A WORLD OF BITS AND BYTES…
As a technical solution consultant, ensuring the security of virtual machines (VMs) is paramount. One critical aspect of this is managing Remote Desktop Protocol (RDP) access from the Internet. This blog post will delve into how Network Security Groups (NSGs) can be leveraged to secure RDP access to VMs, providing a robust solution for your clients.
When we create a new virtual machine within the Azure environment, we can use the Azure Marketplace. Services and software are available in the Azure Marketplace, which you can deploy within an environment. For virtual machines, Windows operating systems, Open source variants and also 3rd party appliances are available.
From the Azure portal, we can view the Azure Marketplace.
Continue reading “Deploy a VM from the Azure Azure Marketplace”We’ve all heard of Microsoft LAPS. This stands for Local Administrator Password Solution and is already available from Windows Server 2008 R2. With Microsoft LAPS it is possible to periodically and fully automatically change the password of the local administrator account.
Microsoft recently launched Windows LAPS, as a successor to Microsoft LAPS. A number of new functionalities have been added and it is now also part of the Windows Server operating system (from Server 2019 April Update) and Windows 10 and 11.
Today I’m going to install SQL Server 2022 on Windows Server 2022 Core Azure Edition. In a previous blog I installed ADDS on Windows Server Core edition.
Part 1: Install and configure ADDS on Windows Server Core in Azure
Part 2: Install and configure ADDS on Windows Server Core in Azure
I have done a large number of SQL server implementations in recent years, both in on-prem datacenter and in Azure (IaaS). Now that SQL 2022 is available, I’ve taken a look at the differences compared to previous versions. Installing on Windows Server Core edition is also supported, so I take that scenario as a starting point.
As a basis, it is of course important that an Active Directory environment is available. In my demo environment I ran a domain controller in Azure based on Windows Server 2022 Azure Edition. This server provides the other servers with DNS. The domain is called ‘demo.lab’.
Continue reading “SQL Server 2022 on Windows Server 2022 Core Edition”Azure Spot VM is an Azure feature that allows you to take advantage of the unused capacity of the underlaying platform. If an host has some capacity compute left, these ‘spots’ will be filled with you Spot enabled virtual machines. When enabling this feature, you receive a discount up to 90 percent of the normal pricing in some cases.
Only pricing and eviction are the differences between Spot enabled virtual machines and the regular virtual machines. The compute, networking, storage, etc are exactly the same. The virtual machine can be attached to a virtual network or a load balancing solution, such as a internal/external load balancer. Also, the management capabilities are exactly the same and are done though the Azure Portal or with Infrastructure as Code (IaC) like Bicep, ARM, Powershell or Terraform.
Continue reading “Reduce costs with Azure Spot virtual machines”In my previous post I explained what PIM for Groups is, what it takes to get started with PIM for Groups and how the configuration works. In this post, we are going to look at the different settings that are possible for activating PIM for Groups.
Sign in to the Azure portal and navigate to Azure Active Directory and select Groups. Find the right group, in this example the previously created group ‘PIM-for-Groups-example-group’. Select Privileged Access (Preview), then Settings.
Continue reading “Part 2 – Azure Privileged Identity Management (PIM) for Groups”PIM for Groups is part of the Azure Active Directory Privileged Identity Management. With PIM for Groups users can activate membership or ownership of an Azure AD security group or Microsoft 365 group. These groups can be used to assign access to for example Azure AD roles or Azure roles.
When using Azure PIM with PIM for Groups, you’re following the Microsoft best practices of ‘least privileged’ strategy.
A question I often get is ‘why should I use Windows Server Core edition’? This is difficult to manage and I do not like a server without a graphical interface.
The first thing I always tell you is, you DON’T HAVE to do anything, but my advice is to do it. Especially for a number of crucial server roles.
Some advantages of Windows Server Core edition at a glance:
Continue reading “Install and configure ADDS on Windows Server 2022 Core in Azure (Part 2)”