Author: rzomerman

Azure Availability Sets & Azure Capacity

How to move a large number of VM’s between AVsets This topic is to introduce a new script that helps with deployments in Azure Availability Sets, I actually had a few reasons for writing the script, Capacity Errors and Proximity Groups AV Set Capacity When you deploy a new VM to an Availability Set in, […]

Read more

Azure AD – Domain services preview features

There are 3 (relatively) new functions in Azure AD Domain Services. Both in preview at the time of writing but combining all can unlock new functionality. This post will go over the following items with regards to Azure AD – Domain Services What’s new in Azure AD – Domain Services Force trust creation with AAD-DS/ADDS […]

Read more

Windows Virtual Desktop – Group Sync script

In my previous post, you read about how to setup a full WVD environment. As you may have noticed, providing permissions to the applications or desktops can only be done using PowerShell (at the time of writing this article). This was a bit odd for me, as many enterprises use AD / AAD groups to […]

Read more

Windows Virtual Desktop

There are many tutorials already on WVD, but none that satisfied my needs for a full configuration with custom image. So why not create one myself….. This tutorial describes the implementation of a Windows Virtual Desktop from a custom image up to publishing applications / desktop. Let’s first take a look at some of the […]

Read more

F5 – Allowing AAD Guests Kerberos Access

F5 – KCD – AAD – B2B In my last post I gave you a script that allows the automatic creation of B2B users in your local AD to enable you to publish (on-premises) Kerberos applications using Constraint Delegation. In this post, we will enable an F5 to use this setup to actually publish the […]

Read more

B2B Users & INternal apps

AAD B2B & AD KCD – AAD App Proxy In a previous post I talked about using Azure AD App Proxy in combination with B2B accounts. This is to allow B2B invited guest users to be able to connect to internal applications using Kerberos, without them knowing their sAMAccountName or password. In that post, I […]

Read more

Azure KeyVault BYOK

In a previous post I went into the cloud encryption architectures. One of the topics in the post was the use of your own keys in KeyVault. In this post I’ll go hands-on with an nCipher HSM that their team graciously gave me….. (ok I borrowed it and I have to give it back..) to […]

Read more

Privately moving data to Azure Storage

Azure Storage is awesome it’s a durable, highly available, massively scalable cloud storage solution with public endpoints. But what if you don’t want public endpoints. What if you want a private endpoint only? A customer asked me, how can I copy data using Azure Data Factory over my ExpressRoute link to my Azure Storage account […]

Read more

AZ Cleanup

I already published a script for cleaning up Azure resources, but found that with the introduction of the new AZ commands and later versions of the PShell CMDLets it was getting out of date fast. So I worked on a new module (.psm1) to replace it and give me more freedom to use the unused […]

Read more

F5 BIG-IP & AAD & KCD Simplified

With the release of an Application in Azure AD, the configuration of F5 publishing Kerberos backend applications have just been made a whole lot easier. This we cover in this post, but as an added bonus, the previous post adds the possibility of authenticating (Forest) trusted users on the same backend server using KCD (although […]

Read more