How to setup BGP VPN connection with Azure WAN (Lessons learned)
Last few weeks I’ve been busy with setting up an Azure Virtual WAN environment with multiple VPN connections. One of them is a High available VPN with BGP connection to a Fortigate Firewall. Since this Fortigate Firewall is hosted with a 3rd party, I don’t have any screenshots or...
Redundant VPN Gateway reset (Azure WAN)
If you happen to have a redundant setup of a VPN gateway, which happens to be delivered as well with Azure Virtual WAN, you might encounter issues where you want to reset the VPN Gateway. One thing that is not clearly mentioned in the documentation, nor is it in...
Microsoft Azure Boost Preview
Last July Microsoft announced the new Azure Boost in Preview. Azure Boost is a new system that offloads virtualization processes traditionally performed by the hypervisor and host OS, such as networking, storage, and host management, onto purpose-built hardware and software. By separating hypervisor and host OS functions from the...
New Office 365 subscriptions without Teams for the European Economic Area and Switzerland
Since 2007 Microsoft has provided communication and collaboration tools. Starting with Lync followed by Skype for Business and since a few years Teams. Where Teams is more than a communication tool, it has native integration in Office 365. In 2022 the European Commission raised some concerns about the market...
Microsoft renames Azure AD to Microsoft Entra ID
A year ago Microsoft announced the Entra product family to gain more trust and achieve higher security in every digital experience and interaction. By making the protection of identities and access an primary goal, Microsoft envisions an new era for security. With this renaming Microsoft is showing their commitment...
Get started with Azure Functions (Manual)
Azure Functions is a serverless solution that allows you to write less code, maintain less infrastructure, and save on costs. Instead of worrying about deploying and maintaining servers, the cloud infrastructure provides all the up-to-date resources needed to keep your applications running. As you build your functions, you have...
How to register Azure B2C tenant in the Azure API Managent (Manual)
From within the Azure API Manament portal there is a default authentication option for your API consumers. The better option is to configure a connection with an Azure B2C tenant. This will enable you to enforce MFA and conditional access policies on your API applications. In this manual it...
How to solve in Azure: The subscription is not registered to use namespace ‘xxxxxx’
Sometimes it happens that if you want to deploy a new type of resource in Azure that you receive the following error: The subscription is not registered to use namespace ‘*********’. See https://aka.ms/rps-not-found for how to register subscriptions. Today I received the above error for the namespace Microsoft.AzureActiveDirectory. And...
How to create an applocker policy (Manual)
Windows AppLocker is a technology first introduced in Windows 7 that allow you to restrict which programs users can execute based on the program’s attributes. In enterprise environments it is typically configured via Group Policy, however we can leverage the XML it creates to easily build our own custom...
IP Groups in Azure Firewall
If you are planning on using Azure Firewall you will definitely need to start using IP Groups. This will make your life so much easier and save you a lot of time in future changes because it will allow you to group and manage IP addresses for Azure Firewall...
How to deploy fonts to Windows clients using Intune. (Manual)
Last week I had a customer that wanted to deploy multiple fonts to all his clients. Since there is no default option to deploy fonts to Intune clients, it is time to do some PowerShell magic, in Intune. How to install fonts on your device? If you have new...
Restrict Azure App Permissions to Specific mailboxes only
With Microsoft disabling basic Authentication starting October 1st 2022, I see a lot of vendors asking us IT Pro’s to create an Azure App registration with mailbox permissions to read out just a single mailbox. However, by default this Azure App grants permissions to every single mailbox in your...
How to setup Azure AD Enterprise app with password sign-on
Some web applications do not support single sign-on authentication. For these applications Microsoft has created an option to save the password in Azure AD. In this manual I am going to explain how to set it up. STEP 1: Create app From within the Azure Portal (https://portal.azure.com) go to...
Deploy Azure Virtual WAN with Virtual HUB (Manual)
This is the first blog post about Azure Virtual WAN. In the coming series I will be showing how to deploy en setup Azure Virtual WAN and setup VPN connections (S2S and P2S). In this blog post we start with the first step:...
Azure VM cannot connect to RDP (NLA, Manual)
Today I had to restore a virtual machine from a backup from 2 weeks ago. Once booted I received the error message that I was not able to connect because of the following error: The remote computer that you are trying to connect to requires Network Level Authentication (NLA),...
CSP: Granular Delegated Admin Privileges (GDAP) explained
Microsoft has been working on improving security. In the last few years every CSP customer has had the request to grant Delegated Admin Privileges (DAP) at least once. Without it is hard for the CSP Partner to grant and assign licenses, however not impossible. Of course it is convenient...
Bring your own IP (BYOIP) to Azure with Custom IP Prefix
When you want to move to Azure, but you want to retain your current public IP addresses, because of IP whitelisting, or te preserve your established IP reputation, you can now move your Public IPv4 Addresses to Azure. Once onboarded, these IPs can be associated with Azure resources, interact...
Azure AD Connect Export and Import configuration
Today I had to fix an AD Connect server that stopped working over the weekend. Unfortunately there was now way of fixing AD Connect sync and we had to reinstall AD Connect. However I didn’t want to lose the configuration that was made in the past. Since the end...
Automatically assign license(s) to groups in Office 365 (Manual)
When you want to align license assignments in Office 365 it might be helpful to automatically assign licenses to users by adding them to groups. This way you can make sure that everybody gets the right license and avoid mistakes. The problem with medium or large companies is that...
How to move resources to another subscription or resource group in Azure?
In this manual I am going to show you how to move resources to a different subscription, region and/or resource group in Azure. For today I am going to use the Azure portal, but you can use Azure PowerShell, Azure CLI or the REST API as well to move...