Microsoft Azure

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/RajAdminDroid on 2023-10-05 07:09:14.

It helps to govern software updates to Windows and Linux machines across Azure, on-premises, and multi-cloud environments. It's offered at no additional cost. (or am I missing any catch?)

Are you ready to replace your 3rd party patch management solutions?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Marathon2021 on 2023-10-05 03:17:38.

(I posted this question in the /r/aws subreddit earlier, but I thought it might be interesting to ask here as well and see if the results are mostly the same -- )

Curious to know what - if any - things organizations are doing to support staff members when they need to re-skill themselves and start to understand cloud better. For those of you that have been in IT for more than 10 years - how did you do it?

Sadly, I'm expecting most of the answers will be something along the lines of "well I just logged in and started clicking around and bootstrapped my way into things" especially perhaps in some of the early days ... but I'm wondering now if anyone else is coming across anything more creative?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/anonymous_commentor on 2023-10-03 21:41:30.

I have probably been putting too much thought into this but...I am testing conditional access policies that require two factor authentication with M365. As part of this I come across article recommending a break glass account that is exempted from the CA policies for situations in which 2fa is not working. The recommendation is that this account is a Global Administrator. Even with the suggested monitoring on that account I am not super happy about it existing.

My thought is this: could this break glass account only have access to Conditional Access (there is a built-in role) and be exempted from 2fa. That account could the turn off 2fa if needed but would not be able to do anything else.

Please tell me why this is a bad idea.

Thank you.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/spoilatetanzebbs9 on 2023-10-03 02:34:15.

I’m looking for a way to give specific access to developers. We tried using the built-in tool that Azure has to offer, but it seems it doesn’t give us the granularity we want inside the SQL databases. I also wanted to give specific access in AKS, and I couldn't find how to do that either. Help with this would be appreciated.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/billybensontogo on 2023-10-02 10:40:24.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/ElasticJester on 2023-10-01 06:28:55.

Just got my hands on the AZ-305 Microsoft Certified: Azure Solutions Architect Expert certification! And didn’t even have to pay for the exam! Interested in how I pulled it off? Here’s the rundown on my adventure, the resources I bumped into:

Alright, so here’s the deal - snagged a free exam by jumping into the Microsoft Learn Cloud Skills Challenge. It’s a shame it’s concluded for this year, but there’s another shot with Microsoft Ignite coming in November! Get the details here: Microsoft Ignite Free Certification Exam Offer.

On to the prep stuff, here’s what worked for me:

• Dug into the Microsoft Learning Path – Azure certification exams are now open book, with full access to MS Learn. Reviewing the materials thoroughly prepared me to search for answers to a few questions I wasn't sure about during the exam in the short time I had.
• Ran into this top-notch A Cloud Guru Course and messed around with the labs in ACloud Guru and attempted the FREE practice assessment for AZ 305 Exam from Microsoft's official website. None of these questions were in the exam, but it gave me a good grasp of the exam format in general.

Starting the exam, the case study felt a bit challenging compared to the rest. ACloudGuru provides some case studies to go about, which were super helpful! I felt like I wasn’t going to make it after going through the case study but the rest of the questions were pretty okay. It was a lot easier than the 104 exam.

A lot of questions were from SQL and Storage, Azure data factory, and some networking questions. I think there were around 5-6 questions from access management i.e conditional access, AD PIMs, AD enterprise applications, SSO, MFA etc. Various service tiers, encryption methods, deployment options, Azure Kubernetes Service (AKS), Azure Networking and Connectivity concepts, and Azure Security and Compliance concepts were discussed focusing on availability, scalability, cost-efficiency, and security. Know the difference between layer 4 and layer 7 load balancing solutions and azure traffic manager. As long as you get yourself familiar with the azure services and their usecases, you should be good for the most part!

Some advice?

• Microsoft exams are open book - so knowing your stuff is crucial.
• Don’t ignore the case studies - they help you nail the practical bits!

Got queries or just wanna talk? DM me directly!

This experience has been a roller coaster and totally enlightening! Hoping my journey sparks some interest and the resources I found come in handy for someone out there! If you find this information helpful, please upvote and share! I'm always open to connecting and happy to assist with any queries you might have. DM me if you wish to connect with me on LinkedIn :)

Cheers!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Early-Negotiation961 on 2023-09-28 20:32:10.

Just walked out of the exam. Wow, the case study was crazy. I thought it was over because it had me do the review then threw the case study at me. Test center monitors are definitely too small.

Prep

MSLEAN Microsoft bootcamp 2 months of prep using the sites most people here use Based on my score I feel like every 2 hours of study means about 1% on the test.

I will add I have a learning disability so that may play into that formula for me

I’m also in a cloud user admin role so allot of that part was what I do everyday.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/JohnSavill on 2023-09-27 13:44:12.

New video looking at Arc-enabling your VMware vSphere environments!

00:00 - Introduction

01:07 - VMware vSphere environment

03:00 - Azure Arc resource bridge

05:40 - Deploying a resource bridge

07:55 - Inventory

09:58 - Enable for Azure

11:27 - How to enable

12:11 - VM management

14:38 - Guest OS management via Arc

18:20 - User provisioning of VMs on vSphere

19:54 - Permissions required

27:48 - Pricing

28:18 - Summary and close

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/NaGueR on 2023-09-27 11:51:25.

Hello! I'm trying to set up a Quota alarm and receive notifications on Teams. I've researched different methods, such as using a Logic App or Azure Alerts, but I'm unsure which option is the most efficient for managing over 200 alarms while also optimizing costs. Another big point, I prefer bash over powershell if I need to code. Any tips? Thank you!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Smack2k on 2023-09-26 15:31:42.

To any and all running Azure Virtual Desktop Host Pools with multiple GPU VMs running and with or without FSLogix, do you experience these issues regularly? These are all things I have dealt with for a few years now on multiple pools created throughout my organization

1. 20-25 second (at least) Black screen during login to the VM. After you see the Windows welcome, loading, etc and before the desktop loads, we always see 20-25 seconds of black screen when the VMs are running normally with no issues.
2. VMs only able to support 1/2 the number they claim. For example, we run some NV24s V3 pools and can only get 12 users per VM as anymore will peg the CPU of the VMs and make them very laggy and cause hangs
3. General slowness in applications requiring GPU and CPU power to process or render objects / projects. Number of users on the VM doesnt seem to matter either, its generally slow compared to physical machines. I would expect it to be somewhat slower, but at times it becomes unusable to our users trying to work on projects.

I will say our GPU VM Pools are 1 TB VMs running 170+ applications on them, which could be part of the issues, but the black screen and supporting only 1/2 total number of users issues are constant.

Anyone else agree / experience this?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/MadHackerTV on 2023-09-26 11:49:12.

Hi,

Recently I started to plan my migration plan to Azure Entra (AD), and I don't understand how I'm going to manage my Servers.

So, for endpoints - I understand I can join them to my Azure AD domain, and then manage them with Intune.

But what about Windows Servers? right now I'm hybrid, I have some VMs on-prem and some on Azure.

Looking around, I found out that I can't actually manage my servers with Intune? I can just manage the Windows Defender policy for Servers with Intune?

What is the right approach then? I was planning on removing my DC, if I can't do that, do I need to use something like ADDS then? I think GPO is my biggest concern when it comes to "manage" my servers.

I would love to hear what is the modern way to manage on-prem / Azure Windows Servers with Azure Intra.

Thanks

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/ComputerKim on 2023-09-25 21:45:40.

Hi, I'm trying to understand how Windows is licensed on Azure, when searching on the web there seems to be contradictory explanations.

Do I have these correct?

Windows server is included in the price. (source Pricing Calculator | Microsoft Azure)

Windows 10/11 requires a separate license. (source How to deploy Windows 11 on Azure - Azure Virtual Machines | Microsoft Learn)

I'm a bit confused about the Windows 10 license. What is the license called I need to buy to run a Windows 10 machine? Windows VDA per device?

Edit: The VM is not for users, it's meant to run a few automated scripts. If that changes anything.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Cautious_Corner_4838 on 2023-09-25 15:15:45.

Hey Everyone. I was just hired as an IT Support Specialist for a consulting firm. One of my first task for the company is to build virtual desktops in Azure that will allow 20 plus users to log into. I am new to azure so I am not sure the best way to create this environment. I am looking for the most cost efficient method that will still allow all of the users to access these VM’s with no lag. This environment will also have too meet the standards of an ATO “Authority To Operate”. I would appreciate any insight you can give in this topic. Thanks

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/JohnSavill on 2023-09-25 14:40:32.

A look at some of the newer governance features in Microsoft Entra and when you need the new Governance license.

00:00 - Introduction

00:15 - Entra ID licenses

04:49 - Entra ID Governance license

07:16 - Feature differences

08:39 - How to license

12:41 - Dashboard and insights

16:48 - Lifecycle Workflows

17:18 - Access Reviews

21:38 - Entitlement Management

24:19 - Integration with Verified ID

26:40 - Sponsors

30:26 - Summary and value

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Deletedat1trilli on 2023-09-25 01:38:38.

Setting Alerts to reduce false positives

Working with Azure Virtual Desktop (AVD) and VMs and trying to figure out how to only receive alerts when it's more likely a real error and eliminate false positives. Like only alert when a VM is down for multiple minutes. Instead of getting emails that say VM went down then a minute later it saying issue was resolved.

I figure settings like "Lookback", Aggregate, etc would help in this but not entirely sure what they mean in these contexts. Looking for how to do this for metric alerts, log query alerts, and really any alert for AVD.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/hm_vr on 2023-09-24 10:36:01.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Short_Dream_7010 on 2023-09-24 14:35:51.

Hi team, when youhave time maybe you can help me with the below question.

I have six Azure certs, AZ-900,AZ-204,AZ-400,AZ-104 & AZ-305. l would like to get a few more related to security and networking AZ-700, SC-300, SC-100. But l am afraid that it would to much for me to renew them every year. I like getting certified because my company pays for them and l always buy online courses to prepare well before l take the test. This method help me a lot to be productive at work and boots my resume. Please let me know your thoughts and if someone has many Azure Certs, l would appreciate your comments on this as well.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Prestigious_Sea_9845 on 2023-09-23 12:37:50.

I started learning about Azure AD and just created my first App Registration. All of a sudden it says there is a configured permission on Graph API to "Sign in and read user profile".

I tried researching Graph API, the first thing it says is:

Microsoft Graph is a RESTful web API that enables you to access Microsoft Cloud service resources. After you register your app and get authentication tokens for a user or service, you can make requests to the Microsoft Graph API.

Ok. Still doesn't answer my question: why do I need Graph API to sign in and read user profile? I thought Azure AD is here for that kind of stuff.

Is Graph API some sort of a API gateway in front of other Azure APIs? I just have a hard time understand what it does and why it's important.

Thanks!

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Kooky-Newt-7893 on 2023-09-23 17:24:23.

2nd attemp went from 622 to 688. Went from feeling like I had plenty of time last test to rushing through last ten question for this one. Used whizlabs Microsoft learn measure up, tutorial dojo. Switched weak areas from networking to azure identies, access to storage manage azure subscriptions. Used whizlabs to do sandbox ,but could not practice creating accounts and groups.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/Pretty-Shock-1495 on 2023-09-23 12:01:47.

Got certified today I'm looking for recommendations regarding my next step. Looking for the next easiest certification in Azure Cloud. I also want to be in a Cyber Security field. Should I take AZ-104 first or SC-900?

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/damianvandoom on 2023-09-22 21:27:46.

In all my time in Azure I've not had to create any complex networking solutions.

I now need to create something like the below.

1. I need to create a network with several subnets
2. Some subnets will contain customer VMs. These subnets should not see each other.
   1. Customers 1,2 and 3
   2. Each customer subnet must connect to each customer's network via site-to-site VPN.
3. There will be a 'management' subnet. This subnet needs to see all the other subnets
4. Our company network needs to connect to see all subnets

I've started playing around with how this might work. A route table seems like half the answer, but I'm missing something.

Am I approaching this correctly, or should I be thinking along different lines.... separate networks instead of subnets, for example... and use peering where appropriate?

I'd appreciate some pointers.

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/JohnSavill on 2023-09-22 15:04:25.

This week's Azure Infrastructure Update is up.

00:00 - Introduction

00:12 - New videos

00:54 - Logic Apps MI with Logs

01:37 - Community Gallery

03:18 - Defender for Storage malware scanning

04:14 - Alerts timeline view

05:09 - GitHub Advanced Security for ADO

06:24 - Azure Monitor OpenTelemetry distro

07:23 - Azure Update Manager

08:24 - Close

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/winnyme on 2023-09-22 08:30:23.

How do I get get the below information for all applications via powershell?

I basically want to see what applications are granted office 365 exchange online permissions

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/jonnekleijer on 2023-09-22 16:32:31.

I noticed Azure has an option to enable sftp on a blob storage. Deployment and authorization works great, however when I checked the extra costs, I was surprised it was so expensive, around €200/month.

€0.28 * 24 * 30 = around €200 per month

Why is it so expensive and are there cheaper options within Azure without having to manage to turn SFTP on / off dynamically?

References:

This is an automated archive made by the Lemmit Bot.

The original was posted on /r/azure by /u/EmergencyHot2604 on 2023-09-22 12:34:39.

I know Synapse was built on top off ADF. But are there any scenarios one would pick Synapse over ADF? ADF allows you to build pipelines. Notebooks can be created using Databricks and included in ADF pipelines. So why was Synapse analytics introduced? What purpose does it solve?