Celebration of Sysadmin Day

My sponsor launched an exciting contest in celebration of Sysadmin Day.

Altaro we’ll be giving away Amazon eGift Cards to the first 100 eligible entries and 1 Grand Prize for 1 lucky winner.

They have some fantastic options for the grand prize including a Playstation 4 Pro, Xbox One X, 3-year membership of Amazon Prime and more, but it will be up to the Grand Prize winner to choose his/her Grand Prize.

AltaroSysAdminBig

 


Webinar : Journey to the Clouds

My sponsor Altaro is hosting a webinar called “Journey to the Clouds”. There are 2 sessions, feel free to register to one (or both :-)) of them :

Altaro webinar Clouds

(Click this banner to register)

Some information about the webinar :

Want to migrate your datacenter into the cloud but unsure how to make the transition successfully? 3 Microsoft MVPs discuss your options in this upcoming panel webinar.
Join Andy Syrewicze, Didier Van Hoye, and Thomas Maurer for a crash course on how you can plan your journey effectively and smoothly utilizing the exciting cloud technologies coming out of Microsoft including:
  • Windows Server 2019 and the Software-Defined Datacenter
  • New Management Experiences for Infrastructure with Windows Admin Center
  • Hosting an Enterprise Grade Cloud in your datacenter with Azure Stack
  • Taking your first steps into the public cloud with Azure IaaS
With cloud technologies improving exponentially migrating to a cloud-based model is a dilemma facing most organizations today. Cloud services such as Microsoft Azure, Azure Stack, and the software defined datacenter, offer numerous benefits but moving existing infrastructure into a cloud model is a challenging step.
Many IT Pros are justifiably wary of new platforms and cloud services are particularly worrisome involving core infrastructure elements hosted offsite. This is why some of the new technologies coming from Microsoft are so compelling as they are designed to help organizations make that transition slowly and at their own pace. This webinar covers both fully-serviced cloud offerings as well as smaller-scaled solutions that provide more accessible steps to realizing the benefits without fully committing.
After watching the experts discuss the details, you’ll see that the cloud doesn’t have to be an all or nothing discussion. The journey from on-prem to the cloud is different for every organization, as is the destination. This webinar will prepare you for your unique journey by revealing the available options and how to make the most out of them.
Join us for some insightful discussion, use-case examples, and tips for getting started with these new technologies. Sign up today.
We hope to see you there!

I will be joing the webinar also, see you there! Grt Xander


XenApp and XenDesktop on Azure Cost Calculator

Recently I build a XenApp environment on Azure for demo purposes. I used –> this <– website helping me calculating the costs.

Citrix op Azure Costs 01.png

This website (running on Azure :-)) makes it easy to calculate the costs of your XenApp/XenDesktop environment on Azure.

Citrix op Azure Costs 02

 

You can provide the locations, working Hours, Workloads and number of users (and their profiles). It automatically loads the costs of Azure  (so no outdated data!) for Comput, Storage and Network.


How to Create a Site-to-Site VPN between Azure and your home environment using pfSense

I’m moving more and more of my whitebox environment towards Azure. But some parts are still running in my home environment. So I would like to create a Site-to-site VPN between my office @home and Azure. Because an Express Route would be slightly overkill I decided to build an Site 2 Site VPN.

Some information about my test environment @home. I’m running a Hypervisor in a seperate tenant with only 2 virtual machines : pfSense and a Windows 10 virtual machine.

Let me take you through the steps of creating a Site2Site VPN, hold on!

  • First make sure that you have a proper working pfSense (2 NIC) instance running.
  • You will need at least one public IP address (IPV4), so you probably need a business internet line because consumer internet lines don’t often have static public IP addresses. You need to configure IP Addresses, not DNS names, so DynDNS is no option I’m afraid.
  • For testing purposes it’s easy to have a Windows 10 client standing by

Ok, let’s go! First download and install pfSense and the Windows 10 VM. My pfSense virtual machine has 2 network adapters, One WAN (Bridged mode) and one Custom (VMNet 10). The Windows 10 is in the same custome mode (VMNet 10) and is running in a separate subnet (192.168.1.X). Make sure that the LAN interface of pfSense is running the DHCP service.

site2site01

Log on to the Windows 10 virtual machine and check if you have internet Access :

site2site02

Check! (great website btw :-)) We have internet access!

Now login to Azure, select your subscription and check create a Virtual Network. In my situation I already had a virtual network (the network I would like to connect to). I only had to make an adjustment.

In my virtual network (@Azure) the following resources are running :

site2site03

As you can see my network is using the 10.0.0.0 subnet. It was created using the /24 mask but I had to change that to /23. So now my virtual Network is running the 10.0.0.0/23 subnet. You can also create a new virtual network to connect to. For this example let’s use the following information :

site2site04

In my environment I’m using the same IP addresses. You can choose your own name(s). Now go to the virtual network you’re running or just have created and go to subnets. Click +Gateway subnet.

site2site05

Add the following information :

site2site06

Now we are going to create a new Virtual Network Gateway :

site2site07

Use the following information :

site2site08

Give it a new, use VPN/Route-based. Choose Basic for SKU (is enough, can be upscaled later). Create a new public IP for your VPN and select the subscription and resource group. Choose to create and wait approx 30 min.

Now we must create a Local Network Gateway :

site2site09

You can choose your own name, make sure to use your public IP address of the WAN Adapter of pfSense. Choose to create your local network gateway. This can take approx 45 minutes.

Now go to the local network gateway you have just created and go to connections.

site2site10

Give it a name, a think about a very long & secure Pre Shared Key. Remember this. You will need it later on!

site2site11

Ok…. #Azure #work #done… now fire up the pfSense interface :

Go to VPN/IPSec. Click on Add P1 at bottom right. This is the first phase of the IPsec tunnel negotiation. Fill out these values and make sure that you replace it with your specific IP. You can find your Azure Public IP here :

site2site12

Ok, you will need these neccessary info for Phase 1:

site2site13

For Phase 1 Proposal (Authentication) use the values and I hope you still know your shared private key 🙂 :

site2site14

For Phase 1 Proposal (Algorithms) use the values :

site2site15

Use these Advanced options :

site2site16

Now go to VPN / IPsec / Tunnels

site2site17

Expand Show Phase 2 Entries and Click Add P2 :

site2site18

Use the following information (General Information) :

site2site19

Use the following information (proposal) :

site2site20

Leave the Advanced configuration default :

site2site21

site2site22

Now let’s open pfSense a bit, let’s allow the firewall IPsec traffic. In orde to do that, from the main menu go to Firewall, Rules and then click on the IPsec sub-menu.

site2site24

Ok, now we are done! Great job… but let’s test it first! Go to the Windows 10 test VM. In Azure I opened RDP and Ping for testing purposes.

site2site23

As you can see from my internal network @home I can ping and RDP to the INTERNAL (!) IP Address of my Azure resources. Job well done!


My review of the Azure app (Android)

A couple of days while I was driving to the beach I noticed a problem with one of my machines running on Azure. Ofcourse I didn’t bring my laptop, so I first tried the Azure App in real life. I was very pleased. You can’t always predict what will happen or when, but you can be prepared. That’s where the recently updated, Azure mobile app comes in. Stay connected to your Azure resources – anytime, anywhere.

Using the App it’s possible to :

  • Check status and critical metrics of your Azure resources
  • Get notifications and alerts about important health issues
  • Performance simple operations to resolve common issues
  • Run powerful Azure Cloud Shell scripts in the App

You can take the power of Azure with you on your mobile phone/tablet!

AzureApp01AzureApp02AzureApp03

After downloading the App from the store, it was very easy to get it up and running (support for MFA).

Azure App

In my case I tested the Android version, but there is a iOS version also. Normally I don’t prefer working on my phone or tablet but just using my laptop or desktop but sometimes it’s very handy to be able to quickly restart a VM for example. Or see the load (metrics) of some of your services. Even be able to receive notifications is very handy!

The Azure app puts every subscription from every service in your pocket. Scroll through all your resources and resource groups, search by name, or filter by resource to find the resource you need.

AzureApp04AzureApp05AzureApp06

Each resource includes the following information (when applicable):

  • Status
  • Number of errors in the past week
  • Important properties (Essentials)
  • Key usage metrics
  • Related resources
  • All resource properties

AzureApp08AzureApp09AzureApp10

For those of you with a lot of subscriptions and resources, scrolling and filtering – on your mobile device! – might get a little tedious. Save swipes and taps by adding the resources you want to keep a close eye on to your favorites list. Just open the resource, tap the star, and go! The next time you open the app, you will start on the favorites tab to help get you to your resources faster than ever.

AzureApp11

Perhaps the most important aspect of building your business in the cloud is the confidence and knowledge that everything’s up and running and your customers aren’t impacted by unexpected events. With the Azure app at hand, you’ll never need to guess. Just open the Notifications tab for a personalized list of Azure health alerts and important metrics that you’re monitoring for your resources.

If any of your resources in the selected subscription have been impacted by an Azure health event over the last week, you’ll see the details listed on the Notifications tab. Every health alert includes:

  • Status
  • Link to the impacted subscription
  • Latest communication details
  • Tracking ID unique to the event
  • List of impacted locations
  • List of impacted services
  • Brief history of the status over the past week

AzureApp12AzureApp13

You’ll also find your custom resource metric alert rules in the list. Each metric alert includes:

  • Status (activated or resolved)
  • Link to the related resource
  • Description of the alert rule, if specified
  • Brief history of the status over the last week

In addition to getting metric alerts on the Notifications tab, you’ll also be notified about these alerts when you visit resource details. Just tap the notification to open the details.

AzureApp14AzureApp15

Many services offer simple commands to help you resolve common issues for your resources from the Azure app:

  • Suspend and resume Analysis Services servers
  • Open the API Management portal in the browser
  • Start, stop, and restart App Service web apps and deployment slots
  • Start and stop App Service environments
  • Restart all App Service web apps in a plan or environment
  • Open App Service web apps and deployment slots in the browser
  • Start and stop Content Delivery Network endpoints
  • Start, stop, and swap cloud service slots
  • Open the HDInsight portal in the browser
  • Open Log Analytics workspaces in the Operations Management Suite app
  • Enable and disable Logic App workflows
  • Enable and disable Scheduler job collections
  • Start and stop Stream Analytics jobs
  • Start, stop, and restart virtual machines
  • Connect to Windows virtual machines using the RDP app
  • Start, stop, and restart virtual machine scale set instances
  • Open Visual Studio Team Services accounts in the browser

Of course, many more are on the way. As a companion app for mobile workers, the Azure app doesn’t include every feature in the Azure portal, but as you can see it provides great flexibility while using your phone or tablet.

I think the Azure App is a need to have for every Azure administrator! Just download the app in the appstore and let me know what your thank about the app!


How to install Hyper-V role on Windows 10 using Powershell

Use the following command to automatically install all the necessary components :


Windows Server Performance Tuning Guidelines

Check out these great tips for tuning your Windows Server Installation :

OSDocuments
Windows 2016https://docs.microsoft.com/en-us/windows-server/administration/performance-tuning/
Windows 2012 R2https://msdn.microsoft.com/en-us/library/windows/hardware/dn529133
Windows 2012http://download.microsoft.com/download/0/0/B/00BE76AF-D340-4759-8ECD-C80BC53B6231/performance-tuning-guidelines-windows-server-2012.docx
Windows 2008 R2http://download.microsoft.com/download/6/B/2/6B2EBD3A-302E-4553-AC00-9885BBF31E21/Perf-tun-srv-R2.docx
Windows 2008http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/Perf-tun-srv.docx

Performance Tuning Guidelines for previous versions of Windows Server
https://msdn.microsoft.com/en-us/library/windows/hardware/dn529134

 


How to solve multiple monitors problem after installing Hyper-V role

After I installed the Hyper-V role on my Windows 10 Pro laptop I noticed several monitors that didn’t exist :

Meerdere monitoren

I tried to re-create the problem by uninstalling the Hyper-V role, and after that the problem was gone. But ofcourse that isn’t a reasonable solution. After some investiging I found out that this is a common problem with the Intel HD 4600 graphics adapter. The solution is to revert to an older version of the driver.

You can find the driver here

After downloading the driver go to the properties of your display adapter and choose roll back driver.

2017-03-14-11_25_35-IntelR-HD-Graphics-4600-Properties

After that choose Update driver and then choose the driver file you’ve just downloaded.

2017-03-14-11_36_48-IntelR-HD-Graphics-4600-Properties

After rebooting you should notice that you’re extra monitors are gone :

Na verwijderen hyper-v meerdere monitoren weg


Azure VM easy patchmanagement

In my Azure test environment I’m running several Windows and Linux servers. In this blog post I describe an easy and effective way to patch them. It only takes you a minute of configuring!

Azure_Updates01

On a freshly installed Windows Server 2016 without patching there were 4 available updates (Azure template) :

Azure_Updates02

I’ve created a new Update Deployment (go to the second tab) :

Azure_Updates03

(Specify which type of updates you wish to deploy. Tip: create multiple deployment for different kind of updates)

Azure_Updates04

Azure_Updates05

In my case I install all availables updates every day at 05:00 PM. (test environment :-))

Just 2 b sure I’ve checked the status of Windows Updates inside the VM :

Azure_Updates06

Azure_Updates07

As you can see it’s very easy to update your VM’s (this works for Linux too!) running on Azure (Stack).


Windows 10 Major and Minor build version, how to add those in the KACE System Management Appliance

For reporting purposes I wanted to export the Windows 10 Build versions. Not only the Major build version (1709/1803 etc) but also the minor (which patch level). This is how I did that :

Create a new Software title (Inventory/Software) and fill the custom Inventory Rule with the following code :

Make sure that you select all your Windows 10 devices. Be sure to save the software package. Now create another Software with the following custom Inventory code :

After a force inventory you notice the 2 custom Inventory rules when viewing the device info :

KACE Custom Inventory Rules Build

 

Windows 10 Build versions info here.