Latest Posts

PowerShell function to enable WinRM over HTTPS on an Azure Resource Manager VM

You may have seen my previous posts detailing how to enable WinRM over HTTPS on an Azure Resource Manager VM. I have now collated all the different bits of script and creates a single PowerShell function. The function is called Configure-WinRMHTTPS, and is as follows: Once the function is loaded you must login to Azure. Then the function can be executed: My next post will cover submitting the function to the PowerShell Gallery.

Create a Custom Script Extension for an Azure Resource Manager VM using PowerShell

Following on from my previous two posts regarding WinRM over HTTPS the next stage was to automate the steps that needed to be carried out inside the Azure VM. In my original post I had a mix of PowerShell, command prompt and copy and paste! Andy Slowey provided me with the following PowerShell to optimize the WinRM over HTTPS server side configuration: In search of going one better, I decided to find a way to avoid the need to use RDP so that the whole process could be automated. Scripts can be executed within an Azure VM without logging into…
Read more

Create a Network Security Group Rule using PowerShell

My last post, http://www.techdiction.com/2016/02/11/configuring-winrm-over-https-to-enable-powershell-remoting/, covered enabling WinRM over HTTPS on an Azure VM. After forwarding the steps to colleagues it was pointed out that some of the steps could be simplified with some PowerShell. My next couple of posts will cover how different parts of my initial process could be automated, starting with creation of the network security group rule. I want to say thanks to Andy Slowey, Technology Specialist at Microsoft Research who suggested some improvements, carried out some testing and ironed out some of the bugs in my PowerShell. The PowerShell below creates the network security group rule for…
Read more

Configuring WinRM over HTTPS to enable PowerShell remoting

Note: After making this post I created some additional posts describing how to automate this process further using PowerShell. The final post in the series is here: http://www.techdiction.com/2016/02/12/powershell-function-to-enable-winrm-over-https-on-an-azure-resource-manager-vm/ which includes a function to carry out the below without the need to log onto the server or portal. PowerShell remoting allows machines to be remotely managed using PowerShell. PowerShell remoting is commonly used with virtual machines running on Azure. When we create a classic/service manager VM on Azure it is automatically configured with a WinRM endpoint so that we can connect using PowerShell remoting. However, if we create a VM using Resource…
Read more

Connecting Azure App Service to VNet using Point to Site VPN using PowerShell

It is possible to connect Azure App Services that are on Standard and Premium plans to a virtual network using a point to site VPN. Unfortunately although it is reasonably straightforward in the portal there isn’t much documentation around on how to do this using PowerShell. In response to a forum post, https://social.msdn.microsoft.com/Forums/en-US/2417fc64-e8d3-4b15-a493-7524f7d4961e/join-a-web-app-to-a-vpn-in-azure-through-powershell-script I created the connection with some help from https://resources.azure.com/.  The solution isn’t a work of art but hopefully enough to put people on the right track. First you need an existing VNet with P2S configured. If you haven’t done that already I suggest reading my previous post – http://www.techdiction.com/2016/01/12/creating-a-point-to-site-vpn-connection-on-an-azure-resource-manager-virtual-network/ Then use…
Read more

Creating a Point to Site VPN connection to an Azure Resource Manager Virtual Network

I have been helping out on the MSDN forums and came across a post where a user was struggling to create a Point to Site (P2S) VPN connection to an Azure Resource Manager (ARM) Virtual Network – https://social.msdn.microsoft.com/Forums/azure/en-US/567b968e-aa50-4ee4-b554-af09c54a40e0/routing-in-azure-between-pointtosite-and-sitetosite-networks?forum=WAVirtualMachinesVirtualNetwork. At the time of writing it is not possible using the portal. I had a look at the ARM PowerShell commands and found the command Set-AzureRmVirtualNetworkGatewayVpnClientConfig  but failed to find any documentation. I set about the task of working out how to do this. Gateway Subnet The Virtual Network Gateway must connect to a subnet named GatewaySubnet. I created this using the…
Read more

Azure DevTest Labs – First impressions

I’ve written a couple of blog posts in the past about scheduling Azure VMs to turn off at a certain time of day. I use this functionality to ensure I don’t use all of my MSDN credit while carrying out testing on Azure. Microsoft have recently announced a new solution that will help address this challenge, the solution is called Azure DevTest Labs. You can sign up to the preview of here: https://azure.microsoft.com/campaigns/devtest-lab/ . Once enrolled in the preview DevTest labs can also be created by searching in the Azure marketplace by searching for “DevTest”: The focus on Azure DevTest…
Read more

First Steps with Microsoft Operations Management Suite

I’ve worked with System Center Operation Manager (SCOM) in the past to manage on premise infrastructure. Microsoft Operations Management Suite (OMS) is a relatively new offering that is focused on monitoring hybrid cloud environments. I like to think of it of a cloud version of SCOM, although it actually enables data from SCOM to be sucked into it for additional analysis so is a lot more. It is worth noting that OMS is a number of Azure services bundled together including: Operational Insights Backup Site Recovery to customer owned sites Site Recovery to Azure Automation All of the components parts of OMS are also available as standalone…
Read more

Microsoft Ignite: The beginning of the end for Windows Server?

When I visit conferences such as Microsoft Ignite I often choose sessions because of the speakers. However I also ensure I attend a number of sessions covering new and updated technology, the things I see as game changers. The technologies I focused on were Azure, in particular Azure Active Directory and a couple of more general Windows Server sessions. Here’s my main takeaways and personal opinion how the development of these technologies will change the look of IT and in particular Windows Server as we know it today. I primarily work with organisations for whom the public cloud is a…
Read more

Azure PowerShell error: The subscription is not entitled to use the resource

This is an error I’ve seen quite a few times. Every time I see the error it takes me a while to remember what the issue is, hopefully this post will help me remember one of the causes. I had successfully authenticated to my Azure Subscription using Add-AzureAccount and  ran the following to create a new Site Recovery Vault: The error returned was: New-AzureSiteRecoveryVault : Operation failed. ClientRequestId: ForbiddenError: The subscription is not entitled to use the resource At line:1 char:2 + New-AzureSiteRecoveryVault -Location $Region -Name “RecoveryVault” + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : CloseError: (:) [New-AzureSiteRecoveryVault], SerializationException + FullyQualifiedErrorId : Microsoft.Azure.Commands.RecoveryServices.CreateAzureSiteRecoveryVault…
Read more