Recent Discussions
Standardization on the lowest sku for App Service Plan
Hi, Do you know if it's possible to standardize on the lowest SKU of an App Service Plan Premium V3 (P0v3) and then purchase reservations? Would these reservations be usable on P2v3 and P3v3, provided that the VM type is the same within all the SKUs?Identify TLS version of successful connection to Azure SQL Database (PaaS)
Reference: Azure support for TLS 1.0 and TLS 1.1 will end by 31 October 2024 If I look at the metrics for "Successful Connections" and split them by TLS version for a user database, I see that 100% of the connections come with TLS version 1.2. I checked for "Failed Connections: System Errors" and "Failed Connections: User Errors"; both are zero. For Azure SQL Database (PaaS), when I run this in the log analytics workspace, I see only the TLS columns populated for the MASTER database and not the user databases. AzureDiagnostics |project TimeGenerated, ResourceId, Resource, client_tls_version_d, client_tls_version_name_s Question: Why _ client_tls_version_d, client_tls_version_name_s _columns are blank for the user database?
Unable to connect Azure Desktop
Yesterday I installed OPENVPN and configured it to run without user interruption, after restarting the machine unable to connect azure desktop. Under the host pool all health showing good except. UrlsAccessibleCheck Failed This health check verifies that the required AVD service and Geneva URLs are reachable from the session host, including the RdTokenUri, RdBrokerUri, RdDiagnosticsUri, and storage blob URLs for Geneva agent monitoring. If this check fails, it may be fatal. To resolve this, you'll need to reconfigure your networking, firewall, or proxy settings to unblock the following inaccessible URLs: 607547e3-415a-4da6-bfcd-719dc9d86871.rdbroker-g-us-r1.wvd.microsoft.com 607547e3-415a-4da6-bfcd-719dc9d86871.rdbroker.wvd.microsoft.com 607547e3-415a-4da6-bfcd-719dc9d86871.rddiagnostics-g-us-r1.wvd.microsoft.com
AVD with HP ThinPro (linux) no webcam in MS Teams
Hello everyone, we will use our thinclients (HP) with ThinPro(Linux) to connect to Microsoft AVD. All works fine, but when i try to use a local USB-Webcam for MS Teams, it will not run. Does anyone have information to make this going? Many thanks for your help Best regards, ThomasAZ-700 Step by Step Guide for Azure Private DNS
This article is part of our AZ-700 series, offering a step-by-step guide on configuring Azure Private DNS, based on the tutorial available on YouTube. I highly recommend watching the video to gain a solid understanding of the concepts covered in this article. Through this guide, you'll gain hands-on experience in setting up and managing Azure Private DNS, enabling efficient DNS resolution, network segmentation, and seamless automation within Microsoft Azure. In today’s cloud environment, managing network resources and ensuring secure connectivity across virtual networks (vNets) can be complex, particularly when DNS management comes into play. This article provides a comprehensive, hands-on guide to setting up and configuring Azure Private DNS for efficient DNS resolution, network segmentation, and seamless automation in Microsoft Azure. Follow along as we explore the essential elements, from linking vNets and subnets to DNS automation. Why Azure Private DNS? Azure Private DNS allows you to manage and resolve DNS names within a virtual network without exposing them to the public internet. It simplifies domain name resolution, enhances security, and enables automation for dynamic environments. Key benefits of using Azure Private DNS: Dynamic DNS Management: Automatically updates DNS records for new or deleted resources, eliminating stale or "dangling" DNS entries. Domain Delegation: Allows centralized DNS management by delegating your corporate domain to Azure Private DNS. Enhanced Security: DNS records are automatically removed when resources are deleted, ensuring up-to-date and secure network configuration. Quick Recap: Azure Networking Fundamentals Before diving into Azure Private DNS, let’s revisit some foundational concepts from our previous discussions: vNet (Virtual Network): Similar to a traditional VLAN but without broadcast support, a vNet enables secure and scalable resource management. Subnet: Subdivision within a vNet, allowing more granular control over resource segmentation. Azure allows you to set up a single vNet with multiple subnets, maximizing network organization and security without the broadcast overhead typical in traditional networks. Step 1: Understanding Azure Private DNS Azure Private DNS enables the automatic registration of DNS names for resources within your vNet. For example, when you create a virtual machine (VM) in a vNet linked to a private DNS zone, the VM’s name and IP address automatically register within the zone. This streamlines DNS management, especially for dynamic environments where resources are created and deleted frequently. Key Features Automatic DNS Registration: Automatically updates the DNS zone with new or removed resources. Domain Delegation: You can delegate your corporate domain to the private DNS zone, managing DNS records centrally within Azure. Support for All DNS Record Types: Azure DNS supports a full range of DNS records, including A, AAAA, CNAME, and MX records. Step 2: Setting Up the Private DNS Zone 1. Create a Private DNS Zone In the Azure Portal, navigate to Private DNS Zones and create a new zone. Define a name for the DNS zone, such as yourdomain.private. Deploy the DNS zone and navigate to the resource. 2. Link vNets for Automatic DNS Registration Within the Private DNS Zone resource, select Virtual Network Links to connect vNets to the DNS zone. For each vNet (e.g., Core Services, West Europe, Asia), specify the vNet link and enable Auto Registration. This enables seamless DNS name resolution across linked vNets and allows automatic DNS record updates when resources are created or deleted. Step 3: Verifying DNS Resolution and Connectivity Verify DNS Records in the Private DNS Zone: Go to DNS Management under the Private DNS zone and check that the A records for the VMs appear. Connect to VMs via DNS: Use Remote Desktop to access one VM, then attempt to connect to the other VM by its DNS name (rather than IP address). This confirms that the Private DNS setup allows for name-based connectivity. If issues arise (e.g., timeouts), ensure that firewall settings permit connectivity between the VMs. Step 4: DNS Zone Peering Across Regions With Azure Private DNS, you can link vNets across different regions, allowing resources in different geographic locations to resolve names and connect seamlessly. Link vNets Across Regions: Connect the vNets in regions like West Europe, East US, and Asia to the Private DNS zone. Verify Regional Connectivity: From a VM in one region (e.g., Asia), test connectivity to a VM in another region (e.g., East US) using DNS names. Azure Private DNS allows DNS name resolution across regions, ensuring consistent and reliable network connectivity. Summary Setting up Azure Private DNS is a powerful way to automate and centralize DNS management within a virtual network environment. This guide provides a practical framework for deploying Private DNS zones, linking vNets, and verifying connectivity. By configuring Azure Private DNS, organizations can streamline DNS management, secure network configurations, and enhance connectivity across geographically dispersed resources. Next Steps In future tutorials, we’ll explore VNet peering for advanced network configurations, allowing secure communication between isolated virtual networks. Be sure to subscribe and stay tuned for more Azure networking tips and tricks! Let’s enhance your Azure network management with practical, hands-on solutions.
Enable ADDS authetication fails
I am trying to execute the Enable ADDS authentication using Azhybridfiles module. when I try to execute the command Join-AzStorageAccount ` -ResourceGroupName $ResourceGroupName ` -StorageAccountName $StorageAccountName ` -SamAccountName $SamAccountName ` -DomainAccountType $DomainAccountType ` -OrganizationalUnitDistinguishedName $OuDistinguishedName it keeps on progressing with below warning but the progress stuck without completing or any error message.
Error on .appv file expand for App Attach
Hi, I try to create an App Attach package from App-V package. On expand step I get an error in some cases: The gateway did not receive a response from 'Microsoft.DesktopVirtualization' within the specified time period. Status: 504 (Gateway Timeout) ErrorCode: GatewayTimeout I noticed that expanding file of small size works corectly, i.e. .appv files of Notepad++ and Greenshotapp is 11 and 13 Mb. However, expanding file of larger size fails with that error after some time, i.e. .appv file of VLCMediaPlayer++ is 200 Mb, JGraphDrawIO is 400 Mb, Image Glass is 111 Mb. Expanding VHDX files of large sizes from same file share and with same host pool works correctly. The problem is only with .appv.
Network Design Ideas for VMs in Azure
Hello, I am analyzing the current Azure environment at my new job and trying to figure out the architectural choices mostly networking wise. Currently, we have 10 VMs and each VM has its own VNet and they are all in the same region. In my experience so far, I have never seen such network design in Azure before. If all VMs are in the same region, we could have one Vnet and utilize subnets and NSGs to segment the VMs and control the traffic. Having so many different VNets makes it very complex to manage. Looking for opinions what other people think. Is this just a bad design or just to keep the VMs separate from each other.Best Practices for Designing a Hub-and-Spoke Architecture in Azure
A Hub-and-Spoke architecture is a widely used networking topology in Azure that helps organizations centralize network management, enhance security, and optimize connectivity. However, designing an efficient Hub-and-Spoke model requires careful planning regarding network security, scalability, and cost optimization. What are the core components of a Hub-and-Spoke architecture in Azure? What factors should be considered when designing the hub (e.g., Virtual Network Gateway, Firewall, Security controls)? What are the key challenges you've encountered while implementing a Hub-and-Spoke architecture in Azure, and how have you addressed them?
Limiting CPU / Memory usage on a per user basis
Anybody have any experience or tips on how to limit how much CPU / memory a single user can take? I wasn't sure if that was an FSLogix function or something with Windows Virtual Desktop. I got FSLogix working via the steps below to limit how much space a single profile can take, but I'm still learning :): https://docs.microsoft.com/en-us/azure/virtual-desktop/create-host-pools-user-profileAzure Virtual Desktop - Black Screens on logins - What we've tried so far
TLDR - Azure Virtual Desktop Black Screens. Could be 2 Min long, could be much longer. Tried removing stuck profiles, spun up all new VMs to see if that would fix it, finally disabled an application service that was polluting the Event logs constantly with appcrashes. Hoping that maybe the event logs weren't able to keep up so we had a black screen while events caught up. Grasping at straws. We started getting reports of black screens when users login to one of our AVD Host Pools. Our users are using FSLogix for profiles, but we've also seen the issue when logging via RDP with a local admin account. We tested and saw similar results where you login, FSLogix Prompt goes by, then to Preparing Windows, then black screen. In a normal login, this black screen will last 10-20 seconds before desktop comes available and user can begin their session. With this issue, we were seeing black screens that just stayed there until you forced a logout of your account. We saw some profile issues with the VMs in the pool appearing to be stuck on a VM when it should be removed upon logoff with FSLogix and we saw some stuck local_username FSLogix profiles still in the users folder. Instead of finding the needle in a haystack, we spun up a new group of VMs and put the others in drain mode / excluded. With the new VMs, logins from RD Client were working fine yesterday afternoon, evening and this AM. But later in the morning, we saw some issues with users getting a black screen lasting 90 sec - 2 min before desktop loaded in. I had it happen to me when logging in, but it seemed to go away once I tried a couple more times. I even directly RDPd into the host that I had the 2 min black screen for me and was able to get in quickly. So issue appears to still be showing, but not as bad. We looked in event logs and saw that one particular application - the Aspen Multicase Web service was polluting the service event logs with appcrash errors every few seconds. So we've disabled that application service on all the VMs in the pool and logins have been normal since. We read event logs that were event 4625 (failed login) but the event said event logs couldn't keep up and needed to stop duplicate events...so we were thinking that this service was constantly writing to event logs, could the slow logins happen when the service is trying to run, failing and writing to event logs. the logs wouldn't be able to write the login info. But every other change we made things seem fine afterward for a while, but then the black screen will come back for at least 90sec - 2 min. Any suggestions on things we can try / look at that could be causing this?Accessing a deployed NodeJS app?
I'm a complete noob to Azure. I have managed to deploy a NodeJS all to a Function App (container?). I can go into Deployment > Advanced > Kudu and then to Debug Console > CLI, and it will show a directory listing. In my case, I see: A/SP.NET /data /LogFiles /ShutdownSential /site .gitconfig gitsafedirectory.marker So I go into /site and then into /wwwroot, and I see my files: /node_modules host.json index.js The default URL for this is (I obfuscated the sensitive bits) is blahblah-func-70.azurewebsites.net. If I go to this URL I get a pretty page saying my function is running. What I need to get to is the index.js file. What URL do I use to do that? If I append /index.js to that URL, I get a 404. Thanks!A Complete Guide to Azure Cost Management
As companies shift to the cloud, managing the costs is as important as using the cloud to its fullest. Azure is one of the most popular cloud platforms, and it offers a lot of benefits such as scalability and flexibility; however, if you do not manage the costs associated with the cloud, you are likely to spend a lot of money. This is where Azure Cost Management comes in to help you get the most out of your cloud spending and how to use the money you spend on cloud services wisely. What is Azure Cost Management? Azure Cost Management is a set of tools available within the Azure platform that helps organizations in managing the costs of their cloud resources, optimizing their usage and sticking to the budget. It is integrated with Azure services to help in identifying waste and ways of getting the most out of the investment. Key Features of Azure Cost Management Cost Analysis Azure Cost Analysis gives you a clear view of your expenditure and helps you identify where your money is going. You are also able to customize your views to the resources, subscriptions, services or the regions to notice the changes and exceptions. Budgets Establish your funds with budgets to ensure that you do not spend more than you had intended to on Azure. Azure allows you to create budgets for certain subscriptions, resource groups or even services and it will send you notifications when you are about to reach or even go beyond your limits. This is a proactive way that prevents you from incurring exceeding charges. Cost Allocation with Tags Azure supports the concept of tagging, which means that you can associate keys (such as department, project, or environment) with resources. These tags are useful in helping assign the costs to the right teams or objects for example departments or projects. Suggestions for Enhancement Azure Cost Management is integrated with Azure Advisor to offer suggestions that include downsizing underutilized VMs, purchasing reserved instances, or identifying inactive resources. Integration with Power BI For more sophisticated reporting, Azure Cost Management is integrated with Power BI, which allows you to design your own reports and dashboards that meet your company’s requirements. Multi Cloud Support Azure Cost Management is not only limited to Azure, it also includes AWS thereby enabling organizations with a multi-cloud strategy to manage the costs of all the clouds from one platform. Tips for the Effective Implementation of Azure Cost Management: To enhance the usage of Azure Cost Management, implement the following tips: Implement Cost Governance Establish roles and responsibilities to ensure that spending is appropriate. Use Azure Policy to set policies such as restricting the creation of high-cost resources in some subscriptions. Monitor Spending Regularly Set up some alerts and review the spending reports frequently. This way you can notice any irregularities and deal with them before they become a problem. Use Reserved Instances and Savings Plans For the workloads with the certain schedule, it is recommended to buy Azure Reserved Instances or Azure Savings Plans that provide a significant price reduction compared to the pay as you go pricing. Optimize Resource Usage Shut down or remove inactive resources, shrink VMs to the required size, and use scaling to vary the resources according to the need. Leverage Spot VMs For less critical or lightweight tasks that can tolerate some level of downtime, Azure Spot VMs can be used to reduce the overall cloud spending. Tag and Organize Resources It is important to have a good tagging practice in place to increase the cost visibility. Some of the tags could be Project: AI Research, Department: Marketing and so on that help in identifying the costs and managing the spend against the right projects and departments. Real World Benefits of Azure Cost Management Example 1: Optimization for Reducing Costs A SaaS company was able to decrease its cloud spending by 30% by identifying dormant resources and downsizing over provisioned VMs with the help of Azure Cost Management suggestions. Example 2: Improved Budgetary Control An enterprise IT department did not spend more than the budget because it established subscription-level budgets and received notifications when the consumption was close to the limits. Example 3: Multi Cloud Efficiency A global company combined the tracking of its cloud expenses across Azure and AWS using Azure Cost Management and was able to generate one unified report for all the clouds, which in turn helped it make better financial decisions. The Future of Cost Management in Azure As cloud environments become more sophisticated, cost management tools will keep on developing. Some of the other features that are expected to be incorporated in the future include the use of artificial intelligence in the generation of insights, prediction, and better integration with DevOps processes. Thus, using Azure Cost Management, organizations can graduate from the reactive spending control to the proactive cost optimization and thus make sure that their cloud journey is not only creative but also economic. Sum up Azure Cost Management is a valuable tool for anyone seeking to manage, minimize, and explain cloud expenditure. Whether you are a small business or a large enterprise, these tools help you make decisions based on data, increase your ROI, and gain financial visibility in the cloud. Get started with Azure Cost Management today, and discover how to maximize your cloud spend while maintaining a healthy budget.
Health state unavailable DomainTrustCheck failed
H, we are building an AVD environment (not for the first time) and sporadically VM's will show Health state in Host pool as unavailable, iv you click on the effected VM it will say DomainTruestCheck failed however if you log on the VM (via RDP as MTSC wont connect to it when in this state) and run domain join checks they all come back as no issue. If you shut the vm down to deallocated and turn on sometimes the same VM will come back as green available but then if you restart it, it will come back as unavailable for domain checks. We have built 4 different host pools using the store win11 multi session 23h2 some using "create Session Host Configuration" enabled (Preview) some disabled as the norm, they all do the same, we have tried removing from CA policies and sanity check on domain controller its the credentials work however if we look in sign in checks on Entra it says its failing Windows Sign in incorrect credentials, but the same credentials are being used to sign into azure sign into the VM sign into Domain controller and it never fails to log in at that point, also if the credentials were wrong surely it would fail health check every time not some of the time. Anyone any ideas, logged with Microsoft but they are on holiday for Christmas periodIdle Session Time Out Via GPO not working
Hi All, we have Personal and Multisession Host Pool for Azure Virtual desktop. to manage session we have enable "Set time limit for active but idle Remote Desktop Services sessions" settings for 2 hours. ideally this should disconnect the active but idle session of users. but to it does not work as expected and session remains active for unlimited time period. just to clarify the GPO does apply on the system and I see it also set the time limit of 2 hours in registry any help is greatly appreciated. Thanks KartikUnable to process AAS model connecting to Azure SQL with Service Account
Hello I have built a demo SSAS model that I am hosting on an Azure Analysis Services Server. The model connects to an Azure SQL database in my tenant (the Database is the default AdventureWorks provided by Azure when creating your first DB). To connect to the Azure SQL, I have created an App (service principal) and granted it reader access to my Azure SQL DB. If I login to the Azure SQL DB from SSMS with this account, using Microsoft Entra Service Principal Authentication providing ClientId@TenantID for the Username and SecretValue as the password, I am able to login and SELECT from the tables. However, when I try to process the SSAS model, I get an error. For reference, below I have put the TMSL script that sets the DataSource part of the SSAS after deployment via YAML pipelines (variables are replaced when running). I think the issue lies in the "AuthenticationKind" value I have provided in the credential, but I can't figure out what to use. When I create the datasource like this and process, I get error: Failed to save modifications to the server. Error returned: '<ccon>Windows authentication has been disabled in the current context.</ccon>. I don't understand why since I am not using Windows authentication kind. Every other keyword I used ib the "AuthenticationKind" part returns error AuthenticationKind not supported. Any help on how to change this script would be useful. { "createOrReplace": { "object": { "database": "$(AAS_DATABASE)", "dataSource": "$(AZSQLDataSourceName)" }, "dataSource": { "type": "structured", "name": "$(AZSQLDataSourceName)", "connectionDetails": { "protocol": "tds", "address": { "server": "$(AZSQLServer)" }, "initialCatalog": "$(AZSQLDatabase)" }, "credential": { "AuthenticationKind": "ServiceAccount", "username": "$(AZSQL_CLIENT_ID)@$(AZSQL_TENANT_ID)", "password": "$(AZSQL_CLIENT_SECRET)" } } } }Cannot log in to Azure Portal
Hello, I would like to log in to the azure portal, but the last time I tried to log in was December 2024, and now as of February 2025, I get the following message when I try to log in. 【Message】 no_tokens_found: no refresh token found in cache. Please sign in. Here is what I know now about the status of my account setup Active Directory and Entra ID are not used. Email type is @outlook.jp. Subscription has been created MFA has been set up I also tried restarting the browser, updating to the latest, and various other things, but no change. Tried both chrome and edge, no change. I would also like to send a request to support, do you know how to make a request in this situation
Recent Blogs
- Discover how Exec Docs is revolutionizing Azure documentation by transforming standard markdown into interactive, executable content. Powered by the open source Innovation Engine, Exec Docs enables u...Feb 28, 2025
- 5 MIN READFor this post, we’re focusing on learning new AI skills. We explore resources that will help developers take their AI skills (and their applications) to the next level. Whether you’re new to AI and d...Feb 28, 2025
