Azure Portal App

There is a new preview of a Azure Portal App that lets you use the Azure Portal without any other browser available, this is a great thing if you have a Windows Server as your main go-to jumpbox that you do things in and as we know it is by default not possible to run Edge browser in Windows Server and you are stuck with Internet Explorer and that alone makes you go bananas and also that browser is some serious legacy thingy.

First you go to https://preview.portal.azure.com/app/Download

once downloaded and installed you can then sign into your azure account to start utilizing the app and manage your cloud resources

As you can see it is like any other browser experience of the Azure portal and you can of course also start an cloud shell.

Of course the option to install chrome or firefox also works as an alternative, although some companies have restrictions on third party software being installed within their server environments…

Windows Admin Center 1903

With the preview of Windows Admin Center 1903 that now is available in the insiders you now have some new extensions that make life even easier than before administering AD, DHCP and DNS.

Once upgraded I go into the portal and there I find the new extensions.

And after installing them I can go to an domain controller and instantly administer user and computer objects

So please replace your old domain controllers and let go of the GUI option when you do it!

happy playing!

My top 10 session I was @ MS Ignite

I am right now digesting the full and exciting last week and wanted to update you on the top 10 sessions of all that I attended in person. We are all different and have different taste and here you can see what I picked out.

I had like 50 sessions in my schedule that I did not manage to attend but will try to find time to watch the recordings and I will do another follow up post with the top sessions of all from Ignite later!

GS001 – An end-to-end tour of the Microsoft developer platform

Allthough I am more of an Operations guy I did not attend the infrastructure foundation session with Corey Sanders and I am happy I went for the Scott Hanselmans instead and have an insight into how the total developer experience now is within the Microsoft space and it was a great session that i can highly recommend you check out the recording of.  

DT1001 – Voices from the top: Leaders get real on building inclusive work cultures

This year the  Ignite conference had a track on Diversity and Tech and the first day I attended this lunch-session and being a nerd-techi and attending a non-technical session was great! This session gave me some great insight on how we as an industry that is very much still male-focused and need to work on our culture values to be able to get more people in.

BRK2215 – Real World architecture considerations for Azure: how to succeed and what to avoid

This first session on the Tuesday morning gave some insights from the Fasttrack team on how to do best practices when setting up environments within Azure.

BRK3062 – Architecting Security and Governance Across your Azure Subscriptions

On this session we got a high level overview on governance work within Azure and very valuable insights in the releases that had been announced regarding policys, resource graph, cost, management groups and blueprints. Also we got an insight into the in-guestvm policy work that Michael Greene with the powershell team have enabled.

BRK2269 – WinOps: Lessons learned from Enterprise devops with Microsoft technologies

Avesome session on how to apply devops thinking within the Microsoft Technologies and IT Pro space by the DevopsGuys Stephen Thair. He had some great valuable points and case studies where devops principles had been successfully implemented.

DT1003 – Service degraded: Recognizing mental burnout in your colleagues and yourself

Another great session from the Diversity track and this time it was Sonia Cuff (Azure Ops Advocate) that presented on the health topic and how to get into control of signs of burnout within yourselves or your colleagues. She did a splendid job and I did really value being here and not in Snovers PowerShell session that this one collided with in the schedule (Some sessions can be saved for later via the recording)

BRK1094 – Accelerating your IT career

Thursday morning and the room was almost full with the one and only Ned Pyle talk about how to survive in the changing landscape and how to see and work on your career. He had several tips on how to succed. The four pillars of success that included Discipline, Technical powerhouse, Communication, Legacy.

BRK2362 – The SRE role: An unexpected journey

I have not heard Jared talk before but this was a great session on the path for him and Microsoft adopting SRE (Site Reliability Engineers) practices that Facebook, Netflix and Google have been utilizing for years. It was fun analogies and his story going from being a server hugger to a cattle farmer made most of the crowd to recognise themselves.

BRK3085 – Deep dive into Implementing governance at scale through Azure Policy

Last session before the Microsoft Ignite celebration party but the room was full and everyone wanted to get more insigt into the work with Azure Policy, Azure Resource Graph and Azure Blueprints. Always a deep dive gives that extra layer of understanding and this time was no exclusion  having the product team presenting their stuff gives that extra nudge.

DT1005 – In conversation – raising the next generation of IT pros as diversity and inclusion champions

The final day I listened to this panel that talked on an interesting topic that I can truly recommend you to watch the recording. Among the people on stage was Donovan Brown talking about the struggle to hire the right staff as a People Manager. 

Webinar with Savision : Migrating to Azure and monitoring your hybrid environment

I am on the 5th of september going to have a webinar together with Savision about moving to Azure

“Don´t be a dinosaur, how to stay on top of your it Infrastructure when transitioning into Azure”

Change is happening incredibly fast in today’s IT delivery, and for a service provider, it’s about embracing the new or risking the latest T-Rex. In this webinar we review how to automate and create standardized Windows Server solutions in Azure where management and monitoring are included as a service. Interaction with customers through Microsoft Teams and Bots that speeds up change cases and provides quick feedback! 24/7 you can know status and costs as well as order new services that automatically end up under NOC when it reaches production status

Please sign up on Savisions web page and we will have a great time together uncovering some very cool things in the Azure space

 

Azure and Azurestack alternative RDP port for VM

I have been exploring a bit with both Azure and Azurestack and when you onboard your VM´s to Log Analytics and the security center you soon get noticed about 100s of drilions attempts to log on to your mashine if you have made it available through RDP. Although there now is a way to take care of this in a better way using the Security Center JIT Access giving a timespan for opening the port and also limiting to certain IP/networks! Some times an JIT access is not what you can live with but an alternative port could be utilized then the following can be applied.

A recent update to the Azure portal have now surfaced where you get the option to dowload the RDP file with an alternative port instead of the standard 3389, that does not

  1. set the NSG to allow for the new port
  2. set the VM´s internal RDP service to respond to it

So to get the possibility to connect to the virtual machine we need to update the NSG and also reconfigure the virtual machine to actually listen on the new rdp port

First I add a row on the NSG

and then i utilize the custom script extension and change the listener on the virtual machine for RDP

Azurestack:

If I am utilizing an AzureStack all above can be achieved but in the portal the connect button will be greyed out so you can still connect to it but you need to manually enter the public IP and custom port:

 


Speaking at the Microsoft Tech Summit Stockholm 17-18 April

If you are working with Azure and want to learn more there is an opportunity to go to a conference in April that is free of charge and in the center of Stockholm!

I will do a session there in the MVP theater:

Making real world Infrastructure as code in Azure, or how to make an MSP-dinosaur survive in the cloud

It’s incredibly fast change in today’s IT delivery, and for a service provider, it’s about embracing the new or risking the latest T-Rex. In this session we review how to automate and create standardized solutions in Azure where management and monitoring are included as a service. Interaction with customers through Microsoft Teams and Bots that speeds up change cases and provides quick feedback! 24/7 you can know status and costs as well as order new services that automatically end up under NOC when it reaches production status.

I hope I will see you there!

Speaking at Microsoft Ignite

I have got the opportunity to speak at Ignite again, this will be my third year I will do a session on this gigantic conference!

I have a Community Theater Session where I would love to have you as a guest if you will also be there and have some time for this topic!

“Using a PowerShell release pipeline for a real-world service provider delivery in Microsoft Azure”

Delivering managed services for a service provider can be cumbersome and often the quality and reliability is not first priority. Utilizing PowerShell and Desired State Configuration makes it repetitive, versionable, and testable! In this real-world case we have implemented a release pipeline to make sure that PowerShell scripts, modules, and dsc configurations are tested before put into production use in Azure Automation.

here you can find it in the session catalog

It is scheduled on Tuesday 4:05-4:25

Windows Server 2016 “Core” in Azure with a [small disk]

As it is known we should use Windows Server 2016 foremost and as often as it is possible and try to not use with a “Desktop Experience” unless it is really necessary! Of course it makes total sense if you are deploying a RDS solution but if you deploy a AD DC and file servers then naaaee….

In Azure it is not just called Windows Server 2016 and searching in the marketplace you can see that there the name core is the denominator

And it kind of make sense that the Server without GUI can and should use the Small disk option that is to be used with the new managed disks so you have to dig a bit deeper and search for small and then you find those:

Deploying with CLI or powershell with a template need the right SKU to get the core :

Unfortunately Azure have the core as a name but should instead use the “Desktop Experience” on the other one instead so it was consistent with the install of regular OS deployments in a datacenters..

And the system drive is 30 GB large

happy deploying!