Let’s go password less, because passwords are bad! Part 1

Quite a statement, passwords are bad? Today I’d like to explain why you should work on better security by using other authentication methods than just 1 password.

Gerelateerde afbeelding

Why passwords are bad

Password are problematic, very often you see that passwords fall in the hands of unpleasant people. Here are a few things that might happen with a password:

Continue reading “Let’s go password less, because passwords are bad! Part 1”

Use PRTG to monitor Azure Backup status

Recently I received the question if it is possible to monitor Azure Backup with PRTG. Now this might seem to be a bit weird, as we could use Azure monitoring. But in this case, it was a service provider that needed a single solution for all their services, including custom dashboards and monitoring.

So, challenge accepted, lets get this done! In this case the customer has a Azure Recovery Service Vault with 2 virtual machines, with a backup schedule of only once every 24 hours with a retention of 30 days.

Our goal will be to have 3 sensors in PRTG with the completed jobs, failed jobs and running jobs. If you follow the next steps you should be able to set this up your self as well.

Continue reading “Use PRTG to monitor Azure Backup status”

Azure File Sync Agent v7 Released

Afbeeldingsresultaat voor azure filesync

Microsoft is working hard on improving Azure File sync. They just announced the new release of the v7 agent. For now only current installed agents get the update. Once all current clients have been updated, the update will be available on Microsoft Update and Microsoft Download Center

Improvements and issues that are fixed

  • Support for larger file share sizes
    • With the preview of larger, 100 TiB Azure file shares, we are increasing the support limits for file sync as well. In this first step, Azure File Sync now supports up to 50 million files in a single, syncing namespace. Other existing limits, for example the number of items per directory level, still apply.
  • Improved Azure Backup file-level restore
    • Individual files restored using Azure Backup are now detected and synced to the server endpoint faster.
  • Improved cloud tiering recall cmdlet reliability
    • The cloud tiering recall cmdlet (Invoke-StorageSyncFileRecall) now supports per file retry count and retry delay, similar to robocopy.
  • Support for TLS 1.2 only (TLS 1.0 and 1.1 is disabled)
    • Azure File Sync now supports using TLS 1.2 only on servers which have TLS 1.0 and 1.1 disabled. Prior to this improvement, server registration would fail if TLS 1.0 and 1.1 was disabled on the server.
  • Miscellaneous performance and reliability improvements for sync and cloud tiering
    • There are several reliability and performance improvements in this release. Some of them are targeted to make cloud tiering more efficient and Azure File Sync as a whole work better in those situations when you have a bandwidth throttling schedule set.

Reset Azure AD User password with a predefined password

In the Azure portal you can reset the password of a user, but this is always a temporary password. But PowerShell to the resque again, lets set the password in Azure AD with PowerShell with a predefined password! On your Windows device open a PowerShell prompt and connect to Azure AD. (Click here if you don’t know how to)

First we need to get the object ID from the user where we want the password to be reset. Run the following command (replace emailadres):

Get-AzureADUser -filter "userPrincipalName eq 'username@2azure.nl'"

Copy the ObjectId from the user where you want to have the password reset. And run the following commands (replace the password text for the new password):

$password = ConvertTo-SecureString 'Please enter the new password' -AsPlainText -Force

Set-AzureADUserPassword -ObjectId  "a8d5e982-6c3d-406e-a533-a21b275e3d37" -Password $password

Backup your Office 365 environment!

In the past two years, Over 50 percent of businesses experienced an unforeseen interruption, and the vast majority (81%) of these interruptions caused the business to be closed for one or more days.

Did you know that 80 percent of businesses suffering a major disaster go out of business in three years, while 40 percent of businesses that experience a critical IT failure go out of business within one year. In the case of suffering a fire, 44 percent of enterprises fail to reopen and 33 percent of these failed to survive beyond 3 years…

It’s a common mistake to think that Microsoft takes core of backups for your Office 365 environment. Yes, they do make backups, every 12 hours with a retention of 14 days. However, this is only designed for emergency purposes, and if you need it your self, they will charge you for that.

But then you might think that there is a recycle bin and versioning, yes, but these are limited as well. For email the retention is just 30 days, and for SharePoint it is 90 days. This can extended with the E3 and E5 subscriptions. But is this a real backup? and can this guarantee save data retrieval in case of a disaster? the answer is NO!

Continue reading “Backup your Office 365 environment!”

Azure Bastion in Public Preview!

Today Microsoft has announced Azure Bastion. With this new service you will get improved security features and simplified IT managemend with a single click from your webbrowser using the HTML5 web client. This will eliminate the need for a jump server. I am looking forward in using this service in preview and GA.

More information can be found on the Microsoft Azure blog: https://azure.microsoft.com/nl-nl/blog/announcing-the-preview-of-microsoft-azure-bastion/

Top-level Azure Bastion architecture

Slow IOPS in Azure VM’s? not anymore!

In Azure there are several ways to implement your VM storage. I get a lot of complaints about slow storage in Azure. In this article I will try to explain why this might be slow, and what you can do about it. There are multiple locations where the limit might be hit. So I will address all in the following topics.

Virtual machine type

The first limitation might be coming from your virtual machine. Each type has its own total IOPS limit. Thus by adding more disk or faster disk than the type and size allows will not make any speed difference in the end. One of the obvious reasons for faster disk performance is to use SSD disks instead of HDD.

Example of an IOPS limit on VM type

But keep in mind, not all virtual machines do support Premium SSD Storage, with an effective limit of 500 IOPS per disk, like in the Av2 series. And then there is host caching, that effects performance as well. A few examples:

Continue reading “Slow IOPS in Azure VM’s? not anymore!”

Deploy Office 365 plugins using the Admin Portal

From the Office 365 Admin portal it is possible to deploy Office plugins to users, both specific as all users. With this manual we will deploy a plugin from the store, but you can deploy custom apps as well. The advantage of using plugins from the store is that the plugins get automatically updated, so nothing you have to worry about anymore!

Step 1: Login to the office portal, go to the admin center, and from there go to Settings, Services & add-ins, and Deploy Add-in

Continue reading “Deploy Office 365 plugins using the Admin Portal”

How to deploy Azure Active Directory Domain Services (AD DS)

Today we will learn how to deploy Azure AD Domain services. So let’s go to the Azure portal and let’s get you started!

Step 1: Go to Azure AD Domain Services and create a new Azure AD Domain services!

Step 2: Now we can start te setup of ADDS, fill in your preferred domain name. You can leave the default which is the same as your Azure Active Directory name ending with .onmicrosoft.com, but I would recommend a public URL like in my case adds.2azure.nl.

Continue reading “How to deploy Azure Active Directory Domain Services (AD DS)”