User Profile
Kidd_Ip
MVP
Joined 5 years ago
User Widgets
Recent Discussions
Re: Azure load balancer - n-tier application
Below the best practice you may consider: Use Zone-Redundant Frontend IPs Recommended: Use zone-redundant frontend IPs for your Standard Load Balancer. This ensures the LB is not tied to a single zone, and traffic can be routed to healthy instances across zones. This is critical for resiliency in case one AZ becomes unavailable. Single vs Multiple Load Balancers Single Load Balancer is sufficient and recommended for most n-tier apps: Reduces complexity and cost Easier to manage and monitor Still supports multiple frontends and backend pools Multiple Load Balancers may be justified if: You need different SLAs or configurations per tier You want tier isolation for security or compliance You have different traffic patterns or protocols per tier Backend Pool Configuration Ensure each backend pool includes VMs from multiple zones. Use availability zone-aware rules and health probes to detect failures and reroute traffic. HA Ports and Floating IP Use HA Ports for backend rules if you're handling non-HTTP(S) traffic or need port agnostic load balancing. Enable Floating IP if you're using SQL Always On or failover clustering in the data tier. NSG and UDR Considerations Ensure NSGs and User Defined Routes (UDRs) do not block health probe traffic. Allow traffic from Azure Load Balancer IP: 168.63.129.16 for health probes. Azure Load Balancer Best Practices - Azure Load Balancer | Microsoft Learn Azure Load Balancer and Availability Zones - Azure Load Balancer | Azure Docs1View0likes0CommentsRe: Azure IP Geolocation
Microsoft does not change the geolocation of its public IPs. These are registered with Regional Internet Registries (RIRs) and reflected in public geolocation databases. Microsoft does publish IP ranges and geolocation data, but they do not offer custom geolocation remapping for specific customers or scenarios. May consider workarounds at the following: Use Location Redirection via RDP Azure supports location redirection over Remote Desktop Protocol (RDP), which can help certain apps detect the user's local device location rather than the AVD host location. This is useful for apps that rely on device-based geolocation, but won’t help with IP-based restrictions. Deploy AVD in a Nearby Region If Denmark doesn't have an Azure region, consider deploying AVD in the closest available region with IPs more likely to be accepted by Danish sites. Use VPN or Azure Firewall with Forced Tunnelling You can route AVD traffic through a VPN or on-premises firewall located in Denmark: Set up forced tunnelling so outbound traffic from AVD goes through your Danish network. This way, the public IP seen by external sites is your Danish IP.1View0likes0CommentsRe: Pivot table
Below may help to fix the issue: Avoid Copying Pivot Tables Directly Instead of copying the entire pivot table: Create a new pivot table from scratch on the new sheet using the new data source. This avoids hidden references or cache issues that may be carried over from the original pivot. Disable “Add to Data Model” Option Try disabling it when creating or modifying the pivot table. Check for Named Ranges Ensure your new data source is: A defined named range, or A structured table (Insert → Table), which is more stable as a pivot source. Avoid Overlapping Pivot Cache Try creating the new pivot table in a fresh workbook, then copy it back. Or use different cache settings if you're comfortable with VBA (though this is limited on Mac). Update Excel Make sure you're running the latest version of Microsoft 365 for Mac: Microsoft has patched several pivot-related bugs in recent updates. Go to Help → Check for Updates in Excel.12Views0likes0CommentsRe: How to show full path in file explorer?
How about this: 1. Click once in the address bar — it will switch from breadcrumb view to full path. 2. Or press Alt + D to jump to the address bar and reveal the full path instantly. 3. You can also right-click the address bar and choose "Copy address as text" to get the full path.5Views0likes0CommentsRe: IKEv2 and Windows 10/11 drops connectivity but stays connected in Windows
May consider below workarounds and fixes: 1. Configure Custom IPsec/IKE Policies Set longer lifetimes and enable rekeying: { "ikeEncryption": "AES256", "ikeIntegrity": "SHA256", "dhGroup": "DHGroup14", "pfsGroup": "PFS2", "ipsecEncryption": "AES256", "ipsecIntegrity": "SHA256", "saLifetimeSeconds": 28800, "saDataSizeKilobytes": 102400000 } 2. Use Azure VPN Client Instead of Built-in Windows Client The Azure VPN Client handles tunnel drops and rekeying more reliably. 3. Enable VPN Reconnect in Windows Use PowerShell or Group Policy to enable VPN Reconnect feature: Set-VpnConnection -Name "YourVPN" -ReconnectEnabled $true 4. Monitor with Azure Network Watcher Use Connection Monitor to detect tunnel drops and automate alerts or reconnection scripts.0Views0likes0CommentsRe: Azure vWAN (hybrid connectivity enabled with OnPrem DC) data packet flow - inbound and outbound
Below the End-to-End Packet Flow in Azure vWAN (Hybrid Setup) Ingress Traffic (On-Prem → Azure VMs) On-Premises Gateway: Traffic originates from your on-prem DC or branch. ExpressRoute Gateway (EC GW): Connects to Azure via ExpressRoute circuit. vWAN Hub Router: EC terminates at the vWAN Hub, which routes traffic. Azure Firewall (Secured Hub): Traffic is inspected and filtered. NSG (Network Security Group): Applies subnet-level access control. Destination VMs: Traffic reaches the target VM in connected VNET. Egress Traffic (Azure VMs → On-Prem) Source VMs: Initiate outbound traffic. NSG: Applies outbound rules. Azure Firewall: Traffic is inspected and routed. vWAN Hub Router: Routes traffic to EC GW. ExpressRoute Gateway (EC GW): Sends traffic to on-premises. On-Prem Gateway: Receives traffic.3Views0likes0CommentsRe: Delete cells with 3 consecutive consonants
How about this: Simply delete cells that contain 3 or more consecutive consonants: Google Sheets Formula (Filter): =FILTER(A1:A, NOT(REGEXMATCH(A1:A, "[^aeiouAEIOU]{3}"))) Excel VBA Script (Delete Matching Cells): Sub DeleteConsonantCells() Dim cell As Range Dim regex As Object Set regex = CreateObject("VBScript.RegExp") regex.Pattern = "[^aeiouAEIOU]{3}" regex.IgnoreCase = True regex.Global = True For Each cell In Selection If regex.Test(cell.Value) Then cell.ClearContents End If Next cell End Sub Select the range first, then run this macro to clear cells with 3+ consecutive consonants.3Views0likes0CommentsRe: Language defaults audit for everything M365
Below the key areas to audit for Language Settings in M365: Microsoft 365 Admin Center Tenant-wide language defaults: Set the default language for new users and services. User provisioning templates: Ensure language is correctly set when new accounts are created. User Profile Settings Each user can set their own language preferences in: Microsoft Account settings Office.com settings SharePoint profile Teams settings Viva Engage (Yammer) profile SharePoint Site Settings Site language and regional settings Web part configurations: Some titles or labels may need manual updates. Navigation and link text: These can be cached or manually set, which might explain the lingering “- Home” label. Viva Engage (Yammer) Language is tied to the user’s profile settings, not just the tenant. New users may default to English if their browser or M365 profile is set to English. Teams & Outlook Events The default language for meeting invites and calendar events often follows the organizer’s language settings, not the group or tenant. Language Accessory Packs For Office apps, you may need to install Language Accessory Packs to fully localize menus, proofing tools, and help content.5Views0likes0CommentsRe: RHEL In-place upgrades and Azure Update Manager
As of now, Microsoft’s official guidance is to avoid in-place upgrades and instead: Create a new VM from the desired RHEL image Migrate workloads and data Re-register with Update Manager and other services In-place upgrade of Red Hat Enterprise Linux images on Azure - Azure Virtual Machines | Microsoft Learn11Views0likes0CommentsRe: Unable to Access Internet from Azure DevOps Server 2022 Self-Hosted Agent Behind Proxy
Yes, during the Agent configuration, when you run the agent configuration script (config.cmd or config.sh), you can pass proxy parameters: config.cmd --proxyurl http://your.proxy.server:port --proxyusername yourUsername --proxypassword yourPassword This ensures the agent itself can communicate with Azure DevOps and external services during setup and runtime.5Views0likes0CommentsRe: Nested App Authentication (NAA) token to protect middle-tier server
Below are the steps to validate NAA Access Token in PHP: Receive the Token from the Add-in • Your Outlook add-in should send the NAA access token in the Authorization header: Authorization: Bearer <access_token> 2. Validate the Token Using Microsoft Identity Platform Use a JWT validation library in PHP (e.g., firebase/php-jwt) and follow these steps: a. Decode the Token Header • Extract the kid (key ID) from the token header. b. Fetch Microsoft’s Public Keys • Get the signing keys from: https://login.microsoftonline.com/common/discovery/v2.0/keys • Match the kid to the correct public key. c. Verify Token Signature and Claims • Validate: o Signature using the public key o Issuer: https://login.microsoftonline.com/{tenant}/v2.0 o Audience: Should match your API’s client_id or App ID URI o Scopes: Ensure required scopes are present o Expiration: Check exp claim Suggestions: use Firebase\JWT\JWT; use Firebase\JWT\JWK; $jwt = $_SERVER['HTTP_AUTHORIZATION']; // Bearer token $jwks = json_decode(file_get_contents('https://login.microsoftonline.com/common/discovery/v2.0/keys'), true); $decoded = JWT::decode($jwt, JWK::parseKeySet($jwks), ['RS256']);2Views0likes0CommentsRe: Excel jumps to A1 when selecting a range on another sheet during VLOOKUP
Try below as workarounds: 1. Pre-select the range before typing the formula Go to Sheet2, select the desired range (e.g., $C$3:$E$100), then return to Sheet1 and type the formula manually using that reference. 2. Use the Name Manager Define a named range for the lookup table on Sheet2. Then use that name in your formula: =VLOOKUP(A2, LookupTable, 2, FALSE) 3. Type the full reference manually Instead of switching sheets mid-formula, type: =VLOOKUP(A2, Sheet2!$C$3:$E$100, 2, FALSE) 4. Update Excel Ensure you're running the latest version of Excel.38Views0likes1CommentRe: Azure Policy - Configure backup on virtual machines with a given tag
The built-in Azure Policy “Configure backup on virtual machines with a given tag to an existing recovery services vault” (ID: 345fa903-145c-4fe1-8bcd-93ec2adccde8) uses a DeployIfNotExists effect and matches VMs based on: Tag name and value Region Image Publisher, Offer, and SKU In your case, the VM uses the SKU: 2019-datacenter-smalldisk-g2, which is not listed in the policy’s SKU array, even though similar SKUs like 2019-Datacenter-smalldisk and 2019-datacenter-gensecond are included.5Views0likes0CommentsRe: Experience with Automanage Machine Configuration
Not sure if this can help: Azure Machine Configuration documentation | Microsoft Learn Compliance-related: VM Compliance: Windows machines should meet requirements of the Azure compute security baseline · Issue #1466 · Azure/Enterprise-Scale5Views0likes0CommentsRe: Word, PPT issues specifically with client version 2019
See whether this can help: Security Settings in Office 2019 Office desktop apps may block certain URLs due to Trust Center settings. Fix: Go to File > Options > Trust Center > Trust Center Settings > Protected View Test by disabling “Enable Protected View for files originating from the internet” Also check File Block Settings and ensure the file type isn’t blocked. URL Format or Protocol Issues Office 2019 may block: URLs with non-HTTPS protocols (e.g., http://, ftp://) URLs with JavaScript or data URIs Fix: Ensure the hyperlink starts with https:// and doesn’t contain scripts or special characters. Group Policy or Registry Restrictions Some organizations enforce hyperlink restrictions via Group Policy or registry keys. Fix: If you're on a managed device, check below: HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Security Look for keys like DisableHyperlinkWarning or DisableInternetSecuritySettingsCheck Antivirus or Endpoint Protection Blocking Security software may block certain domains or links in desktop apps. Fix: Temporarily disable antivirus or check logs to see if the link is being blocked. Compatibility or Update Issues Office 2019 may lack support for newer web standards or have bugs in older builds. Fix: Ensure Office 2019 is fully updated: File > Account > Update Options > Update Now3Views0likes0CommentsRe: Can only remote into azure vm from DC
Please try to fix by below: 1. Check Azure NSG rules Go to the VM’s NSG and confirm it allows inbound RDP from your full on-prem subnet (e.g., 10.0.0.0/16), not just the DC’s IP. 2. Verify VPN configuration Ensure the local network gateway in Azure includes the full on-prem subnet range. Confirm the VPN gateway is connected and routing correctly. 3. Add static routes on other servers On each server that cannot reach Azure, run: route add <Azure subnet> mask <subnet mask> <RRAS server IP> 4. Enable IP forwarding on RRAS Make sure RRAS is configured to forward packets between networks. Check that NAT or firewall rules aren’t blocking traffic. 5. Use internal routing or redistribute routes If you have an internal router or Layer 3 switch, redistribute the Azure route from RRAS to your internal network.1View0likes0CommentsRe: Container Apps in New Zealand North - Expected Availability
To my understanding, as of now, Microsoft Container Apps (Microsoft.App/managedEnvironments) are not yet available in the New Zealand North region, and Microsoft has not published a specific timeline for when they will be supported there. You may consider: Azure Kubernetes Service (AKS), which may be available sooner. Or deploy to a nearby region (e.g., Australia East) and use Azure Front Door or Traffic Manager to route traffic.8Views0likes0CommentsRe: Lost ability to create macros
Please try below potential causes and fixes for the greyed-out Macro Console: File format issue Make sure your workbook is saved as Macro-Enabled Workbook (.xlsm). If it’s saved as .xlsx, macros won’t be stored or editable. Fix: Go to File → Save As → Excel Macro-Enabled Workbook (.xlsm). Workbook or worksheet protection If the workbook or sheet is protected, macro editing may be disabled. Fix: Go to Review → Unprotect Sheet or Unprotect Workbook. Macros disabled by Group Policy Even if Trust Center settings look correct, your system may be governed by a Group Policy that disables macros. Fix: Press Windows + R, type gpedit.msc, and hit Enter. Navigate to: User Configuration → Administrative Templates → Microsoft Excel → Excel Options → Security → Trust Center Check if macro settings are enforced here. If so, contact IT to adjust. Corrupted workbook or Excel profile If macros were working and suddenly disappeared, the workbook might be corrupted or your Excel profile may have cached errors. Fixes: Try opening the file on another computer. Create a new workbook and import the macros manually. Repair Office: Control Panel → Programs → Microsoft 365 → Modify → Quick Repair. Add-ins or COM conflicts Some add-ins can interfere with macro functionality. Fix: Go to File → Options → Add-ins → Manage COM Add-ins → Go Disable suspicious or unknown add-ins and restart Excel.5Views1like2CommentsRe: Links from Word to pdf doc online not working
Try to check and fix the following: Set default browser by protocol Windows Settings → Apps → Default apps → choose your browser → click Choose defaults by protocol → ensure HTTP and HTTPS are associated with that browser. Confirm PDF file association Windows Settings → Apps → Default apps → search for .pdf → ensure Adobe Acrobat Reader (or your preferred PDF app) is selected. Reset browser and PDF defaults In Default apps, scroll to Reset to the Microsoft recommended defaults, then reassign your preferred browser and PDF app. Repair Office and Acrobat Control Panel → Programs → Microsoft 365 (or Office) → Modify → Quick Repair (if that fails, try Online Repair). Do the same for Adobe Acrobat Reader (Modify/Repair). Check Word Trust Center and hyperlink behavior Word → File → Options → Trust Center → Trust Center Settings → Protected View: try temporarily disabling Protected View for files from the Internet to test (re-enable after testing). Word → File → Options → Advanced → under Editing options, ensure Use CTRL + Click to follow hyperlink is as expected. Test a different browser as default Temporarily set Chrome/Edge/Firefox as the default and try the link from Word to isolate whether the problem is the browser registration. Check for extensions or policies Disable any Word add-ins that might intercept links: Word → File → Options → Add-ins → COM Add-ins → Go → uncheck suspicious add-ins and restart Word. If company-managed device, check with IT for group policies that may block URL handling. Try creating a new hyperlink type In Word, insert a hyperlink and explicitly start with “https://” (not a file path). If link was added as a file:// URL, change it to https://. Registry troubleshooting If comfortable: verify HKEY_CLASSES_ROOT\http and \https point to correct handlers and that the browser’s ProgID exists.9Views0likes0Comments
Recent Blog Articles
No content to show