Category: Azure

CSP: Granular Delegated Admin Privileges (GDAP) explained

Microsoft has been working on improving security. In the last few years every CSP customer has had the request to grant Delegated Admin Privileges (DAP) at least once. Without it is hard for the CSP Partner to grant and assign licenses, however not impossible. Of course it is convenient...

Bring your own IP (BYOIP) to Azure with Custom IP Prefix

When you want to move to Azure, but you want to retain your current public IP addresses, because of IP whitelisting, or te preserve your established IP reputation, you can now move your Public IPv4 Addresses to Azure. Once onboarded, these IPs can be associated with Azure resources, interact...

Setup a good password policy in Azure AD

A good password policy is the first step on securing your environment and company data. Without a password policy in place you can be sure that a lot of users will take a password that can be easily guessed and/or brute forced in less than 5 minutes. Default Azure...

Azure OMI Vulnerability

Microsoft has released multiple security updates in last Patch Tuesday. One off them fixes a high risk vulnerability (CVE-2021-38647) Also know as OMIGOD. This vulnerability can be used remotely, so exploitation is expected soon. This flaw doesn’t directly affect Windows at all, because it’s a bug in Microsoft’s open...

New fluent Azure icon

Some people might have noticed it, but Microsoft has released a new Azure Icon in its portal. By changing the icon Microsoft wants to match the style with their Fluent Design System making it more familiar for their customers. Source: https://azure.microsoft.com/en-us/blog/a-fluent-new-look-for-the-azure-icon/...

Automate Azure SQL Size using Azure Automation (Manual)

Recently a customer asked me how to save cost on their Azure SQL database without moving away from DTU based subscription model. In this case this customer knows exactly at what time their database is heavily utilized, and when it’s idling. So with a script its easy to automate....

Azure Automation: Run SQL command on Azure SQL (Manual)

How cool would it be to automate your daily SQL tasks using Azure Automation? Well, really cool off course! Lets start using Azure Automation! Go ahead, if you don’t have an automation account yet, create one by going to Automation Accounts. Give your automation account a name, choose a...

How to use Azure Automation to maintain SQL indexes and statistics

When you migrate to Azure SQL, you might think that Azure does all SQL maintenance, including the maintenance of your database… But the truth is, you will need to setup some maintenance yourself for your databases. Microsoft doesn’t know what is best for your application or database. With this...

Azure Shared disks now in Preview!

Microsoft had announced the limited preview of Azure Shared disks. With these announcement it will be possible to migrate clustered environments running Windows Server to Azure. This capability is designed to support SQL Server, Scale-Out File servers, RDS User Profile Disk and SAP ASCS/SCS servers running on Windows. Also...

Microsoft adds IPv6 support for Azure VNets (Preview)

Today I noticed a new checkbox in the Azure Portal. Microsoft has released IPv6 in the Public preview for Azure VNets. Virtual machines will be equipped with a dual-stack IP connectivity. Meaning both will be available. With the ending of IPv4 addresses it makes IPv6 mandatory for everybody. From...

How to automatically assign Office 365 licenses to users based on groups

If you have a large on premise environment, you might want to automate the assignment of Office 365 licenses by using (dynamic) security groups in Azure AD. With this simple manual you should be able to setup automatic license assignment based on a security group....

Lock down Microsoft Team creation (Manual)

By default everyone may create a new team in Microsoft Teams. As an organisation admin you might want to control this, or release it a some point. With this manual you should be able to lock down team creation to users that are member of a Azure AD Security...

Performance enhancement on Azure Premium SSD Disks

Microsoft has announced SSD bursting capabilities. This means that Premium SSD disks can achieve higher peak loads than the maximum IOPS with a new maximum of 3500 IOPS and a bandwidth up to 170 MiB/s. Together with this announcement Microsoft also announced new disk sizes (4, 8 & 16...

Improved Azure Portal design

Today I noticed that the Azure Portal had a new appearance. By default the menu from the left is now hidden, giving you a cleaner view of all the blades, and as well on your dashboards. But what I really like, is the Auto Refresh button on the dashboard....

Enforce (Azure) MFA with Conditional Access policies

Multi Factor Authentication (MFA) is an added security feature from Azure which I believe that should be enabled by default for everybody in Office 365 and Azure. There for this manual how to enforce (Azure) MFA for all users using Azure Multi Factor Authentication MFA can prevent unauthorized access...

Azure SQL update statistics (Manual)

I recently run into a case where I needed to update statistics of an Azure SQL Database because of poor performance and deadlocks. Preventing disruptions is key, so it is important to do something about it. With a simple script we can update the statistics easaly. Why should I...

Windows Virtual Desktop now general available!

Windows Virtual Desktop is the new Azure desktop and app virtualization service running in the cloud. With simplefied management, multisession Windows 10, optimizations for Office 365 using FSLogix in the background. With this cloud managed VDI environment, you can build, deploy and scale your virtual desktops and apps in...

New AMD EPYC virtual machine series in Azure!

Today I was browsing the Azure Management portal and discovered that Microsoft Azure released a new virtual machine series based on the AMD EPYC 7452V processors that can achieve a boosted 3.35Ghz. With these new AMD processers there are 4 new series available in Azure: Dasv3-series, Dav3-series, Easv3 and...

Azure Private Link now available in Preview!

With an increased security and privacy in mind Microsoft has been working on private links to Azure resources. Azure Private Link is a secure way to consume Azure Services like Azure SQL and Azure Storage using a private connection in your own VNet. This will replace the need for...