Quickly check who are Global Admins in your Azure AD with PowerShell

The code below will list the Global Admins in your Azure AD. Note that if using privileged identity management any users currently elevated would also show. $role = Get-AzureADDirectoryRole | Where-Object {$_.displayName -eq ‘Company Administrator’} Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId Also note the PowerShell/Graph API name for Global Admins is Company Administrator.

Checking the creation time of an Azure IaaS VM

I recently had a requirement to check the age of VMs deployed in Azure. As I looked it became clear there was no metadata for a VM that shows its creation time. When you think about this it may be logical since if you deprovision a VM (and therefore stop paying for it) then provisionContinue reading “Checking the creation time of an Azure IaaS VM”

Removing a non-existent domain

Recently lost a huge storage array and with that the DC for a demo child domain. I therefore had to clean up the now non-existent domain. I did this with ntdsutil. Below are the steps involved. Basically the domain controllers for the domain are removed, then the DNS naming context and finally the domain. C:UsersAdministrator>ntdsutilContinue reading “Removing a non-existent domain”

Deploying the OMS Agent Automatically

I needed to deploy a new OMS workspace to every machine in my environment and these machines were at various states of configuration. Some had the OMS agent already installed, some had various workspaces already added and some had the new OMS workspace already configured. Additionally these machines were in different environments with differing accessContinue reading “Deploying the OMS Agent Automatically”

Downloading a Cumulative Update for manual installation

Recently I needed to manually install a cumulative update. It’s actually a simple process. Firstly you need to find the KB for the update. This can be found by navigating to https://support.microsoft.com/en-us/help/4000825/windows-10-windows-server-2016-update-history and select the OS build which will show a list of all the updates. Once you know the KB head over to https://www.catalog.update.microsoft.com/ and typeContinue reading “Downloading a Cumulative Update for manual installation”

Solving a strange Remote Desktop Gateway authentication problem

I recently deployed a new Remote Desktop Gateway server but when I authenticated it would tell me the logon failed even though I knew the policies were valid for the user (because I could logon from a different computer) and I knew the credential was correct. There were no logs under TerminalServices-GatewayOperational which meant theContinue reading “Solving a strange Remote Desktop Gateway authentication problem”

Easily configure Remote Desktop Gateway firewall rules

When you install Remote Desktop Gateway which enables RDP to be encapsulated in HTTPS a number of firewall exceptions are required which are enabled automatically. This also means the RDG has a public and private IP address. There are many other firewall exceptions that are normal for Windows functionality that by default are enabled forContinue reading “Easily configure Remote Desktop Gateway firewall rules”

Deploying Operating Systems in Azure using Windows PE

In this article I want to walk-through deploying operating systems in Azure using a custom Windows PE environment and along the way cover some basics around PE and OS deployment. Before going any further I would stress I don’t recommend this. The best way to deploy in Azure is using templates, have generic images andContinue reading “Deploying Operating Systems in Azure using Windows PE”