Quantcast
Channel: Azure Management Portal forum
Viewing all 4189 articles
Browse latest View live

Licensing Cloud App Security

October 19, 2018, 8:49 am
$
0
0

We'd like to use the features of Cloud App Security, but we're not clear on how to correctly license it.

Do we need a Cloud App Security license for ALL users in our Azure tenant?  ...or do we only need to license the Administrators who will be setting up the policies and reviewing the data gathered by the service?

I know some of the other Azure-related licenses don't yet have a code-check implemented. Meaning, purchasing a single license opens up the associated functionality for all other users within the tenant (regardless of their licensing). Is this the case for Cloud App Security? Or must all users have a license in order to be in compliance?

Thanks for any insights, we just don't want to over-purchase if we don't need to!

Search

REST API List all VM's not returning all VM's

October 19, 2018, 7:54 am
$
0
0

Through the Azure web portal, for a given subscription I see "x" number of VM's.  But when I run a query against the REST API, it only returns "x - y" number of VM's. 

Any thoughts on what the issue might be?

Invoke-RestMethod "https://management.azure.com/subscriptions/$($subId)/providers/Microsoft.Compute/virtualMachines?api-version=2017-12-01" -Headers $headers
As a side note, I have a much smaller subscription where the counts do match up between the web portal and the API using exactly the same call.



How to apply tag policy at resource group level?

October 19, 2018, 12:48 pm
$
0
0

Hi,

We want to enforce tags at resource group level. What type of policy we can apply and how?


What is the difference between co-admin and Global-admin in Azure portal ?.

October 5, 2018, 7:03 am
$
0
0

Hi Team,

I'm trying to setup monitoring for Azure via HP tools and one of the pre-requisites is the assigned user should have co-admin and contributor access. i already have assigned the user as Global Admin. Is there any difference between Global admin and co-admin ?.

Thanks

Jish

The components for the 'Update Management' solution have been enabled, and now this virtual machine is being configured. Please be patient, as this can sometimes take up to 15 minutes.

October 19, 2018, 6:09 pm
$
0
0

I have enabled Update management for my Azure Windows 2016 VM 12 hours ago and I'm still getting...The components for the 'Update Management' solution have been enabled, and now this virtual machine is being configured. Please be patient, as this can sometimes take up to 15 minutes.

Any idea?

The portal is having issues getting authentication tokens for Microsoft_Azure_InformationProtection.

October 23, 2018, 1:09 pm
$
0
0

Helo to all. 
I'm unable to enable AIP on my P2 Licensed Tennant. 

This is the error i got in the portal: 

Any experience with this here? 
Regards

Damir

  • The portal is having issues getting authentication tokens for Microsoft_Azure_InformationProtection.

Ran into Azurestack issue with uploading Gallery Item, also have question to clarify between account types.

October 23, 2018, 2:11 pm
$
0
0

I'm using powershell to add gallery item to my local AzureStack (script below), however I ran into an error for "resource namespace 'microsoft.gallery.admin' is invalid.  This I think means that the microsoft.gallery.admin resource is not available in my subscription.

I've went into my admin accounts subscriptions (Consumption Subscription, Default Provider Subscription, and Metering Subscription) and registered everything for gallery, but it still doesnt work.  So my question is how can I enable microsoft.gallery.item resource.

My second question is to do with accounts in Azurestack and Azure.  Right now I use the same account for my Azure cloud, Azurestack admin, and azurestack user.  ie name@azuretenantname.onmicrosoft.com.

Is there an azurestacklocal account that is generated automatically or something that I can use to admin local?  Or is this method fine.

Thanks in advance for any help! 

$AADTenantName = "azurestoreomitted.onmicrosoft.com"
$ArmEndpoint = "https://management.local.azurestack.external"

# Register an Azure Resource Manager environment that targets your Azure Stack instance
Add-AzureRMEnvironment `
  -Name "AzureStackUser" `
  -ArmEndpoint $ArmEndpoint

$AuthEndpoint = (Get-AzureRmEnvironment -Name "AzureStackUser").ActiveDirectoryAuthority.TrimEnd('/')
$TenantId = (invoke-restmethod "$($AuthEndpoint)/$($AADTenantName)/.well-known/openid-configuration").issuer.TrimEnd('/').Split('/')[-1]

# Sign in to your environment
Login-AzureRmAccount `
  -EnvironmentName "AzureStackUser" `
  -TenantId $TenantId



Add-AzsGalleryItem -GalleryItemUri `
https://thomasazsblob.blob.local.azurestack.external/general/omitted.azpkg –Verbose

#$subscriptionid = (Get-AzureRmSubscription -SubscriptionName 'ThomasSubscription').SubscriptionId
#$StorageAccount = Get-AzureRmStorageAccount -ResourceGroupName thomasazslocal -Name thomasazsblob
#$GalleryContainer = New-AzureStorageContainer -Name gallery -Permission Blob -Context $StorageAccount.Context
#$azpkg = $GalleryContainer | Set-AzureStorageBlobContent -File C:\omitted\omitted.azpkg
#Add-AzureRMGalleryItem -SubscriptionId $subscriptionid -GalleryItemUri $azpkg.ICloudBlob.StorageUri.PrimaryUri.AbsoluteUri  -Apiversion "2015-04-01"

OUTPUT

PS C:\Windows\system32> C:\Users\AzureStackAdmin\Desktop\Untitled1.ps1


Name                                              : AzureStackUser
EnableAdfsAuthentication                          : False
OnPremise                                         : False
ActiveDirectoryServiceEndpointResourceId          : https://management.azurestoreomitted.onmicrosoft.com/##resourceguidomitted##
AdTenant                                          : 
GalleryUrl                                        : https://portal.local.azurestack.external:30015/
ManagementPortalUrl                               : 
ServiceManagementUrl                              : 
PublishSettingsFileUrl                            : 
ResourceManagerUrl                                : https://management.local.azurestack.external
SqlDatabaseDnsSuffix                              : 
StorageEndpointSuffix                             : local.azurestack.external
ActiveDirectoryAuthority                          : https://login.windows.net/
GraphUrl                                          : https://graph.windows.net/
GraphEndpointResourceId                           : https://graph.windows.net/
TrafficManagerDnsSuffix                           : 
AzureKeyVaultDnsSuffix                            : vault.local.azurestack.external
DataLakeEndpointResourceId                        : 
AzureDataLakeStoreFileSystemEndpointSuffix        : 
AzureDataLakeAnalyticsCatalogAndJobEndpointSuffix : 
AzureKeyVaultServiceEndpointResourceId            : https://vault.local.azurestack.external
AzureOperationalInsightsEndpointResourceId        : 
AzureOperationalInsightsEndpoint                  : 
VersionProfiles                                   : {}
ExtendedProperties                                : {}
BatchEndpointResourceId                           : 

Environments : {[AzureStackUser, AzureStackUser], [AzureChinaCloud, AzureChinaCloud], [Azure Stack, Azure Stack], [AzureCloud, AzureCloud]...}
Context      : Microsoft.Azure.Commands.Profile.Models.PSAzureContext

VERBOSE: Performing the operation "Add Gallery item" on target "https://thomasazsblob.blob.local.azurestack.external/general/omitted.azpkg".
VERBOSE: Performing operation add on $GalleryAdminClient.
VERBOSE: Operation failed.
Get-Exception : Code = InvalidResourceNamespace
Message = The resource namespace 'microsoft.gallery.admin' is invalid.
At C:\Program Files\WindowsPowerShell\Modules\Azs.Gallery.Admin\0.2.0\Get-TaskResult.ps1:99 char:21+                     Get-Exception -Exception $ex+                     ~~~~~~~~~~~~~~~~~~~~~~~~~~~~+ CategoryInfo          : NotSpecified: (:) [Write-Error], Exception+ FullyQualifiedErrorId : System.Exception,Get-Exception

azure ARM policy to deny resource group without tags

October 23, 2018, 3:25 pm
$
0
0

Hi,

This policy is working but giving the generic message. How we can display the custom message and enforce to pass Project_Code while creation of new resource group?

"if": {"allOf": [
        {"field": "tags","exists": "false"
        },
        {"field": "type","equals": "Microsoft.Resources/subscriptions/resourceGroups"
        }
      ]
    },"then": {"effect": "deny"
    }

Search

Azure VM uptime\downtime graph and cause?

October 17, 2015, 10:00 am
$
0
0

The other day a VM rebooted due to Windows updates, I believe,  but I can't find any trace on the Portal of the start-end time or why the VM rebooted. Does the Portal provide this info?

TIA,

edm2

Azure AD

October 24, 2018, 1:18 pm
$
0
0
The deal is that there IS no subscription currently in the tenant, it’s been deprovisioned and it’s just gone from both the store and the subscription section….so I have no way to mark it as deleted and delete the directory. What do you think I should do to delete it, anyone help please.

What is registering a Application in Azure means ?.

October 10, 2018, 11:11 am
$
0
0

Hi Team,

We are trying to setup monitoring for Azure. And it requires creating a Application in Azure portal. So what does this actually mean ?. Registering an application means it is creating an application or Jus a registration of the Application which we are going to use for monitoring ?. 

Thanks

Jish

Jish

Authentication to Azure RESTful API with username and password through PowerShell

October 10, 2018, 9:56 am
$
0
0

I'm able to connect to the REST API endpoints documented at the below link, and successfully retrieve data after supplying my credentials interactively through a web browser.  What are the options to authenticate using PowerShell Invoke-RestMethod?  Ideally I'd like to use my username and password (if prompted for the credentials that's fine for now).  I'm not an "admin" level user at the moment so I don't believe I will be able to generate any tokens or API keys if those are options.

https://docs.microsoft.com/en-us/rest/api/azure/

Azure Joined Devices to User

October 26, 2018, 3:58 am
$
0
0
I am testing Intune and have joined a number of devices under my account. How can I remove those devices from my account without having the devices disjoined for Azure AD?

Resource groups corrupted after failed move

October 26, 2018, 2:28 pm
$
0
0

Hello.

I attempted to move resources between resource groups, but the operation failed with an internal error.  I'm OK with just deleting all of the resources I have created and starting over, but two of my resource groups indicate "move in process", the failed move, so I cannot delete or work with any of the resources in the group.

Any advice on how to get my resource groups unstuck and/or just reset everything?

Thanks,

-Matt

Trial license interfering with full game disc

October 27, 2018, 11:47 am
$
0
0
Can you please remove Gears of War 4 trial license from my account TenTech556143. It is preventing me from playing the full game on Disc. Is there any other way to resolve this?
Search

Point-to-site configuration - is missing

October 30, 2018, 6:06 am
$
0
0

Hi, I have a strange issue with my Virtual Network Gateway. I'm probably missing something but when Ever I go to my VNet Gateway configuration in Settings the point-2-site configuration link is missing. (I can see it for about 1 sec). Currently I have one VNet with working site-2-site connection. I my goal is to add point-2-site to this VNet. Please help me what am I missing. 

Azure policies are not blocking NSG

October 30, 2018, 1:30 pm
$
0
0

Hi,

I do not know if here is the right place to ask this but here is the thing.

I did an azure policy to block when someone try to create a NSG rule with certain criteria. Inside the portal, the policy works as expected, but, when the NSG rule is created via powershell, it is not blocked.

Anyone knows what I am doing wrong?

Thanks!

JJ

how to convert an ISO into a Azure template

October 13, 2018, 2:22 pm
$
0
0

We have a ISO which we want to upload into Azure then convert it into a template.

The ISO will be uploaded using a BLOB upload unless there is a better way to upload it to azure.

Next how do we convert this ISO into a azure template?

dsk

RDP Printer redirection doesn't work on SOME Windows 10 PC's

November 1, 2018, 11:40 am
$
0
0

I am having trouble where printers on a Windows 10 doesn't redirect to a remote desktop environment (Remoting in to a Windows Server 2016)

The following are enabled/setup:

1. Printer redirection option on the RDP file

2. Drivers are installed on both local and the remote desktop PC

Even Generic/Text Only printers doesn't redirect. This should work because generic/text only drivers is a default driver in Windows

Windows 10 OS is up to date. 

Tried several Windows 10 PCs, there are some that redirect the printers. Some does not.

Can anyone help?

On-premises Azure MFA server token lifetime

November 2, 2018, 5:19 am
$
0
0

Hi All. We have an Azure on-premises MFA Server that is used as a second factor authentication for our Cisco Anyconnect remote access VPN logins. The clients have the option to either authenticate using SMS or third party hardware OATH tokens as a second authentication after providing domain credentials. Once they successfully authenticate they are not asked for second factor authentication for 2 hours (SMS) or 4 hours (hardware OATH token) - so they can disconnect and login successfully from anywhere in this time while their token is still valid.

I would like to ask if there is a way I can edit the lifetime of these tokens ( not sure using the correct terminology here). So lets say they need to re-authenticate using second factor 30 mins after successful login?

I am aware there are some options available for cloud based Azure AD MFA but please note that I need a solution for on-premises standalone Microsoft MFA server.

Many thanks. 

Viewing all 4189 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>