You are browsing the archive for Azure.

Azure Tip: Use Ctrl+Alt+D to check Azure Portal load times

6:55 pm in Azure, Azure portal, Azure Tip, Cloud, Keyboard shortcut by Wim Matthyssen

 

The Azure Portal is the go-to place to manage all of your Azure services in one hub. I myself spend a lot of time in the portal to build, deploy, modify and manage customers cloud resources. I am sure a lot of you do the same.

But sometimes this portal feels slow without any specific reason and then it is really difficult to find out why. Whenever that is the case there is a keyboard shortcut you can use to check the portal load time of all opened blades.

If you press the keyboard shortcut CTRL + ALT + D you can see the load time and other useful information for every title.

clip_image002

clip_image004

clip_image006

clip_image008

clip_image010

Pressing CTRL + ALT + D again will remove the portal load information.

Beside this useful keyboard shortcut there are some others you can use specifically for the Azure portal. You can open the Keyboard shortcut help item in the Help Menu on the top-right of the portal to see all of these shortcuts.

clip_image012

Hope it helps!

Wim Matthyssen (@wmatthyssen)

Creation of an Azure VPN gateway failed due to associated NSG

8:53 am in Azure, Cloud, GatewaySubnet, NSG, VNet, VPN gateway by Wim Matthyssen

 

A VPN gateway is a specific type of virtual network gateway that sends encrypted traffic between your virtual network (VNet) and your on-premises location across a public connection. You can also use a VPN gateway to send traffic between virtual networks across the Azure backbone.

While deploying such a gateway trough the Azure portal, the creation took a very long time and in the end the deployment Failed.

clip_image002

In the Activity log the following Error Code was showed.

OnlyTagsSupportedForPatch

clip_image004

clip_image006

After some troubleshooting and reviewing the complete VNet deployment, which was done through Azure PowerShell, I finally found out what caused the gateway deployment to fail.

An important remark is mentioned in the Microsoft technical documentation for creating a Site-to-Site connection in the Azure portal. It states that you may not associate a network security group (NSG) to the gateway subnet, which in my case was causing the issue.

clip_image008

The Azure PowerShell script used to setup the VNet and all of its Subnets also created NSGs for all subnets, the GatewaySubnet included.

To resolve the issue, I deleted the Failed gateway and set the Network security group for the GatewaySubnet to None.

clip_image010

clip_image012

Afterwards the creation of the gateway succeeded without any issues.

 

Conclusion

When you create a gateway subnet for your VNet you should never associated a NSG to it. This is not supported and the gateway will stop functioning as expected or completely fail. Always set the NSG to ‘None’. The gateway subnet also needs to be named ‘GatewaySubnet’ to work properly and never deploy any VMs or anything else to it.

Wim Matthyssen (@wmatthysen)

PowerShell: Download Microsoft Azure, Cloud and Enterprise Symbol / Icon set for Visio

12:14 pm in Azure, Microsoft Azure, Microsoft CloudnEnterprise Symbols, Microsoft Visio, PowerShell, Visio, Visio Stencil by Wim Matthyssen

 

The Microsoft Azure, Cloud and Enterprise Symbol / Icon Set package is available as a free download from Microsoft and includes icons for almost all Azure services and Microsoft cloud related technologies currently available. These icons and PNG files come in handy when making visual representations in Azure related architectural designs or when making project documentation to deliver to a customer.

To automate the download and install process of this useful package, I wrote the below PowerShell script which does all of the following:

  • Download the Microsoft_CloudnEnterprise_Symbols_v2.7.zip file
  • Extract the ZIP file to the My Shapes folder (the My Shapes folder is the default-working folder for Visio and is created during the installation of Visio).
  • Delete the ZIP file after extraction.

Before running the script, you should keep the following things in mind:

  • The script will exit if the My Shapes folder does not exist, the advice I would give is to install Visio first before using the Symbols package.
  • The script will exit if the Symbols package v2.7 is already installed in the My Shapes folder.
  • The symbol package itself is supported on the following Operation Systems: Windows 10, Windows 7, Windows 8 and Windows 8.1
  • You should remove any previous version of the symbol set so you can avoid duplicate and deprecated symbols.

PowerShell script

If you prefer you can download the complete script from the TechNet gallery.

clip_image002

clip_image004

clip_image006

Use with Visio

To use these stencils with Visio, open Visio and create a new Blank Drawing or use any other available template. Select More Shapes – My Shapes – Microsoft_CloudnEnterprise_Symbols_v2.7KP – Symbols and select any of the available choices.

clip_image008

clip_image010

Use with Word

To use the .PNG files with Word, open Word and create a new Blank document. Select Insert – Pictures and browse to your My Shapes folder. Open the Symbols folder located under the Microsoft_CloudnEnterprise_Symbols_v2.7KP folder. Browse to a PNG folder located under any of the shown folders and there you can find all available .PNG files.

clip_image012

clip_image014

clip_image016

clip_image018

clip_image020

This concludes this blog post, have fun using all these Azure symbols to visual enhance your Visio or Word cloud designs.

Wim Matthyssen (@wmatthyssen)

Azure Backup: Upgrade your Recovery Services Vault to enable support for large disk backups

6:59 am in Azure, Azure Backup, Cloud, Recovery Services vault by Wim Matthyssen

 

On March 13, 2018 the Azure Backup team announced the general availability for backup of Azure IaaS Virtual Machines (VMs) with large disks (1 to 4 TB), both managed and unmanaged. At the same time they released a set of other improvements to speed up the overall backup and restore process.

To enable these new features a one-time, one-directional upgrade must be done for every Azure Subscription where you wish to use these enhancements. Good to know is that this VM backup stack upgrade, can be started from any vault in your Subscription and will retain all your existing policies and recovery points.

 

Upgrade procedure

 

Open the Azure portal and login with you Azure credentials.

Go to your Recovery Services vault dashboard, on the top of the blade you will need to click the banner which says Support for > 1 TB disk VMs and improvements to backup and restore speed ->. If you do need see a banner, you can open Properties, go to VM backup stack and click Upgrade.

clip_image002

image

The Upgrade to new VM backup stack blade will open. Click on Upgrade.

clip_image004

The upgrade procedure will start, be aware that this process could take up to two hours.

clip_image006

Have fun backing up Azure VMs with these new enhancements. Till next time!

Wim Matthyssen (@wmatthyssen)

Azure Tip: How to find your Subscription ID (GUID)

10:00 pm in Azure, Azure portal, Azure PowerShell, Azure Subscription ID, Azure Tip, Microsoft Azure, Subscription ID by Wim Matthyssen

 

The Subsciption ID is a 32-digit GUID, which is associated with an Azure Subscription.  Some situations require you to know this Subscription ID, such as when you open a new Azure support ticket. This post will show you how you can quickly retrieve this ID via the Azure portal or via Azure PowerShell.

 

Azure Portal

Open a New Inprivate window in Edge (or any other browser) and browse to https://portal.azure.com where you Sign in with your account.

Select All services and click on Subscriptions which you can find under the GENERAL field.

clip_image002

A new blade, the Subscriptions pane, will open showing all your subscriptions, select the appropriate one and under SUBSCRIPTION ID you will find the corresponding ID you where looking for.

2018-03-12_21-43-47

 

Azure PowerShell

Open a PowerShell window with Administrator privileges.

Type Login-AzureRmAccount and provide your Azure credentials (email address and password).

clip_image006

When you are logged in, all information of your default subscription will be shown and you can find your Subscription ID in the SubscriptionId field.

clip_image008

When you have more than one subscription you can find the Subscription ID of a specific Subscription by typing Get-AzureRmSubscription. This command will list all of your subscriptions, with details like the SubscriptionId, which are associated with the logged in account.

clip_image010

Hope it helps.

Wim Matthyssen (@wmatthyssen)

Azure Backup Server: SQL 2016 AlwaysOn protection fails with Internal error code 0x80990F75

3:54 pm in 0x80990F75, Azure, Azure Backup, Azure Backup Server, Microsoft Azure Backup Server, Microsoft Azure Backup Server v2, SQL Always On Availability Groups, SQL Server 2016 by Wim Matthyssen

While setting up a new backup job to protect a SQL Server 2016 AlwaysOn Availability Group (AG) using Azure Backup Server (MABS), the job failed and ended up with the Protection Status – Replica is inconsistent.

clip_image002

Because this status does not say a lot about what exactly went wrong, I looked up the Critical alert under the Monitoring tab. There the following more detailed message was shown:

The DPM job failed for SQL Server 2016 database <DBname> on <serverName > because the SQL Server instance refused a connection to the protection agent. (ID 30172 Details: Internal error code: 0x80990F75)

clip_image004

This issue occurs because when you create a new Availability Group by default, the location where backups should occur is set to Prefer Secondary and the setting Make Readable Secondary is set to No, which always results in MABS getting the above error.

clip_image006

To resolve the issue, open SQL Management Studio and connect to server instance that hosts the primary replica. Expand the Always On High Availability node and the Availability Groups node. Click the availability group whose replica you want to change and expand Availability Replicas.

clip_image008

Right-click the Availability Replica, and click Properties (be sure to repeat this steps for all Availability Replicas you want to backup with MABS).

clip_image010

In the Availability Replica Properties dialog box, set the value of the field Readable secondary to Yes. Click OK to save the new setting.

clip_image012

When you now run the Perform consistency check … job on the failed Protected member in the MABS console, the status should end up in OK.

If not, and the status still ends up in Replica is inconsistent, be sure to check out my previous blog post http://scug.be/wim/2017/06/19/microsoft-azure-backup-server-unable-to-configure-protection-for-a-sql-database-id-3170-and-33424/ to see if the user NT Authority\SYSTEM has sysadmin rights on the SQL Server instance(s).

If on the other hand the status ends up in Online recovery point creation failed, just right-click the Protected member again and select Resume azure backups…

I hope this helps and if you have any questions feel free to contact my through my Twitter handle.

Wim Matthyssen (@wmatthyssen)

Azure Interactives

10:46 am in Azure, Azure Interactives, Cloud by Wim Matthyssen

 
Azure is a growing collection of integrated services that IT professionals and developers can use to build, deploy or manage applications in the cloud. With so many services now available, most of the time it is somewhat of a challenge to find the right information. To help you have a clear overview, Microsoft has released a new beta webpage, the Azure Interactives, which will guide and introduce you to all the various services that are available on Azure.

clip_image002

From this interactive page, you can easily navigate to the three experiences listed below, to display and find all information you want.
 

Azure Products

From here, you can easily select a specific Azure product and find all information, documentation and pricing links about it.

clip_image004

Cloud design patterns

This page will give you architecture guidance and lists common problems and patterns for your cloud applications.

clip_image006

Azure security + operations management

This page will give you a guide on how to efficiently manage and protect your Azure and on-premises resources.

clip_image008

Have fun checking this all out.

Wim Matthyssen (@wmatthyssen)

MABS v2: Unable to install DPM Remote Administration console on a W2K8 R2 SP1 server because mi.dll is missing

9:32 am in Azure, Azure Backup, Azure Backup Server, DPM Remote Administration, mi.dll, Microsoft Azure Backup Server, Microsoft Azure Backup Server v2, PowerShell, WMF 5.1 by Wim Matthyssen

While installing the DPM Remote Administrator console on a Windows Server 2008 R2 SP1 (W2K8 R2 SP1) for remote administration of a customers Microsoft Azure Backup Server (MABS) v2, I stumbled upon the below error message, which resulted in the setup being aborted:

The Program can’t start because mi.dll is missing from your computer. Try reinstalling the program to fix this problem.

clip_image002

This error shows up because one of the following requirements is not installed: Windows Management Framework 4.0, .NET Framework 4.0 or Visual C++ Redistributable for Visual Studio 2012 Update 4

needs to be installed to be able to deploy the DPM Remote Administration console on a W2K8 R2 server.

To fix the issue, I checked if all latest Windows Updates were installed. Afterwards I installed the Windows Management Framework 5.1 (WMF 5.1), .NET Framework 4.0 and the Visual C++ Redistributable for Visual Studio 2012 Update 4 on the W2K8 R2 SP1 server, which can be downloaded from the link above. To ease up and to automate the installation, you can use the below PowerShell script (copy and/or save as .ps1) to get things downloaded somewhat faster.

clip_image004

When the C:\Temp folder opens after the downloads, run Install-WMF5.1.ps1. (PowerShell window with Administrator privileges) to install WMF 5.1

clip_image006

clip_image008

clip_image010

clip_image012

Before rebooting, also run the two other packages, dotNetFx40_Full_setup.exe and vcredist_x64.exe (if required). When done reboot the server.

clip_image014

When the server is rebooted, check if mi.dll exists under C:\Windows\System32.

clip_image016

You can now start Setup.exe (Microsoft Azure Backup Server folder) and start the DPM Remote Administration installation.

clip_image018

clip_image020

Hope this post helps whenever you face the same problem.

Wim Matthyssen (@wmatthyssen)

MABS v2: Error [0x8007007b] when performing a System State Backup on a DC running on a VMware VM

8:33 am in Azure, Azure Backup, Azure Backup Server, Cloud, Error [0x8007007b], MABS, MABS v2, Power, PowerShell, VMware by Wim Matthyssen

While configuring a Microsoft Azure Backup Server (MABS) v2 at a customer site, I encountered a problem while performing a System State Backup of their domain controllers (DC’s). The Protection Status showed Replica is inconsistent.

clip_image002

When looking in the Monitoring tab, following detailed message is show:

DPM cannot create a backup because Windows Server Backup (WSB) on the protected computer encountered an error (WSB Event ID: 517, WSB Error Code: 0x605A140).(ID 30229 Details: Internal error code: 0x8099ED0)

clip_image002[6]

Because the first part of making a System State Backup is done by the local Windows Server Backup (WSB) feature, logon to the protected server and open Windows Server Backup (Server Manager – Tools – Windows Server Backup). There a message was shown indicating that the last backup has Failed.

clip_image006

To view the error message a bit more in detail, open the Windows Server backup log file (with the exact date and timestamp) located in C:\Windows\Logs\WindowsServerBackup.

clip_image008

In the log file the following error message was shown:

Error in backup of C:\windows\\systemroot\ during enumerate: Error [0x8007007b] The filename, directory name, or volume label syntax is incorrect.

clip_image010

When looking in the Event Viewer (Application log) I could also find the following errors (CAPI2 – 513, Backup – 517):

Event ID 513

Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:

Access is denied.

Event ID 517

The backup operation that started at ‘‎2017‎-‎11‎-‎16T15:16:22.000076700Z’ has failed with following error code ‘0x80780049′ (None of the items included in backup were backed up.). Please review the event details for a solution, and then rerun the backup operation once the issue is resolved.

clip_image012

clip_image014

Because all those errors descriptions do not really tell you what exactly is going wrong causing the backup to fail, you need to use the Diskshadow command-line tool to determine if there is an issue with the functionality of the VSS service or any of the application independent VSS writers.

To open the Diskshadow tool interface start PowerShell with elevated privileges and enter the below commands to write the output to a logfile.

clip_image016

When the logfile (c:\out.txt) is created open it with notepad and search for \\.

clip_image018

clip_image020

In my case, I found out there was an issue with the vsock.sys driver, which is part of the VMware vSockets Service and which is usually located in the C:\Windows\system32\drivers folder.

To fix the issue open the Registry Editor and go to the following location, HKLM\system\controlset001\services\vsock and changed the Start value to 1.

clip_image022

clip_image024

clip_image026

Also change the ImagePath entry from \SystemRoot\system32\DRIVERS\vsock.sys to system32\DRIVERS\vsock.sys.

clip_image028

clip_image030

When you have changed all those registry keys, logon to your MABS server and right click the failed System State backup and Perform a consistency check… (be aware that this could take a while). If the fix also solved your issue it would show OK when completed.

clip_image032

clip_image034

Hope this helps whenever you face the same error in your MABS environment. If you have any questions feel free to contact me trough my Twitter handle.

Wim Matthyssen (@wmatthyssen)

MABS v2: Creation of a Protection Group fails with error 33507 related to running Trend Micro Antivirus

9:39 am in Azure, Azure Backup, Error 33057, MABS, Microsoft Azure Backup Server, Microsoft Azure Backup Server v2, PowerShell, Trend Micro by Wim Matthyssen

Last week while assisting a customer with the deployment of a new Microsoft Azure Backup Server (MABS), I ran run across error 33507 when creating a new Protection Group.

clip_image002

In the Event Viewer on the MABS error 370 was shown several times.

clip_image004

After troubleshooting for some time, I finally found out the problem was caused by the Trend Micro antivirus (version 12.0.1708) running on the MABS. The issue is caused by an incompatibility between Trend Micro and the DPM filter driver.

clip_image006

When the antivirus was disabled MABS was able to create the Protection Group. But because running a server without an antivirus solution is not an option you can resolve the issue by adding the following registry key on any MABS server running with Trend Micro.

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TmFilter\Parameters
Add DWORD (32 bit)
BypassDPMfilter, vaule of 1

You can add the registry key quite easy by running the following PowerShell one-liner (run PowerShell as an administrator).

clip_image008

After adding the registry key, reboot the server and try the process of creating a Protection Group all over again. I should work now.

Lesson learned, sometimes it’s the easy stuff. Disabling antivirus during a backup problem is often step 1. Now it was more like step 10 but at least in the end it helped fixing the issue. Till next time.

Wim Matthyssen (@wmatthyssen)