Azure backup within UK regions

Just a word of warning that Azure backup/recovery vaults are only applicable to the zones in which the VMs are placed and UK does not yet have this therefore after deploying a UK Azure infrastructure it cannot be backed up natively using Azure (yet)

23.03.17 Looks like this is now publicly availble for the UK regions

Features Not Supported By the Azure File Service

https://msdn.microsoft.com/en-gb/library/dn744326.aspx

Updated: June 29, 2016

The Microsoft Azure File service supports a subset of the SMB 3.0 and 2.1 protocols. The majority of applications do not use the SMB features that are not supported by the File service, so most applications will work as designed when using files stored in the File service. However, some applications may not work properly with the File service if they rely on these unsupported features. The following is a list of the SMB features that are not supported by the File service:

How to login to Windows Azure subscription using Office 365 account

https://social.technet.microsoft.com/forums/azure/en-US/fbf0d2f9-cb40-429e-bc5e-3116399e5250/how-to-login-to-windows-azure-subscription-using-office-365-account?forum=windowsazureaditpro

It is possible to integrate Windows Azure account with an Office 365 account and here are the steps you must follow:

  1. Logon to the Windows Azure Portal https://manage.windowsazure.com.
  2. Click on Application Services | Active Directory | Directory | Custom Create.
  3. Change the Directory dropdown from the default Create new directory to Use existing directory and click the Check box.

Next you are logged out of the Windows Azure administrative account and you are redirected to the Windows Azure Active Directory logon.

  1. Logon with a Global Administrator account from the Office 365 tenant that you would like to integrate.
  2. After sign in you are prompted to add the Windows Azure administrator account as a global administrator for the Office 365 Tenant directory, click on Continue.
  3. Logout of the Office 365 global administrator account and then logon to https://manage.windowsazure.com with your global administrator account.

Azure AD Connect sync: Scheduler

Controlling Azure sync via PowerShell, this is useful 🙂

This feature was introduced with build 1.1.105.0 (released February 2016).

To see your current configuration settings, go to PowerShell and run

Get-ADSyncScheduler

It could be that you have an urgent change which must be synchronized immediately which is why you need to manually run a cycle. If you need to manually run a cycle, then from PowerShell run

Start-ADSyncSyncCycle -PolicyType Delta

To initiate a full sync cycle, run

Start-ADSyncSyncCycle -PolicyType Initial

from a PowerShell prompt. This will start a full sync cycle.

https://azure.microsoft.com/en-gb/documentation/articles/active-directory-aadconnectsync-feature-scheduler/

If this does not work here is a useful link with other options for older versions https://blogs.technet.microsoft.com/rmilne/2014/10/01/how-to-run-manual-dirsync-azure-active-directory-sync-updates/

Set Password Expiration Policies in Azure Active Directory

Using “Windows Active Directory Module for windows Powershell”
Connect-MSOLService

List all Azure AD accounts to determine whether the password will expire
Get-MSOLUser | Select UserPrincipalName, PasswordNeverExpires

Change a specific Azure AD account to not expire
Set-MsolUser -UserPrincipalName -PasswordNeverExpires $true

Change all Azure AD accounts to not expire
Get-MSOLUser | Set-MsolUser -PasswordNeverExpires $true

https://msdn.microsoft.com/en-us/library/azure/hh967633.aspx

Executing Scripts in Azure

It is useful to do various tasks from Azure. Excellent places to use this are to shut down specific servers overnight and restart in the morning to conserve consumption.

It is currently free for the first 500 minutes (job time) usage per month otherwise there is a small charge http://azure.microsoft.com/en-us/pricing/details/automation/

From the ACTIVE DIRECTORY module create a new user for the specific purpose of scripting

From the AUTOMATION module create a new Automation account for the relevant (don’t currently have North Europe for UK so have to execute this from the West Europe datacentre)

Open the new Automation account, from the ASSETS tab and then ADD SETTING to add the script user credentials for scripting

Select the RUNBOOKS tab, and add a new Runbook

Open the Runbook and use the following script

workflow automation-startup
{

$AutomationCredential = “scriptuser” #Credential used for authentication
$AzureSubscription = “Azure in Open” #Name of Azure subscription

$Cred = Get-AutomationPSCredential -Name $AutomationCredential

# Connect to Azure (ignore output)
$output = Add-AzureAccount -Credential $Cred

# Select subscription
Select-AzureSubscription -SubscriptionName $AzureSubscription
get-azurevm -service myservice -name myvm | start-azurevm
}

Publish the Runbook

Finally, Setup a convenient Schedule
If planning weekdays only, you will need to setup a schedule for each day and have it repeat every 7 days