Microsoft Ignite 2023 Book of News

Every year during Ignite, Microsoft publishes the ‘Book of News’. Here, Microsoft introduces new services and developments in the field of AI. Cloud Services, Infrastructure, Security, Copilot, Defender for Cloud, Entra, Purview, and many more.

Download the Microsoft Ignite 2023 Book of News here.

How to: Deploy Microsoft LAPS and Windows LAPS

We’ve all heard of Microsoft LAPS. This stands for Local Administrator Password Solution and is already available from Windows Server 2008 R2. With Microsoft LAPS it is possible to periodically and fully automatically change the password of the local administrator account.

Microsoft recently launched Windows LAPS, as a successor to Microsoft LAPS. A number of new functionalities have been added and it is now also part of the Windows Server operating system (from Server 2019 April Update) and Windows 10 and 11.

Continue reading “How to: Deploy Microsoft LAPS and Windows LAPS”

SQL Server 2022 on Windows Server 2022 Core Edition

Today I’m going to install SQL Server 2022 on Windows Server 2022 Core Azure Edition. In a previous blog I installed ADDS on Windows Server Core edition.

Part 1: Install and configure ADDS on Windows Server Core in Azure
Part 2: Install and configure ADDS on Windows Server Core in Azure

I have done a large number of SQL server implementations in recent years, both in on-prem datacenter and in Azure (IaaS). Now that SQL 2022 is available, I’ve taken a look at the differences compared to previous versions. Installing on Windows Server Core edition is also supported, so I take that scenario as a starting point.

Basic Infrastructure

As a basis, it is of course important that an Active Directory environment is available. In my demo environment I ran a domain controller in Azure based on Windows Server 2022 Azure Edition. This server provides the other servers with DNS. The domain is called ‘demo.lab’.

Continue reading “SQL Server 2022 on Windows Server 2022 Core Edition”

Reduce costs with Azure Spot virtual machines

What is Azure Spot VM?

Azure Spot VM is an Azure feature that allows you to take advantage of the unused capacity of the underlaying platform. If an host has some capacity compute left, these ‘spots’ will be filled with you Spot enabled virtual machines. When enabling this feature, you receive a discount up to 90 percent of the normal pricing in some cases.

Only pricing and eviction are the differences between Spot enabled virtual machines and the regular virtual machines. The compute, networking, storage, etc are exactly the same. The virtual machine can be attached to a virtual network or a load balancing solution, such as a internal/external load balancer. Also, the management capabilities are exactly the same and are done though the Azure Portal or with Infrastructure as Code (IaC) like Bicep, ARM, Powershell or Terraform.

Continue reading “Reduce costs with Azure Spot virtual machines”

Part 2 – Azure Privileged Identity Management (PIM) for Groups

In my previous post I explained what PIM for Groups is, what it takes to get started with PIM for Groups and how the configuration works. In this post, we are going to look at the different settings that are possible for activating PIM for Groups.

Sign in to the Azure portal and navigate to Azure Active Directory and select Groups. Find the right group, in this example the previously created group ‘PIM-for-Groups-example-group’. Select Privileged Access (Preview), then Settings.

Continue reading “Part 2 – Azure Privileged Identity Management (PIM) for Groups”

Part 1 – Azure Privileged Identity Management (PIM) for Groups

What is PIM for Groups?

PIM for Groups is part of the Azure Active Directory Privileged Identity Management. With PIM for Groups users can activate membership or ownership of an Azure AD security group or Microsoft 365 group. These groups can be used to assign access to for example Azure AD roles or Azure roles.

When using Azure PIM with PIM for Groups, you’re following the Microsoft best practices of ‘least privileged’ strategy.

Continue reading “Part 1 – Azure Privileged Identity Management (PIM) for Groups”

How to enable hidden Education Themes for Windows 11

Microsoft has released a new Education Theme for students. Using this theme, you can more personalize your desktop with some great wallpaper.
By default, this theme is hidden, but you can enable this option on your Windows 11 device. Important note: you need to have Windows 11 22H2!

1.) Open ‘regedit’
2.) Navigate to:
HKEY_LOCAL_MACHINE\Software\Microsoft\PolicyManager\current\device
3.) Create a new ‘Key’ with the value ‘Education’
4.) Create a new ‘DWORD (32-bit) Value’ with the value ‘EnableEduThemes’
5.) Set the value to ‘1’ (Hexadecimal)
6.) Restart your device
7.) After restarting your device, make sure you’re connected to the Internet

Continue reading “How to enable hidden Education Themes for Windows 11”

Enable Accelerated Networking using Azure Cloud Shell

What is Accelerated Networking?

Accelerated Networking provides consistent ultra-low network latency via Azure’s in-house programmable hardware and technologies such as SR-IOV. By moving much of Azure’s software-defined networking stack off the CPUs and into FPGA-based SmartNICs, compute cycles are reclaimed by end user applications, putting less load on the VM, decreasing jitter and inconsistency in latency.

Please double check the supported operating systems and VM sizes in the following documentation links to check the availability of this feature.

In 3 simple steps, we will learn to enable accelerated networking to an existing VM using Azure Cloud Shell (within the Azure Portal). Execute the following steps.

  1. First stop/deallocate the VM

    • az vm deallocate –resource-group myRG –name myVM
  2. Once stopped, enable Accelerated Networking on the NIC of your VM:

    • az network nic update –name myNic –resource-group myRG –accelerated-networking true
  3. Restart your VM. It’s that simple, isn’t it?

    • az vm start –resource-group myRG –name myVM