proximagr

1. Check if the password is set to never expire for one user: Get-MSOLUser -UserPrincipalName username | Select PasswordNeverExpires 2. Check if the password is set to never expire for all users: Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires 3. Check if the password is set to never expire for a list of users: create a txt file listing the required users, line by line with title “username”, and save it as c:\pwdexpire.txt, like this: username testuser1 testuser2 testuser3 then run: Import-csv c:\pwdexpire.txt | for each { Get-MSOLUser -UserPrincipalName $_.username | Select PasswordNeverExpires } 4. Set password to never expire for one user: Set-MsolUser -UserPrincipalName username -PasswordNeverExpires $true 5. Set password to never expire for all users: Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true 6. Set password to never expire for a list of users: like before create a txt list and run: Import-csv c:\pwdexpire.txt | for each { Set-MsolUser -UserPrincipalName $_.username -PasswordNeverExpires $true } 7. to re-set the password to expire just replace the $true with $false (please note that is the organization’s password expiration period has passed then the user/users will be locked and you will need to reset their passwords) source: http://www.e-apostolidis.gr/microsoft/manage-office-365-password-expiration/

Αυτό το post είναι οι σημειώσεις μου από διάφορα migrations Exchange 2007 & 2010 σε Office 365 Hybrid Deployment. Για Exchange 2013 είναι σχεδόν το ίδιο, αλλά αρκετά πιο εύκολο! Όπως είπα είναι οι σημειώσει μου μαζί με διάφορες προσθέσεις από διάφορα blogs, κάτι σαν Checklist και όχι Tytorial ή Guide. 1. Τι χρειάζεται: 2 x ADFS NLB (for identity federation) 2 x ADFS Proxy Servers NLB (for identity federation) 1 x domain member server for DIrSync 1 x SQL 2008 R2 server that will store the DirSync database 1 x Exchange 2010 Service Pack 2 + based hybrid deployment server (for rich coexistence with Exchange Online) Access to public DNS of Domain (company.com) 3rd Party Certificates (if you have on old exchange 2007 a wildcard export and import to 2010) Domain User for ADFS service account Configure UPN for company.com domain 2. Γενικά τα βήματα: 1. Add Domain (company.com) to Office 365 2. Add TXT record to DNS for verification 3. Specify domain cervices (Exchange, Lync, Sharepoint) 4. ADFS (&/or Farm) Add IIS Role, Configure NLB sts.company.local (add hosts, add A record, enable MAC spoofing), add Certificate (SelfSigned or 3rd Party) & bind default site to 443 Setup ADFS Federation server AD FS 2.0 Federation Server Configuration Wizard Domain User for ADFS service account 5. ADFS Proxy (&/or Farm) Add IIS Role, Configure NLB sts.company.com (add hosts, add A record, enable MAC spoofing), add Certificate (SelfSigned or 3rd Party) & bind default site to 443 Add host A to Public DNS (sts.company.com) Add host record to proxy servers for sts.company.local local IP (ADFS NLB Address) Setup ADFS Federation server proxy AD FS 2.0 Federation Server Configuration Wizard 6. Convert Domain to a Federated Domain On Office 365 portal then downloads then step 3 “Set up and configure your office desktop apps” de-select everything (only to install MOSM for powershell) On office 365 portal then users then manage (SSO), install MOSM for powershell Open MOSM and “$Cred=Get-Credential” add creds, then “Connect-Msolservice –Credentials $Cred” then “Convert-MsolDomainToFederated –DomainName “office365lab.dk”” and “Get-MsolDomain | fl” Configure UPN for company.com domain Go to login.microsoftonline.com and check SSO login 7. DirSync o365 portal then users then set up under directory synchronization (after activate needs some hours) o365 portal then users then set up ude active directory synchronization under step 4 download DirSync tool Verify dirsync: o365 portal then users then set up under actice directory synchronization check “active directory synchronization is activated” or powershell: “Get-MsolCompanyInformation | fl DirectorySynchronizationEnabled” Sync: run “Directory Sync Configuration”, add creds, check “Enable Exchange hybrid deployment”. If you want to select OU, groups, users, etc then dont check “synchronize directories now” Edit sync: “C:\Program Files\Microsoft Online Directory Sync\SYNCBUS\Synchronization Service\UIShell” and run “miisclient” guide (http://blogs.msdn.com/b/denotation/archive/2012/11/21/installing-and-configure-dirsync-with-ou-level-filtering-for-office365.aspx) Force Sync: With powershell go to C:\Program Files\Microsoft Online Directory Sync” folder and from here run the “DirScConfigshell.psc1” script and on the new windows run “Start-ynOnlineCoexistenceSync” 8. Hybrid Deployment Configure NLB on Exchange 2010 HUB/CAS ADD 3rd party certificate (if you have on old exchange 2007 a wildcard export and import to 2010) assign services SMTP & IIS Configure URLS OWA Set-OwaVirtualDirectory -Identity “EX03\OWA (Default Web Site)” -InternalURLhttps://hybrid.office365lab.dk/OWA -ExternalURL https://hybrid.office365lab.dk/OWA Set-OwaVirtualDirectory -Identity “EX04\OWA (Default Web Site)” -InternalURLhttps://hybrid.office365lab.dk/OWA -ExternalURL https://hybrid.office365lab.dk/OWA ECP Set-EcpVirtualDirectory -Identity “EX03\ECP (Default Web Site)” -InternalURLhttps://hybrid.office365lab.dk/ECP -ExternalURL https://hybrid.office365lab.dk/ECP Set-EcpVirtualDirectory -Identity “EX04\ECP (Default Web Site)” -InternalURLhttps://hybrid.office365lab.dk/ECP -ExternalURL https://hybrid.office365lab.dk/ECP Active Sync Set-ActivesyncVirtualDirectory -Identity “EX03\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://hybrid.office365lab.dk/Microsoft-Server-Activesync -ExternalURLhttps://hybrid.office365lab.dk/Microsoft-Server-Activesync Set-ActivesyncVirtualDirectory -Identity “EX04\Microsoft-Server-ActiveSync (Default Web Site)” -InternalURL https://hybrid.office365lab.dk/Microsoft-Server-Activesync -ExternalURL https://hybrid.office365lab.dk/Microsoft-Server-Activesync OAB Set-OABVirtualDirectory -Identity “EX03\oab (Default Web Site)” -InternalUrlhttps://hybrid.office365lab.dk/oab -ExternalURL https://hybrid.office365lab.dk/oab Set-OABVirtualDirectory -Identity “EX04\oab (Default Web Site)” -InternalUrlhttps://hybrid.office365lab.dk/oab -ExternalURL https://hybrid.office365lab.dk/oab EWS Set-WebServicesVirtualDirectory -Identity “EX03\EWS (Default Web Site)” -InternalUrlhttps://hybrid.office365lab.dk/ews/exchange.asmx -ExternalURLhttps://hybrid.office365lab.dk/ews/exchange.asmx Set-WebServicesVirtualDirectory -Identity “EX04\EWS (Default Web Site)” -InternalUrlhttps://hybrid.office365lab.dk/ews/exchange.asmx -ExternalURLhttps://hybrid.office365lab.dk/ews/exchange.asmx Autodiscover Set-ClientAccessServer –Identity EX03 -AutoDiscoverServiceInternalUri:https://hybrid.office365lab.dk/Autodiscover/Autodiscover.xml Set-ClientAccessServer –Identity EX04 -AutoDiscoverServiceInternalUri: https://hybrid.office365lab.dk/Autodiscover/Autodiscover.xml 9. Configure DNS to Exchange 2010 Configure SPF Record (http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/) Add public DNS v=spf1 ip4:192.168.6.220 ip4:192.168.6.221 include:outlook.com -all o365 portal then domains then SMTP domain properties under DNS management create SPF TXT record (name @ value v=spf1 ip4:192.168.6.220 ip4:192.168.6.221 include:outlook.com -all) 10. Add o365 Tenant to EMC from EMC add exchange forest Connect to Exchange Online with powershell “$TenantCreds = Get-Credential” then “$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUrihttps://ps.outlook.com/powershell/ -Credential $TenantCreds -Authentication Basic –AllowRedirection” then “Import-PSSession $Session” then to test “Get-Mailbox | Get-MailboxStatistics | ft -a” or “Get-AcceptedDomain” 11. Configuring Exchange 2010 Hybrid EMC – on premises – Organization Configuration” – “Hybrid Configuration” – “New Hybrid Configuration” Add TXT record to public DNS Add transport certificate (3rd party) 12. Now on can use EMS Get-HybridConfiguration για έλεγχο ότι όλα είναι OK. Checklist: EMC on-premises A federation trust with the Microsoft Federation Gateway (MFG) has been established for the specified domain | On-Premises Org Configuration – federation trust an organizational relationship has been established with the Exchange Online organization in Office 365 | On-Premises Org Configuration | organization relationships “tenant_name.mail.onmicrosoft.com” has been added as an accepted domain | on-premisis – org conf – hub – accepted domains “tenant_name.mail.onmicrosoft.com” and “office365lab.dk” has been added as a remote domain | on-premises – org conf – hub – remote domains The default E-Mail Address policy has been updated, so that it stamps a secondary proxy address (alias@tenant_name.mail.onmicrosoft.com) on mailbox user objects | on-premisis – org conf – hub – e-mail address policies The HCW also creates a receive connector on each of the hybrid servers | on-premiss – server conf – HUB – receive connectors the HCW will create a send connector that will route all e-mail messages destined for “tenant_name.mail.onmicrosoft.com” to Exchange Online in Office 365 | on-premisis – org conf – hub – send connectors EMS: Get-OrganizationRelationship | fl EMC online Org conf – HUB – remote domains Org conf – Organization Relationships FOPE (forerfront access form ECP – Mail Control check Two connectors (inbound & outbound) Move mailbox = new remote move request | it will move to Mail Contact New mailbox online: Mail Contact – new remote mailbox 13. After move Generally, Windows Phone 8 and iOS clients will be able to automatically update the ActiveSync profile, while Android based clients must have their ActiveSync profile recreated. Outlook will need to close with admin message, re-open and add credentials 14. Decommission Move all mailboxes to Exchange Online, point all on-premise line of business applications, network devices and so on to Exchange Online, configures mail flow to go directly in and out of Exchange Online. In this scenario, you decommission all on-premise Exchange servers, but still use DirSync and ADFS for federation. With DirSync, the on-premise Active Directory is the source of authority, which means you should provision users in the on-premise Active Directory and then have them synchronized to Office 365/Exchange Online. In this cae, it’s usually a good idea to keep a single Exchange 2010 server on-premise, so you can use the Exchange 2010 EMC or cmdlets for the provisioning. Alternatively, you remove all Exchange 2010 servers and have an identity solution such as FIM provision the on-premise Active Directory objects with the required mail attributes in order for Exchange Online to treat them as mail enabled users. Bear in mind that with DirSync enabled, most user/mailbox attributes in Exchange Online are read-only meaning you must write to them via the on-premise Active Directory user/group object. source: http://www.e-apostolidis.gr/everything/exchange-20072010-hybrid-deployment-migrating-to-office-365/

Καλημέρα Γιώργο, πολύ ωραία ιδέα. Γενικά το έχεις καλύψει ήδη το θέμα (mxtoolbox, powershell, sharepoint, dia, puty, wireshark) οπότε για να μην γράφουμε τα ίδια θα βάλω μόνο όσα δεν έχεις ήδη γράψει. Έχω το PRTG Network Monitoring, πλέον η Free version δίνει 30 sensors for ever. Για μένα είναι ένα από τα κορυφαία εργαλεία για monitor για όλο το Infrastructure. Το free secure scan της tripware http://www.tripwire.com/securescan/για vulnerabilities sanning Το ntopng, είναι free αν το βάλεις σε Linux (προτείνω Centos minimal) Το οποίο, αν και δεν έχω καταφέρει ακόμα να μου δείξει συνδέσεις browser με τον έξω κόσμο, είναι μεγάλη βοήθεια για να δεις το trafic μέσα στο δίκτυό σου και ας μην έχεις καμιά ιδέα από δίκτυα. Κυρίως εφαρμογές όπως Dropbox & Spotify... Το http://www.canyouseeme.org/για να δω αν ακούει κάποιο Port απέξω Το CloudBerry Explorer for Azure Blob Storage ένας πολύ καλός Free file browser το Azure Storage Το openproj για να ανοίγω Microsoft Project files. To Remote Desktop Connenction Manager για RPD manager, free & αυτό. Το keepass για passsword safe. Και βασικά, αν και έχει ξανα-αναφερθεί, πολύ, αλλά ΠΟΛΥ Pοwershell. Είναι εκπληκτικό πόσα πράγματα μπορείς να φτιάξεις και να μην χρειάζεσαι άλλα εργαλεία πέραν του powershell & του task scheduler

Ευχαριστώ για την απάντηση. Αυτό που δεν ανέφερα είναι ότι πρόκειται για μια εταιρεία 15 ατόμων. Το ξέρω ότι και η watchguard & η barracuda & άλλες εταιρείες έχον έτοιμες λύσεις με firewalls, appliances & irtual applicances, φυσικά με το ανάλογο κόστος, τα οποία κάνουν αυτό που θέλω αλλά επίσης κάνουν και παπάδες. Αλλά σαν IT Pro οφείλω να βρω την πιο σωστή και οικονομική λύση για να κάνω αυτό που έχει ζητηθεί. Παλιότερα είχα δει μια υλοποίηση με ISA 2006 σαν proxy με κάποιο add-in το οποίο έδινε ένα report σαν αυτό που θέλω. Τώρα δοκιμάζω ένα Ubuntu με Squide Proxy και θα δοκιμάσω κάποια Internet access controll add-ins. Μετά θα δω τι γίνετε με Forefront TMG 2010 σε συνδυασμό με κάποιο Internet access monitor. αν όμως κάποιος έχει κάποια εμπειρία με το ntopng, το οποίο θεωρείτε ένα από τα καλύτερα, θα ήθελα μια γνώμη. Ευχαριστώ Παντελής

Καλησπέρα σας Ψάχνω ένα προϊόν το οποίο θα μου δίνει εικόνα για την δικτυακή κίνηση των χριστών. π.χ. σε ποια site συνδέονται και πόσα data πηγαινοέρχονται. Ένα report που θα έχει local host, remote host, duration, bytes, και με κάποιο μηχανισμό να κάνει resolve το remote host και να αναγράφει π.χ. facebook, dropbox, spotify, youtube Κλπ. Τι έχω δοκιμάσει μέχρι τώρα: 1. ntopng: http://www.ntop.org/products/ntop/ εγκατάσταση ubuntu σε VM με network interface A. συνδεδεμένο πάνω στο router με port mirroring την πόρτα που πάει στο switch (από εδώ περνάει όλο το internet traffic) και Β. συνδεδεμένο πάνω στο core swich Αποτέλεσμα: Μου δίνει report αλλά στο server (remote) κομμάτι δίνει μόνο το router οπότε δεν μπορεί να γένει resolve. Το μόνο που αναγνωρίζει είναι τα applications Dropbox & Spotify, όλο το άλλο trafic το δίνει είτε ως http είτε ως κάποιο πρωτόκολλο (ntp, netbios κλπ). 2. Colasoft nChronos (evaluation) http://www.colasoft.com/nchronos/ εγκατάσταση Windows Server 2012 σε VM με network interface A. συνδεδεμένο πάνω στο router με port mirroring την πόρτα που πάει στο switch (από εδώ περνάει όλο το internet traffic) και Β. συνδεδεμένο πάνω στο core swich το οποίο μου δίνει μόνο εσωτερική επικοινωνία και στις δύο περιπτώσεις Στο δίκτυο δεν υπάρχουν VLAN. Ίσως αυτά τα προϊόντα να κάνουν σωστά τη δουλεία τους και εγώ να μην έχω κάνει κάτι σωστά στο Setup, οπότε κάθε συμβουλή είναι ευπρόσδεκτη. Έψαξα αρκετά με το nChronos Που είναι commercial, θεωρητικά δεν έχει καμία δικτυακή απαίτηση, η εγκατάσταση έγινε βάση του http://www.colasoft.com/download/nChronos-getting-started-guide.pdf. Στη σελίδα 5 δείχνει ότι απλά το συνδέεις σε hub και κάνει capture. Στην παρούσα εγκατάσταση όλο το δίκτυο είναι σε unmanaged switch. Ευχαριστώ Παντελής

Λοιπόν την βρήκα τη λύση. Κατέβασα και έτρεξα το Intel System Information Retrieve Utility και το log τα λέει όλα από τις πρώτες 7 γραμμές: BIOS Version....... SE5C600.86B.02.03.0003 BMC Firmware Version: Op Code....... 1.21.6580 Boot Code.............. 01.17 ME Firmware Version: Boot Code: 02.01.07.328 ME Health Status: CORRUPTED OR INACCESSIBLE DATA SDR Version: SDR version: SDR Package 1.11 Αναβάθμισα ξανά το ME firmware μόνο και το πρόβλημα λύθηκε. Οπότε το πρόβλημα με το corruption στο ME firmeware δεν φαίνεται ούτε από το Intel®Active System Console ούτε από το integrated bmc web console, φαίνεται μόνο από το Intel System Information Retrieve Utility.

Παίζει, απλά το νέο BIOS λύνει ένα πιο σημαντικό θέμα, με το Power Supply Redundancy, οπότε θέλω να εξαντλήσω πρώτα ότι μπορέσω να βρω για να μείνω στο καινούργιο. Έχω ανοίξει και ένα case στο community support της Intel, ότι βρω θα το ποστάρω κι εδώ.

Original Post: https://borntolearn.mslearn.net/b/weblog/archive/2015/01/05/get-a-free-second-shot-on-mcp-exams-through-may-31 Welcome to 2015! Have you set your sights on achieving a new Microsoft certification this year? We're here to help. The very popular "Second Shot" offer is back! Between January 5 and May 31, 2015, take any Microsoft Certified Professional (MCP) or Microsoft Dynamics exam, and get a free Second Shot if you fail the first take. With our full transition to Pearson VUE as our sole exam delivery provider this year, there's a slight difference in the Second Shot process. Please note: You must complete a Microsoft certification exam between January 5, 2015 and May 31, 2015. Simply go to https://www.microsoft.com/learning, log in, and schedule your exam. After your exam, log in to check your personal dashboard athttps://www.microsoft.com/learning to verify testing results. Please allow up to 24 hours for results to show up on the dashboard. If you need a Second Shot, select “retake” for your exam within 30 days from your first take. Please review the Pearson VUE testing center availability for your specifc exam and then schedule your retake. For complete terms and conditions of this offer, visit the Second Shot page on our website. Good luck on your road to a new Microsoft certification title. When you earn one, don't forget to add it to your CV or LinkedIn profile. And if you're on Xbox, put an MCP shirt on your avatar! Original Post: https://borntolearn.mslearn.net/b/weblog/archive/2015/01/05/get-a-free-second-shot-on-mcp-exams-through-may-31

Καλησπέρα σε όλους, ναι καλά διαβάσατε, έχω μπλέξει με έναν Intel Server P4308CMHEN S2600CP. Δυστυχώς εμπειρία υπάρχει σε Dell, IBM & Dell servers αλλά αυτό είναι κάτι πρωτόγνωρο. Δεν ξέρω αν είναι το σωστό section για συμβουλές για σίδερα, αν όχι ευχάριστος να το μεταφέρω. Το πρόβλημα δημιουργήθηκε μετά από BIOS Update. Τα ανεμιστηράκια δουλεύουν στο τέρμα, ~8200RPM και δεν κατεβαίνουν, με αποτέλεσμα πολύ φασαρία αλλά και μείωση χρόνου ζωής χωρίς λόγο. Εντόπισα το πρόβλημα μάλλον στο εξής: BMC FW Health sensor has failed and may not be providing a valid reading Warning 0x0010 το οποίο είναι και το μόνο warning log που μου δίνει, όλα τα άλλα πράσινα. Τι έχω κάνει μέχρι τώρα, χωρίς αποτέλεσμα: Shutdown the server, remove both power cords for 30 seconds and the power on Load BIOS defaults Updated again the FRUSDR using the "FRUSDR.nsh" command and it was successful Updated the BIOS again, successful Περισσότερα στοιχεία για όποιον γνωρίζει, θέλει & μπορεί να βοηθήσει: Intel Server P4308CMHEN with the S2600CP. Board Information: Product Name : S2600CP | Serial Number: QSCP35000469 | Part/Model Number : E99552-510 | FRU File ID : FRU Ver 1.00 I recently updated the BIOS to the latest, 02.03.0003BMC6580, and the update was successful This update package includes the following system software updates: - System BIOS - 02.03.0003 - ME Firmware - 02.01.07.328 - BMC Firmware - 01.21.6580 - FRUSDR - 1.11 The actual readings from the BMC console now are: BIOS ID : SE5C600.86B.02.03.0003.041920141333 BMC FW Rev : 01.21.6580 Boot FW Rev : 01.17 SDR Package Version : SDR Package 1.11 Mgmt Engine (ME) FW Rev : 02.01.07.328 After the update the FANs are operating in full speed, ~8200RPM, and the server is extremely noisy. At the Sensor Readings of the BMC console it reports: BMC FW Health sensor has failed and may not be providing a valid reading Warning 0x0010 What I have done already: Shutdown the server, remove both power cords for 30 seconds and the power on Load BIOS defaults Updated again the FRUSDR using the "FRUSDR.nsh" command and it was successful Updated the BIOS again, successful Οποιαδήποτε ιδέα ευπρόσδεκτη Ευχαριστώ

Καλή Χρονιά και πάνω απ'όλα υγεία! (αντε και πολλά gadgets!)

Καμιά ιδέα για GUI? Τι χρησιμοποιείτε? Splunk, waf-fle κλπ.

To move a mailbox to Exchange Online from Exchange 2013 first connect Windows PowerShell to Exchange Online with a Global Administrator: $UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/-Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session Provide the on-premise administrator credential Then connect to the local Exchange 2013: Run $RemoteCredential= Get-Credential Start the move request Finally initiate the move: New-MoveRequest -Identity “useralias” -Remote -RemoteHostName “mail.mydomain.com” -TargetDeliveryDomain mydomain.mail.onmicrosoft.com -BadItemLimit 10000 -AcceptLargeDataLoss -RemoteCredential $RemoteCredential source: http://www.e-apostolidis.gr/microsoft/exchange-2013-online-grand-full-access-to-mailboxes/

This post is bout Exchange/Office 365 Hybrid Deployments, when for some reason we need to completely delete a user account and mailbox from Office 365 in order to re-sync it. First you need to exclude the user from DirSync Open the “Synchronization Service Manager” (cn be fount at “C:\Program Files\WindowsAzureActiveDirectorySync\SYNCBUS\Synchronization Service\UIShell\miisclient.exe”) Navigate to “Metaverse Search” and click on “Add Clause” Be sure that you choose Displayname as Attribute, and then configure your search Double click an entry, and open the tab connectors Activate the line with the “Active Directory Connector” Management Agent and click on “Disconnect… In the disconnect object accept question, choose “Disconnector (Default)” to remove the connector. Explicit Disconnector will lock the object to be a connector again. You can then rerun your search, and the specific account will not be shown anymore. And after a sync, the object will also be removed from the azure Directory Then you need to remove the user object from the Office 365 portal using the PowerShell Open PowerShell “Windows Azure Active Directory Module” $msolcred = get-credential connect-msolservice -credential $msolcred Get-MsolUser -ReturnDeletedUsers | FT UserP*,ObjectId Remove-MsolUser -ObjectId abc1234-12abc-123a-ab12-a12b3c4d5f6gah -RemoveFromRecycleBin -Force Get-MsolUser -ReturnDeletedUsers | Remove-MsolUser -RemoveFromRecycleBin -Force Then at the next scheduled sync of te DirSync the user will be recreated. Also you can force the DirSync to creaate the user faster. soure: http://www.e-apostolidis.gr/microsoft/delete-user-from-office-365-with-dirsync/

To connect PowerShell to Exchange Online, open the PowerShell and run: $UserCredential = Get-Credential $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://outlook.office365.com/powershell-liveid/-Credential $UserCredential -Authentication Basic -AllowRedirection Import-PSSession $Session source: http://www.e-apostolidis.gr/microsoft/connect-to-exchange-online/

Η γενική αρχή είναι ότι εφόσον μπορεί να δει την εικόνα τότε ήδη την έχει αντιγράψει τοπικά. Υπάρχουν βέβαια κάποια applications που λειτουργούν σαν web servers, βλέπεις τις εικόνες αλλά κόβουν το save και το copy από τη σελίδα. Φυσικά προϋποθέτει ότι θα κόψεις τελείως το access στις εικόνες από τους χρήστες και μόνο μέσο της συγκεκριμένης webpage θα τις βλέπουν. Δυστυχώς δεν έχω δοκιμάσει κάτι για να σου πω παραπάνω, αλλά ψάξε το λίγο. Στην τελική όμως με το απλό Print-screen αντιγράφεις ότι βλέπεις :)

Microsoft offers for free it’s antimalware service. When you create a new VM you have the option to enable it. This will install the System Center Endpoint Protection client to the VM managed by Azure. If you have added this but now you want to remove it and add some other antivirus/antimalware solution you cannot do it by just uninstalling the client from the VM. The client will auto re-insalled by Azure. There are two ways to completely uninstall the program and remove it from Azure. One is using the new Portal and one using PowerShell. Using the Portal Go to https://portal.azure.com/ Browse the VM Go to the Configuration section and click on Extensions Click the Microsoft.Azure.Security extension You can delete it using he Delete button At any time you can re-add it, by clicking the Add button at the Extensions window Using PowerShell First connect PowerShell to your Azure subscription, as described to this post and then: # First check the Antimalware Service Status, you need to select the Azure VM and then get the status: $servicename = "myVMservice" $vmname = "myVMname" $vm = Get-AzureVM –ServiceName $servicename –Name $vmname Get-AzureVMExtension -Publisher Microsoft.Azure.Security -ExtensionName IaaSAntimalware -Version 1.* -VM $vm #First remove the service from Azure Remove-AzureVMExtension -Publisher Microsoft.Azure.Security -ExtensionName IaaSAntimalware -VM $vm # Then uninstall the Antimalware Client from the VM Get-AzureVM -ServiceName $servicename -Name $vmname | Set-AzureVMExtension -Publisher Microsoft.Azure.Security -ExtensionName IaaSAntimalware -Version 1.* -Uninstall | Update-AzureVM source: http://www.e-apostolidis.gr/microsoft/remove-microsoft-antimalware-service-from-a-vm/

όχι όχι, λάθος διατύπωση! Κι εγώ έχω καταλάβει ότι είναι το καλύτερο. Η ερώτηση είναι για άλλα αντίστοιχα αξιοπρεπεί γιατί απλά δεν ξέρω γενικός άλλα. Οπότε ήθελα απόψεις. Το θέμα μου είναι το support, γιατί ας πούμε για το ModSecurity οκ έχει αρκετό community αλλά ας πούμε γι ατο πρόβλημά μου δεν βρίκα κάτι στο web ούτε στο site τους. Επίσης, θα ήθελα απόψεις για GUI. Τι χρησιμοποιείτε? Splung, waf-fle κλπ.

Τελικά έπαιξε. Έβγαλα τους servers από shared configuration, έβαλα το ModSecurity καιτους ξαναέβαλα σε Shared COnfiguration. Μιά χαρά. Ευχαριστώ και πάλι Greg. Η ερώτηση βεβαίως παραμένει, αν ξέρετε κάποιο άλλο αξιοπρεπές WAF, το οποίο να μπαίνει πάνω σε IIS, και να παίζει με Farms. Δεν με ενδιαφέρει appliance λόγο Azure. Με ενδιαφέρουν και open source και commercial. Μέχρι στιγμής έχω δοκιμάσει και το WebKnight, παίζει μια χαρά και δεν χρειάστηκε και να πειράξω τη φάρμα.

I was looking for a free solution to have an email notifications for Azure backup. After reading other blogs and technet site I end up to use PowerShell Send-MailMessage attached to the Azure Backup Logs. In short, when the Azure Backup log is created, the script lists the last 2 days events, creates an html file and mails the report with the html as attachment to you. First find the Azure backup Event Log, it under “Applications and Services Logs, CloudBackup, Operational” and select to attach a task to the log. This will trigger the task on every event created under this log. On the other hand you can attach the task to a specific event. Create a Task and attach the below PowerShell script. Here you will find the powershell.exe “C:\Windows\System32\WindowsPowerShell\v1.0″ Crate a folder c:\IT and Copy the below script on a text file and name it “eventemail.ps1″. Finally change the required fields. $date = (Get-Date).AddDays(-2) $event = Get-WinEvent -FilterHashtable @{ LogName = "cloudbackup"; StartTime = $date; } $event | ConvertTo-Html message,timecreated | Set-Content c:\it\backup.html if ($event.EntryType -eq "Error") { $PCName = $env:COMPUTERNAME $EmailFrom = "FROM_EMAIL_HERE" $EmailTo = "YOUR_EMAIL_HERE" $EmailSubject = "Server $PCName Backup Failure report" $SMTPServer = "SMTP_SERVER_HERE" Write-host "Email Sent" Send-MailMessage -From $EmailFrom -To $EmailTo -Subject $EmailSubject -body "$($event.Message) $($event.TimeCreated)" -Attachments "c:\it\backup.html" -SmtpServer $SMTPServer } else { write-host "There is no error. Below the logs files." $event $PCName = $env:COMPUTERNAME $EmailFrom = "FROM_EMAIL_HERE" $EmailTo = "YOUR_EMAIL_HERE" $EmailSubject = "Server $PCName Backup Success report" $SMTPServer = "SMTP_SERVER_HERE" Write-host "Sending Email" Send-MailMessage -From $EmailFrom -To $EmailTo -Subject $EmailSubject -body "$($event.Message) $($event.TimeCreated)" -Attachments "c:\it\backup.html" -SmtpServer $SMTPServer } The “write-host ” lines can be removed. They are useful only for troubleshooting by running the script manually on powershell. source: http://www.e-apostolidis.gr/microsoft/azure-backup-email-notification/

There are many reasons to have your Disks stored at separate Storage Accounts, per Cloud Service. One is that a Storage Account in Azure provides 20000 IOPS and every disk in Standard Tier 500 IOPS. Azure support suggests to don’t have more than 40 disks per Storage Account. Also you may want to have your disks lined (go to Azure, Cloud Services, selsect a Cloud Service and you can see the “Lined Resources” tab, there you can link storage accounts to the Cloud Service) to the same Cloud Services as their VMs. The problem is that if you have an Azure VM and you try to “attach an empty disk” you will realize that the disk will be created at the default Storage Account of the Subscription and there is no option to change this. Here is a PowerShell command that creates a VHD at a specified Storage Account, creates a Disk and attaches it to a VM: Get-AzureVM "servicename -Name "vmname" | Add-AzureDataDisk -CreateNew -DiskSizeInGB XXX -DiskLabel "diskname" -MediaLocation "https://storageaccountname.blob.core.windows.net/vhds/vhdname.vhd"-LUN X | Update-AzureVM Some more info on this command: First of all you need to connect to your Azure Subscription, you can follow this Post on how to do it. Then create a Storage Account using the GUI or PowerShell, here is the Microsoft’s link http://azure.microsoft.com/en-us/documentation/articles/storage-create-storage-account/ Then you need to list the disks that are already connected to your VM in order to view the LUN number that you will use. The OS disk is not listed on this command. The first data disk consumes the LUN 0, the second the LUN 1 and so on. The command is: Get-AzureVM -ServiceName "servicename" -Name "vmname" | Get-AzureDataDisk source: http://www.e-apostolidis.gr/microsoft/create-a-disk-in-specific-storage-account-and-attach-it-to-a-vm-in-azure/

Copy AZURE VHD to other storage account #Source storage account $context1 = new-azurestoragecontext -storageaccountname "name_source_account" -storageaccountkey "key_source_account" #Destination storage account $context2 = new-azurestoragecontext -storageaccountname "name_destination_account" -storageaccountkey "key_destination_account" #Initiate copy this might take a while Start-AzureStorageBlobCopy -SrcContainer "vhds" -SrcBlob "name_as_found_in_step_one.vhd" -SrcContext $context1 -DestContainer "vhds" -DestBlob "my_destination_name.vhd" -DestContext $context2 Track Azure VHD copy process $context = new-azurestoragecontext -storageaccountname "name_destination_account" -storageaccountkey "key_destination_account" Get-AzureStorageBlobCopyState -Blob "file_name.vhd" -Container "vhds" -Context $context source: http://www.e-apostolidis.gr/microsoft/copy-azure-vhd-to-other-storage-account/

First of all, the VM must be within a virtual network to be able to add a static Private IP address There are two ways to set a static private IP. One is using the new Azure Portal "portal.azure.com" and one via PowerShell. Using the new Portal, browse a VM, select settings and then IP addresses. There at the Private IP address you can select "Static" and add the IP address. Using PowerShell, first connect to the Azure (details on this post), and use the following commands: #Test IP availability: Test-AzureStaticVNetIP -VNetName XXXXXXX -IPAddress #Set the VM that will take the static IP $static = Get-AzureVM -ServiceName xxxxx -Name xxxxxx #Set the static IP Set-AzureStaticVNetIP -VM $static -IPAddress xx.xx.xx.xx | Update-AzureVM #Check the static IP Get-AzureStaticVNetIP -VM $staticVM source: http://www.e-apostolidis.gr/microsoft/set-static-ip-to-azure-vm/

First we need to install the Azure PowerShell module from http://go.microsoft.com/fwlink/p/?linkid=320376&clcid=0x409 Then open PowerShell and follow the below commands: #Get your subscription file - The browser will open, you will need to login to the Azure Subscription and finally it will download the <subscriptonname>.publishsettings file Get-AzurePublishSettingsFile #Connect to your Subscription Import-AzurePublishSettingsFile -PublishSettingsFile "full path to downloaded file" Source: http://www.e-apostolidis.gr/microsoft/connect-powershell-to-azure/

Νίκο κάτι παίζει με την υπογραφή σου, εμφανίζονται 2 Links

Azure Backup είναι η καλύτερη λύση, κι εγώ αυτό χρησιμοποιώ, πολύ γρήγορο. Βάζεις τον client στον file server σου & ένα certificate για το encryption, φτιάχνεις Schedule backup και το ξεχνάς. δες εδώ για περισσότερα στοιχεία και τιμές http://azure.microsoft.com/en-us/pricing/details/backup/ αλήθεια, 10 TB με τι γραμμή θα τα αναιβάσεις? Το Azure σου δίνει τη δυνατότητα να του στείλεις encrypt hard drive με τα data σου. Οπότε μετά θα συνεχίσεις με incremental backups. Ψάξε το λίγο.