Monthly Archives: May 2019


How to rename an Azure VM using Powershell

Recently I deployed some VMs on Azure. There was a small change to the naming convention afterwards so I wanted to rename the created VMs. This is how you can do this

After a couple of minutes (depending on the size of the VM) the newly created server with the old disks, NIC etc. is created. Currently this script doesn’t support renaming the NIC, disks to your naming convention. So they have the exact same name as before. When you assigned you NIC, disk etc a custom name you will see the old naming convention. Currently I’m working on it. ūüôā


How to force the Windows 10 May Update

After an extended period of testing in the Release Preview ring, Microsoft has finally¬†started rolling out the May 2019 Update¬†to Windows 10 users, albeit in a “measured and throttled” way.

You might be able to get it now by going through Settings > Update & Security > Windows Update or, failing that, via the Media Creation tool. There is a very simple way to force Windows 10 to start the upgrade process immediately however.

If the new feature update is not currently showing up in Windows Update, then go to the¬†Download Windows 10 page, and click on the¬†Update now¬†button. Doing so will download the Windows 10 Update Assistant — a small 5.9MB file.

Windows 10 Update

Save and launch this and then click the Update Now button. It will check to make sure your PC is compatible in terms of CPU, memory and disk space, and then download and verify the files needed for the update.


How to encrypt (and decrypt) your Azure VM disks after deployment

This is how you can encrypt your Azure virtual machine disks :

You can find your keyvault Resource ID here :
 
Keyvault resource ID
The reason that I used the Resource id instead of the keyvault name is that now it’s possible for the keyvault to be part of another resourcegroup.
 
Use the following command to decrypt your VM :
 

SMTP Relay on Azure using SendGrid

In this blogpost I’m going to explain how you can still be able to send SMTP from your IaaS server running on Azure. As you might already know since Nov 15th of 2017 it’s no longer always possible to send SMTP on port 25 (I dig into that later).

In that case Microsoft recommends that Azure customers employ authenticated SMTP relay services (typically connected via TCP port 587 or 443, but often support other ports too) to send e-mail from Azure VMs or from Azure App Services.  These services specialize in sender reputation to minimize the possibility 3rd party e-mail providers will reject the message.

Such SMTP relay services include but are not limited to SendGrid.  It is also possible you have a secure SMTP relay service running on premises that can be used. Use of these e-mail delivery services is in no way restricted in Azure regardless of subscription type.

Enterprise Agreement Customers

For Enterprise Agreement Azure customers, there is no change in the technical ability to send e-mail without using an authenticated relay.  Both new and existing Enterprise Agreement customers will be able to attempt outbound e-mail delivery from Azure VMs directly to external e-mail providers with no restrictions from the Azure platform.  While Microsoft cannot guarantee e-mail providers will accept inbound e-mail from any given customer, delivery attempts will not be blocked by the Azure platform for VMs in Enterprise Agreement subscriptions.  Customers will have to work directly with e-mail providers to resolve any message delivery or SPAM filtering issues with the specific provider.

Pay-As-You-Go Customers

For customers who signed up before November 15th, 2017 using the Pay-As-You-Go or Microsoft Partner Network subscription offers, there will be no change in the technical ability to attempt outbound e-mail delivery.  Customers will continue to be able to attempt outbound e-mail delivery from Azure VMs in these subscriptions directly to external e-mail providers with no restrictions from the Azure platform.  Again, Microsoft cannot guarantee e-mail providers will accept inbound e-mail from any given customer and customers will have to work directly with e-mail providers to resolve any message delivery or SPAM filtering issues with the specific provider.

For Pay-As-You-Go or Microsoft Partner Network subscriptions created¬†after¬†November 15, 2017, there will be technical restrictions blocking e-mail sent directly from VMs in these subscriptions.¬† Customers that need the ability to send e-mail from Azure VMs directly to external e-mail providers (not using an authenticated SMTP relay) can make a request to remove the restriction.¬† Requests will be reviewed and approved at Microsoft‚Äôs discretion and will be only granted after additional anti-fraud checks are performed.¬† To make a request, open a support case with the issue type Technical –> Virtual Network –> Connectivity –> Cannot send e-mail (SMTP/Port 25).¬† Be sure to add details about why your deployment needs to send mail directly to mail providers instead of going through an authenticated relay.

Once a Pay-As-You-Go or Microsoft Partner Network subscription gets exempted, VMs in that subscription only will be exempted going forward.  Microsoft reserves the right to revoke this exemption, should we determine a violation of our terms of service has occurred.

MSDN, Azure Pass, Azure in Open, Education, BizSpark, and Free Trial Customers

Customers who create MSDN, Azure Pass, Azure in Open, Education, BizSpark, and Free Trial subscriptions after November 15, 2017 will have technical restrictions blocking e-mail sent from VMs in these subscriptions directly to e-mail providers to prevent abuse.  No requests to remove the restriction can be made as they will not be granted.

Customers using these subscription types are encouraged to use SMTP relay services as outlined above.

Cloud Service Provider (CSP)

Customers that are consuming Azure resources via Cloud Service Provider (CSP) can create a support case with their Cloud Service Provider (CSP) of choice and request the CSP to create an unblock case on their behalf if a secure SMTP relay cannot be used.

SendGrid

SendGrid is a cloud-based email service that provides reliable transactional email delivery, scalability and real-time analytics along with flexible API’s that make custom intergation easy. Ideal for Azure!

First Step Configure your network security group (NSG)

You must allow your VM to send mail through port 587 (of 25). Therefore it’s a small task to allow that :

  1. Go to the networking pane of your Virtual Machine
  2. And choose to add an outbound port rule

NSG Port 587

Second step… create a SendGrid Account

Azure customers can unlock 25.000 (!) free emails each month. These 25.000 free monthly emails will give you access to advanced reporting and analytics and all API’s (Web, SMTP, Event, Parse and more).

Add the SendGrid Resource to your Azure account

  1. Sign in to the Azure portal.
  2. In the menu on the left, click Create a resource.

opdracht-balk-nieuw

3. Click Add-ons and then SendGrid Email Delivery.

sendgrid-opslaan

  1. Complete the signup form and select Create.
  2. sendgrid-maken
  3. Enter a Name to identify your SendGrid service in your Azure settings. Names must be between 1 and 100 characters in length and contain only alphanumeric characters, dashes, dots, and underscores. The name must be unique in your list of subscribed Azure Store Items.
  4. Enter and confirm your Password.
  5. Choose your Subscription.
  6. Create a new Resource group or use an existing one.
  7. In the Pricing tier section select the SendGrid plan you want to sign up for.sendgrid-prijzen
  8. Enter a Promotion Code if you have one.
  9. Enter your Contact Information.
  10. Review and accept the Legal terms.
  11. After confirming your purchase you will see a Deployment Succeeded pop-up and you will see your account listed in the All resources section.

    alle-resources
    After you have completed your purchase and clicked the Manage button to initiate the email verification process, you will receive an email from SendGrid asking you to verify your account. If you do not receive this email, or have problems verifying your account, please see this FAQ.

    beheren

    You can only send up to 100 emails/day until you have verified your account.

    To modify your subscription plan or see the SendGrid contact settings, click the name of your SendGrid service to open the SendGrid Marketplace dashboard.

    instellingen

    To send an email using SendGrid, you must supply your API Key.

To find your SendGrid API Key

  1. Click Manage.beheren
  2. In your SendGrid dashboard, select Settings and then API Keys in the menu on the left.API-sleutels
  3. Click the Create API Key.
  4. algemene-api-sleutel
  5. At a minimum, provide the Name of this key and provide full access to Mail Send and select Save.toegang
  6. Your API will be displayed at this point one time. Please be sure to store it safely.

To find your SendGrid credentials

  1. Click the key icon to find your Username.sleutel
  2. The password is the one you chose at setup. You can select Change password or Reset password to make any changes.

To manage your email deliverability settings, click the Manage button. This will redirect to your SendGrid dashboard.

beheren

You automatically will be logged on to the SendGrid page :

SendGrid Interface

Now go to settings, API keys to create an API key for SMTP relay. The API key is the password you need to authenticate. The SMTP server address is smtp.sendgrid.net:587 and the user is called apikey.

(Use these settings in your mailserver)


Altaro Office 365 Backup (for MSPs)

There’s a common misconception that Microsoft fully backs up Office 365 Mailbox. Microsoft is responsible for providing the O365 service, but do you know it’s your (!) responsibility to protect your (customer’s!) O365 data?

Microsoft has limited possibilities to help you with unexpected data loss or damage. Therefore it’s very important to have a solid backup solution in place!

My sponsor Altaro has a great product called Office 365 Backup! It’s a central multi-tenant solution for keeping your O365 data safe! You pay per mailbox, per month covering back up, storage, use of their management console and support! You don’t have to pay for contracts or anything else. Their service/solution is ideal for you as MSP!

There is a minimum of 30 mailboxes and you don’t need their VM Backup product to manage it. (Volume discounts possible) You can restore O365 data to the original mailbox, another mailbox or into a zip file. (Full restore or single/multiple items)

You can browse through the backup files and select the items you wish to restore.

You also don’t need any local storage and/or software. You can self decide what the monthly fee is you charge your customers! Have the flexibility to add and/or remove mailbox as needed. You only pay for the mailboxes you’ve backed up the last month!

Download the fact sheet here.
Sign up for your 30-day trial here.