Server 2008

Changing the Network Location of a Windows 2012 R2 Server Network Connection

It’s sometimes necessary to manually change the network location configuration of a Windows 2012 R2 Servers network connection. There are two common approaches to this, either by Local Group Policy or PowerShell. In this post I will be stepping through how to implement either method.

Windows classifies networks connections into one of three profiles, each profile configures the server with different firewall settings.

  • Private: Used for computers on a private or home network. This allows you to see computers and devices, while making your computer discoverable.
  • Public: Used for computers on a pubic network such as a coffee shop or internet café. Designed to keep your computer from being visible to other computers around you and to help protect your computer from any malicious software from the Internet.
  • Domain: Used for computers that belong to enterprise network.

By default new network connections are configured with the public profile, however, if ADDS (Active Directory Domain Services) are found on the network, the profile automatically changes to domain.

Changing the Network Location by Local Group Policy

1. Run gpedit.msc to open the Local Group Policy Editor

2. Navigate to Computer Configuration / Windows Settings / Security Settings / Network List Manager Policies and double click the appropriate Network Name

3. From the popup window select the Network Location tab, then select the correct location type

CNL03
4. Click OK and close the Local Group Policy Editor

CNL04
5. Finally checking back in the Network and Sharing Center, the network profile should now display the options chosen in the previous steps.

CNL05

Changing the Network Location by PowerShell

As with most things on Server 2012 it is possible to use PowerShell to change the network category. We first need to list the network connections and make note of the InterfaceIndex associated with the network connection we are looking to reconfigure.

1. Open an elevated PowerShell prompt and run the following CmdLet

Get-NetConnectionProfile

CNL06
2. Make note of the InterfaceIndex for the network connection that requires its location changing. We can then use the following command to change the connections network location type

Set-NetConnectionProfile -InterfaceIndex <ID> -NetworkCategory <Category>

For Example:

Set-NetConnectionProfule -InterfaceIndex 12 -NetworkCategory Private

CNL07
3. To confirm changes have been made, rerun the Get-NetConnectionProfile CmdLet and review the NetworkCategory reflects the change.

CNL08

IaaS

Azure IaaS: Resize VM disks in Azure

I have recently encountered a couple of situations where it has been necessary to resize disks attached to Azure virtual machines. Generally it has been on machines that have previously been migrated to Azure from their original on-premises infrastructure where storage was more of a premium.

When deploying machines directly in Azure its generally felt that deploying the largest disk possible is the best option. This is because regardless of the disk size, charge is only made for the actual amount of data written to the disk and not the size of the disk itself. The exception to the rule is when using premium storage which is the reverse and charged on the size of the disk and not the amount of data written in it.

In this example the operating system disk is nearly full and needs to be increased in size.

diskresize001
The easiest way to achieve this is to use our old friend PowerShell and the Update-AzureDisk cmdlet.

The first thing that must be done is to work out the disk name of the disk that needs to be resized. This can be done in various ways but generally its easiest to use either the Azure Portal or PowerShell.

Open the Azure portal then select Virtual Machines > Machine Name > All Settings > Disks and locate the disk name.

diskresize002
As mentioned its also possible to use PowerShell to pull back a list of all disks deployed in the current subscription from which their names and other attributes can be gathered. The first step is to connect to Azure and check that we are connected to the correct subscription.

Add-AzureAccount

Get-AzureSubscription -Current

To select an alternative subscription use the following PowerShell command.

Select AzureSubscription -SubscriptionID "Subscription ID"

Now connected to the subscription we require, its possible to search for a list of disks and the virtual machines that they are associated with.

Get-AzureDisk | fl Label, AttachedTo, DiskName

diskresize004
Having collected all the details required, it’s possible to use the next PowerShell command to resize the disk.

Update-AzureDisk -DiskName <diskname> –ResizedSizeInGB <size in GB> –label <labelname>

For Example:

Update-AzureDisk -DiskName TechKB-SVR01-TechKB-SVR01-0-201601281807180110 –ResizedSizeInGB 500 –label sysDrive

diskresize005
NOTE: The size of the updated disk must be between 20-1023GB and the Azure virtual machine must be powered off and in the deallocated state for the command to complete successfully.

diskresize003
After the command runs successfully its possible to view the resized disk in the Azure portal.

diskresize006
Once the disk has been successfully resized, the guest OS needs to be configured to use the additional space now available on the disk.

From within the guest open Disk Manager > Right Click System Volume > Expand Volume and follow the wizard through to add the extra space to the system volume.

diskresize007
Now when browsing in File Explorer the system drives displays the new volume size.

diskresize008

 

 

Azure

Microsoft Partner Technology Solutions Professional (P-TSP) for Azure

I’ve recently been nominated and accepted by Microsoft as a Partner Technology Solutions Professional (P-TSP) in Azure!

The Microsoft Partner Technology Solutions Professional Program (P-TSP) is a select group chosen from the various Microsoft partners to act as an extension of the Microsoft’s internal Technology Specialist team. The program is geared to offer real world experience and guidance for Microsoft customers during pre-sales engagements or architectural guidance for enterprise solutions and upgrades.

I’m over the moon to have been put forward for this program and keen to begin integrating more with the guys at Microsoft. I wait to see where this opportunity leads me.

 

Azure

Azure Backup: Changing the Scratch Location

The Azure Backup Agent uses a scratch or cache location to prepare backup data before exporting it to Azure. The recommendation is for this location to be at least 5% of the data backed up to the cloud in size, preferably more. When installing Microsoft Azure Backup calculating the required space is quite simple, however, as backups begin to increase making sure the scratch space is maintained can bring with it problems. i.e. drive space can run out.

In this scenario the scratch location needs relocating. The method documented around moving the scratch location calls for uninstalled and reinstalled the Azure Backup Agent. This can be a pain and requires the passphrase created during the original install, which has of course been saved somewhere safe.

After spending much time researching I came across a couple of articles online outlining a possible alternative. I have since tested the process in my development environment and it does appear to work successfully.

By default, Microsoft Azure Backup creates its scratch folder on the local drive at the following path:

%ProgramFiles%\Microsoft Azure Recovery Services Agent\Scratch\

Changing the default location

1. Open an elevated Command Prompt, then stop the Microsoft Azure Recovery Services Agent service.

net stop obengine

MABAS001
2. Once the service has stopped, copy the scratch folder and data stored within it to its new desired location.

MABAS002
3. Update the following registry entries with the new scratch folder path.

  • [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Azure Backup\Config\ScratchLocation]

MABAS003
NOTE: Only update this registry key if it already exists otherwise ignore.

  • [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Azure Backup\Config\CloudBackupProvider\ScratchLocation]

MABAS004
4. Jump back to the elevated Command Prompt, then restart the Microsoft Azure Recovery Services Agent service.

net start obengine

MABAS005
Hopefully this post will be of help to people.

As always, if anyone finds anything within the post to be wrong, please don’t hesitate to let me know so I can adjust accordingly. 🙂

Events

Events: Silversands Azure Seminar at Mercedes Benz World

One of the activities I get involved with from time to time is presenting at customer seminars. Recently I was asked to participate in an Azure round table event hosted at Mercedes Benz World.

Key discussion points included:

  • Azure Site Recovery
  • Azure Backup
  • RemoteApp
  • StorSimple
  • Azure AD Premium
  • Express Route

The feedback from the event was great and two lucky customers were even able to take to the test track.

 

Azure Networking

Test Network Speed and Latency to Azure

Just a quick post to mention one of the many Azure tools out there. This one in particular is for the network admin who have the need or are just interested in checking network connection speed and latencies to the Azure data centres.

TestLat001

http://azurespeed.com comes with a number of useful tests and is ideal during the project planning stage. For example, when planning to migrate a LOB application to Azure, which region would offer the best user experience.

Features include:

Latency Test
This test allows administrators to test network latency to Azure Storage in worldwide data centres.

CDN Test
This is currently unavailable do to attackers.

Upload Speed Test
This test makes it possible to checkout upload speeds to Azure Blob Storage located in different worldwide data centres.

Large File Upload Speed Test
This test allows administrators to test large file uploads to Azure Blob Storage, again in worldwide data centres, with additional upload options.

Download Speed Test
As the title suggests, this test monitors download speeds from different data centres when downloading a 100MB file.

Live Streaming Latency Test
Test latency from remote Azure Media Services live streaming.

Cloud Region Finder
Cloud Region Finder enables you to quickly lookup cloud and region information of application deployment, try it by entering url or ip address now! Currently Azure, AWS, AliCloud are supported.

Traffic Manager Test
Demonstrates the capability’s of Azure Traffic Manger.

Azure Online Tools available.
Additional Azure Online Tools.

A short but hopefully interesting post and well worth a quick visit! 🙂

Backup Vault

Azure Backup: Installing Microsoft Azure Backup

As mentioned in my previous post here Microsoft have added the ability to backup additional workloads such as SQL, Exchange, Hyper-V and SharePoint to the cloud. Essentially this version of Microsoft Azure Backup is actually nothing more than a rebranded version of System Center Data Protection Manager with the backup to tape option replaced with the cloud and the ability to integrate with System Center removed. However, where no separate license is required, I believe this now opens the door to many new enterprises and I’m sure it will become a very favourable cloud backup solution.

In this post I will step through the process of configuring a Microsoft Azure Backup Vault, installing Microsoft Azure Backup and registering it with the previously created vault.

Apart from the extra application workloads, the main difference Azure Backup has to the Azure backup agent is the fact that as with DPM, it requires its own server to run on. This server can be configured as:

  • Physical or Virtual (on-premise or in the cloud)
  • Windows Server 2008 R2 SP1, 2012 and 2012 R2.

NOTE: The server must NOT have SCDPM or the SCDPM agent installed, nor should the Microsoft Azure Backup agent be installed and registered with an Azure Backup Vault.

Hardware Requirements

  • Processor: Minimum: 1 GHz, dual-core CPU, Recommended: 2.33 GHz, quad-core CPU
  • Memory: Minimum: 4GB, Recommended: 8GB
  • OS Disk: Minimum: 3GB, Recommended 3GB
  • Dedicated Data Storage Disk: Recommended storage pool size is 1.5 times the size of protected data
  • Disk space of at least 5% of the data backed-up to the cloud is required by the Microsoft Azure Backup agent for its scratch location. (By default this is on the OS drive but it can be moved to a dedicated disk)

Additional Prerequisites

  • Microsoft Azure Backup server should have internet connectivity
  • Microsoft Azure Backup server must be domain joined
  • Microsoft Azure Backup server must have .Net 3.5, .Net 4.0 and .Net 3.5 SP1 features installed
  • Microsoft Azure Backup server should have Windows Management Framework 4.0 installed.

Create a Microsoft Azure Backup Vault

Once a base server has been prepared, the next step is to preconfigure the Azure Backup Vault. The Microsoft Azure Backup Serer will be registered with the vault later.

To create an Azure Backup Vault, firstly browse to https://manage.windowsazure.com and sign in to the Azure Portal with your credentials.

Scroll down the left hand menu and click on the  Recovery Services tab.

ABS001
In the main window click on CREATE A NEW VAULT.

ABS002
Select Backup Vault > Quick Create before giving the backup vault a Name and Region and clicking the check to create the Backup Vault. The Region will be the location  in which the data is stored, choosing the correct location can help reduce network latency when backup up data to Azure.

ABS003
Once the Backup Vault has successfully been created it will appear in the list of recovery services resources as Active.

ABS004
Once items have been archived to the Backup Vault its not possible to change the replication type, so its at this point we need to decided how this should be configured.

  • Geo-Redundant Storage (GRS) maintains six copies of your date. Three times within the primary region and three times in a secondary region. In the event of a failure at the primary region, by sporting data in GRS, Azure Backup ensures that your data is durable. (One thing to note here is that the data in the secondary region can only be accessed by Microsoft during a failure to their systems)
  • Locally Redundant Storage (LRS) maintains three copies of your data. The data is replicated three times within a single facility in a single region. This would protect your data from normal hardware failures, but not form failure of an entire Azure facility.

By default a Backup Vault is configured with Geo-Redundant Storage, to change this click on CONFIGURE before changing the replication option and clicking SAVE to complete the change.

ABS005

Installing Microsoft Azure Backup Server

Before we can begin the install of Microsoft Azure Backup server we need to first download the installation software for Azure Backup and also the Backup Vault credentials which are needed for registering the server with the Backup Vault. Both downloads can be found on the Quick Start tab of the Backup Vault.

Microsoft Azure Backup can also be downloaded directly from here

ABS006
Microsoft Azure Backup comes split up into six separate files, five .bin files and  single .exe. Download them all to the same location and then run MicrosoftAzureBackupInstaller.exe, this will begin the setup wizard.

On the first screen click Next to continue.

ABS007
On the next screen choose a location for setup to extract its files or leave the default. When happy with the location, click Next.

ABS008
Click on Extract to begin extracting the install files.

ABS009
By default, Execute setup.exe is checked, leave this checked and click Finish if you wish to continue with the installation. Otherwise, uncheck the option and click Finish.

ABS010
On the Microsoft Azure Backup splash screen select to install Microsoft Azure Backup.

ABS011
On the Welcome page, click Next.

ABS012
On the next page click on the Check button to confirm the server meets software and hardware requirements. Resolve any issues that are raised before continuing by clicking the Next button.

ABS013
Choose whether to use a new or existing instance of SQL then click Check and Install to begin prerequisite checks and install any missing Windows components.

ABS014
As long as all prerequisites mentioned at the beginning of the post are installed, the only warning message that should be displayed is to warn the SISFilter has been installed and the server requires a reboot.

Reboot the server and then restart the installer.

ABS015
Once the server has been rebooted, click Check Again and once the computer meets all software and hardware requirements, click Next.

ABS016
The next step is to choose the file locations for the program files, database files and scratch folder, then click Next.

NOTE: As mentioned in the prerequisites, the scratch location must have free space of at least 5% of the data backed up to the cloud.

ABS017
Enter a strong password for the restricted local user accounts the wizard creates, then click Next.

ABS018
Choose whether or not to use Microsoft Update, then click Next.

ABS019
Review configuration and click Install to begin installation.

ABS020
The next stage of the installation installs the Microsoft Azure Recovery Service Agent. If the server connects to the internet by a proxy, this is where the proxy settings need to be added.

Click Next.

ABS022
By clicking Install, setup checks for all prerequisites, installs any that are missing and completes the installation of the Microsoft Azure Recovery Services Agent.

ABS023
Click Next.

ABS024
After the Microsoft Azure Recovery Services Agent has been installed, the next step is to register this server with the Microsoft Azure Backup Vault that was configured at the beginning of this process. To do this browse to the credentials file downloaded from the Backup Vault, then click Next.

ABS025
Enter a passphrase or click the Generate Passphrase button to automatically generate a passphrase. The passphrase requires the minimum of 16 characters. The passphrase should also be saved somewhere safe, if lost it will not be possible to recover data from the cloud or connect other Microsoft Backup Servers to the online replicas.

Click Next to continue.

ABS026
Once the connection has been created to the Azure Backup Vault, the installer continues with the installation of SQL Server, SQL Tools and Microsoft Azure Backup.

ABS027
Once installation has complete, click Close.

ABS028
At this point in the setup process, Microsoft Azure Backup has been installed and associated with the cloud storage in the selected Microsoft Azure Backup Vault. However, before its possible to configure the first protection group and begin backing up data, local storage needs to be added. To do this, double click on the Microsoft Azure Backup icon on the server desktop to open the application.

ABS029a
Click on Management.

ABS029
Click on Disks, then on Add.

ABS030
Select the disk that will be added to the storage pool, click Add then OK.

ABS031
If everything has gone correctly, the disk will appear in the list of disks available to the storage pool.

ABS032
Microsoft Azure Backup is now installed and configured with local and cloud storage. It is now ready to begin configuring protection groups and start to backup data.

That’s it for this post, in future articles I plan to cover more Azure Backup processes so don’t forget to check back!

Uncategorised

Azure Backup: Application Workloads (Disk to Disk to Cloud)

Microsoft has added the ability to backup SQL Server, Hyper-V VMs, SharePoint and Exchange Workloads to Azure without the need for System Center Data Protection Manager.

It is now possible to backup the following workloads to Azure:

  • Azure IaaS Virtual Machines
  • Windows Client (Windows 7 Windows 8, Windows 8.1 and Windows 10)
  • Server Based Workloads using SCDPM
  • SQL Server, Hyper-V VMs, SharePoint and Exchange Workloads using the NEW Application Workloads (Disk to Disk to Cloud) Agent

Azure backup is beginning to become an ever more interesting prospect for SMEs and I’m in no doubt that with the addition of these features, Azure Backup adoption will see a sharp increase.

Microsoft® Azure Backup Agent Download

Capture

Azure

Changing an Azure Virtual Network connection from site-to-site VPN to ExpressRoute

With more businesses becoming reliant on the cloud and on-premises datacenters being extended to Azure, ExpressRoute is becoming ever more popular. For customers that already have in place a site-to-site VPN, one of the first things to do after the ExpressRoute circuit has been previsioned is to switch the virtual network connection from a site-to-site VPN to the ExpressRoute circuit.

The following article works through the various steps involved in this process, including:

  • Checking the status of the ExpressRoute circuit
  • Updating the Virtual Network configuration
  • Linking ExpressRoute to the Virtual Network

NOTE: Migrating an existing virtual network from a site-to-site VPN to an ExpressRoute circuit will cause a short amount of lost connectivity between your on-premises network and your virtual network.

If like me you have access to multiple Azure subscriptions, the first thing to do is check you are in the right one. Using the cmdlet below we can pull back the details for the subscription that we are currently working in.

Get-AzureSubscription -Current

vpn2er01
To change subscriptions if required use:

Select-AzureSubscription -SubscriptionID "Subscription ID"

Once working in the correct subscription it is time to import the ExpressRoute PowerShell module. The module doesn’t load by default when PowerShell is run but it is found on the local drive and was installed by the Azure PowerShell installer.

To import the module run:

Import-Module 'C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement\Azure\Azure.psd1'
Import-Module 'C:\Program Files (x86)\Microsoft SDKs\Azure\PowerShell\ServiceManagement\Azure\ExpressRoute\ExpressRoute.psd1'

vpn2er02

Checking the status of the ExpressRoute circuit

It is now possible to check that the ExpressRoute circuit has been provisioned correctly and is in the correct state. Use the Get-AzureDedicatedCircuit cmdlet to pull back information about the current circuits.

Before its possible to assign this circuit to a virtual network we need to make sure that the ServiceProviderProvisioningState is Provisioned and that the Status is Enabled. Once this is the case the circuit is ready!

vpn2er03

Updating the Virtual Network configuration

The first thing we need to do to is update the configuration of the virtual network gateway. To do this we need to first remove the current gateway which will then allow us to make configuration changes. This can be done via the portal and clicking on the Delete Gateway button or by using the Remove-AzureVNETGateway PowerShell cmdlet.

vpn2er04
The next step in configuring the virtual network involves resizing the existing gateway subnet. The site-to-site gateway supports a maximum size of a /29 subnet whereas the ExpressRoute gateway supports a minimum gateway subnet size of /28. As always this can be done either in the management portal or via PowerShell.

VPN2ExpressRoute006
After resizing the gateway subnet but before recreating a new gateway, we need to configure the virtual network for an ExpressRoute connection. To do this open the virtual network configuration tab and check the Use ExpressRoute checkbox in the management portal then click save.

VPN2ExpressRoute007
The final step in upgrading the virtual network configuration is to create a new Gateway. From within the management portal click the CREATE GATEWAY button to recreate the gateway.

VPN2ExpressRoute008
Once the gateway has completed provisioning, the final stage is to link the virtual network to your existing ExpressRoute circuit.

Linking ExpressRoute to the Virtual Network

At this point we can double check the ExpressRoute circuit is still in the correct state,  then finally link the circuit with the virtual network.

Get-AzureDedicatedCircuit

$Vnet = "VirtualNetwork-1"
$ServiceKey = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
New-AzureDedicatedCircuitLink -ServiceKey $ServiceKey -VNetName $Vnet

VPN2ExpressRoute009

A full listing of ExpressRoute PowerShell Cmdlets can be found in this Microsoft article Azure ExpressRoute PowerShell Cmdlets

That’s it for this post, hope its of some help 🙂

Azure

August Updates to Azure Backup

Backup_Azure_Web

Yesterday (24th August 2015) Microsoft announced the addition of new features to Azure Backup’s support for Azure IaaS VMs.

Some of the new features include:

  • Improved data disk limits with the support for 16 data disks in addition to the OS disk per VM
  • Improved retention and flexibility with terms up to 99 years and flexible customisation of retention choices
  • Enhanced monitoring and reporting
  • Ability to configure protection of offline VMs, cancel in-progress jobs and more.

In addition, Microsoft continue to push how reliable and simple Azure backup can be, advertising how a basic VM backup can be achieved in three simple steps.

To read more on this and see the full feature list, check out this Azure blog Azure Backup update – New features in IaaS VM backup support