Member: AzureBrian | Microsoft Community Hub

Recent Discussions

Update Management not installing SQL Server Service Pack
Greetings. I’m using Azure Update Management for patching my VMs. This works well most of the time, but I’ve noticed it doesn’t seem to recognize SQL Server service packs that need to be installed. If I use the pswindowsupdate module to query for available updates on the VM manually, I see the service pack available. My deployment schedule is set to include service packs and all update categories except for “tools”. Anyone else running into similar issues or have suggestions? Thanks in advance for any help. Brian
Jan 15, 2022 Place Azure
941Views
0likes
1Comment
Guest user access to SSAS cube on Azure VM
Greetings. I need to allow users outside of our Azure AD tenant the ability to access a multidimensional SSAS cube that resides on an Azure VM. It doesn't reside in Azure SQL Database or Azure Analysis Services. We have Microsoft SQL Server 2019 installed on an Azure VM and are providing access to the cube via a URL pointing to the msmdpump.dll. I have also created a group, assigned the proper read permissions via SSAS cube security, and added a non-guest user to that group. Everything works as expected for that user, and it is able to access the cube successfully. However, I have invited an outside user to our Azure AD tenant as a Guest user. The user has accepted the invitation and I have added the user to the same group as the test user in Azure AD. Each time the user uses Excel to attempt to connect to the cube in question, he sees this error: I've even set the Guest user access setting under External collaboration settings to Guest users have the same access as members (most inclusive). Yet, I cannot seem to find what is needed to allow the guest user access. Is there a restriction on this access such that Guest users can't read data from a cube in this way? Any information or documentation would be most appreciated. Thanks in advance! Brian
Jan 14, 2022 Place Microsoft Entra
Access Management
Azure Active Directory (AAD)
Identity Management
microsoft 365
998Views
0likes
0Comments
Invalid Managed Identity when running Vulnerability Assessment on Azure SQL Database
Greetings. I'm hoping someone can shed some light on how to resolve an error I'm getting when running a scan on my Azure SQL Database from within the Azure portal. I'm getting this line of output in the scan history: However, I cannot find a managed identity for this functionality. Maybe that's part of the problem, but I don't remember seeing one before either. I guess what I'm struggling with most is where the managed identity would be set as I don't see any place in the UI to set this from Defender for Cloud's point-of-view. I'm assuming the issue is with it writing the results to the storage account, yet the storage account settings appear to be configured correctly and allow Azure services to access. Any thoughts on where to look to further triage this? Any feedback would be most appreciated. Thanks in advance Brian
Dec 07, 2021 Place Microsoft Defender for Cloud
5.7KViews
1like
1Comment
Re: Best way to join VM from one VNet to Azure AD DS custom domain in a different VNet
Thanks Anthony_Norwood for the quick response! I do indeed believe the peering will likely be the way I will go. I've used that technique before but I didn't know if it was one of the preferred methods in this scenario. Thanks again!
Nov 03, 2021 Place Azure Architecture
2.5KViews
0likes
0Comments
Best way to join VM from one VNet to Azure AD DS custom domain in a different VNet
Greetings. I have a functioning Azure AD DS custom domain that is deployed to a subnet in let's say VNet1. I have a VM that resides in a subnet of, call it VNet2, that I would like to join to the custom domain. What's the simplest, most effective way to achieve this? In looking thru the documentation, I've seen suggestions for Peering the two networks together. This may be fine, but I may prefer to keep the networks separate for security reasons. I have Azure VPN Gateways installed in both VNets so perhaps a site-to-site tunnel could be the best option? Although, if I'm going to do that, then perhaps the Peering option would be the better way to go. Would it be possible to just add a route table in the appropriate subnet of VNet2 and just let routing do the trick? If so, how do I find out the next hop address to add to the route? And would I associate it with the gateway subnet or the default subnet of VNet2? Thanks in advance for any help. I really want to understand what is regarded as a "best practice" in this scenario. Thanks again and cheers, Brian
Solved
Oct 29, 2021 Place Azure Architecture
2.6KViews
0likes
2Comments
Re: Need For Local Network Gateway when connecting Azure S2S tunnel to AWS
Hi KennethML and ibnmbodji. Thanks for your continued discourse on this. After reviewing your image and comparing with my setup, I think I left out an important detail. My Azure VPN Gateway is based on a "classic" Service Model based-VNET, rather than ARM-based. Per this article , in the classic deployment model, the LNG is called a "Local Site" and so the portal interface is different than what you see. So, I think that's my answer and that difference in terminology was what was throwing me off. Thanks again for your help in getting me to the answer! Brian
Apr 23, 2021 Place Azure Networking
4.5KViews
1like
0Comments
Re: Need For Local Network Gateway when connecting Azure S2S tunnel to AWS
Hi Kenneth. Thanks again for your response. This still does not explain why an LNG is not needed for other connections. What's special about the connection to AWS that requires the LNG??? As I mentioned above, I have S2S tunnels to many other on-prem locations and don't need an LNG. Why is this required for AWS and not others? Is it due to incompatibilities between AWS VPGs and Azure VPN GWs?
Apr 22, 2021 Place Azure Networking
4.4KViews
0likes
2Comments
Re: Need For Local Network Gateway when connecting Azure S2S tunnel to AWS
Thanks Kenneth for your response. I guess what I'm missing is how this is different than other S2S VPN tunnels. For example, when I setup a tunnel to an on-prem location, the other end of the tunnel just terminates on the device (gateway) at the on-prem location. No local network gateway is needed on our end. Yet, with an AWS connection, this local network gateway is needed? Thanks, Brian
Apr 20, 2021 Place Azure Networking
4.5KViews
0likes
4Comments
Need For Local Network Gateway when connecting Azure S2S tunnel to AWS
Greetings. According to this article and several others I've read on connecting Azure to AWS resources, a Local Network Gateway is required to be provisioned and configured along with an Azure VPN Gateway on the Azure side. My question is, why is this the case? I don't need to have a Local Network Gateway for any other S2S tunnels I've provisioned to on-prem locations, so why is this needed for connectivity to AWS? Is it because of some compatibility issues between Azure and Amazon VPN gateways, or is it due to something else? I'd just like to understand why. Thanks in advance for any light that can be shed! Brian
Solved
Apr 16, 2021 Place Azure Networking
4.7KViews
0likes
7Comments
Re: How to increase size of unmanaged disk attached to classic VM
Thanks Sirius! I finally got around to doing this on a couple of client VMs because we couldn't avoid it any longer. The steps in this article were just what I needed and worked like a charm. Thanks again!
Mar 05, 2021 Place Azure Storage
8.5KViews
0likes
0Comments
Re: Invalid Template Deployment
samsg Thanks for the info! I suspect you're correct, I just wish there was a good error message that said that! Anyway, thanks again!
Nov 03, 2020 Place Azure Compute
7KViews
0likes
0Comments
Invalid Template Deployment
Greetings. I've been trying to deploy some variation of an N-series Spot VM over the past couple or three days. However, I can never get past the validation stage. I've tried doing so using a VM Scale Set via an ARM template as well as just a single VM via the portal. As this link suggests, I've tried using the az vm list-skus --location eastus2 --size Standard_N --output table command to check availability. I see that there are some available: ResourceType Locations Name Zones Restrictions --------------- ----------- ----------------- ------- -------------- virtualMachines eastus2 Standard_NV6s_v2 3 None virtualMachines eastus2 Standard_NV12s_v2 3 None virtualMachines eastus2 Standard_NV24s_v2 3 None virtualMachines eastus2 Standard_NV12s_v3 3 None virtualMachines eastus2 Standard_NV24s_v3 3 None virtualMachines eastus2 Standard_NV48s_v3 3 None I've tried different combinations of VM sizes and regions. The constants that I can see are: I'm always requesting a spot VM I'm always using the same subscription (Visual Studio Enterprise) I haven't been able to find any documentation that shows any conflicts with what I'm trying to do. However, I always get this error: { "code": "InvalidTemplateDeployment", "message": "The template deployment failed with error: 'The resource with id: '/subscriptions/<subscriptionid>/resourceGroups/FoldingAtHomeRG/providers/Microsoft.Compute/virtualMachines/foldingAtHomeWorker' failed validation with message: 'The requested size for resource '/subscriptions/<subscriptionid>/resourceGroups/FoldingAtHomeRG/providers/Microsoft.Compute/virtualMachines/foldingAtHomeWorker' is currently not available in location 'eastus2' zones '3' for subscription '<subscriptionid>'. Please try another size or deploy to a different location or zones. See https://aka.ms/azureskunotavailable for details.'.'." } Anyone seen this before or have any advice to offer? Any would be appreciated. Thanks. Brian
May 25, 2020 Place Azure Compute
virtual machine
7.4KViews
0likes
2Comments
Re: How to increase size of unmanaged disk attached to classic VM
Thanks for your response Sirius. Yes, I know the unmanaged disk scenario is in the same doc, but I think that only works for Resource Manager deployments. Again, there's no language in the doc that mentions the Classic scenario. Also, I've tried the Powershell listed in that section and I basically get a null array of disks. So, I'm thinking the Classic scenario is not supported with that Powershell. I have also tried using the Azure classic CLI and though I can reference the disks using this command: azure vm disk there doesn't appear to be a way to update the size of the disk using the update command: azure vm disk update --help help: Update properties of a data-disk attached to a VM help: help: Usage: vm disk update [options] <vm-name> <lun> help: help: Options: help: -h, --help output usage information help: -v, --verbose use verbose output help: -vv more verbose with debug output help: --json use json output help: -c, --host-caching <name> the caching behaviour of disk [None, ReadOnly, ReadWrite] help: -d, --dns-name <name> filter VMs for the specified DNS name help: -s, --subscription <id> the subscription id help: help: Current Mode: asm (Azure Service Management) Any other thoughts?
Apr 01, 2020 Place Azure Storage
11KViews
0likes
2Comments
How to increase size of unmanaged disk attached to classic VM
Greetings. I have a classic VM (using the old Service Manager model) that I need to expand the storage on. The disk in question is a data disk, not an OS disk, and it is an Unmanaged disk of type Premium (SSD). What are my options for extending the size of this drive? Or, would it be easier to just add a new drive to this VM, assuming the VM has capacity for it? I've searched this site with no meaningful hits. Also, Googling isn't enormously helpful. I did see this article from docs.microsoft.com, but it seems to only speak to Resource Manager VMs. I would appreciate any thoughts. Thanks, Brian
Solved
Mar 30, 2020 Place Azure Storage
11KViews
0likes
4Comments

User Profile

AzureBrian

User Widgets

Recent Discussions

Update Management not installing SQL Server Service Pack

Guest user access to SSAS cube on Azure VM

Invalid Managed Identity when running Vulnerability Assessment on Azure SQL Database

Re: Best way to join VM from one VNet to Azure AD DS custom domain in a different VNet

Best way to join VM from one VNet to Azure AD DS custom domain in a different VNet

Re: Need For Local Network Gateway when connecting Azure S2S tunnel to AWS

Re: Need For Local Network Gateway when connecting Azure S2S tunnel to AWS

Re: Need For Local Network Gateway when connecting Azure S2S tunnel to AWS

Need For Local Network Gateway when connecting Azure S2S tunnel to AWS

Re: How to increase size of unmanaged disk attached to classic VM

Re: Invalid Template Deployment

Invalid Template Deployment

Re: How to increase size of unmanaged disk attached to classic VM

How to increase size of unmanaged disk attached to classic VM

Recent Blog Articles

Re: Troubleshooting Hybrid Connections with Logging