- Hits: 227
To check version of currently installed module:
To install module:
If you need to first uninstall existing older version:
To login to Azure:
Once you are logged in is always a good idea to check what subscription you are defaulted to. This is important in case you have multiple subscriptions. You would not want to accidentally run certain command on a PROD subscription for example.
You can switch to different subscription with:
For more details see this link.
- Hits: 360
I finally decided to connect my home lab to Azure via Site-to-Site VPN. There are two basic flavors to choose from. Route based or Policy based. The choice depends partly on your needs but also your equipment. I would first start by searching for your edge device on this list. Note that just because your device is NOT listed doesn't mean you can't make a VPN connection. My Ubiquiti EdgeRouter is not on the list but I was able to get a connection using a Policy based VPN. For a lab a policy based is just fine, for a company or enterprise you will want a route based VPN or Express Route. I will paste the configuration I used below but want to first give credit to Netonkel Tech Blog. I tried a few different configurations I found online and none worked until I found his. My Ubiquiti Edge Router is running the latest firmware as of this writing v188.8.131.52.
STEP 1 - Configure Azure VPN:
The first step is to create your Virtual network gateway in Azure. I will assume you already have your VNETs and subnets configured. Remember that for a VPN you will need to create a Gateway subnet from the portal, POSH, or CLI. The name of the subnet is always GatewaySubnet.
Next we create a Virtual network gateway. The key parameters here are Gateway Type which for this case is VPN. The VPN type depends on your device (Where you will terminate VPN), in my case Policy-based. Choose your Virtual Network, Public IP, and finally location. Click Create button and wait ~45 minutes for completion.
Now we must create a Local network gateway, this is the information about your on-prem network. You will need to provide a Name, IP address (This is the public IP of your firewall/router), and Address space (This is your on-prem subnet i.e. 192.168.44.0/24).
Once you have a local network defined we can go back to Virtual network gateway and click Connections and Add button at top to create our new connection. You will need to provide Name, Connection Type, choose the existing Virtual network gateway, Local network gateway and finally provide a Shared Key (This is the password for the VPN Tunnel.)
STEP 2 - Configure On-Prem VPN:
Now we can SSH over to your edgerouter to create our tunnel. Be sure to enter configure mode first.
Always remember to commit and save your config.
STEP 3 - Check Status:
Finally we can check status of VPN on both sides. On Azure Portal you can go to the Virtual network gateway and click Connections an verify you see "Connected". See below.
Or from the edge router run:
- Hits: 287
PowerShell v5.0 on windows 10 adds syntax highlighting to your code. If you update your Windows 7/8 or Server 2008 R2/2012 R2 to .Net Framework 4.5/6 and WMF to 5.0 you will NOT get syntax highlighting. To add this feature launch PowerShell as Administrator and run the following command:
Restart PowerShell and you should now see syntax highlighting.
- Hits: 892
The following are simplified notes on patching a simple Lync 2013 Enterprise estate. For detail instructions always use: https://support.microsoft.com/en-us/kb/2809243.
- Login to first Lync server you wish to upgrade using the Lync Admin account. This account should be local admin and also have the necessary SQL rights if you are planning on updating the Database schema.
- I like to verify what version my current Lync tools are. Use the following PS Script:
- Next run the following command to verify Lync is in a "ready" state for upgrade.
- Start upgrade on the first server in the first Upgrade Domain. Be sure to login using the Lync Admin account. If you plan to update the database schema once Lync Servers are all upgraded be sure the Lync Admin account has the necessary SQL rights. Run the following command to stop all Lync services:
- Once all services are stopped you may run the Lync Server Cumulative Update Installer. Be sure to always check for latest version as the tool does get upgraded.
- When updates finish reboot the server. Login and run the command from step two above if you wish to verify versions installed. Your output will vary from image below.
- Repeat steps 1 - 6 for each Lync server you have in your estate. Work your way out from Front-End server to Edge server always waiting for a "Ready" state before continuing. If you do not you may cause corruption.
- When all Lync servers have been successfully upgraded you must check to see if a database update is necessary. Run the following command to verify.
If upgraded is needed run:
Pay attention for success messages and run the "Test-CsDatabase" again to verify. That's it. You're done!
- Hits: 809
There may be times when you need to PS Remote to a server from a computer that is not in the domain. I have a new laptop that I have decided to keep off my domain. Here are the steps required to allow my Win8 PC to PSRemote to a 2012 R2 server.
1. On the Win8 computer run the following commands:
2. On the 2012 R2 Server run the same commands:
You may consider setting a value for TrustedHosts on the server. This will provide higher level of security. Value should be IP Address.
3. Verify WinRM service is running by running the following command from elevated PS session:
That should do it. You should be able to connect from the Win8 PC by entering the following in PS session:
Two things to consider. You must use a variable for credentials. Using the -credential parameter and passing it a value inline does not work. Not sure if this is a bug. Also, to use the -UseSSL parameter you must configure a port. I have not shown you how to do that here.