Use an Application Image from the Azure Marketplace using PowerShell

I recently needed to deploy a special type of VM from the Azure Marketplace using PowerShell and the deployment was not the same as regular Windows or Linux VM. First I knew the app I wanted to use, e.g. https://azuremarketplace.microsoft.com/en-us/marketplace/apps/microsoft-ads.windows-data-science-vm but wasn’t sure of the publisher or offer. With hindsight it shows you right in theContinue reading “Use an Application Image from the Azure Marketplace using PowerShell”

Deploying an Azure IaaS VM using PowerShell

I recently had to deploy some new VMs and wanted to use PowerShell and also join them to a domain and get the anti-malware extension used. Below is the PowerShell I used. You would need to modify the variables in the below to match your own domains. $Region = “EastUS” $VNetName = “savilltech-vnet-east” $VNetRG =Continue reading “Deploying an Azure IaaS VM using PowerShell”

Using Azure Application Gateway to publish applications

I was recently part of a project to deploy SharePoint and Office Online Server (OOS) to Azure IaaS as part of a hybrid deployment. A requirement was to make the SharePoint available to the Internet in addition to the OOS (enabling editing of documents/previews online). The deployment was very simple, 3 VMs were deployed toContinue reading “Using Azure Application Gateway to publish applications”

Migrate from ATA to Azure ATP with easy PowerShell

This week Azure Advanced Threat Protection (ATP) was made available as a product that is part of EMS E5 and is essentially ATA in the cloud. ATA is a service that takes a data feed from all domain controllers then uses that data to help identify various types of attack such as pass-the-hash, golden ticket,Continue reading “Migrate from ATA to Azure ATP with easy PowerShell”

Azure NSG Integration with Storage and Other Services

Network Security Groups (NSGs) are a critical component in Azure networking which enable the flow of traffic to controlled both within the virtual network, i.e. between subnets (and even VMs), and external to the virtual network, i.e. Internet, other parts of known IP space (such as an ExpressRoute connected site) and Azure components such asContinue reading “Azure NSG Integration with Storage and Other Services”

Quickly check who are Global Admins in your Azure AD with PowerShell

The code below will list the Global Admins in your Azure AD. Note that if using privileged identity management any users currently elevated would also show. $role = Get-AzureADDirectoryRole | Where-Object {$_.displayName -eq ‘Company Administrator’} Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId Also note the PowerShell/Graph API name for Global Admins is Company Administrator.

Checking the creation time of an Azure IaaS VM

I recently had a requirement to check the age of VMs deployed in Azure. As I looked it became clear there was no metadata for a VM that shows its creation time. When you think about this it may be logical since if you deprovision a VM (and therefore stop paying for it) then provisionContinue reading “Checking the creation time of an Azure IaaS VM”

Removing a non-existent domain

Recently lost a huge storage array and with that the DC for a demo child domain. I therefore had to clean up the now non-existent domain. I did this with ntdsutil. Below are the steps involved. Basically the domain controllers for the domain are removed, then the DNS naming context and finally the domain. C:UsersAdministrator>ntdsutilContinue reading “Removing a non-existent domain”

Deploying the OMS Agent Automatically

I needed to deploy a new OMS workspace to every machine in my environment and these machines were at various states of configuration. Some had the OMS agent already installed, some had various workspaces already added and some had the new OMS workspace already configured. Additionally these machines were in different environments with differing accessContinue reading “Deploying the OMS Agent Automatically”

Downloading a Cumulative Update for manual installation

Recently I needed to manually install a cumulative update. It’s actually a simple process. Firstly you need to find the KB for the update. This can be found by navigating to https://support.microsoft.com/en-us/help/4000825/windows-10-windows-server-2016-update-history and select the OS build which will show a list of all the updates. Once you know the KB head over to https://www.catalog.update.microsoft.com/ and typeContinue reading “Downloading a Cumulative Update for manual installation”