Connecting Windows 10 to Azure AD

Las year Microsoft released Azure AD. Now at first I wasn’t sure what the value of this product really was. As time has gone by we’ve learnt that apart from being the foundation for office 365 user management Azure AD can be used for allowing SSO between cloud services including non Microsoft services such as Salesforce, Dropbox, Box and way more.

But with Windows 10 comes the big change. I’ve been running the preview version of windows 10 for the better part of 3 months now and I must say that I am thoroughly enjoying both the OS and the Azure AD connection. Connecting your Windows 10 to Azure AD allow for SSO with all supported platforms. This of course includes office 365 (Web based SSO requires using Microsoft Edge as your browser), CRM Online and any other service that you have connected to Azure AD such as Salesforce, Dropbox and so forth. You can also extend capabilities to GPO, Anti Virus management, Software Deployment and more by using an MDM solution such as Microsoft Intune.

So how do we connect are Windows 10 device to Azure AD?
Well the easiest way is to simply login to the device using your company (Azure AD) credentials. If your device is already setup and using a different set of credentials don’t panic, you can still connect your device to Azure AD. Simply open up Settings and head over to System and click Join Azure AD. You will be prompted for credentials and your computer will be joined to the Azure AD. Connecting your device to Azure AD will also automatically set up the built in Mail & Calendar apps to connect to your office 365 account.

Azure AD Join

Now what would I like to see coming?

I believe that the possibility of syncing local AD GPO’s to Azure AD would be a great improvement. And of course managing the GPO through Azure AD and not an MDM product would also vastly improve the products usability.

Either way this is still a great value addition, especially for companies with remote workforce who have PC’s that are not connected the Local Domain and also a great solution for temp workers who just require Mail and SSO capabilities with company products.

Azure AD Connect Now Available

If you remember I blogged a few months ago that Microsoft would be releasing Azure AD Connect, the final replacement for Dirsync.

Well, the product is now out of review and has been released. Along with the release of Azure AD connect Microsoft also released Connect Health.

Azure AD Connect Health is a cloud based service that helps administrators monitor and secure their cloud and on-premises identity infrastructure. In this first release, Azure AD Connect Health provides customers who use ADFS with detailed monitoring, reporting and alerts for their ADFS servers.

As I previously blogged Azure AD Connect replaces both Dirsync and Azure Active Directory Sync. If you our using either of the previous versions, you can perform a simple upgrade to the new Azure AD Connect.

Azure AD Connect has new features that allow you too:

  • Enable your users to perform self-service password reset in the cloud with write-back to on premises AD
  • Enable provisioning from the cloud with user write back to on premises AD
  • Enable write back of “Groups in Office 365” to on premises distribution groups in a forest with Exchange
  • Enable device write back so that your on-premises access control policies enforced by ADFS can recognize devices that registered with Azure AD. This includes the recently announced support for Azure AD Join in Windows 10.
  • Sync custom directory attributes to your Azure Active Directory tenant and consume it from your cloud applications

All this allows easy transition of your services to the cloud. and easy integration of remote work force into you organization.

P2V a GPT based Disk To Hyper-V

So anyone who’s ever tried to perform a P2V of a GPT based computer, By GPT based I mean that the boot disk is GPT and not basic, knows that after the P2V the new VM will not boot.

However, luckily, there is a way around this.

First of all perform the P2V using a toll such as Disk2VHD.
Take the newly created VHD file and attach it to an existing Virtual Machine. I would recommend a Windows 7 workstation VM if you have one. alternatively you can also mount the new VHD in your own Windows workstation using disk management. If your new file is a VHDx file then your going to need a windows 8 workstation or higher.

atatch vhd

Now install on the workstation a product called AOMEI Partition Assistant Standard. The standard version is free and can perform the functionality required to perform the following tasks.

Open Partition Assistant, locate your converted disk (it should show up as a GPT disk), right click the disk and choose the option “Convert to basic disk”, Confirm the prompt and then click apply in the top right corner.

Now that we’ve converted the disk to basic we need to reattach the VHD to our virtual machine, if you haven’t created a VM yet now is the time to do it.

The new VM still won’t boot, the next step is to boot with a Windows 2008R2 installation disk (any other version will also work).

Boot the VM from the Windows 2008R2 installation disk and choose the “repair your computer option”.

In the windows that opens choose from the top “use recovery tools”, click next and the choose the command prompt option.

Now we need to type a few commands.

1. diskpart

2. list disk

3. select disk #

4. List Partition

5. Select Partition # (this is the partition with our windows installation)

6. active

7. Exit

Now reboot the VM. Boot from installation CD again and return to the command prompt.

now type the following commands.

1. bootrec /fixmbr

2. bootrec /fixboot

3. bootrec /rebuildbcd and click y

reboot VM again and once again boot from installation CD and return to the command prompt.

run these final commands

1. cd recovery

2. startrep

reboot VM again, but this time not from the installation CD, your windows VM should now successfully boot.

Good Luck!!!

 

 

 

What is Storage Spaces Direct In Windows 2016?

Windows 2016 will continue to focus on Software Defined Storage. In Windows 2012 Storage spaces was introduced as a tool that would allow pooling together disk resources to create a large and redundant pool of disk space (Similar to Raid but without certain limitations-Such as all disks must be of the same size).  Storage spaces could also be used in a cluster environment as long as the Storage space as based on a JBOD with direct SAS connectivity to both nodes in the Cluster.

In Windows 2016 we’re receiving storage spaces direct. This technology will allow us to pool multiple local DAS disks from Multiple servers in to one pool. That’s correct local disks from multiple servers into one large shared pool. The pool can be used in a failover cluster for storing your Hyper-V VM’s.

just think, you can have 3 servers all with 3TB of local disk space all pooled together to create a large pool of clustered disk space. Now that’s COOL!
The pool will be fault tolerant and the loss of a single server will not bring down the pool itself.

The possibilities are endless. Smaller environments will defiantly be able create clusters without purchasing expensive Storage appliances, data can be stretched to a remote site for DR scenarios. Yes this is also totally supported.

I’ve been playing around with the preview version, and so far things look extremely cool.

 

New De-Dupe features coming to Windows 2016

In its current beta Windows 2016 offers new Dew-Dupe features and rumors say that more are to come.

What we currently know is the following:

1. Volume size of up to 64 TB will be supported.

In Windows 2016 the recommended limit was 10 TB mainly due to processing rates. The new De-Dupe has a new engine with multiple threads supported to improve performance.

2. File sizes up to 1 TB are good.

Although supported in Windows 2012, again not recommended because of performance issues. In Windows 2016 1TB file sizes are good to go (DE-Dupe).

3. New type of DE-Dupe scenario – Backup.

Windows 2012R2 supported general File Server & virtualization (VDI) De-Dupe.

Not sure exactly what the improvement here is, but we’re promised better performance for De-Duping backup files. Can’t wait to try it out with Veeam.

 

Veeam FastSCP for Microsoft Azure Just Anounced – Beta

Veeam just announced a new product, currently in Beta. Veeam FastSCP for Azure IAAS.

Basically this is FastSCP (file transfer) for Azure VM’s.

Veeam_FastSCP_for_Microsoft_Azure_diagram

Whats so great about this? Well, untill now to copy files from your local computer to an Azure VM required either:

1. A site to site VPN connection to the azure virtual network.

2. Copy over RDP (limited to 2GB).

This handy little tool will connect to the PowerShell endpoint port of your public IP address. Inside the VM it’s based on winrm. It even has Automatic scheduling of file copy jobs for nightly or weekly copies to/from Azure VMs. And you don’t need to keep the UI open to complete a job.

And of course all data is securely copied over SSL.

clip_image004

Anyone interested in registering for a beat can do that over here

 

Azure Site Recovery Now Supports Hyper-V Generation 2 VM’s

For those of you that have used or are using Azure Site Recovery, your probably aware that the service only supported replication of Gen 1 VM’s. This was quite a limitation for customers who wished to replicate their Hyper-V VM’s to the Azure cloud.

Well support for Gen 2 VM’s has just been announced. It’s currently in preview but should be final in the very near future.

Among other updates to Azure Site Recovery are

– VMM to VMM Replication (both with or without SAN Replication, previosuly SAN replication was not supported).

– Replicate VM’s to azure directly from Hyper-V (previously a VMM server was required).

– Vsphere To Vsphere Replication  (both with or without SAN Replication, this is a totally new feature).

– Coming soon, Vsphere to Azure replication.