Deploy Azure MySQL Flexible Server using Private End-Points (Manual)
In this manual I am going to show you how to deploy Azure MySQL Flexible Server with data encryption enabled using a Service Managed Keys (SMK) for data at rest encryption. What is Azure MySQL Flexible Server? Azure Database for MySQL Flexible Server is a fully managed Azure database...
How to migrate lightning fast from on-premise file server to Azure Fileshare with AZCopy
When you want to migrate from an on-prem file server to an Azure File Share, you want to do it as fast as possible. There are multiple ways to achieve such an migration. This could be with Azure Storage Explorer, mount the SMB share and go for a traditional...
How to setup SFTP using Azure Blob Storage (Manual)
Since 2022 Microsoft supports the SSH FTP protocol on the Azure Blob Storage accounts. In this manual I will show you how to setup SFTP on Azure Blob storage. Before you can use SFTP, you will need to know a few things. One of them is that SFTP relies...
Setup Azure File Share with Entra ID hybrid identities
I hear a lot of people that want to get rid of their traditional file server and don’t want to move to SharePoint for various reasons. As an alternative we can use Azure File Share with integrated Entra ID authentication. This manual contains al the information required to setup...
How to setup AWS SSO to Microsoft Entra ID (Azure AD) and use auto provisioning
Last week a customer wanted to setup single sign-on to Amazon Web Services (AWS) from their Entra ID / Azure AD environment. After reading several instructions from both Microsoft and Amazon I needed some more explanation for each step before I would activate it. So here is my manual...
How to setup BGP VPN connection with Azure WAN (Lessons learned)
Last few weeks I’ve been busy with setting up an Azure Virtual WAN environment with multiple VPN connections. One of them is a High available VPN with BGP connection to a Fortigate Firewall. Since this Fortigate Firewall is hosted with a 3rd party, I don’t have any screenshots or...
Redundant VPN Gateway reset (Azure WAN)
If you happen to have a redundant setup of a VPN gateway, which happens to be delivered as well with Azure Virtual WAN, you might encounter issues where you want to reset the VPN Gateway. One thing that is not clearly mentioned in the documentation, nor is it in...
Microsoft Azure Boost Preview
Last July Microsoft announced the new Azure Boost in Preview. Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS, such as networking, storage, and host management, onto purpose-built hardware and software. By separating hypervisor and host OS functions from the...
New Office 365 subscriptions without Teams for the European Economic Area and Switzerland
Since 2007 Microsoft has provided communication and collaboration tools. Starting with Lync followed by Skype for Business and since a few years Teams. Where Teams is more than a communication tool, it has native integration in Office 365. In 2022 the European Commission raised some concerns about the market...
Microsoft renames Azure AD to Microsoft Entra ID
A year ago Microsoft announced the Entra product family to gain more trust and achieve higher security in every digital experience and interaction. By making the protection of identities and access an primary goal, Microsoft envisions an new era for security. With this renaming Microsoft is showing their commitment...
Get started with Azure Functions (Manual)
Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running. As you build your functions, you have...
How to register Azure B2C tenant in the Azure API Managent (Manual)
From within the Azure API Manament portal there is a default authentication option for your API consumers. The better option is to configure a connection with an Azure B2C tenant. This will enable you to enforce MFA and conditional access policies on your API applications. In this manual it...
How to solve in Azure: The subscription is not registered to use namespace ‘xxxxxx’
Sometimes it happens that if you want to deploy a new type of resource in Azure that you receive the following error: The subscription is not registered to use namespace ‘*********’. See https://aka.ms/rps-not-found for how to register subscriptions. Today I received the above error for the namespace Microsoft.AzureActiveDirectory. And...
How to create an applocker policy (Manual)
Windows AppLocker is a technology first introduced in Windows 7 that allow you to restrict which programs users can execute based on the program’s attributes. In enterprise environments it is typically configured via Group Policy, however we can leverage the XML it creates to easily build our own custom...
IP Groups in Azure Firewall
If you are planning on using Azure Firewall you will definitely need to start using IP Groups. This will make your life so much easier and save you a lot of time in future changes because it will allow you to group and manage IP addresses for Azure Firewall...
How to deploy fonts to Windows clients using Intune. (Manual)
Last week I had a customer that wanted to deploy multiple fonts to all his clients. Since there is no default option to deploy fonts to Intune clients, it is time to do some PowerShell magic, in Intune. How to install fonts on your device? If you have new...
Restrict Azure App Permissions to Specific mailboxes only
With Microsoft disabling basic Authentication starting October 1st 2022, I see a lot of vendors asking us IT Pro’s to create an Azure App registration with mailbox permissions to read out just a single mailbox. However, by default this Azure App grants permissions to every single mailbox in your...
How to setup Azure AD Enterprise app with password sign-on
Some web applications do not support single sign-on authentication. For these applications Microsoft has created an option to save the password in Azure AD. In this manual I am going to explain how to set it up. STEP 1: Create app From within the Azure Portal (https://portal.azure.com) go to...
Deploy Azure Virtual WAN with Virtual HUB (Manual)
This is the first blog post about Azure Virtual WAN. In the coming series I will be showing how to deploy en setup Azure Virtual WAN and setup VPN connections (S2S and P2S). In this blog post we start with the first step:...
Azure VM cannot connect to RDP (NLA, Manual)
Today I had to restore a virtual machine from a backup from 2 weeks ago. Once booted I received the error message that I was not able to connect because of the following error: The remote computer that you are trying to connect to requires Network Level Authentication (NLA),...