PowerShell for Azure Active Directory (AAD) and Office 365

Well, this is just some notes on how to prepare PowerShell to manage Azure Active Directory and Office 365. But similar to connecting to AD in Azure, you also need to go through these steps to connect PowerShell to an Azure subscription.

This is quite interesting actually when I put them together. As AAD still has two active environment versions, same as Azure console – Classic and RM – they belong to different logins, a little confusing to admins. Also PowerShell modules need to be installed and updated to enable different cmdlets set in order to manage different products – cloud, non-cloud, 3rd-parties like AWS, etc. So when something is not working, maybe you are in a wrong dimension or Microsoft wants you to update the binary you are using.

Azure Subscription AAD Module v1 (MSOnline)
– General Availability version
– Public Preview version
AzureAD v2
– General Availability version
– Public Preview version
Pre-requisites:
– Install lastest Azure Tools using Web Platform Installer
> Add-AzureAccount
> Get-AzurePublishSettingsFile
image
> Import-AzurePublishSettingsFile
> Select-AzureSubscription
Pre-requisites:
MS Online Services Sign-in Assistant
Windows AAD Module for Windows PowerShell
Pre-requisites:
PowerShellGet
image
Step 1: Install Azure PowerShell
Install-Module AzureRM
Download and install Azure AD Connect (.msi)
Update AAD Module > 1.0.8070.2
Download from PS Gallery
Install AAD Module
Update AAD Module
Step 2: Connect to an Azure account
Login-AzureRmAccount
Connect to Azure AD

$Msolcred = Get-credential
Connect-MsolService -Credential $MsolCred

Connect to AAD

$AzureAdCred = Get-Credential
Connect-AzureAD -Credential $AzureAdCred

Step 3: Run Azure PowerShell cmdlets

v1 cmdlets are here v2 are here
More information: PowerShell Gallery Office 365 PowerShell

One more thing: remember to check the update time of anything posted online, those older than 3 months might be useless.

How to enable telnet client using PowerShell

Telnet is a quite useful connecitivity verification tool, especially during the system set up or troubleshooting. For some reason, mostly security concern, this feature is disabled since Windows Server 2008. But when you want a quick check, it’s really a pain to open the Server Manager and click, click, click… Fortunately we have PowerShell. So here is the one-line command to turn it on:

Add-WindowsFeature telnet-client

And another command to turn it off, before you log-off:

Remove-WindowsFeature telnet-client

Very cool!

Windows 2012 R2 Preview Web Application Proxy – Exchange 2013 Publishing Tests

Need a close look, either continue to use MS technology, or switch to others after Forefront phase out.

Kloud Blog

==================
Updated: 10 September 2013

==================
Updated: 15 July 2013

  • I have heard from a member of the Web Application Proxy product group who said there is a bug in the Preview version that prevents Outlook Anywhere from working. They say it will be fixed in the RTM version
  • Lync 2013 and  Office Web Apps 2013 have been tested and work with some configuration changes. See http://blog.kloud.com.au/2013/07/15/publish-lync-2013-with-2012-r2-preview-web-application-proxy/ 
  • ActiveSync does not support SNI so a default binding needs to be set on the Web Application Proxy as per the post above to make it work
  • Clarification about ADFS being a hard requirement for the Web Application Proxy, even if only doing pass-through
  • Clarification about modifying published applications
  • Clarification about case sensitivity

==================

View original post 2,382 more words

RDS 2012: Profile Disks and Temp Profiles

Still need to find out how to clean up the uvhd files.

~ Anand, the Architect ~

The huge pain with using Profile Disks in Windows Server 2012 RDS is to dealing with TEMP profiles. When the user’s profile corrupts and started creating TEMP user profiles, Admins has to deal with fixing the issue and it’s NOT easy. But if you want to know how to fix it, here it is.

1. Delete User’s profile disk (.VHDX). To find the user’s correct profile disk, you have to check the NTFS security tab in properties of the xxxxx.vhdx file.

image

2. Check all Remote Desktop Session Host servers C:Users folder to check which server has the corrupt user profile. (hint: check sessionhostc$users from your computer)

3. Once you find the server, Remote desktop to that server. You will see the following event log message on that server in System Logs.

Remote Desktop Services could not apply a user desktop for a user account with a SID of <GUID>. A…

View original post 85 more words

Microsoft Azure Architecture Blueprints & Free Visio Symbols

Build Azure

AzureBlueprintThumb2

Microsoft distributes some really nice looking Azure architecture diagrams / blueprints (like the one on the right) in various materials and even includes them in keynotes, presentations and other places. These really seem like they must be created with Photoshop by a graphic designer. However, this is not the case.

These architecture diagrams are created using Visio! If you have Visio, you too can get your hands on the various assets necessary to create your own awesome architecture diagrams like these!

View original post 152 more words