Every year during Ignite, Microsoft publishes the ‘Book of News’. Here, Microsoft introduces new services and developments in the field of AI. Cloud Services, Infrastructure, Security, Copilot, Defender for Cloud, Entra, Purview, and many more.
Download the Microsoft Ignite 2023 Book of News here.
We’ve all heard of Microsoft LAPS. This stands for Local Administrator Password Solution and is already available from Windows Server 2008 R2. With Microsoft LAPS it is possible to periodically and fully automatically change the password of the local administrator account.
Microsoft recently launched Windows LAPS, as a successor to Microsoft LAPS. A number of new functionalities have been added and it is now also part of the Windows Server operating system (from Server 2019 April Update) and Windows 10 and 11.
I have done a large number of SQL server implementations in recent years, both in on-prem datacenter and in Azure (IaaS). Now that SQL 2022 is available, I’ve taken a look at the differences compared to previous versions. Installing on Windows Server Core edition is also supported, so I take that scenario as a starting point.
As a basis, it is of course important that an Active Directory environment is available. In my demo environment I ran a domain controller in Azure based on Windows Server 2022 Azure Edition. This server provides the other servers with DNS. The domain is called ‘demo.lab’.
Azure Spot VM is an Azure feature that allows you to take advantage of the unused capacity of the underlaying platform. If an host has some capacity compute left, these ‘spots’ will be filled with you Spot enabled virtual machines. When enabling this feature, you receive a discount up to 90 percent of the normal pricing in some cases.
Only pricing and eviction are the differences between Spot enabled virtual machines and the regular virtual machines. The compute, networking, storage, etc are exactly the same. The virtual machine can be attached to a virtual network or a load balancing solution, such as a internal/external load balancer. Also, the management capabilities are exactly the same and are done though the Azure Portal or with Infrastructure as Code (IaC) like Bicep, ARM, Powershell or Terraform.
In my previous post I explained what PIM for Groups is, what it takes to get started with PIM for Groups and how the configuration works. In this post, we are going to look at the different settings that are possible for activating PIM for Groups.
Sign in to the Azure portal and navigate to Azure Active Directory and select Groups. Find the right group, in this example the previously created group ‘PIM-for-Groups-example-group’. Select Privileged Access (Preview), then Settings.
PIM for Groups is part of the Azure Active Directory Privileged Identity Management. With PIM for Groups users can activate membership or ownership of an Azure AD security group or Microsoft 365 group. These groups can be used to assign access to for example Azure AD roles or Azure roles.
When using Azure PIM with PIM for Groups, you’re following the Microsoft best practices of ‘least privileged’ strategy.
Microsoft has released a new Education Theme for students. Using this theme, you can more personalize your desktop with some great wallpaper. By default, this theme is hidden, but you can enable this option on your Windows 11 device. Important note: you need to have Windows 11 22H2!
1.) Open ‘regedit’ 2.) Navigate to: HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\current\device 3.) Create a new ‘Key’ with the value ‘Education’ 4.) Create a new ‘DWORD (32-bit) Value’ with the value ‘EnableEduThemes’ 5.) Set the value to ‘1’ (Hexadecimal) 6.) Restart your device 7.) After restarting your device, make sure you’re connected to the Internet
Accelerated Networking provides consistent ultra-low network latency via Azure’s in-house programmable hardware and technologies such as SR-IOV. By moving much of Azure’s software-defined networking stack off the CPUs and into FPGA-based SmartNICs, compute cycles are reclaimed by end user applications, putting less load on the VM, decreasing jitter and inconsistency in latency.
Please double check the supported operating systems and VM sizes in the following documentation links to check the availability of this feature.
In 3 simple steps, we will learn to enable accelerated networking to an existing VM using Azure Cloud Shell (within the Azure Portal). Execute the following steps.
First stop/deallocate the VM
az vm deallocate –resource-group myRG –name myVM
Once stopped, enable Accelerated Networking on the NIC of your VM:
az network nic update –name myNic –resource-group myRG –accelerated-networking true