Lets try to get SMB1 to die …. at least in my lab..

This last weekend there have been quite a buzz about the ransomware that been spreading like the plague based on the fact that there are still so many unpatched servers and clients running windows from the stone age. We can also discuss for a while why in Windows 10 and Windows server 2016 the SMB1 protocol is still enabled and needs to be turned off? One alternative could have been to say that if you want to use this 30 year protocol you would need to enable it and thus knowing the risk and taking that into account when deciding for the legacy track

One way of beeing safe is to of course turn of the computer but that works how long?

In my lab environment I have the luck to only use WIndows 2012 R2 and above, I need to get the computers from the AD and also remove the FS-SMB1 role. The quickest way is to just disable the SMB1 protocol, you know there are users in an ordinary world that kind of does not want servers to be restarted whenever and removing the feature does need a reboot…  So first disable the protocol now and then remove the role when it is time to do the magic reboot

 

AzureStack TP3 refresh deployment

Last Thursday Microsoft and the AzureStack Team released a refresh of the TP3 of AzureStack and now with more functionality:

New to App Service this release:

  • Azure Functions preview for AAD based deployments
  • Deployment in disconnected environments
  • Deployment on ADFS authenticated Azure Stack
  • Installation and deployment improvements
  • Azure Resource Manager (ARM) API version 2016-03-01 support for App Services
  • Synchronization of SKUs with Azure – i.e. Free (F1), Shared (D1), and Standard (S1, S2, S3)
  • Service reliability improvements

One advantage of being in a DC that Basefarm operates is that the bandwidth is huge and I could download the Stack-Pack very fast and it took about 7 minutes,

Then I download new Azurestack tools and configure the host for deploy and my deployment took about 5 hours:

Good luck in your deploy

 

Replace a AD DC without gui and using PowerShell Direct

So in my home lab I had a DC going out of time (it was a technical preview of 2016) and needed to be replaced and I wanted to do it the right way and not login to the console/gui on the actual DC to it once during the removal and deploy of a new one!

So firstly I had to decommission it as a DC and then I created a new image from the media

After this I started the new DC-VM, to use the PowerShell Direct I had to activate the “Guest Service Interface”. one cool thing is when using PowerShell direct I can set the IP address on the NIC within the VM without getting disconnected as I would have been otherwise if using a ordinary powershell remoting session!

When the DCPromo was successfull I could check on the node that it was replicating okay

Looking at the deployment of Azurestack it is during the process utilizing PowerShell Direct and it is a killer feature 😀

Happy PowerShelling!

DevOpsDays Stockholm 8-9 May 2017

I wanted to update you all that I am involved in the crew behind the DevOps Days Stockholm that will be hosted for the first time in Stockholm

Maybe you have been to another DevOpsdays conference before and it will be two days of fun and networking!

Hope you will consider to buy a ticket once they will be released and if you are early you could save some dough on the early-bird price!

 

Azurestack TP3 released

So yesterday Microsoft and the Azurestack Team released the final TP3 before GA that will, based on the communicated info, be released in mid-2017

Here you can download the TP3 to try out 

info from MS blog:

What’s new in Azure Stack TP3

With Azure Stack TP3, we’ve worked with customers to improve the product through numerous bug fixes, updates, and deployment reliability & compatibility improvements from TP2. With Azure Stack TP3 customers can:

  • Deploy with ADFS for disconnected scenarios
  • Start using Azure Virtual Machine Scale Sets for scale out workloads
  • Syndicate content from the Azure Marketplace to make available in Azure Stack
  • Use Azure D-Series VM sizes
  • Deploy and create templates with Temp Disks that are consistent with Azure
  • Take comfort in the enhanced security of an isolated administrator portal
  • Take advantage of improvements to IaaS and PaaS functionality
  • Use enhanced infrastructure management functionality, such as improved alerting

Shortly after TP3, Azure Functions will be available to run on TP3, followed by Blockchain, Cloud Foundry, and Mesos templates. Continuous innovation will be delivered to Azure Stack up to general availability and beyond. TP3 is the final planned major Technical Preview before Azure Stack integrated systems will be available for order in mid-CY17.

good luck!

 

A new chapter in my life: Microsoft Lead Architect @basefarm

This month I have started on a new job at Basefarm and will be in the Sweden office but also work with the rest of the company residing in Norway and Netherlands. I will take on the role as Microsoft Lead Architect and be responsible for the Microsoft Datacenter Delivery with Azure, Azure Stack and Windows Azure Pack. This will be a really exciting times with the Azure Stack on the verge to being released this year!

I will try to update the blog more frequently with findings in areas that might be interesting regarding the way to do things the best way.

We will work on being the best hybrid solution provider in the north of Europe 🙂

 

Updating Pester module to 4.0.2

I was going to do some Operational Testing development in an environment and did see that the new Pester 4.0.2 RC had been released on the PowerShell Gallery!

Woop Niiice, but ey I had already on my newly provisioned Windows Server 2016 the version 3.4.0 of the module and when trying to install from the gallery it complains about the catalog signing..

I wanted to uninstall the 3.4.0 but that one had not been installed with the PowerShell Get so I could not use the Uninstall-Module -Name Pester

So I used the Remove-Item instead, looking at the module base path I could use that one for removal of the folder and files of the 3.4.0 module and then install the 4.0.2

Now back to creating some lovely test files but this time with the 4.0.2 RC version 🙂

Windows Updates eats up the system drive and how to mitigate this

I had a instance that I provisioned within the cloud and after running for a while it has been slowly eating up space on the system drive and if the system drive is not large enough once provisioned there is no easy way to just expand it online…

So how can I remove stuff from the Windows\WinSxS folder in a safe manner, and yes removing them by just deleting is not the way to go because that will get you into trouble big time!

So how do you do it then?

Jan has written a blog post about using DISM and you can then massage so the files that have been superseded by a new patch or service pack can be removed thus saving space

To analyse if it is needed you can run the

DISM /online /Cleanup-Image /AnalyzeComponentStore

And then you can as described in Jan´s blog post either run

DISM /online /Cleanup-Image /StartComponentCleanup

or

DISM /online /Cleanup-Image /StartComponentCleanup /ResetBase

Where the later cleans out so you cannot uninstall updates or servicepacks (although there is more cumulative updates rather than servicepacks nowadays )

But what do you do when it fails?

There is a switch for the command that helps out here

DISM /Online /Cleanup-Image /RestoreHealth

after running this and I had actually to repair twice before I could get a successful cleanup 🙂

And yes I know the best way is to respawn instances instead of patching them and in a perfect world that would be the best of course…

Year of 2016 in review…

So the end of 2016 is near and I wanted to do a post about what has been going on during this awesome year…..

Starting in January I had my achilles tendon rupture that happened in December 2015 to recover from and that made me a little more inmobile than usual but still that did not hold me back from being one of the proctors at the DevOps Hackathon in Copenhagen where I got to be with Rasmus and Aleksandar from Microsoft and also Claus and Fredrik helping the teams doing magic with the time limited to 2 days. It was really cool to see all ideas and how they tried to work together and reach the goal..

Then in February it was time for the NIC Conf in Oslo where I and Fredrik had two sessions about Chef and Azure. It is a great conference and if you have time this year I would strongly recommend you to go there! After that great event and networking we headed back to Sweden and the Microsoft TechX Azure conference where me and Fredrik had the first AzureStack session in Sweden, also during the days we had a Chef DevOps and a Operations Management Suite session. Also in February Me and Fredrik together with two developers Mathias and Jakob did a whole DevOps-day at the Microsoft office in Stockholm and the event was sold out and a total success!

In March it was time for a vTech seminar where I had sessions about Operations Management Suite and AzureStack together with Microsoft and HP Enterprise showing the CPS in their 250 box.

In April I went to the awesome PowerShell Europe Conference in Hannover and helped out Steven from Chef as he could not make it so I did his session on Chef together with PowerShell DSC making awesome stuff on Azure. If you are smart and want to stay in IT I recommend you to go to this conference in 2017!

In the beginning of May me and Fredrik had a session on SCUG Datacenter day about Azure Site Recovery. Also later in May it was time for the DevOps Hackathon in Sweden with Rasmus and Aleksandar where I also was a proctor and helped out with the event!

In September I had a session on the gigantic Microsoft Ignite conference about Puppet and PowerShell in a real world case. During this event Windows Server 2016 and System Center 2016 was released also! I had some great networking with people and I helped out some with different expertise areas! Of course the Swedish Chef was there!

In October I got to be part of the Swedish Microsoft Webinar series about the release of Windows Server 2016 and my part was about Hyper-V and VMM.

In November I went to the MS HQ in Redmond and had as always a great time networking with Microsoft people and other MVP´s. During the week I was trying to schedule my time the best way but as always you cannot be everywhere in the same time unfortunately. One of the key take aways was the workshop on Thursday about Value Stream Mapping and I will surely use it in the future and that not only for pure software development stuff! If you have some time over during the holidays I would recommend you to read the Phoenix Project!!

The week after the MVP summit I was at the Microsoft TechDays Sweden where I was part of both a preconf and also a session. The pre-conf was a short DevOps hackathon and we had about 20 attendees that during 6 hours hacked on some ideas, as always when Mathias, Jakob, me and Fredrik do things together we had a great success 🙂

The last time-slot on the last day of the TechDays conference me and Fredrik had the fun session about Puppet and PowerShell, unfortunately our session was not one of the recorded this year.. 

Thank you all for being part of this awesome year of 2016 and hope to see you all next year!