I wanted to share an interesting find I had with a customer today. We were working on a task to populate some user collections for a deployment and we saw that one collection had a lot more users included than it should have. We figured it must be users coming from Azure AD (AAD) which made me wonder; how could we easily identify only AAD users and use that technique to exclude the unnecessary users from the collection we were creating? First we tried using the "Agent Name" attribute on the user object. This could in theory work, since it [...]
Previous: Continuous Delivery WebApps with ARM Templates, Part 1 Cross-posting from personal blog https://cloudmechanic.net So it has been some busy months and therefor a bit delayed with this second post, but now I finally got a moment to finish it, so here we go! In the previous post we created and tested the continuous delivery pipeline for the Azure resources using a ARM template, and with the pipeline for deploying the Azure resources we are now ready to create the pipeline to deploy the application. First you should go and grab the latest version of the ARM template and the [...]
Cross-posting from personal blog https://cloudmechanic.netThe boss words these days is all about DevOps, Everything as Code, Continuous Delivery, but how do you actually do it? And why should you do it? Hopefully this post will help you getting started, and by the end of the post provide you with a complete working scenario. So lets get started!First let me describe the scenario. This case will deploy a simple To-do List .NET WebApp using a Azure SQL Database and monitored with Application Insight.All code needed for this is provided doing the article, so don't worry you don't need to know anything [...]
The new Cloud Management Gateway is going to make a big difference in the way we manage endpoints away from home in the future. The feature is a System Center Configuration Manager 1610 pre-release feature. Being a pre-release typically means = a little troubleshooting is required to get the feature working in different environments. In my previous blog post I described an issue with software update scan failing. The troubleshooting steps used in this blog post, are similar what I have described there. In this environment we have a PKI with a Sub CA, and as part of the certificate [...]
First, I need to say….the new Cloud Management Gateway feature in Configuration Manager 1610 is awesome. There are a couple of gotchas you need to know about, when creating the service, but once you have overcome those hurdles - you will look like a hero at work, and be known as the person who finally enabled client management on internet based endpoints like road-warriors and colleagues working from home. In the wuahandler.log on the client you might run into Scan failed with error = 0x80240439. If that happens, first step in your troubleshooting should be checking he configuration manager agent [...]
In this post I will demonstrate an example on how to use the popular team collaboration tool Slack together with Azure Automation to retrieve data from your on-premise SCSM environment. The data in this example are Incidents retrieved via an Azure Powershell runbook. The setup is very simple and does not require any development skills (only a little powershell ). The scope could easily be extended to more useful scenarious such as sending reviewal messages to your managers or perhaps a Change Advisory Board (CAB) to accept or decline Review Activities in their small team meeting room. This is just [...]
Azure Functions is a great new, cheap and easy way to publish simple web services. Functions can be written in multiple languages such as C#, PowerShell or even Batch! You can read more about them here: https://azure.microsoft.com/en-us/services/functions/ This Azure Function is based on PowerShell and I have used it in multiple session on conferences such as MMS 2016 (was in a C# version though) and System Center Universe Europe 2016 About the function: When using subscriptions in Microsoft Graph API, you have to Validate your webhook by returning a verification code which Graph API sends to the webhook. Unfortunately Azure [...]
Enrolling devices into Intune and & ConfigMgr is normally straight forward until you run into issues. Below is an example where I received an enrollment error (picture 1), clicking Continue leads me to picture 2. As you can see in picture two the Enrollment Update turns from Warning to Checkmark, but only for about 5 seconds then it goes back to a warning. Troubleshooting mobile devices is slightly different than traditional desktop troubleshooting. The troubleshooting options depends on the device (Android, iOS or Windows). In this example my device was an Android. You can email the log files [...]
Recently I had a customer who had implemented the latest version of Azure AD Connect (v. 126.96.36.199) which was available in February 2016. In this version Microsoft changed a lot the make it easier to administrate and convenient to use. They also added some great new features like! Reduction in the sync interval to keep your Azure AD in sync with AD on-premises more quickly Support for automatic upgrades Ability to switch between sign-in methods through the wizard to enable faster pilots Support for Domain and OU filtering within the wizard Read more here: https://blogs.technet.microsoft.com/ad/2016/02/18/azure-ad-connect-1-1-is-now-ga-faster-sync-times-automatic-upgrades-and-more/ Well as it turned out, [...]
Hi First and foremost, thanks to all attendees for a great day on Wednesday. Lots of great questions and discussions and to all of you who is wondering what happened to my girlfriend’s phone – well I had to un-enroll it the morning after! For those of you who are waiting for the EMS-book that Kent is writing together with Peter Daalmans, it is not to long until it is published so stay tuned! I will update this blog post with link to the book when it is out.. Download the slide deck: EMS Microsoft EMS Resources app is free and [...]
I had this question from a customer recently, and when I searched the net I wouldn’t find any specific examples. This example assigns a user as a Contributor to the subscription. When you assign roles to resources, all you need is the URL for the resource and provide it to this cmdlet. Here you go: Login-AzureRMAccount $userEmail = "firstname.lastname@example.org" $SubscriptionName = "Test Subscription" Get-AzureRmSubscription -Subscriptionname $SubscriptionName New-AzureRmRoleAssignment -SignInName $userEmail -Scope "/subscriptions/$($sub.SubscriptionId)" -RoleDefinitionName Contributor That’s all for today!
Update: The app has now changed name and is published to the Microsoft store under the name Microsoft EMS Resources An updated blog post is published here: https://blog.ctglobalservices.com/mas/december-11-microsoft-enterprise-mobility-suite-ems-resources-at-your-fingertips/ As an IT-Pro I am used to staying up to date on the latest technology that I am working with. And with On-premises solutions like traditional ConfigMgr implementations, staying up to to date is not too hard with a little bit of effort since new features and updates are not added daily as opposed to what is going on in the Cloud. The cloud is evolving so fast with new features and services added daily [...]
A new feature in AD premium allows you to gather information about existing SaaS applications in your environment. The feature is called Cloud App Discovery and is part of your AD premium subscription. Here are the steps you need to take in order to get it working. Additional information can be found at Microsoft Technet In your favorite browser navigate to https://appdiscovery.azure.com/ and click Get Started From the Cloud App Discovery pane click Create Click Settings, Management Agent and click Download – this will download the agent. The agent can be deployed thru Configuration Manager or any other SW [...]
I have four Azure VMs running during normal business hours. All machines are Type A2 (2 CORES / 3.5 GB RAM) and cost $0.154/hr per VM. I start them in the morning at 8PM and deallocate them at 5PM when I leave the office. At least once a month I forget to deallocate. They then run unused until next morning (15 Hours). Apparently, I love Microsoft so much that I enjoy giving them my money. But mark my words. I will no longer pay for services that I don’t use….. Calculation Wasted hours Azure Price No. of VMs No. of [...]
Cool webpage to measure network latency to azure.