Author: rzomerman

  • Azure Stack Development Kit – Unable to place Virtual Machines

    If you are playing around with Azure Stack Development Kit, you might come across the following error: While the error states: Unable to place Virtual Machines for specific class and size due to low memory capacity my immediate thought was to check the memory utilization on the host: With over 73Gb of memory left, I…

  • Azure Stack Development Kit – BGP

    Now that we have our Azure Stack Development Kit in routing mode, we can also send the BGP information from within the Stack to the Juniper Firewalls (or any FW you have..). This will ensure that the new “external IP addresses” that are assigned to our workloads are accessible via our intranet route information and…

  • Azure Stack Development Kit – Routing Mode (removing NAT)

    When you install Azure Stack Development Kit it is a completely isolated service with multiple networks. It means that your Azure Services (such as ADFS, the portal and AD) are not available outside of the box at all. But what if you wanted to use the Azure Stack DK from multiple computers?  or in our…

  • Azure Stack Development Kit – Deployment overview (troubles)

    Side Note: The experience of ASDK as described in this post are based on the late July bits of Azure Stack on a Dell T710. Future experience might (I certainly hope so..) be better and more integrated..  The T710 described in an earlier topic was purchased to run Azure Stack. And while I’m still waiting…

  • Azure AD – PtA – SSO – Office 365 ProPlus Auto Activation

    You invested in Office 365 for you users, but you don’t want to annoy them with prompts where they have to put their usernames and passwords in, certainly as you have domain joined devices. For Office 365 ProPlus License Activation utilizing the SSO capabilities, you either had to put in an ADFS infrastructure or.. available…

  • Azure AD – Pass-through Authentication SSO – reset password

    We’ve already covered Azure AD PtA with SSO. Where a local computer object is created in your on-premises AD to help with the authentication. While the password of the object is changed periodically.  Many organizations have the requirement to reset the computer password on the fly or at a faster interval. Microsoft has released a…

  • The hardware

    Sometimes I get the question; what do you work with.? as in .. which computers.. and to provide an answer: This “oh look at my hardware” post.. or more like “the hardware pissing contest equivalent” on many of the blogs.. In short, I don’t like to buy brand new stuff.. its expensive, it looses value like…

  • Multi-domain ADFS with alternateID login

    So, I got a question the other day on using ADFS in combination with some 3rd party applications in a very large AD environment. Basically the problem statement was: “ we don’t want to use UPN and we don’t want to use domain\username. Users should be able to login using either (only) their employeeID or…

  • Azure AD Lockout configurations – avoiding AD account locks

    On Monday morning, the office opened, and everyone tried to login to their computers, however no-one seemed to be able to login. The helpdesk was quickly flooded with calls and it seems everyone’s account was locked-out. It could happen to almost every company that does not have a good policy on lockouts. Hackers try as…

  • Azure AD Dynamic Group Membership on Custom attributes

    In Azure Active Directory you have the option to create dynamic groups. These are groups where members are added based on a formula that uses the attributes known on a user object in Azure AD. For example you can create a dynamic group of all users that have a specific job title: But what if…

  • Your applications in a Cloud World

    The existing method of controlling user accounts and workstations in another mayor (and smaller) company is usually based on the proven technology of Active Directory. The advantage of domain joined workstations is that it is easy for IT to impose limits and enable features that make it easy for users to start working. Mapped drives,…

  • ADLS: The portal is having issues getting authentication tokens….

    The portal is having issues getting authentication tokens for Microsoft_Azure_DataLakeStore a common error that happens under certain conditions and only if you did not read my previous post azure-data-lake-managing-data-access. In short, the error comes when the ADLS administrator has added your account to ADLS without adding the user to Azure AD (inviting you as a guest).…