A friend of mine recently started working with Azure and loved it once he got the hang of it. I encouraged him to start using PowerShell to automate various Azure operations but it didn’t quite stick with him on the first try. He started automating Azure operations using the Azure CLI and while it’s not a bad tool, it’s quite lacking in features compared to PowerShell and I’m pretty sure that it will not be maintained much longer since Microsoft open sourced PowerShell and gave the Linux / Mac community a taste. The funny part of this story is that he’s a Windows user, uses Windows 10 and yet he’s still using Azure CLI.
Where am I going with this? While giving him some tips on how to deploy some production / staging environments in Azure, I saw how he was automating resource creation in Azure using the CLI. He basically created a golden image in a storage account and with 35 lines of Azure CLI code, he was provisioning the environments. That made me cringe and motivated me to teach him how to do it using ARM templates and custom scripts.
These days I was doing some Azure work for a customer and I was asked if it was possible to create multiple custom RBAC roles for their Azure subscription because the existing ones don’t suit their needs. So I rubbed my hands together and said to client that’s a definite yes and to let me know the requirements so I can start working on the new roles 🙂
This blog post will start off a series of blog posts about Operations Management Suite (OMS or Log Analytics) which is as the latter name suggests is a log analytics engine that ingests events from data sources that you provide and provides a very nice searchable interface where you can do auditing on your infrastructure where ever it is.
With the plethora of service that Microsoft offers via its Office365 service, it’s hard to ignore the fact that having multiple identities across your organization can be quite problematic. With every Azure or Office 365 subscription you get provisioned an Azure Active Directory account in order for you to be able to login to consume the services you just paid for. Using one account you can get access to Exchange, SharePoint, Office 201(x) on demand, Dynamics CRM, Skype For Business and other neat tools like Planner, Sway. With Enterprise Mobility Suite you get access to Azure Rights Management, Intune, Information Security, Azure Active Directory Premium which include a lot of features like service wide MFA, Azure Active Directory Join (Windows 10 is best for this job).
What I’m trying to say here that using one account you get access to a multitude of services that improve your workflow and organization. The only problem with this is that most organizations have on-premise servers and a central directory management system (Active Directory, OpenLDAP/Samba, 389 Server etc.) and having multiple accounts (and passwords) proves to be quite a challenge for the IT staff to enforce security whilst providing the best experience for their users. We all know that password security is a big problem (look at all the breaches that happened in the last 2 years) and enabling the best security under one roof is one of the ways to go.
In this article I will talk about how you can integrate your on-premise Active Directory domain with Azure Active Directory in order to provide your users the best experience while accessing their resources without compromising your organizations security.
Azure Backups has been GA for a long time now but not long ago, the folks at Azure just removed the preview tag from the service that handles backing up Resource Manager VMs. I’ve been testing Azure Backup on RM deployments since it was announced in preview and I can say that almost all my tests showed promising results. I’ve encountered a couple of quirk during tests but those were ironed out fast and now that the service is out of preview I can say that Resource Manager VM deployments are the way to go.
In this blog post I will show you how to configure the Azure Recovery Services to back up your Azure VMs and recover them when required.