New AMD EPYC virtual machine series in Azure!

Today I was browsing the Azure Management portal and discovered that Microsoft Azure released a new virtual machine series based on the AMD EPYC 7452V processors that can achieve a boosted 3.35Ghz. With these new AMD processers there are 4 new series available in Azure: Dasv3-series, Dav3-series, Easv3 and the Eav3-series

Same performance, lower price!

With almost the same performance as the DSv3 and Dv3 series Intel virtual machines, these machines might be an interesting choice, especially if we do a price comparison, just 2 examples:

CPU BrandMachineCPUMemoryPrice per month
IntelD2 v328€ 128
AMDD2a v328 54
IntelD4s v3416€ 257
AMDD4as v3416€ 109

If we look at the above pricing, there is a 234% price difference between AMD and Intel. I know, its not a perfect 1 on 1 comparison, but for the same price, you get the double amount of cores, and memory…

Continue reading “New AMD EPYC virtual machine series in Azure!”

Create new Outlook profile after Office 365 mail migration using GPO (Manual)

You want to move your mailboxes from Exchange on-premise to Office 365, and you want to give you users a smooth transition experience, then you will definitely need to implement the following to automatically create and configure a new Outlook profile on all Windows devices.

ZeroConfigExchange (ZCE)

Within Outlook Microsoft has created ZeroConfigExchange to setup new profiles with minimal user interaction. Depending on your exact configuration Outlook will be configured fully automatically, or the user is required to fill in his email address and/or password.

Continue reading “Create new Outlook profile after Office 365 mail migration using GPO (Manual)”

Azure Private Link now available in Preview!

With an increased security and privacy in mind Microsoft has been working on private links to Azure resources. Azure Private Link is a secure way to consume Azure Services like Azure SQL and Azure Storage using a private connection in your own VNet. This will replace the need for IaaS hosted virtual machines with SQL Server or the file server role installed.

Afbeeldingsresultaat voor azure private link

Azure Private Link brings Azure services inside the customer’s private VNet. The service resources can be accessed using the private IP address just like any other resource in the VNet. It is basically an NIC inside one of your VNET’s. This will allow all traffic to flow over the internal network, and will not go over the internet. There is no need to put gateways or any other network devices in place to make this happen.

Continue reading “Azure Private Link now available in Preview!”

How to block non-modern authentication to Office 365 services. (Manual)

With Azure Conditional access you get more control over your data, get better security and visibility! To use this feature you will need to buy and assign Azure AD Premium or EM+S E3/E5 licenses to your users.

This manual can be used to enforce the use of the Outlook app on IOS and Android devices by blocking all apps that do not support Modern Authentication like iOS mail and Google mail client.

Step 1: In the Azure Portal go to Conditional Access. On the first page that you get create a New policy

Continue reading “How to block non-modern authentication to Office 365 services. (Manual)”

How to configure Outlook on IOS & Android using Intune (Manual)

If you deployed Intune to your mobile devices, you want to enforce the use of the Outlook app on the mobile device. We want to make the end user experience as smooth as possible and preconfigure Outlook for the. How can we prepare the Outlook app with your company email settings? With just a few steps, we can get this setup!

Step 1: From the Azure Portal go to Intune –> Clients Apps –> App configuration policies and click Add

Step 2: Give the configuration policy a name and description. Select Device Enrollment type, my preferred method is to use Managed apps, because this will deploy the policy to both enrolled and unenrolled devices. Select the Outlook apps on Associated app, and go to Configuration settings.

Continue reading “How to configure Outlook on IOS & Android using Intune (Manual)”

Create a drive mapping using Intune on Azure AD joined devices (Manual)

With the transition to Azure AD, you might want to connect your AAD joined devices to the traditional file server as explained in this article: Go Azure AD Joined with on-prem DC and fileserver The next step is to map some network drives with Intune!

Step 1: The first step is to create a PowerShell script that will do the actual drive mappings. This script will be placed on a Azure Blob storage (or your internal domain) where you will be able to manage and maintain the script. This script will be run using a second script that we will deploy with Intune. For your convenience I’ve already prepared the script:

Continue reading “Create a drive mapping using Intune on Azure AD joined devices (Manual)”

New Azure region: Switzerland

Microsoft has announced the availability of the new Azure data-centers in Switzerland. With 2 data-centers in Switzerland, Zurich and Geneva, Azure has created a full region (West and North)

Microsoft worked together with several Swiss companies as early adopters to improve cloud adoption in Switzerland. As this region is fairly new it might take some time before all Azure and Office 365 services are available.

If you would like to start deploying resources in Azure, it might be that you don’t have access yet. During the initiation phase it is required to request access before you can start utilizing resources in Switzerland. Request access to Azure Switzerland

Tom Keane, Corporate Vice President, Microsoft Azure:

Today, we’re announcing the availability of Azure from our new cloud regions in Switzerland. These new regions and our ongoing global expansion are in response to customer demand as more industry leaders choose Microsoft’s cloud services to further their digital transformations. As we enter new markets, we work to address scenarios where data residency is of critical importance, especially for highly regulated industries seeking the compliance standards and extensive security offered by Azure.