Today, I am going to show you how to configure Server Certificate Auto-enrollment via Group Policy, you need to have an Enterprise certification authority root server before you configure auto-enrollment, if you don’t know how to install Enterprise certification authority root server, you can follow my previously post and step by step to install it.
In my latest episode, I had the chance to sit down with Bogdan Mitrache of Advanced Installer to talk about things MSIX and stuff the Advanced Installer team has been up to in this space. My introduction to Advanced Installer was through the MVP program, and I felt that they were one of the few packaging tool vendors that got the idea that some things need to be easier and that a packaging tool can help. They currently target both Developers and IT Professionals with their tools for application packaging. Please sit back and relax as we take another...
Read More
If you need certificates for your internal websites, applications, wireless network or pilot lab test, having an internal enterprise authority server is a good choice. Today, I am going to show you how to deploy an Enterprise Authority root server on Microsoft Windows server 2019. This is the simple way to have a certificate service for Internal and easy to maintain but it maybe not a good best practice, if you need the certificate service is deployed securely, you need to consider deploying Two-Tier (or more) PKI Hierarchy (at least a Root CA server and a subordinate server), I will show you how to deploy them for future post.
I was trying to upgrade VBO 365 from V3 to V4, everything looks fine except upgrading Default Backup Repository, the status shows Upgrade failed “Access is denied”, it has never happed with other customers for upgrading VBO 365 from V3 to V4.
There are some benefits to use MyAnalytics at Microsoft Office 365, e.g. Improve your relationships, get more focus time and improve your work-life balance.
If you tried to run Hyper-V PowerShell script at Windows Server 2019 to get Hyper-V report from Windows Server 2012 R2 Hyper-V host, you will get the error message “The Hyper-V module used in this Windows PowerShell session cannot be used for remote management of the server ‘XXX”. Load a compatible version of the Hyper-V module……..”
Today, I am going to show you how to use Veeam Backup for Microsoft Office 365 V4 backup to Azure Blob. If you still don’t know how to create Azure Blob, you can reference my previously post as follow link to created it.
Hey Checkyourlogs Fans, Today, I will be showing you the Out of Box Experience (OOBE) for a DataON S2D-5208i (Azure Stack HCI) node. What we have done so far is plug in the onboard Lan-On-Motherboard ethernet ports and connected our cross-connect 25 GB cables between both nodes. When the units ship, they are pre-imaged with DataON’s standard build, and upon first poweron, you can access the server via their Intel Integrated BMC Web Console. In our case, we accessed the server using https://10.113.6.84 DataOn units ship with a default user ID / Password combination of – admin/admin or admin/admin1....
Read More
Veeam released Veeam Backup for Microsoft Office 365 V3 on November 26 2019, there are lots of function be increased and improved, including Object storage support, Increased Information security, Faster backup performance, Exclude retention for contacts and calendars, Group-based targeting, Enhanced reporting…etc.
Hey Checkyourlogs fans, This week I was tasked with moving an existing Azure Stack HCI (S2D) Cluster to a new Fabric Domain. Traditionally, this would require us to tear down the cluster and rejoin the machines to a new domain and rebuild the cluster. With Server 2019, Cross Domain Migrations are supported. Migrating a cluster to a new domain original steps were found at https://docs.microsoft.com/en-us/windows-server/failover-clustering/cluster-domain-migration I have since updated with the rest of the steps required to do this for an Azure Stack HCI Cluster. In the following steps, a cluster is being moved from domain...
Read More
Browse to https://portal.azure.com/#home (login if prompted). Click Azure AD Conditional Access. Click New Policy Enter a descriptive name such as MFA for Admins. Click Users and groups. On the Include tab, click the Select users and groups radio button, then click the Directory roles (Preview) checkbox. Expand the listbox under Directory roles (Preview). Select the following nine roles: Global administrator SharePoint administrator Exchange administrator Conditional Access administrator Security administrator Helpdesk administrator Password administrator Billing administrator User administrator Click the Exclude tab, then click the Users and groups checkbox. Click Select excluded users, then in the Select excluded users flyout...
Read More
Today, I am going to show you how to use SendGrid as SMTP relay at Sophos UTM firewall and help you send email out successful, the Sophos UTM firewall and exchange servers are VMs of Nested Hyper-V host at Azure, if you don’t know how to build a Nested Hyper-V host in Azure, you can reference our Building Real Word lab in Azure Volume 1 book from https://leanpub.com/buildingrealworldlabsinazurevolume1) , this is step by step to tell you how to build your own lab in Azure.
When you try to send email out from exchange server VM at Azure, you will notice it will failed send email out. Because starting on November 15, 2017, outbound email messages that are sent directly to external domains (such as outlook.com and gmail.com) from a virtual machine (VM) are made available only to certain subscription types in Microsoft Azure. Outbound SMTP connections that use TCP port 25 were blocked. (Port 25 is primarily used for unauthenticated email delivery.), so you will notice the exchange server VM won’t send email out after you configure send connector.
Attempting to enable Microsoft’s shiny new Azure Security Defaults in Azure Active Directory, it’s possible to run into an error “It looks like you have Classic policies enabled. Enabling Classic policies prevents you from enabling Security defaults.” What a bummer considering Security Defaults replace the older Baseline Conditional Access Policies as of 29 February 2020. Enabling Security Defaults is also the easiest way to ensure multi-factor authentication is enabled for Azure administrators. Time to fix this error and enable Azure AD Security Defaults! Browse to https://portal.azure.com/#home (login if prompted) Click Azure AD Conditional Access Under the Manage heading, then...
Read More
As we know, starting on November 15, 2017, outbound email messages that are sent directly to external domains (such as outlook.com and gmail.com) from a virtual machine (VM) are made available only to certain subscription types in Microsoft Azure. Outbound SMTP connections that use TCP port 25 were blocked. (Port 25 is primarily used for unauthenticated email delivery.), so you will notice the VM at Azure won’t send out email.
Today, I try to publish blog via Microsoft word as usual, but it failed and show a warning message “Word cannot publish the pictures in this post. The most likely cause of this problem is that you do not have enough storage space. Contact your provider and try again, or choose a different picture provider”, this so weird and I am sure I didn’t change any settings at my blog site except enable SSL. I figure out the issues after do some research and test.
There are some reasons why your website should invariably have a SSL certificate, e.g. SSL certificates help to ensure your website security, website visitors will see it as a trustworthy Brand, also it will enhance the search engine ranking for your website. Today, I am going to show you how to enable SSL certificate at the website of Azure, let follow the step by step to complete it and make your website better at azure.
Today, one of my clients told me their storage pool ran out of space, he removed 4 x 1TB old drives to install the new 4 x 3.8 TB drives, and then asked me to reconfigure storage pool for him, it looks very easy to change it.
FindTime, a nifty little tool from the Microsoft Garage folks, aims to ease the circus surrounding scheduling a meeting. You know, the dance we do until we find a time where all the participants can meet? FindTime essentially uses a survey allowing everyone to vote on proposed times until consensus is reached. FindTime then sends a meeting invite on your behalf. A great tool aimed to prevent us spending more time scheduling meetings than participating in them. Learn more about FindTime at https://findtime.microsoft.com/. Deploy FindTime to your Exchange Online deployment using the Services and Add-ins blade in the M365...
Read More
Migrations from on-premises Exchange to Exchange Online don’t often occur overnight. In many cases, they take weeks or months to complete. During this time, account passwords often change due to password policies, security initiatives, and the like. If the account password changes for the account assigned to a migration endpoint it will cause new migration batches to fail. Unfortunately, the error doesn’t exactly scream “hey, your on-prem password changed for the migration endpoint account.” It’s a bit more ambiguous with the actual error being: The Mailbox Replication Service was unable to connect to the remote server using the credentials...
Read More
Hey Checkyourlogs and Veeam Fans, Today, I’m going to look at a newly certified configuration from DataON and Veeam. Recently DataON has certified its DCS Storage Server as a Veeam Backup Target. You can check out the details here https://www.veeam.com/kb3019. In this certified configuration, the unit shipped with a Broadcom RAID Controller with two RAID 50 Spans across 6 HDDs. My Configuration is going to be slightly different as my team has been using HBA’s and Storage Spaces Standalone for the past 3 + years. We find the configuration extraordinarily stable and it performs like a champ. ...
Read More
Hey Checkyourlogs Fans, Today, I was called in to troubleshoot a weird error for some Veeam Replica Jobs that were failing. In the console, the error message was displayed as – Failed to process replication task Error: boost::filesystem::create_directory: The system cannot find the path specified: “E:\” Agent failed to process method {FileSystem.DirectoryCreate}. This error was not very helpful for me, so I decided to check the veeam logs directly on the Veeam Backup and Replication Server. I went to c:\programdata\Veeam\Backup Found the Replica Job and opened the logfile job.<JobName> Once inside the logfile, I searched for the word error....
Read More
Hey Checkyourlogs Fans, Today, I was called in to work on a case with a customer that had messed around with their Virtual Switch Settings in the Hyper-V Console on an Azure Stack HCI Cluster. I didn’t get a lot of details but what I did get emailed was this “I was building a Virtual Machine in Failover Cluster Manager and I couldn’t get it on the network. So, I went into Hyper-V Manager Virtual Switch Manager and made some changes. After that, I couldn’t ping the host anymore”. I was able to logon via the out of...
Read More
In this blog post, Rickatron shows how you can use Azure Storage Explorer to remove unattached VHD files.
Hey Checkyourlogs Fans, Today I wanted to discuss 3 Veeam Backup Targets at a customer that I’m working with. All three of these backup targets are running Windows Server 2019 with the deduplication feature enabled. We are having constant issues with one of the backup targets running out of space and my team having to manually run garbage collection, scrubbing and optimization to free up space. This backup target, as we found out, is the victim of what I call a non-dedup optimized workload. This means that the Windows Server 2019 Deduplication engine is having a difficult time breaking...
Read More
Allan Rafuse
Cary Sun
Cristal Kawula
Dave Kawula
Dave Kawula
Émile Cabot
John O'Neill Sr.
Kevin Kaminski
Rick Vanover
Recent Comments