Identifying Azure AD users with ConfigMgr

I wanted to share an interesting find I had with a customer today. We were working on a task to populate some user collections for a deployment and we saw that one collection had a lot more users included than it should have. We figured it must be users coming from Azure AD (AAD) which made me wonder; how could we easily identify only AAD users and use that technique to exclude the unnecessary users from the collection we were creating? First we tried using the "Agent Name" attribute on the user object. This could in theory work, since it [...]

By |2019-02-21T22:22:05+01:00februar 19th, 2019|Azure, Configuration Manager (SCCM)|Kommentarer lukket til Identifying Azure AD users with ConfigMgr

PowerShell: Setting Azure Active Directory Diagnostics Forwarding

Currently we a spending most of our time doing Azure Gonvernance projects for customers.This includes DevOpsPipelinesTemplatesand moreManagement/Resource Group StructurePoliciesMonitoringIf you need anything in aboveareas, don’t hesistate to contact us!We can help you get into azure from nothing to production, or help you get control of your azure spending and structure.One of the things we setup is Diagnostics logging in Azure Log Analytics from various resources.This is super easy to setup on all Azure Resources, but it is actually also possible to enable on Azure ADs.Azure AD forwards these logs:AuditLogsSignInLogsThe challenge is that Azure AD is Not  a normal Azure resource, [...]

By |2019-02-19T11:30:37+01:00februar 19th, 2019|Automation, Azure, Monitoring, Powershell|3 Comments

Continuous Delivery WebApps with ARM Templates, Part 2

Previous: Continuous Delivery WebApps with ARM Templates, Part 1 Cross-posting from personal blog https://cloudmechanic.net So it has been some busy months and therefor a bit delayed with this second post, but now I finally got a moment to finish it, so here we go! In the previous post we created and tested the continuous delivery pipeline for the Azure resources using a ARM template, and with the pipeline for deploying the Azure resources we are now ready to create the pipeline to deploy the application. First you should go and grab the latest version of the ARM template and the [...]

By |2017-12-12T15:15:53+01:00december 12th, 2017|Azure|Kommentarer lukket til Continuous Delivery WebApps with ARM Templates, Part 2

Intune: Reporting Part 1 – create basic inventory report directly from Intune Console

I am a ConfigMgr consultant by heart where I have spent most of my IT-career designing and building ConfigMgr Solutions for customers. And everyone that has worked with ConfigMgr knows that you can report on basically anything from the clients managed by ConfigMgr. If you don't see the data, the reason is probable that the the Agent is not configured to harvest it. Well for the past 3-4 years I have also been working with Intune where the reporting capabilities has been a bit limited, especially devices managed through mdm, however the reporting has capabilities been greatly improved over the [...]

By |2017-11-13T00:23:52+01:00oktober 31st, 2017|Azure, Enterprise Mobility Suite (EMS)|4 Comments

Continuous Delivery WebApps with ARM Templates, Part 1

Cross-posting from personal blog https://cloudmechanic.netThe boss words these days is all about DevOps, Everything as Code, Continuous Delivery, but how do you actually do it? And why should you do it? Hopefully this post will help you getting started, and by the end of the post provide you with a complete working scenario. So lets get started!First let me describe the scenario. This case will deploy a simple To-do List .NET WebApp using a Azure SQL Database and monitored with Application Insight.All code needed for this is provided doing the article, so don't worry you don't need to know anything [...]

By |2017-10-26T19:42:46+01:00oktober 26th, 2017|Azure|1 Kommentar

Set Desktop and Lock Screen wallpaper with Intune in Windows 10

This is a quick blog post to show you can set this fairly easily using Intune. Intune requires you to point to a URL for the wallpaper which at first seems a bit odd, but it actually makes a lot of sense when you have solutions like OneDrive. What am I talking about? Well, find a suitable wallpaper and place it on your Sharepoint OneDrive or Personal OneDrive. Then share the wallpaper and create a public viewing link like so   Next, test the link by pasting the URL into your browser and take a look at the result. It [...]

How to manage Bitlocker on a Azure AD Joined Windows 10 Device managed by Intune.

When joining a computer to AAD either manually or by using a provisioning package, Bitlocker will be enabled automatically if your device has the necessary prerequisites. However in the case that Bitlocker is disabled this is how you enable Bitlocker, save the Bitlocker Key Protector to ADD (also known as the recovery key) and recover the key in the case you need it. So this blog post is both for the end-user and IT-pro I guess. In this scenario we have configured a Device Compliance Policy in Intune where we require Encryption of data storage on devices and sent the [...]

Azure Automation + Slack + Service Manager

In this post I will demonstrate an example on how to use the popular team collaboration tool Slack together with Azure Automation to retrieve data from your on-premise SCSM environment. The data in this example are Incidents retrieved via an Azure Powershell runbook. The setup is very simple and does not require any development skills (only a little powershell ). The scope could easily be extended to more useful scenarious such as sending reviewal messages to your managers or perhaps a Change Advisory Board (CAB) to accept or decline Review Activities in their small team meeting room. This is just [...]

By |2016-09-21T16:37:43+01:00september 21st, 2016|Azure, Service Manager (SCSM)|1 Kommentar

Azure Function to enable Microsoft Graph API webhook subscriptions to Azure Automation webhooks

Azure Functions is a great new, cheap and easy way to publish simple web services. Functions can be written in multiple languages such as C#, PowerShell or even Batch! You can read more about them here: https://azure.microsoft.com/en-us/services/functions/ This Azure Function is based on PowerShell and I have used it in multiple session on conferences such as MMS 2016 (was in a C# version though) and System Center Universe Europe 2016 About the function: When using subscriptions in Microsoft Graph API, you have to Validate your webhook by returning a verification code which Graph API sends to the webhook. Unfortunately Azure [...]

By |2016-08-24T16:00:48+01:00august 24th, 2016|Azure|Kommentarer lukket til Azure Function to enable Microsoft Graph API webhook subscriptions to Azure Automation webhooks

OMS Automation: How to handle OMS Alert result data in a runbook

Currently we are doing Demos upon demos, POC upon POC of OMS. Everybody seems keen to get into to it! One of the function of OMS Log Search is Alerts. These alerts can be setup to trigger a runbook in Automation when the alerts trigger. Here is a simple template to use for getting the content of the data sent from OMS: param($webhookdata) # Get Webhook Data $RequestBody = ConvertFrom-JSON $WebhookData.RequestBody # Searching Webhook Data for Value Results $SearchResults = $RequestBody.SearchResults $SearchResultsValue = $SearchResults.value Foreach ($item in $SearchResultsValue) { $UserName = $item.TargetUserName #Field name } Thats it !  

By |2016-06-29T16:18:35+01:00juni 29th, 2016|Azure|1 Kommentar

Microsoft Azure AD Connect not syncing at a cycle

Recently I had a customer who had implemented the latest version of Azure AD Connect (v. 1.1.119.0) which was available in February 2016. In this version Microsoft changed a lot the make it easier to administrate and convenient to use. They also added some great new features like! Reduction in the sync interval to keep your Azure AD in sync with AD on-premises more quickly Support for automatic upgrades Ability to switch between sign-in methods through the wizard to enable faster pilots Support for Domain and OU filtering within the wizard Read more here: https://blogs.technet.microsoft.com/ad/2016/02/18/azure-ad-connect-1-1-is-now-ga-faster-sync-times-automatic-upgrades-and-more/  Well as it turned out, [...]

Azure Stack: Azure Stack TP1 POC download is available!

The Azure Stack POC is up and running again. With a new updates to make installation easier If you haven’t tried it yet! Get started! https://azure.microsoft.com/en-us/overview/azure-stack/try/ Read much more in the documentation (you can even help contribute since the docs are open source!) https://azure.microsoft.com/en-us/documentation/articles/azure-stack-overview/

By |2016-02-22T23:05:23+01:00februar 22nd, 2016|Azure, Azure Stack|Kommentarer lukket til Azure Stack: Azure Stack TP1 POC download is available!

Azure Stack – PowerShell: VM Admin GUI Tool – Beta 1

Welcome to my first Azure Stack blog. Recently I have been exploring the Azure Stack POC TP1 which is available for everyone at https://azure.microsoft.com/en-us/overview/azure-stack/ So far I am very impressed, of cause always bear in mind that this is the first technical preview POC. Today I made a small tool for helping me to have a good overview of my Azure Stack tenant VMs. In Azure Stack the VMs are named by their GUID in Hyper-V. This makes perfect sense, since multiple tenants could easily name their VMs the same name. But when administrating your hyper-v host, It can be [...]

By |2016-02-22T14:27:35+01:00februar 22nd, 2016|Azure, Azure Stack|Kommentarer lukket til Azure Stack – PowerShell: VM Admin GUI Tool – Beta 1

Azure PowerShell: How to assign access to a subscription using PowerShell (RBAC)

I had this question from a customer recently, and when I searched the net I wouldn’t find any specific examples. This example assigns a user as a Contributor to the subscription. When you assign roles to resources, all you need is the URL for the resource and provide it to this cmdlet. Here you go: Login-AzureRMAccount $userEmail = "[email protected]" $SubscriptionName = "Test Subscription" Get-AzureRmSubscription -Subscriptionname $SubscriptionName New-AzureRmRoleAssignment -SignInName $userEmail -Scope "/subscriptions/$($sub.SubscriptionId)" -RoleDefinitionName Contributor That’s all for today!

By |2016-02-18T13:41:05+01:00februar 18th, 2016|Azure, Powershell|4 Comments

Azure Automation / SCOM: Triggering a runbook as a Recovery task using Webhooks

  If you havent heard about it, the future of automation is here! In the form of  “Azure Automation”. also known as “OMS Automation” when it is part of the Operational Management Suite (OMS). This cloud service can control our automation, just as System center Orchestrator has done for years. It works in a very similar way, but has been extended to support more features, for instance it supports what is known as Webhooks. A webhook enables us to trigger a runbook using a standard HTTP call, making it easier to integrate from other tools (could for instance be used [...]

By |2016-02-10T15:41:56+01:00februar 10th, 2016|Azure, Operations Manager (SCOM)|1 Kommentar

Azure Automation: Setting “Run As” Account on Hybrid Worker Groups!

I just want to post a little new feature I found a couple of days ago as a small NYE treat! It is now possible to set a “global” Run As account on a hybrid worker group! This feature removes any difference between SMA and AA Hybrid Workers, meaning that you can transfer any runbooks directly! (Contact me if you need help) By Default the Hybrid Workers run as “LocalSystem”, while SMA runbook workers run as a specified service account. It is possible to change the service account for the Microsoft Monitoring Agent, but that is not best practice and [...]

By |2015-12-31T13:46:30+01:00december 31st, 2015|Azure|3 Comments

December 17th: Azure AD Connect – Step by Step (Pixi Book Style)

A Coretech Christmas Tale. Once a upon a time customers were having difficulties connecting their on-premise Active Directory to Azure AD. Throughout this post We will tell the story about "Test-users-1" and his journey from his well-known On-Premise AD (AD.Sandbx.dk) to the exciting Cloud know as Azure. If you are a customer and wish to recreate "Test-User-1" journey. Then it can easily be done by following his steps and completing your own POC for Azure AD. ___________________ Attached to this blog are a Word Document that in details shows all steps of the proces in 6 easy steps. Create Azure [...]

By |2015-12-17T09:00:54+01:00december 17th, 2015|Azure, Office 365|4 Comments

December 11: Microsoft Enterprise Mobility Suite (EMS) Resources at your fingertips

I know it's a pompous title, but that still the idea behind what I want to show next. As an IT-Pro I am used to staying up to date on the latest technology that I am working with. And with On-premises solutions like traditional ConfigMgr implementations, staying up to date is not too hard with a little bit of effort since new features and updates are not added daily as opposed to what is going on in the Cloud. Now for some time now I have been working with Cloud services like Microsoft Intune and eventually EMS after the suite [...]

December 1st: Azure Automation: Triggering a webhook from a SharePoint workflow using Out-of-the-box Activities

Welcome to this year Coretech December Calendar! Today is the 1st of december and we have a great little christmas treat for you! This is the first post in a series of posts, published every day in December. Today's subject is Triggering Webhooks from SharePoint! One of the great new features in Azure Automation is Webhooks! Webhooks is everywhere! More and more cloud services support them. Basically it is a simple HTTP Post sent to a web service that starts the runbooks. We can then send a bunch of data with the post and have the runbook receive these dato. [...]

By |2015-12-01T12:00:00+01:00december 1st, 2015|Automation, Azure|7 Comments

Azure automation: Start-AutomationRunbook – New simple way to start runbook jobs from within a runbook!

Microsoft has just released a new cmdlet in the realm of Azure automation. Start-AutomationRunbook The cmdlet is designed to start runbook jobs in the same account as the current running runbook, without having to define any endpoints/credentials/etc. Syntax is: Start-AutomationRunbook [-Name] <string> [-Parameters <IDictionary>] [-RunOn <string>] [<CommonParameters>] How to start a runbook: Start-AutomationRunbook – Name "Test-JSONOutput" Start a runbook on a hybrid worker Start-AutomationRunbook – Name "Test-JSONOutput" –RunOn "Denmark" NB! The cmdlet can only be used inside runbooks Great little addition to the built in cmdlets in Azure automation!

By |2015-11-20T15:33:22+01:00november 20th, 2015|Automation, Azure|6 Comments

Microsoft EMS News App for Windows 10 and Windows Phone 10

Update: The app has now changed name and is published to the Microsoft store under the name Microsoft EMS Resources An updated blog post is published here: https://blog.ctglobalservices.com/mas/december-11-microsoft-enterprise-mobility-suite-ems-resources-at-your-fingertips/ As an IT-Pro I am used to staying up to date on the latest technology that I am working with. And with On-premises solutions like traditional ConfigMgr implementations, staying up to to date is not too hard with a little bit of effort since new features and updates are not added daily as opposed to what is going on in the Cloud. The cloud is evolving so fast with new features and services added daily [...]

Azure Automation: Script for downloading and preparing AzureRM modules for Azure Automation!

Update from MSFT: 2/22/2016: To respond to a common user question, right now there is no timeline on when additional modules / new versions of modules will be shipped out of box in the Automation service. If you have additional requirements besides what we currently ship globally, these modules / module versions will have to be imported as user modules. Please note the new guidance is that if the latest version of any Azure/AzureRM module is imported as a user module to an automation account, the latest versions of ALL Azure/AzureRM modules (not just the ones that ship out of [...]

By |2015-10-12T16:01:15+01:00oktober 12th, 2015|Azure|7 Comments