https://developer.microsoft.com/en-us/graph/graph-explorer
Friday, April 4, 2025
Tuesday, April 23, 2024
Azure Windows VM Agent Overview
The Microsoft Azure Windows VM Agent is a secure, lightweight process that manages virtual machine (VM) interaction with the Azure fabric controller. The Azure Windows VM Agent has a primary role in enabling and executing Azure virtual machine extensions. VM extensions enable post-deployment configuration of VMs, such as installing and configuring software. VM extensions also enable recovery features such as resetting the administrative password of a VM. Without the Azure Windows VM Agent, you can't run VM extensions.
https://learn.microsoft.com/en-us/azure/virtual-machines/extensions/agent-windows
Tuesday, February 20, 2024
Az.Accounts module causes error in VSCode
When attempting to make an Azure connection the following error occurs:
Connect-AzAccount : Method 'get_SerializationSettings' in type 'Microsoft.Azure.Management.Internal.Resources.ResourceManagementClient' from assembly 'Microsoft.Azure.PowerShell.Clients.Reso
urceManager, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35' does not have an implementation.
At line:1 char:1
+ Connect-AzAccount
+ ~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Connect-AzAccount], TypeLoadException
+ FullyQualifiedErrorId : System.TypeLoadException,Microsoft.Azure.Commands.Profile.ConnectAzureRmAccountCommand
This is discussed in https://github.com/Azure/azure-powershell/issues/21960
The solution is to close VSCode and install a previous version 2.12.2 using
Install-Module -Name Az.Accounts -RequiredVersion 2.12.2
Then remove the faulty version 2.15.1 in this case
Uninstall-Module -Name "Az.Accounts" -RequiredVersion 2.15.1
Connect-AzAccount then correctly prompts for credentials
While you are now able to us Connect-AzAccount in VSCode in may not be much use because it may be in compatible with other modules such as Az.DesktopVirtualistation.
You may be forced to run up to date compatible modules entirely from ISE.
Thursday, August 27, 2020
Creating Hyper-V VMs on an Azure Hyper-V Server
It is possible to create Hyper-V virtual machines (VMs) that run on a Hyper-V server in Azure. The key enabler here is Azure VMs which are "Hyper-threaded and capable of running nested virtualization". Only certain VMs have this capability and are listed here https://docs.microsoft.com/en-us/azure/virtual-machines/acu
The term "nested virtualization" is used because an Azure VM is itself running on a Hypervisor. Therefore, running a VM on a machine, which is already itself, running on a Hypervisor is referred to as being nested. https://azure.microsoft.com/en-us/blog/nested-virtualization-in-azure/
There is nothing special* about a nested VM and no special configuration needed to run them. It is just a normal VM running on a Azure VM which is capable of running "nested" VMs.
At this point I'll make a particular and important note. Hyper-V servers can create three types of virtual switches to enable the guest VMs to have a network connection. External, Internal and Private. External virtual switches are not allowed on Azure Hyper-V servers.
To fire up VMs with network connections on an Azure Hyper-V server, create an internal virtual switch and use NAT to give the VMs connectivity to the internet. Private virtual switches only allow the connected VMs to see each other and nothing else.
On this very useful link Cheng (Charles) Ding describes the process of configuration NAT with powershell and also using the option of configuring a DHCP server to automatically assign selected IP addresses. It is possible to add the DCHP server role to the Hyper-V server but it is important to remember that if the server is a member server on an Active Directory domain, the DHCP server must be specially authorized in the AD before it is able to do its job. This tasked can be accomplished in the DHCP applet by selecting DHCP and then using the menu item Action_Manage Authorized Servers.
Finally a note on the powershell script to create nested VMs on Cheng's page. I did not use or test the script. The script is not activating anything special related to nesting. It appears to be a way to automate the spin up of a nested guest VM on an Azure VM that is capable of running "nested" VMs. The same result can be achieved "manually" by running through the procedures to add the Hyper-V role, create the virtual switch, vm, etc
Additional useful reference and discussion of more advanced network configuration.
https://www.jeffgilb.com/hyper-v-nested-vms-in-azure/
*It is a bit special. Running VMs on VMs is cool and there were probably some technical hurdles for Microsoft to overcome before this became possible.
Friday, August 21, 2020
Virtual SCCM Lab Setup
This assumes familiarity with Azure Portal, virtual networks and virtual machines. It is a lab only configuration using the default RDP access which should not be used for production machines.
For the virtual network that you are working on configure a custom DNS server with the IP address of the DC to be created below. This can be done after the DC is created if necessary.
This page is a very useful resource
https://www.systemcenterdudes.com/complete-sccm-installation-guide-and-configuration/
Create a DC
This is based on this page which is out of date.
Machine 1 DC and Hyper-V machine(installed later).
Name e.g. DSHV0
type D4sv3
OS Windows Server 2019 Datacenter
128Gb Standard SSD system
8Gb Standard SSD data
257Gb Standard SSD VMs disk.
Once the VMs are created configure the dnsname of the machine and use the connect blade to download the RDP connection file.
Initialise as GPT type and attach the disks in disk management as simple volumes, NTFS quick formatted. i.e. use defaults F: = 8Gb G:=256Gb
Add the Active Directory Domain Services role, install the feature and Promote this server to a domain controller - New Forest, enter a root domain name e.g. mylab.com
Enter the Directory Services Restore Mode password
On DNS options, ignore the warning and click next
Accept the NETBIOS default name and click next
Configure the Database, Log files, and SYSVOL folders to F: locations on the disk created earlier
On the Review Options page, click the View Script button. A PowerShell script snippet will be displayed in a Notepad window. This snippet includes the cmdlets needed to Install a new Active Directory forest via PowerShell with the options selected in the wizard. Save this snippet to your Documents folder for future reference as a file named PSSnippet-Install-ADDSForest.ps1 and close the Notepad window. Click Next
On the Prerequisites Check page, ignore the warnings displayed and click the Install button. The warnings displayed are due to the dynamic IP addressing used within Windows Azure Virtual Networks and do not apply to this cloud environment.
The Active Directory Domain Services configuration process will be begin for the new AD Forest.
When the Active Directory configuration process is complete, the server will automatically restart.
DC build complete
Note that during this process the local administrator user name and password are converted from local accounts to, well, the domain admin. For a test environment consider setting the password of the account to never expire. Password expiration of the domain admin account could be inconvenient.
Create a SCCM/SQL Server
This is based on this page which is out of date.
Machine 2 - The SCCM / SQL server
Name e.g. SCCMSQL0
Type D4s_v3
OS Windows Server 2019 Datacenter
128Gb Standard HDD system HDD are cheaper storage for test purposes.
128Gb Standard HDD data
Login as the local admin and attach the data disk.
Click WORKGROUP in the Local Server section of the server manager to join the domain e.g. mylab.com. If the mylab.com domain controller is not contactable check you have set the custom DNS server correctly and pointing to the DC for the virtual network.
Activate the required features for an SCCM server.
Add Roles and Features
Install the WSUS Server Role with defaults.
On the Select Features page, check the checkboxes for the following features and sub-features, leaving all other options at the default checkbox state:
- .NET Framework 3.5 with both HTTP Activation and Non-HTTP Activation selected.
- .NET Framework 4.7 with both HTTP Activation and TCP Activation selected.
- Background Intelligent Transfer Service ( BITS )
- Remote Differential Compression
-Telnet Client (not essential but a useful diagnostic tool to have ready)
Whenever prompted during the feature selection process above, click the Add Features button to add all features that are required for a select feature or sub-feature option.
Click the Next button to continue.
On the IIS Web Server Role Services page, check the checkboxes for the following options, leaving all other options at their default checkbox state:
- Windows Authentication, located under the IIS with Security section.
- ASP.NET 3.5, located under the Application Development section.
- IIS 6 WMI Compatibility, located under the Management Tools | IIS 6 Management Compatibility section.
Click the Next button and then click the Install button to begin the feature installation.
Now it's time to install the SCCM bits and bobs. This link may provide eval downloads.
https://www.microsoft.com/en-us/evalcenter/evaluate-system-center
In this procedure SCCM 1902 base version is being used and has been copied and extracted to the local F:
Login as the domain admin on the SCCM machine and run "F:\installfiles\SC_Configmgr_SCEP_1902\SMSSETUP\BIN\X64\extadsch.exe"
to extend the AD schema. After running this command, review the log output located in C:\extadsch.log to confirm that the schema extension operations were successfully completed.
Using the Active Directory Users and Computers tool from the domain controller virtual machine remote desktop console, setup the required Active Directory permissions and objects.
In the Active Directory Users and Computers tool, select View | Advanced Features from the menu bar. In the left navigation pane of the Active Directory Users and Computers tool, right-click on the System container and select Properties from the pop-up menu. On the Security tab, add the Active Directory computer account for the ConfigMgr site server to the Groups or user names list and assign Full Control permissions to it. Click OK when completed.
In the left navigation pane of the Active Directory Users and Computers tool, right-click on the Users container and select New | User from the pop-up menu. Create the following domain user accounts for SQL Server and ConfigMgr site system roles: Enter passwords as required and note them down.
- SQLService domain user account: uncheck User must change password at next logon optionand check Password never expires option.
- CMAdmin domain user account: uncheck User must change password at next logon option and check Password never expires option. Add this domain user account to the Domain Admins global group.
Go to your selected SQL Server installation media source. Below refers to 2012 but it is still similar in the 2019 version
Double-click the F:\setup.exe installation executable to launch the SQL Server 2012 Installation Center. In the SQL Server 2012/9 Installation Center window, click the Installation link located in the left navigation pane. In the SQL Server 2012/9 Installation Center window, click New SQL Server stand-alone installation or add features to an existing installation in the right content pane. This will launch the SQL Server 2012/9 Setup program.
Click through
Keep the free Eval version unless you have a product key you wish to use.
Note the firewall warning
Select the Database Engine Services, and use the web download link for reporting services (2019)
Modify the install locations to F:
Keep the default instance
Enter DomainName\SQLService account for the SQL Server Database Engine and enter the password.
Database Engine Configuration: Click Add Current User button
Use defaults and click through the nexts to start the install.
Install SQLServerReportingServices.exe downloaded from the link above.
Named Pipes
Launch SQL Server Configuration Manager
Expand SQL Server Network Configuration
Select protocols and Enable Named Pipes in the right window.
Next install the Windows 10 ADK downloaded from here.
https://docs.microsoft.com/en-us/windows-hardware/get-started/adk-install
Use defaults.
Also obtain the WinPE Addon for the selected Win10 version and install it. This is checked by the SCCM install later.
Create this file D:\NO_SMS_ON_DRIVE.SMS to stop SCCM creating any files on the Azure VM temporary drive.
Finally time to run SCCM setup :)
Reboot and ensure login is the domain admin.
Run "F:\installfiles\SC_Configmgr_SCEP_1902\SMSSETUP\BIN\X64\setup.exe"
Install a Configuration Manager primary site - don't use the "typical" tick box it is not fun!
Select Eval unless you want to use a key.
Accept all the terms tick boxes.
Create a suitable folder for the setup downloads and specify it in the downloaded file path.
Select Languages
Select Install the primary site as a stand-alone site.
Use defaults for the database specification
Click Next on data and log file locations
Click Next on the SMS Provider
Client Computer Communications Settings - Configure the communication method on each site system role. Doing this enables HTTP and avoids the complexities of PKI certicates. As this is lab HTTP is acceptable. Production systems should have all reasonable security applied.
Site System Roles - Next
Prerequisite Check
Some warnings may appear with links to resolve. Check the warnings and carry out any other necessary actions as advised.
Begin Install
When the install wizard has completed, which may take about an hour, the top status message should be "Core setup has completed". The next button will not be available, only the Close button. Close.
Tuesday, June 30, 2020
Copy a VHD to a Storage Account on another subscription
This process was used to copy a virtual hard disk (VHD) from one Azure account/subscription to another separate account/subscription.
This is based on this article http://azurecentric.com/2018/11/how-to-migrate-azure-managed-disk-to-different-subscription-and-region-part-ii/ There is some variation such as using a different AzCopy version.
- Prep the Managed Disk VHD as a copy source by creating a Shared Access Signature (SAS) Token URL. Select the Managed Disk and generate the SAS URL from the Disk Export Blade. Copy the string out for use later. You could use the string in a browser to download the VHD. The SAS URL is temporary and only lasts a limited time.
- Logon to the Destination account/subscription and create a storage account if necessary. It is very likely there already is a storage account as they are created automatically with VMs. In the Storage Account create a new container to act as the copy destination. Give it a name and set the Public Access Level to Blob (Binary Large OBject)
- Once the container has been created check that your account has appropriate roles assigned to manage it. Assign a role to your account if necessary. Storage Blob Data Owner role can be used.
- Obtain the destination URL of the container from the properties blade. Copy the string out for use later.
- Launch a VM and obtain the AzCopy utility here https://docs.microsoft.com/en-us/azure/storage/common/storage-use-azcopy-v10
- In a command window run AzCopy login follow the instructions to open a URL in a browser and enter a code. The Azure account of the destination can then be authenticated.
- To being the copy enter
AzCopy copy "<SAS URL>" "<Destination URL>/diskname.vhd"
The file transfer status will be shown in the command window and a log file will also be generated in the user profile. - Once complete view the container contents to see the newly arrived diskname.vhd file which is a page blob object
- Create a new managed disk, size it correctly and use Storage blob as the source. Browse to the diskname.vhd page blob in the Storage Account container. Then create the disk from the diskname.vhd page blob
- Once the disk is created it can be attached to a VM. The diskname.vhd page blob can now be deleted.
also see
Monday, December 16, 2019
Uptime !
This table illustrates actual downtime with SLA% from 99 to 99.999
| SLA % | Downtime per week | Downtime per month | Downtime per year |
|---|---|---|---|
| 99 | 1.68 hours | 7.2 hours | 3.65 days |
| 99.9 | 10.1 minutes | 43.2 minutes | 8.76 hours |
| 99.95 | 5 minutes | 21.6 minutes | 4.38 hours |
| 99.99 | 1.01 minutes | 4.32 minutes | 52.56 minutes |
| 99.999 | 6 seconds | 25.9 seconds | 5.26 minutes |
Subscribe to:
Comments (Atom)