Azure

Today I found out that Azure AD Domain Services is available from the new Azure Portal! The documentation is still based on using the old portal. Now you can finally use Azure Resource Manager for the VNET and deployment. Creating your first Azure AD Domain Services instance will take quite some time but is really easy to configure. Specify the DNS name of the domain, a resource group, a VNET with subnet and a subscription and you’re good to go. Enjoy this feature in the new Portal! ...

Last Tuesday Avanade announced the new Avanade Azure Stack Solution. Avanade delivers this solution from client site, at remote locations or hosted in Avanade’s own datacenters. Azure Stack is an extension of Azure to on-premises locations. People tend to forget that Azure Stack is not just a replacement of your physical servers running a hypervisor like Hyper-V. It’s a true hybrid cloud solution. You get features like Disaster Recovery with instant fail-over, Platform as a Service (PaaS) capabilities, Load Balancing, the new Portal experience and so on. I’m really excited to tell you more about this great solution. ...

Last week I was asked to build an interactive PowerShell script for creating Virtual Machines in Azure. In this blog post, I want to share an easy way to prompt a user for a selection. # Select Azure subscription $AzureSubscription = (Get-AzureRmSubscription | Out-GridView -Title "Choose your Azure subscription and click OK." -PassThru) Write-Output "Switching to Azure subscription: $($AzureSubscription.Name)" $AzureSubscriptionInfo = Select-AzureRmSubscription -SubscriptionId $AzureSubscription.Id This uses Out-GridView to display the contents of the “Get-AzureRmSubscription” Cmdlet and asks the user to make a selection. The user is able to sort and filter the contents within the grid and the user will be informed of the decision by using “Write-Output”. ...

Some error outputs are not always useful. Especially when they make no sense for the issue you have. Error message: New-AzureRmResourceGroupDeployment : A parameter cannot be found that matches parameter name ‘YOURPARAMETER’ Solution: This error occurs because of at least the 2 following issues: You didn’t specify a parameter for ‘YOURPARAMETER’ in your JSON template. That’s what the error says. If you forget to specify a parameter with the New-AzureRmResourceGroupDeployment cmdlet, you’ll see a prompt to insert a value for that parameter. But if you add a paremeter like -Name “VM01” to the command while it’s not specified in the JSON template, you’ll see this error. The JSON code you provided isn’t valid. Always validate your JSON code. You can use http://www.jsoneditoronline.org/, paste your code and look for the red “X” buttons after a line number. Did you find another issue where this error occurs? Please let me know in the comments section. Cheers!

Today I was working on an Azure project where the deployment of Azure resources needed to be automated. Problem You’ll see the following error message: ERROR: New-AzureRmResourceGroupDeployment : 7:27:39 AM - Resource Microsoft.Compute/virtualMachines/extensions 'test01/dscExtension' failed with message '{ "status": "Failed", "error": { "code": "ResourceDeploymentFailure", "message": "The resource operation completed with terminal provisioning state 'Failed'.", "details": [ { "code": "VMExtensionProvisioningError", `“message”: “VM has reported a failure when processing extension ‘dscExtension’. Error message: "The DSC``Extension failed to execute: Cannot process argument transformation on parameter ‘ConfigurationFunction’. ...

In this step-by-step, I’ll show you how to configure PfSense with an Azure Site-to-Site VPN by using a Dynamic Routing Gateway/Route-based Gateway. This even works with a VPN behind a NAT setup. I was looking for a stable solution that could handle the new Route-based (IKE v2) Gateways. This tutorial is based on the new Azure Portal. Prerequisites A Hyper-V Host (Windows 10 is fine as well) 2 Hyper-V Virtual Networks. One called “External Virtual Network” and one called “Internal Virtual Network”. A Hyper-V VM with PfSense installed with NAT configured between the internal and external virtual network. Just download the ISO from the PfSense website and create a Generation 1 VM with it. Give it 512 or 1024 MB RAM and 1 vCPU and follow online installation instructions. Configuration of your Azure Virtual Network & Gateway Go to Portal.Azure.com and sign in to your Azure environment. Create a Virtual Network and use the default settings. Make sure that the address space is not the same as your internal network. Create a Subnet by opening the virtual network you just created and then click on the Subnets button under “General”. Create a Gateway Subnet by clicking on the “+ Gatway Subnet” button. In this tutorial, I use: 10.0.0.0/19 address space VM subnet of 10.0.0.0/20 (10.0.0.0 - 10.0.15.255) Gateway subnet of 10.0.16.0/29 (10.0.16.0 - 10.0.16.7). Create a Virtual Network gateway. Give it a name, select your Virtual Network and create a new Public IP address. Select VPN as gateway type and use the Route-based VPN type. Azure will start the deployment of your gateway now. This could take up to an hour, so take a short break. :) After the deployment has been completed, open the Virtual Network Gateway you just created. Click on Settings and Connections. Click on Add to create a connection. Give it a name, choose Site-to-site (IPsec) as the connection type, create a new local network with the Public IP address of the PfSense instance and use a strong ‘password’ as PSK. The Public IP adress could be an IPv4 Address of a router, which is the gateway of the PfSense VPN VM. Open the PfSense Web Portal. Go to the VPN button in the top menu and open IPsec. Click on “Add P1”. Use the settings from the Phase 1 table below. Leave other settings as default. You’ll see a new entry in the IPsec Tunnels overview. Click on the Show Phase 2 Entries button and add a new P2 entry by clicking on the Add P2 button. Use the settings from the Phase 2 table below. Go to Status, IPsec from the top menu. There you will see the new VPN connection. Click on Connect VPN. Click on F5. You’ll see that the status is jumping between ESTABLISHED and CONNECTING or ESTABLISHED X seconds and ESTABLISHED 0 seconds. Give it some time here. It can take a couple of minutes to get this working. Check the logging under Status, System Logs and IPsec. Check if the status of the Connection in Azure is set to “Connected” as well. (Optional) Don’t forget to give your IPsec VM a static MAC Address and IP Address from your router of within the Web Interface. (Optional) Give your PfSense VM a reboot to check if the VPN works after a reboot. Try to RDP to an Azure VM from your Internal Hyper-V network or do a trace from your command line to a VM: tracert 10.0.0.5. ...

Recently I passed the 70-533 Implementing Microsoft Azure Infrastructure Solutions exam. I was thinking about stopping with the Azure exams but I couldn’t resist it to pass this exam as well. Today I passed the 70-534 - Architecting Microsoft Azure Solutions exam with 857 points. I think that the 70-534 exam is a lot easier than the 70-533 exam. Most of the questions where questions where you had to select the Azure features that you could use in a specific situation. ...

Yesterday (Saturday 20-03-2016) I passed the Azure 70-533 (Implementing Microsoft Azure Infrastructure Solutions) exam. This was the second time that I did the exam and I passed with 747 points. So that’s a close call. Here are some tips for passing the exam: Practice every exam objective in your (Azure) lab. This is very important because you will get some questions in the exam where you need to tell step by step which step you took to install or configure a service. If you don’t have a subscription, you could sign up for the free one-month trial. Do the online proctored exam. I absolutely recommend this new way of doing exams. During workdays, It’s annoying to leave a project for a couple of hours to do an exam. Pro’s: - Study from home, in your trusted environment. No travel time needed and it took away some stress during the exam. ...

If you have an MSDN or Visual Studio subscription, you’ll automatically get Azure credits. Because I need to test System Center - Configuration Manager/Virtual Machine Manager/Operations Manager for my work, I have an Visual Studio Enterprise with MSDN subscription. That gives me $150 credit on Azure automatically and makes it very easy to create a (big) home lab for dev/test or study purposes. You can do a lot with 150 euro in Azure, if you turn your virtual machines off when you don’t use them. I have a PowerShell script that runs at the end of the day to shutdown all my running virtual machines. ...

Really good information about the new Azure exam changes.