In Azure, you have the option to bring in your own licenses (Azure Hybrid Benefit). If you deploy a virtual machine using Azure Resource Manager (ARM) templates, this option is not enabled by default. Certainly for test environments, demos, but in many cases also production environments, you want to enable this option.
By adding the line below to your ARM template, the Azure Hybrid Benefit is enabled.
When you deploy a new virtual machine, for example Windows Server 2016/2019 or 2022, you’ll get the C: drive with the operating system, the D: drive for the TEMP storage (most of the VM types) and a DVD drive.
The DVD drive is not needed in some situations, for example on domain controllers. This type of servers you want to harden the security as much as possible. So, for domain controllers we’re deploying in our customer environments, we want to disable the DVD drive.
We run the following command when deploying new domain controllers in Azure.
## Disable DVD drive
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\cdrom -Name Start -Value 4 -Type DWord
After this step, reboot the server and your DVD drive is gone!
Today I’ve deployed a new virtual machine within Azure using the Windows Server 2022 Azure Edition Preview Marketplace image. After running my Powershell script, I received an error:
’User failed validation to purchase resources. Error message: ‘You have not accepted the legal terms on this subscription: …..’
So, let’s take a look at the legal terms, also using Powershell. I’ve used a couple of variables.
$azureVmPublisherName = "MicrosoftWindowsServer"
$azureVmOffer = "microsoftserveroperatingsystems-previews"
$azureVmSkus = "windows-server-2022-azure-edition-preview"
$Version = "latest"
Get-AzMarketplaceTerms -Publisher $azureVmPublisherName -Product $azureVmOffer -Name $azureVmSkus
As you can see, the legal terms are not accepted yet!! With a small Powershell command, we can accept the legal terms.
Get-AzMarketplaceTerms -Publisher $azureVmPublisherName -Product $azureVmOffer -Name $azureVmSkus | Set-AzMarketplaceTerms -Accept
Now you’re good to go!!
As most of you know, it’s possible to provide a virtual machine in Azure with a public IP address. This IP address can then be used to build a connection to, for example, RDP or SSH.
This way of connecting takes place over the Internet, which entails a great security risk. In many environments we see jumpbox or stepping stone servers, which are placed in the DMZ. These servers can be accessed from the Internet, and from these servers a connection can be made to a server or multiple servers on the internal network.
Such an arrangement is not safe, unmanageable and vulnerable. Azure Bastion is a great addition to facilitate a secure connection to a virtual machine in Azure. Azure Bastion integrates into the Azure portal, requiring multi-factor authentication. The virtual machines do not need to have a public IP address, so they are not accessible directly from the Internet.
Azure Bastion is a fully managed, autoscaling and hardened PaaS service, to provide you secure RDP and SSH connectivity. Het is eenvoudig te configureren in slechts een aantal stappen. Door gebruik te maken van virtueel netwerk peering, is het mogelijk om Azure Bastion eenvoudig toe te voegen aan een bestaande configuratie in Azure.
- Configure a new virtual network for Azure Bastion
- Create a new subnet named ‘AzureBastionSubnet’ required for Azure Bastion
- Configure virtual network peering to your other networks
- Create an Azure Bastion host
- Login in the VM through the Azure portal using Azure Bastion
- See the list of active sessions in the Azure Bastion Host properties
Now you can securely connect through Azure Bastion to a virtual machine running RDP or SSH. As you can see, the virtual machine I’m connecting to has no public IP address, only a internal IP address.
Getting into scripting can be daunting. It’s easier to just use existing scripts found online, but if you choose this route you’ll quickly run into limitations. If you take the time to learn how to create your scripts, trust me, you’ll never look back!
Automating vSphere is particularly useful for countless applications and the best way is through PowerCLI – a version of PowerShell developed specifically for VMware. Learn how to develop your own PowerCLI scripts with this free 100+ page eBook from Altaro, PowerCLI: The Aspiring Automator’s Guide.
Written by VMware vExpert Xavier Avrillier, this eBook presents a use-case approach to learning how to automate tasks in vSphere environments using PowerCLI. We start by covering the basics of installation, set up, and an overview of PowerCLI terms. From there we move into scripting logic and script building with step-by-step instructions of truly useful custom scripts, including how to retrieve data on vSphere objects; display VM performance metrics; how to build HTML reports and schedule them; the basics on building functions; and more!
Stop looking at scripts online in envy because you wish you could build your own scripts.
Get started on your path to automation greatness – Download the eBook now!
As World Backup Day approaches, we’re reminded of all the mishaps, backup scares, and near-catastrophes that we’ve experienced over the years – and how grateful we were to have backup during those times!
If you use Microsoft 365/Office 365, Hyper-V or VMware, celebrate with us. All you have to do is sign up for a 30-day free trial of either Altaro VM Backup or Altaro Office 365 Backup – it’s your choice!
What can you win?
· Receive a guaranteed €20 Amazon voucher when you sign up for and use the trial of Altaro Office 365 Backup or Altaro VM Backup
· Get a chance to WIN one of our Grand Prizes when you tell us about your funniest IT catastrophe!
What are you waiting for? Sign up now!
During this month (March 2021), you can do the ‘Microsoft Ignite Cloud Skills Challenge to earn a free Microsoft Exam voucher for the following exams:
AZ-104: Microsoft Azure Administrator
DP-100: Designing and Implementing a Data Science Solution on Azure
MS-700: Managing Microsoft Teams
MS-100: Microsoft 365 Identity and Services
MS-101: Microsoft 365 Mobility and Security
DA-100: Analyzing Data with Microsoft Power BI
SC-200: Microsoft Security Operations Analyst
SC-300: Microsoft Identity and Access Administrator
SC-400: Microsoft Information Protection Administrator
This is a great opportunity to raise your knowledge and get one Microsoft exam for free!
You can find register and find more information about the challenge in the link below!
Just like every Microsoft Ignite, the book of news is announced! It is your digital guide to all the new announcements Microsoft is making, including all the details. It presents news about Microsoft Azure, Security, Microsoft 365, Power Platform and more.