Monday, July 27, 2015

Connect Windows 10 to Azure AD

image

One of things that really excites me about Windows 10 is its ability to be directly joined to an Azure Active Directory. I think this ability is a major change in the way identity for desktops is going to be managed going forward.

The way that you facilitate a Windows 10 machine doing just that is to firstly go into your Azure AD and select the Configure option as shown above.

image

You then scroll down to the devices area and ensure that the Users may Azure AD join devices is either set to All or Selected, as shown above.

image

Then you go to the Windows 10 machine you wish to join to Azure AD and select Settings.

image

Then select About from the bottom of the menu options on the left.

image

Then on the right hand side select the link Connect to cloud as shown above.

image

From the window that appears select Continue.

image

Enter the credential of a user permitted to connect to your Azure AD and select Sign In.

A few moments later the process is complete and the Windows 10 machine is joined to Azure AD.

image

If you then check back in your Azure AD and select the user who completed the join and then select the Devices option from the options across the top. That should display a list of Windows 10 machines that are now connected as shown above.

image

To remove the device from Azure AD simply visit the Settings | About page again and this time select the link Disconnect from the organisation. You’ll be prompted to Disconnect as shown above.

image

You’ll then need to enter the credential for a local machine administrator (i.e. a users with admin privileges on the Windows 10 desktop).

Enter OK to proceed.

image

The last step will then be to restart the machine to complete the separation process, much like you would when joining an on premises AD.

So there you have it, joining an Azure AD is very simple on a Windows 10 desktop. Look out for more articles on Windows 10 and Azure AD soon.

PowerBI comes to Office 365

image

When I sent into my Office 365 today I found a new icon! PowerBI has arrived (Yellow icon, second row, first item).

image

When I look at the licenses for my tenant I see unlimited PowerBI licenses as you can see above.

If you want to know what PowerBI is and why I am so excited about it, read my previous post:

Switching on to PowerBI

and watch out for more PowerBI articles here.

Virtual 70-346 exam cram starting this week

Due to demand for certification from members of Cloud Business Blueprint I will conducting a 70-346 exam cram course conducted over a period of 8 weeks commencing this Thursday the 30th of July. The course is free to members of the Cloud Business Blueprint but I am making a few places available to anyone else who wants to sign up and become certified.

To sign up visit:

http://www.e-junkie.com/ciaops/product/506419.php

where for only $199 inc GST you can sign up for the 8 week course (1 x 1 hour lesson a week).

Subscribers to this product will receive:
- Link to attend live tutorial sessions each week
- Recording of each tutorial session to download and review
- Set of OneNote 70-346 course notes
- CIAOPS Office 365 bootcamp notebook
- Review questions to complete each week
- Training Certified Office 365 administrator and Office 365 MVP

Agenda:
1. Introduction and overview
2. Provision Office 365
3. Plans and implement networking and security in Office 365
4. Manage cloud identities
5. Implement and manage identities using DIRSYNC
6. Implement and manage federated identities for SSO
7. Monitor and troubleshoot O365 availability and usage
8. Review and exam prep

The aim is to help as many people as possible become 70-346 certified on their way to becoming a Microsoft Certified Office 365 administrator.

There are limited numbers for the course so if you are interested, don’t delay, sign up today.

Saturday, July 25, 2015

Over 3GB of cloud on demand video training

image

I’m happy to announce that I’ve uploaded over 3GB of video training at my cloud business training academy at Cloud Business Blueprint. This is all part of the Cloud Business Blueprint Community. You can also see that there are at least 136 videos available for community members to view on demand aside from all the other content that is also there!

The best thing for Cloud Business community members is that I am committed to build even more content. I am working hard to add more on demand training, white papers, how to articles, re-brandable content on top of what is already provides in the forums.

It is easy for you to sign up as a community member, just do so at:

http://www.cloudbusinessblueprint.com/members-sign-up/

You can cancel at any time, non obligation, no questions asked. if you want content on building a cloud business then look no further than Cloud Business Blueprint.

If you like all the free stuff that I do, then you are sure going to like what is in the Cloud Business Blueprint Community. Becoming a member supports me in focusing on bringing members even greater and deeper content.

I thank all the existing members and I hope that anyone else will join them in creating a community of resellers dedicated to succeeding with their cloud business.

Thursday, July 23, 2015

Creating a Domain Controller in Azure

Setting up a Domain Controller (DC) in Azure is a little different than on premises. This post is by no means an extensive guide or best practices document on doing that. It is however designed to give you the basics so you can get up and running quickly.

image

I am going to assume you are starting totally fresh here. The first task is to create a new Azure network in the location that you desire. For more details on doing this see:

Tutorial: Create a Cloud-Only Virtual network in Azure

image

The next step is to run an Azure virtual machine that will be your Domain Controller. The only step that is slightly different from the norm is that you need to select the virtual network you created previously in the Region/Affinity Group/Virtual network option as shown above.

You then continue on as normal and create the virtual machine and allow it start up.

For more information on creating an Azure virtual machine see:

How to Create a Custom Virtual Machine

image

Before you connect to the new virtual machine that will be you file server you need to add an additional hard disk to it. From the list of virtual machines you have in Azure select your new machine. Then select the Add button at the bottom of the page. From the menu that appears select Attach empty disk.

image

Complete the details for the additional disk and save the configuration. For more information on adding an additional disk to a virtual machine see:

How to attach a data disk to a Windows virtual machine

image

When you log into the virtual machine you’ll see that it already has a dynamic IP address (here 10.0.0.4). This comes from the virtual network you created previously. It is important that you DON’T assign static IP addresses to Azure virtual machines, even in the case of a domain controller. All Azure virtual machines should ONLY have dynamically assigned IP addresses.

image

If you look at the storage layout of your new virtual machine you’ll see a C: and D:. Beware, D: drive is a temporary drive that gets erased and recreated on reboot. Thus, the only stuff you want on there is temporary stuff like the page file. Good practice is not to have the Active Directory databases on the boot partition, because if that becomes inaccessible then bye bye AD, unless you have a backup. This is the reason why we attached an additional disk to our new virtual machine.

image

Everything now is pretty as it would be with on premises equipment. Go into the Windows Disk Management console and initialise the new disk.

image

Create a new volume on this additional disk and format it. At the end you should have a drive letter you can access. Here, F:.

image

If you again view the storage configuration of your virtual machine you should see a new disk (here F:) which will be the destination for the AD database.

image

Things remain the same when you configure your server to be a domain controller. Simply go in and add the role as you would normally.

image

Allow the configuration to complete.

image

Once the role has been enabled you now need to raise the server to being a domain controller exactly how you would on premises. The only difference is that you should re-locate the AD DS database, log files and SYSVOL to the disk you added (here F:).

image

Just before you complete the process of raising the server to be a domain controller, you’ll see the above warning about a domain controller requiring a static IP address. Again, in Azure this DOES NOT apply. In Azure we want all servers to have dynamic IP addresses.

image

Once you Domain Controller is running go into the DNS manager, right mouse click on the DNS server (here the domain controller) and select properties. In the Forwarders tab remove any IP address listed.

image

The last step is to go back and edit the properties of your virtual network. In the Configure tab for the network you will find the option for dns servers as shown above. Add the IP address and machine name here and save it. Although, the IP address assigned is dynamic it is on a extended lease so it should effectively ‘remain’ static. if you do power up and down your DC regularly for testing like I do, simply ensure that your DC is the first machine your fire up on that virtual network.

So now you have an Azure hosted Windows Domain Controller (DC) without too much additional fuss.

image

So now, if I want to add another Azure virtual machine into this network and onto the domain, I simply run up an Azure virtual machine as normal. When you do you’ll see it get a different IP address (here 10.0.0.5, while the DC is 10.0.0.4).

image

Then, as you would anywhere else, simply add that machine to the domain. You’ll be prompted for administrator credentials to verify the domain join.

image

If that is all you now have a second machine on this domain.

So in summary, the key points with a Windows Domain Controller in Azure is:

- Add an extra disk and install the AD database, logs and SYSVOL here

- Don’t give DC a static IP address

- Assign the DC IP address to the DNS setting in the virtual network configuration.

For more details on doing this see:

Install a new Active Directory forest on an Azure virtual network

Office 365 automation

One of the strong beliefs I hold is that technology automation is going to have a major impact on our world. It is going to mean a lot of people need to re-skill if they want to stay relevant (including IT Pros).

A great example of this growth in automation is the recent announcement from Microsoft about integration with IFTTT (if this then that) which you can read in full here:

https://blogs.office.com/2015/07/21/office-365-channels-are-live-on-ifttt/

I have been a big IFTTT user for many years so this is great news. Let me give you some insight of what you can do.

After you create an announce on IFTTT you need to connect up your channels. They may include services like Wordpress, Facebook, Twitter and now Office 365.

image

You simply locate the channel you wish to connect and select it.

image

You then select the option to Connect.

image

You’ll then need to login to your Office 365 account to authorise IFTTT to access it.

Once you have authorised access you can use IFTTT to create automation recopies. I’m not going to show you how to do that, but it is pretty simple, I’ll give you an example of how the automation works

image

So what I have done above is create an automation recipe that takes daily sleep information from my FitBit and uses Office 365 email to send an email to my normal email account (i.e. from my ciaops365.com domain to ciaops.com domain).

image

When triggered, you see that I receive an email with my previous nights sleep details in my normal inbox (showing a poor nights sleep in reality). Impressive eh? And simple to set up.

The people and businesses who will be most effective in the future will be the ones that take maximum advantage of technology automation. IFTTT is just a simple example of what is now possible with Office 365. I’d suggest now is the time to get automated!

Wednesday, July 22, 2015

Free Third Tier Azure webinar tomorrow

I have been fortunate enough to be invited to participate in free webinar hosted by Third Tier titled;

Getting Started with Azure and Making Money Doing It

Amy, Susan welcome Robert Crane to the webinar series. Robert has been a long time SMB IT professional well known for his SharePoint, Office 365 and now his Azure expertise. If you think that Azure is just another hosting platform you are so wrong. Azure is your future with Microsoft and it’s a whole new world. Robert will share with us his tips and a path to success with Azure.

More importantly, the webinar is being hosted by two rockstars in the community, Amy Babinchak and Susan Bradley.

Amy Babinchak is the owner of Third Tier and Harbor Computer Services (an MSP). She is also a Microsoft MVP in Small and Medium Business Server. Susan Bradley is a Microsoft Enterprise Security MVP and forensic accountant. Both Amy and Susan have a passion for excellence in small business IT. These webinars will be chatty with each bringing their experience and technical expertise to the table.

The best thing is that the webinar is scheduled in the daylight! At least for me. Here in Sydney Australia the webinar runs from 10am – 11am on Thursday 23rd of July.

So if you are interested in learning about how you can make Azure your business and learn from the likes of Amy and Susan, with some occasional input from me, then check out the webinar. Remember, it is free to attend!

I hope to see you there tomorrow.