You are browsing the archive for 2015 November.

Avatar of Florent

by Florent

[Azure] Active Directory Domain Services

9:22 am in Azure, Azure Active Directory, Nano Server by Florent

azure-active-directory

Azure has released a new possibility in Azure, the using of Active Directory, directly in Azure, like if you deployed a domain controller, in a virtual machine. In fact, your Active Directory will be stored in Azure and will be managed direclty by Microsoft.

Azure AD DS is in Preview and is available (when I write this post) in many of regions: https://azure.microsoft.com/en-us/regions/

To implement this, I used the basic domain name onmicrosoft.com but you can use a custom domain, after verified it. I also created a group named AAD DC Administrators (the name MUST be the same) for Domain Administrators and I added some account in it. Now, create you Active Directory and go to Configure > Domain Services and click on Yes. Choose the name for your domain and the network where the AD will be connected (Azure will create 2 AD for the HA):

SNAGHTML4f95052_39D602E1

After around 30 minutes, you will be able to see the first AD IP address, the next address will come after:

SNAGHTML843b0c2_02FBAE9B

Take these 2 IP address and go in your virtual network, click on Configure. Here, provide the 2 IP address for the DNS:

SNAGHTML845efb6_6C3C6711

If you want to administer this AD with the GUI, it’s possible. Deploy a VM that will be joined to the Azure AD domain and install the Group Policy Management and AD DS Tools features.

Launch the Active Directory Users & Computers console. You will be able to manage your accounts here (users, groups and computers) with some limitations (create an object, etc.):

SNAGHTML84d055f_59876D5ASNAGHTML84d20b7_7BDF02D3

You can do the same with the group policy console, but here, you will be able to create/delete/modify GPOs.

This news is very usefull in case of a startup that want to use Office 365, with an AD, but don’t have a server to store his AD.

About the price, you have to expect around 32€/month for less than 5000 objects in your AD (Users, Groups & Computers): https://azure.microsoft.com/en-us/pricing/details/active-directory-ds/

Avatar of Florent

by Florent

HOW TO: Monitor a Nano Server on Windows TP4

3:31 pm in Microsoft, Nano Server, SCOM by Florent

Microsoft released the last version of the Nano Server, Technical Preview 4. They released the TP4 of System Center too. with this last version, SCOM has the ability to monitor a Nano Server.

In this blog post, I will explain to you how to implement this monitoring. I used this blog post to implement the solution.

This monitoring is at the beginning, so you can only monitor the Windows BaseOS and the Failover Cluster role (with each management pack). The limitations are (from Technet):

    • Installing the Operations Manager Agent to a Nano Server via discovery from the Operations Manager console.

    • Monitoring .Net applications running on a Nano Server

    • Updating the Operations Manager agent on a Nano Server by applying updates.

    • Using Audit Collection Services (ACS).

    • Using network discovery rules to discover devices that support ICMP.

    • Monitoring specific url’s on a Nano Server.

    • Discovering IIS web sites.

    • Collecting data from the Application Log of a Nano Server.

The only prerequisite to monitor the server is to have the Microsoft-OneCore-ReverseForwarders-Package.cab package installed on your Nano Server image.

After that, I copied the source of the Nano server agent from the ISO to my SCOM server, in my case, in C:\Temp\NanoAgent\. Open a PowerShell console and navigate to the folder where is stored the InstallNanoServerScomAgentOnline.ps1 script:

image

Now, execute the following command to install the agent:

.\InstallNanoServerScomAgentOnline.ps1 -ManagementServer <<Management Server Name FQDN>> -ManagementGroupName <<Management Group Name>> -NanoServerFQDN <<Nano server FQDN on which the agent will be installed>> -BinaryFolder <<Nano Server bits location (\NanoAgent\NanoServer)>>

For me, it will look like this:

.\InstallNanoServerScomAgentOnline.ps1 -ManagementServer DEVO-OM02.devoteam.lab -ManagementGroupName DEVOTP4 -NanoServerFQDN NANOIIS01.devoteam.lab -BinaryFolder C:\Temp\NanoAgent

 

image

After that, connect to the Nano server:

Enter-PSSession -ComputerName nanoiis01.devoteam.lab

image

Check the status of the service SCOM service (HealthService):

Get-Service –Name HealthService

image

The service is stopped, so start it with the following command:

Start-Service –Name HealthService

Get-Service –Name HealthService

image

The service is now running. Next step is to approve the new SCOM agent in SCOM. In your SCOM console, go to Administration > Device Management > Pending Management. Normally, your Nano server is referenced here:

image

After few minutes, the monitoring of the server is up and you can see that the monitoring action account is the local computer name:

image

image

If I shit down the Nano Server, I can see that I have the same error that a “normal” server:

image

This new feature is very good to implement the Nano server in production. We are now waiting the support of the IIS management pack and so on to have a complete monitoring solution.

Avatar of Florent

by Florent

SCVMM TP3: Convert a standard switch to logical switch

9:54 am in Microsoft, Private Cloud, SCVMM, System Center by Florent

During my lab migration to WS 2016 TP3 and System Center TP3, I discovered a new functionality of SCVMM. This one will convert your standard switch to a logical switch. This is very interesting because if you do this manually, you will change the switch used by each VM manually and so on.

The first step is to have your logical networks ready:

image

After, get the information of the standard switch. You must use the same name for your logical switch that the standard switch and the bandwidth mode must be the same:

image

It’s now time to create your new logical switch. Give the name that you got before and choose if the switch is currently using teaming or not:

image

Change the bandwidth mode to the value that you got before:

image

In Extensions part, keep the default value. In the Virtual Port part, adapt for your configuration:

image

In the Uplinks part, create a new Uplink profile and adapt the load balancing mode and the teaming mode to the same that your current teaming configuration. If you don’t have a teaming, you can configure as you want. I also created 3 virtual network adapter with my 3 logical networks:

image Validate to create the logical switch:

image

When the creation is done, go to your Hyper-V configuration. In the Hardware, check all networks that you provide in your uplink profil:

image

Validate and go back to your host configuration. In the Virtual Switches part, you can now select the Convert to Logical Switch option:

image

Click on it. On the new window, select the logical switch and the uplink that you want to use:

image

After few seconds, your virtual network is converted:

image

It’s now time to convert all of your standard switches to logical switches Sourire

Avatar of Florent

by Florent

Access your Azure Websites logs

7:00 am in Azure, Azure Web Apps by Florent

Last week, I tried to deploy a new website in Azure Websites. The deployment was done successfully, but when I browsed the web page, I had the following error:

image

To investigate to see where the problem is, I need to get the IIS logs. Thanks to this MSDN blog post, I found that we can get log files from the FTP. I will explain to you how to do this.

First, connect to https://portal.azure.com and navigate to your web app:

SNAGHTML1e8214ad

Go to the Deployment credentials and choose a unique username. Click on Save:

image

Now, go to the Dignostics logs section. Here, you will have your login credentials to connect with an FTP client. You can manage which logs that you want to activate/deactivate:

image

Open your FTP Client and provides the information that you get just before. Don’t forget to provide the site name in front of your username:

image

I’m now connected and I have access to these 3 folders:

image

If you go on site > wwwroot, you will see your deployment:

image

I would like to take log files. Go to the LogFiles folder, in the root. You have an eventlog.xml file. This file contains logs that are extracted from the event viewer in the server where the web apps is running. I downloaded it and opened it:

image

I checked each <data> in the file and I found an interesting line in the log:

<Event><System><Provider Name=”ASP.NET 4.0.30319.0″/><EventID>1310</EventID><Level>2</Level><Task>0</Task><Keywords>Keywords</Keywords><TimeCreated SystemTime=”2015-10-30T11:31:22Z”/><EventRecordID>200681015</EventRecordID><Channel>Application</Channel><Computer>RD000D3A22D7A5</Computer><Security/></System><EventData><Data>3007</Data><Data>A compilation error has occurred.</Data><Data>10/30/2015 11:31:22 AM</Data><Data>10/30/2015 11:31:22 AM</Data><Data>8f0c8ce90d1e452dbe8957048d3c26f8</Data><Data>8</Data><Data>1</Data><Data>0</Data><Data>/LM/W3SVC/367992338/ROOT-3-130906782805054017</Data><Data>Full</Data><Data>/</Data><Data>D:\home\site\wwwroot\</Data><Data>RD000D3A22D7A5</Data><Data></Data><Data>7728</Data><Data>w3wp.exe</Data><Data>IIS APPPOOL\scugbe</Data><Data>HttpCompileException</Data><Data>(0): error CS1617: Invalid option ‘6’ for /langversion; must be ISO-1, ISO-2, 3, 4, 5 or Default

at System.Web.Compilation.AssemblyBuilder.Compile()
at System.Web.Compilation.BuildProvidersCompiler.PerformBuild()
at System.Web.Compilation.BuildManager.CompileWebFile(VirtualPath virtualPath)
at System.Web.Compilation.BuildManager.GetVPathBuildResultInternal(VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVPathBuildResultWithNoAssert(HttpContext context, VirtualPath virtualPath, Boolean noBuild, Boolean allowCrossApp, Boolean allowBuildInPrecompile, Boolean throwIfNotFound, Boolean ensureIsUpToDate)
at System.Web.Compilation.BuildManager.GetVirtualPathObjectFactory(VirtualPath virtualPath, HttpContext context, Boolean allowCrossApp, Boolean throwIfNotFound)
at System.Web.Compilation.BuildManager.CreateInstanceFromVirtualPath(VirtualPath virtualPath, Type requiredBaseType, HttpContext context, Boolean allowCrossApp)
at System.Web.UI.PageHandlerFactory.GetHandlerHelper(HttpContext context, String requestType, VirtualPath virtualPath, String physicalPath)
at System.Web.UI.PageHandlerFactory.GetHandler(HttpContext context, String requestType, String virtualPath, String path)
at System.Web.HttpApplication.MaterializeHandlerExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
at System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean&amp; completedSynchronously)

</Data>

The problem here is that the /langversion parameter in the Web.config is 6 and it’s an invalid option with this deployment. It must be ISO-1, ISO-2, 3, 4, 5 or Default. So I modified this value to 5 in my Web.config then I redeployed the web app and it now works after a simple refresh:

image

It is very cool to have the access of log file to debug Sourire

Avatar of Florent

by Florent

Execute an Azure Automation Runbook from an ASP.NET website

9:58 am in ASP.NET, Azure, Azure Automation, Microsoft, PowerShell by Florent

After my first article to execute a PowerShell script from an ASP.NET website, I will explain to you today how to execute an Azure Automation Runbook through an ASP.NET website who is stored on a free Azure WebApp.

To do this, I will use Webhook from the Azure Automation Runbook. I used this article to understand how it works.

In my example, my website will give the possibility to an employee to start/stop a VM in Azure. Follow this blog post from scratch to have a functional  Connect-AzureSubscription.ps1 script.

To start, create 2 new runbooks in Azure Automation. I will call them Start-AzureVM and Stop-AzureVM. They will have the following scripts:

Start-AzureVM:

param (
[object]$WebhookData
)

if ($WebhookData -ne $null) {

$azureVMName = $WebhookData.RequestBody

.\Connect-AzureSubscription.ps1

$azureVM = Get-AzureVM | Where-Object {$_.Name -eq $azureVMName}
Start-AzureVM -Name $azureVM.Name -ServiceName $azureVM.ServiceName
Write-Output “The VM $azureVMName is now started”

} else {

Write-Error “Runbook mean to be started only from webhook.”

}

Stop-AzureVM:

param (
[object]$WebhookData
)

if ($WebhookData -ne $null) {

$azureVMName = $WebhookData.RequestBody

.\Connect-AzureSubscription.ps1

$azureVM = Get-AzureVM | Where-Object {$_.Name -eq $azureVMName}
Stop-AzureVM -Name $azureVM.Name -ServiceName $azureVM.ServiceName -Force
Write-Output “The VM $azureVMName is now stopped”

} else {

Write-Error “Runbook mean to be started only from webhook.”

}

When they are created, go to the Start-AzureVM runbook and click on Webhook. Give a name, choose if you want to enable it or not, choose the date when this webhook will be unavailable and finally, copy the URl and stored it in a safe place. This is very important, because after you clicked on OK, this link will disappear:

image

On the Parameters part, just click on OK:

image

Click on Create to create your webhook:

image

Do the same for the Stop-AzureVM runbook.

It’s now time to create the ASP.NET application. In Visual Studio, choose to create a ASP.NET Web Application with an Empty template. After the creation is done, add a new Web Form page. I will name this page Default.aspx. Paste the following code on this page:

<%@ Page Language=”C#” AutoEventWireup=”true” CodeBehind=”Default.aspx.cs” Inherits=”StartStop_AzureVM.Default” %>

<!DOCTYPE html>

<html xmlns=”http://www.w3.org/1999/xhtml”>
<head runat=”server”>
<title>Start/Stop an Azure VM</title>
</head>
<body>
<form id=”form1″ runat=”server”>
<div>
<img src=”Sources/SCUGBE.png” alt=”SCUGBE”/>
</div>
<div>
<table>
<tr><td><h1>Start/Stop an Azure VM</h1></td></tr>
<tr><td><h3>Provide the name of the VM that you want to start or stop</h3></td></tr>

<tr>
<td>
<asp:TextBox ID=”ServerName” runat=”server” TextMode=”SingleLine”></asp:TextBox>
<asp:Button ID=”Start_VM” runat=”server” Text=”Start VM” Width=”200″ OnClick=”StartVM_Click” />
<asp:Button ID=”Stop_VM” runat=”server” Text=”Stop VM” Width=”200″ OnClick=”StopVM_Click” />
</td>
</tr>

<tr>
<td>
<asp:Label ID=”ConfirmationMessage” runat=”server”></asp:Label>
</td>
</tr>
</table>
</div>
</form>
</body>
</html>

This page will give you a TextBox with 2 buttons, depending on your need. You will need the following references in your project to execute the next code:

  • System
  • System.Data
  • System.Drawing
  • System.Web
  • System.Xml

image

Open the Default.aspx.cs file and paste the following code:

using System;
using System.IO;
using System.Net;
using System.Text;

namespace StartStop_AzureVM
{
public partial class Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{

}
protected void StartVM_Click(object sender, EventArgs e)
{
StartStop(“https://s2events.azure-automation.net/webhooks?token=”);
ConfirmationMessage.Text = “The VM ” + ServerName.Text + ” is starting. Wait few minutes before trying to connect to it.”;
ServerName.Text = string.Empty;
}

protected void StopVM_Click(object sender, EventArgs e)
{
StartStop(“https://s2events.azure-automation.net/webhooks?token=”);
ConfirmationMessage.Text = “The VM ” + ServerName.Text + ” is stopping.”;
ServerName.Text = string.Empty;
}

private void StartStop(string webHookUri)
{
var http = (HttpWebRequest)WebRequest.Create(new Uri(webHookUri));
http.Accept = “application/json”;
http.ContentType = “application/json”;
http.Method = “POST”;

string parsedContent = ServerName.Text;
ASCIIEncoding encoding = new ASCIIEncoding();
Byte[] bytes = encoding.GetBytes(parsedContent);

Stream newStream = http.GetRequestStream();
newStream.Write(bytes, 0, bytes.Length);
newStream.Close();

var response = http.GetResponse();

var stream = response.GetResponseStream();
var sr = new StreamReader(stream);
}
}
}

In StartStop call, replace by the values that you copied during the webhook creation. Depending on which button you will click, you will call the function, with the right URL webhook, to contact the right runbook. Open the Web.config file to modify a parameter that causes an error in Azure Website. Modify the compilerOptions=”/langversion:6 by compilerOptions=”/langversion:5. This is corresponding to your framework compilation version:

image

You can now build the project. You will be able to see this:

image

Our Website is now ready. We will create a new Website, based on a free plan. On https://portal.azure.com open Web Apps and click on Add. Choose a name for your website, and, on the App Server Platform, create a new App Service. I used a free pricing:

image

I can now navigate to my new URL:

image

Now that my website is available, I will deploy my custom website on it, through Visual Studio. On Visual Studio, click on Build > Publish …:

image

Choose Microsoft Azure Web Apps:

image

Log on with your Azure Credentials and choose the web apps where you want to deploy the web site. Because I’m in free version, I can’t use multiple deployment slot (prod/dev for example. This feature is available  from Standard plan):

image

You can validate the connection:

image

image

image

My website is now deployed on the Web App:

image

If I try to start a VM, I will have this:

image

The Automation job is directly started:

image

If you go in the Input part, you will see which runbook is called with which parameter:

image

The job is now completed and the VM is starting:

image

image

And if I stop the VM:

image

image

image

SNAGHTML1e52b50d

Because this website is public, I will activate the Azure Authentication. On you Web App, in the Authentication / Authorization part, choose ON and select a new application and click on Save:

SNAGHTMLf24e896

Navigate to your website. You will be redirected to the login page:

image

I tried to connect with an account that is not present in the Azure AD and I had this error message:

image

I logged out and try to connect with an account that is in the Azure AD and the web page is showing correctly:

image

I hope this article will help you Sourire