskName";Expression={(Get-AzureDataDisk -VM $VM).DiskName}},`
    @{Label="DDHostCaching";Expression={(Get-AzureDataDisk -VM $VM).HostCaching}},`
    @{Label="DDMediaLink";Expression={(Get-AzureDataDisk -VM $VM).MediaLink}},`
    @{Label="DDSize";Expression={(Get-AzureDataDisk -VM $VM).LogicalDiskSizeInGB}}
    }
    $VMlist | Sort VM,SourceImageName | Export-CSV C:vms_alldata.csv -NoTypeInformation</pre><p>Just open the vms_alldata.csv with Excel, convert test to columns and insert table and voila:</p>
    <p><a href="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/allvms.jpg"><imgclass="alignnone wp-image-990 size-full" src="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/allvms.jpg" alt="allvms" width="1017" height="58" srcset="http://www.e-apostolidis.gr/wp-content/uploads/2016/05/allvms.jpg 1017w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/allvms-300x17.jpg 300w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/allvms-768x44.jpg 768w, http://www.e-apostolidis.gr/wp-content/uploads/2016/05/allvms-660x38.jpg 660w" sizes="(max-width: 1017px) 100vw, 1017px" /></a></p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fclassic-azure-vm-details%2F&linkname=Classic%20Azure%20VM%20Details"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fclassic-azure-vm-details%2F&linkname=Classic%20Azure%20VM%20Details" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazure%2Fclassic-azure-vm-details%2F&title=Classic%20Azure%20VM%20Details" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/azure/classic-azure-vm-details/">Classic Azure VM Details</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/azure/classic-azure-vm-details/"class='bbc_url' rel='nofollow external'>Source</a>
  23. proximagr
    File Server in-place Domain Migration
    When migrating to a new domain a major part is the file server, especially if there are a lot of data and different permissions.
    Thankfully Microsoft has a very helpful tool called SubInACL. This tool can be used to read and update security permissions and is much helpful for file server in-place domain migration. The tool can be downloaded here: https://www.microsoft.com/en-us/download/details.aspx?id=23510
    But after searching a lot there is not a specific guide that someone has followed and worked. So I started testing and came up with the following steps that worked for me:
    Open an elevated Command Prompt window and navigate to the folder containing the subinacl.exe Export the permissions of the drive’s root:
    subinacl /noverbose /output=C:permissionsE.txt /file E: Export the permissions of the all subfolders and files:
    subinacl /noverbose /output=C:permissionsEsub.txt /subdirectories E: Copy the contents of the “permissionsE.txt” to the start of the “permissionsEsub.txt” file. Open the “permissionsEsub.txt” file and replace the old domain name with the new domain name. View the shares:
    net view computername Export the shares’ permissions:
    subinacl /noverbose /output=C:shares.txt /share \computernamefileshare Disjoin and join the Server to the new domain Import the NTFS permissions
    Subinacl /playfile C:permissionsEsub.txt Import the shares’ permissions:
    Subinacl /playfile C:shares.txt

    Some commends from the field
    The export process is very fast but the import process takes much longer time.
    The subinacl process is single threaded (uses only one core) so in order to speed up the whole process you can split the permissions file and run it multiple times on different command prompt windows. Every subinacl.exe will create a single process that will use one core so if you have four cores create four processes.
    The import process completely removes the permissions and applies the new ones. So no User IDs will stay at the files/folders.
     


    The post File Server in-place Domain Migration appeared first on Proxima's IT Corner.
     
    Source
  24. proximagr
    After my previous post, the internal load balancer with two VMs, this is a scenario using the External Load Balancer. The configuration includes a Load Balancer with a Static Public IP at the frond end and two VMs at the back end. The load balancer has two static routes for RDP, one for each VM and one load balance rule, the TCP port 80, common for web sites and applications. It uses a probe that checks a web page on both hosts to verify if they are active.
     
    Lets start. First we need to install the AzureRm module. If not Windows 10 then first install the https://www.microsoft.com/en-us/download/details.aspx?id=48729<br/>Then Open Powershell ISE and execute the following commands. I have added a lot of comments to help customize based to the needs.
    Set-ExecutionPolicy RemoteSigned
    Install-Module AzureRM
    Login-AzureRmAccount
     
    #Define the variables
    $ResourceGroupName = "myresourcegroup"
    $StorageAccountName = "mystorageaccount"
    $vnetname = "VNET-01"
    $NSGname = "NSG-01"
    $locationName = "West Europe"
    $publicipname = "mypublicip"
    $vnet = Get-AzureRmVirtualNetwork -Name $vnetname -ResourceGroupName $ResourceGroupName
     
    #Create a new resource group
    New-AzureRmResourceGroup -Name $ResourceGroupName -Location $locationName
     
    #Create storage account
    New-AzureRmStorageAccount `
    -ResourceGroupName $resourcegroupName `
    -Name $storageaccountName `
    -Type Standard_LRS `
    -Location $locationName
     
    #Create Virtual Network and a private IP address for front end IP pool
    $FESubnet = New-AzureRmVirtualNetworkSubnetConfig -Name FE-SUBNET -AddressPrefix 10.0.0.16/28
    $BESubnet = New-AzureRmVirtualNetworkSubnetConfig -Name BE-SUBNET -AddressPrefix 10.0.0.32/28
     
    $vnet = New-AzureRmVirtualNetwork `
    -Name $vnetname `
    -ResourceGroupName $ResourceGroupName `
    -Location $locationName `
    -AddressPrefix 10.0.0.0/24 -Subnet $FESubnet,$BESubnet
     
    $FESubnet = Get-AzureRmVirtualNetworkSubnetConfig -Name FE-SUBNET -VirtualNetwork $vnet
    $BESubnet = Get-AzureRmVirtualNetworkSubnetConfig -Name BE-SUBNET -VirtualNetwork $vnet
     
    #Create Public IP
    $publicIP = New-AzureRmPublicIpAddress `
    -Name PublicIp `
    -ResourceGroupName $ResourceGroupName `
    -Location $locationName `
    –AllocationMethod Static `
    -DomainNameLabel $publicipname
     
    #Create FrontEnd IP pool and BackEnd address pool
    $APPfrontendIP = New-AzureRmLoadBalancerFrontendIpConfig `
    -Name APP-LB-Frontend `
    -PublicIpAddress $publicIP
     
    $APPbeaddresspool= New-AzureRmLoadBalancerBackendAddressPoolConfig -Name "APP-LB-backend"
     
    #Create load balancer rules, NAT rules, probe and load balancer
    $APPinboundNATRule1= New-AzureRMLoadBalancerInboundNatRuleConfig `
    -Name "RDP1" `
    -FrontendIpConfiguration $APPfrontendIP `
    -Protocol TCP `
    -FrontendPort 33389 `
    -BackendPort 3389
    $APPinboundNATRule2= New-AzureRMLoadBalancerInboundNatRuleConfig `
    -Name "RDP2" `
    -FrontendIpConfiguration $APPfrontendIP `
    -Protocol TCP `
    -FrontendPort 33390 `
    -BackendPort 3389
    $APPhealthProbe = New-AzureRMLoadBalancerProbeConfig `
    -Name "HealthProbe" `
    -RequestPath "/index.aspx" `
    -Protocol http `
    -Port 80 `
    -IntervalInSeconds 15 `
    -ProbeCount 2
    $APPlbrule = New-AzureRMLoadBalancerRuleConfig `
    -Name "HTTP" `
    -FrontendIpConfiguration $APPfrontendIP `
    -BackendAddressPool $APPbeAddressPool `
    -Probe $GAPPhealthProbe `
    -Protocol Tcp `
    -FrontendPort 80 `
    -BackendPort 80
    $APPLB = New-AzureRMLoadBalancer `
    -ResourceGroupName $ResourceGroupName `
    -Name "APP-LB" `
    -Location $locationName `
    -FrontendIpConfiguration $APPfrontendIP `
    -InboundNatRule $APPinboundNATRule1,$APPinboundNATRule2 `
    -LoadBalancingRule $APPlbrule `
    -BackendAddressPool $APPbeAddressPool `
    -Probe $APPhealthProbe
     
    #Create the network interfaces for the backend VMs
    $vnet = Get-AzureRMVirtualNetwork -Name $vnetname -ResourceGroupName $ResourceGroupName
    $APPbackendSubnet = Get-AzureRMVirtualNetworkSubnetConfig -Name FE-SUBNET -VirtualNetwork $vnet
     
    #Create 1st NIC with first NAT rule for RDP
    $APPbackendnic1 = New-AzureRMNetworkInterface `
    -ResourceGroupName $ResourceGroupName `
    -Name APP-lb-nic1-be `
    -Location $locationName `
    -PrivateIpAddress 10.0.0.21 `
    -Subnet $APPbackendSubnet `
    -LoadBalancerBackendAddressPool $APPLB.BackendAddressPools[0] `
    -LoadBalancerInboundNatRule $APPLB.InboundNatRules[0]
    #Create 2nd NIC with second NAT rule for RDP
    $APPbackendnic2 = New-AzureRMNetworkInterface `
    -ResourceGroupName $ResourceGroupName `
    -Name APP-lb-nic2-be `
    -Location $locationName `
    -PrivateIpAddress 10.0.0.22 `
    -Subnet $APPbackendSubnet `
    -LoadBalancerBackendAddressPool $APPLB.BackendAddressPools[0] `
    -LoadBalancerInboundNatRule $APPLB.InboundNatRules[1]
     
    #Create a Virtual Machine and assign the NIC
    # Set the existing virtual network and subnet index
    $subnetIndex=0
    $vnet=Get-AzureRMVirtualNetwork -Name $vnetName -ResourceGroupName $resourcegroupName
     
    #Create Availability Set
    $availabilitysetName="APP-AS"
    New-AzureRmAvailabilitySet –Name $availabilitysetName –ResourceGroupName $resourcegroupName -Location $locationName
     
    # First VM
    # Specify the name, size, and existing availability set
    $vmName="APP-01"
    $vmSize="Standard_A1"
    $availabilitysetName="APP-AS"
    $availabilitysetSet=Get-AzureRmAvailabilitySet –Name $availabilitysetName –ResourceGroupName $resourcegroupName
    $vm=New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $availabilitysetSet.Id
     
    #Add a 1023 GB additional data disk
    $diskSize=1023
    $diskLabel="AS1Data"
    $diskName="AS1Data"
    $storageAccount=Get-AzureRmStorageAccount -ResourceGroupName $resourcegroupName -Name $storageaccountName
    $vhdURI=$storageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
    Add-AzureRmVMDataDisk -VM $vm -Name $diskLabel -DiskSizeInGB $diskSize -VhdUri $vhdURI -CreateOption empty
     
    #Specify the image and local administrator account, and then add the NIC
    #To find the Publisher, Offer and SKU use the Get-AzureRmVMImagePublisher, Get-AzureRmVMImageOffer and Get-AzureRmVMImageSku commands
    $pubName="MicrosoftWindowsServer"
    $offerName="WindowsServer"
    $skuName="2012-R2-Datacenter"
    $cred=Get-Credential -Message "Type the name and password of the local administrator account."
    $vm=Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred
    $vm=Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
    $vm=Add-AzureRmVMNetworkInterface -VM $vm -Id $backendnic1.Id
     
    #Specify the OS disk name and create the VM / For Create NEW OS Disk
    $diskName="OSDisk"
    $storageAccount=Get-AzureRmStorageAccount -ResourceGroupName $resourcegroupName -Name $storageaccountName
    $osDiskUri=$storageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
    $vm=Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage
    New-AzureRmVM -ResourceGroupName $resourcegroupName -Location $locationName -VM $vm
     
    #Second VM
    # Specify the name, size, and existing availability set
    $vmName="APP-02"
    $vmSize="Standard_A1"
    $availabilitysetName="APP-AS"
    $availabilitysetSet=Get-AzureRmAvailabilitySet –Name $availabilitysetName –ResourceGroupName $resourcegroupName
    $vm=New-AzureRmVMConfig -VMName $vmName -VMSize $vmSize -AvailabilitySetId $availabilitysetSet.Id
     
    #Add a 1023 GB additional data disk
    $diskSize=1023
    $diskLabel="AS2Data"
    $diskName="AS2Data"
    $storageAccount=Get-AzureRmStorageAccount -ResourceGroupName $resourcegroupName -Name $storageaccountName
    $vhdURI=$storageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
    Add-AzureRmVMDataDisk -VM $vm -Name $diskLabel -DiskSizeInGB $diskSize -VhdUri $vhdURI -CreateOption empty
     
    #Specify the image and local administrator account, and then add the NIC
    #To find the Publisher, Offer and SKU use the Get-AzureRmVMImagePublisher, Get-AzureRmVMImageOffer and Get-AzureRmVMImageSku commands
    $pubName="MicrosoftWindowsServer"
    $offerName="WindowsServer"
    $skuName="2012-R2-Datacenter"
    $cred=Get-Credential -Message "Type the name and password of the local administrator account."
    $vm=Set-AzureRmVMOperatingSystem -VM $vm -Windows -ComputerName $vmName -Credential $cred
    $vm=Set-AzureRmVMSourceImage -VM $vm -PublisherName $pubName -Offer $offerName -Skus $skuName -Version "latest"
    $vm=Add-AzureRmVMNetworkInterface -VM $vm -Id $backendnic2.Id
     
    #Specify the OS disk name and create the VM / For Create NEW OS Disk
    $diskName="OSDisk"
    $storageAccount=Get-AzureRmStorageAccount -ResourceGroupName $resourcegroupName -Name $storageaccountName
    $osDiskUri=$storageAccount.PrimaryEndpoints.Blob.ToString() + "vhds/" + $vmName + $diskName + ".vhd"
    $vm=Set-AzureRmVMOSDisk -VM $vm -Name $diskName -VhdUri $osDiskUri -CreateOption fromImage
    New-AzureRmVM -ResourceGroupName $resourcegroupName -Location $locationName -VM $vm
     
    Source: http://www.e-apostolidis.gr/microsoft/azurerm-create-external-load-balancer-with-two-vms/
  25. proximagr
    <h1><strong>AzureRm | Create Site to Site VPN</strong></h1>
    <p>This post is part of a general idea, to create an end-to-end high available application infrastructure solution in Azure using internal load balancer with the new AzureRm commands and Azure PowerShell v.1.0 preview.</p>
    <p>We will create a Gateway, request a Public IP and establish a Site to Site VPN. At the time I am writting this post there is no option to create the VPN ising the Portal, the only way is using PowerShell. Also there is no option to download the configuration for the local firewall/router, like the classic deployment.</p>
    <p>The AzureRm commands are installed directly from the PowerShell using the Install-Module AzureRM & Install-AzureRM commands.</p>
    <p>So lets start:</p><pre class="crayon-plain-tag">#Login
    Login-AzureRmAccount
     
    #Create Gateway for VPN
     
    # add the local (office) public ip and local networks
    $resourcegroupName ="RMDemoRG"
    $locationName ="West Europe"
    $vnetName = "NRPVnet"
    New-AzureRmLocalNetworkGateway -Name localsite -ResourceGroupName $resourcegroupName -Location $locationName -GatewayIpAddress "XXX.XXX.XXX.XXX" -AddressPrefix @('10.0.0.0/24','192.168.0.0/24')
     
    # Create the Gateway Subnet
    $vnet = Get-AzureRmVirtualNetwork -ResourceGroupName $resourcegroupName -Name $vnetName
    Add-AzureRmVirtualNetworkSubnetConfig -Name 'GatewaySubnet' -AddressPrefix 172.16.0.0/16 -VirtualNetwork $vnet
    Set-AzureRmVirtualNetwork -VirtualNetwork $vnet
     
    # create gateway and request azure public ip
    $gwpip= New-AzureRmPublicIpAddress -Name RMDemoPIP -ResourceGroupName $resourcegroupName -Location $locationName -AllocationMethod Dynamic
    $vnet = Get-AzureRmVirtualNetwork -Name $vnetName -ResourceGroupName $resourcegroupName
    $GWsubnet = Get-AzureRmVirtualNetworkSubnetConfig -Name 'GatewaySubnet' -VirtualNetwork $vnet
    $gwipconfig = New-AzureRmVirtualNetworkGatewayIpConfig -Name gwipconfig1 -SubnetId $GWsubnet.Id -PublicIpAddressId $gwpip.Id
    New-AzureRmVirtualNetworkGateway `
    -Name RMDemoGW `
    -ResourceGroupName $resourcegroupName `
    -Location $locationName `
    -IpConfigurations $gwipconfig `
    -GatewayType Vpn `
    -VpnType PolicyBased #PolicyBased For Static & RouteBased for Dynamic VPN
     
    # Get the Public IP
    Get-AzureRmPublicIpAddress -Name RMDemoPIP -ResourceGroupName $resourcegroupName
     
    # Establish the VPN connection
    $gateway1 = Get-AzureRmVirtualNetworkGateway -Name RMDemoGW -ResourceGroupName $resourcegroupName
    $local = Get-AzureRmLocalNetworkGateway -Name LocalSite -ResourceGroupName $resourcegroupName
    New-AzureRmVirtualNetworkGatewayConnection `
    -Name localtovpn `
    -ResourceGroupName $resourcegroupName `
    -Location $locationName `
    -VirtualNetworkGateway1 $gateway1 `
    -LocalNetworkGateway2 $local `
    -ConnectionType IPsec `
    -RoutingWeight 10 `
    -SharedKey 'ABCDEFG1234567890'
     
    #check the VPN status
    Get-AzureRMVirtualNetworkGatewayConnection -Name localtovpn -ResourceGroupName $resourcegroupName -Debug</pre><p>Finally, since there is no way to download the configuration script at this time, the sample configurations can be found here: <a href="https://github.com/Azure/Azure-vpn-config-samples"target="_blank">https://github.com/Azure/Azure-vpn-config-samples</a></p>
    <p>After the creation of the VPN, that can be done only using PowerShell, we can use the portal to view the status and the settings</p>
    <p><a class="a2a_button_email" href="http://www.addtoany.com/add_to/email?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazurerm-create-site-to-site-vpn%2F&linkname=AzureRm%20%7C%20Create%20Site%20to%20Site%20VPN"title="Email" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/email.png" width="16" height="16" alt="Email"/></a><a class="a2a_button_print" href="http://www.addtoany.com/add_to/print?linkurl=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazurerm-create-site-to-site-vpn%2F&linkname=AzureRm%20%7C%20Create%20Site%20to%20Site%20VPN" title="Print" rel="nofollow" target="_blank"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/icons/print.png" width="16" height="16" alt="Print"/></a><a class="a2a_dd a2a_target addtoany_share_save" href="https://www.addtoany.com/share#url=http%3A%2F%2Fwww.e-apostolidis.gr%2Fmicrosoft%2Fazurerm-create-site-to-site-vpn%2F&title=AzureRm%20%7C%20Create%20Site%20to%20Site%20VPN" id="wpa2a_2"><img src="http://www.e-apostolidis.gr/wp-content/plugins/add-to-any/share_save_171_16.png" width="171" height="16" alt="Share"/></a></p><p>The post <a rel="nofollow" href="http://www.e-apostolidis.gr/microsoft/azurerm-create-site-to-site-vpn/">AzureRm | Create Site to Site VPN</a> appeared first on <a rel="nofollow" href="http://www.e-apostolidis.gr">Proxima's IT Corner</a>.</p>


    <a href="http://www.e-apostolidis.gr/microsoft/azurerm-create-site-to-site-vpn/"class='bbc_url' rel='nofollow external'>Source</a>
×
×
  • Create New...