. How to enable/apply the azure hybrid benefit to our existing SQL database.
For traditional installation, enter the license key before proceeding the installation. But in this only I can yes/no option, I am not sure how azure subscription validation the license key.
Reference screen shot :
Can you give me instructions on how to setup individuals or a group for 2 factor authentication. I have the Enterprise App working now using SSO but some people never log off and the info is sensitive so we want to control those using with 2 factor authentication, something like a PIN maybe?
Can you advise me, thanks.
Hi,
I am looking for a single PS script to list & delete Azure Orphaned NICs, IPs and NSGs for the Cost optimization for a subscription similar to below Orphaned Disk cleanup script.
https://gallery.technet.microsoft.com/Azure-Identify-and-baaf6a10
Shailendra Dev
Hi,
We use a number of policies to control what people deploy and audit actions which users are able to do. Azure Policies work well with this however one policy that would be good is one that prevent users from deploying expensive resources or a policy that we could apply to Azure subscriptions to create Audit events when exceeding a threshold.
I have tried via powershell to see if I can find any fields relating to cost however I dont seem to be able to find anything.
Is it possible to use Azure Policies to control cost?
Hi
I am looking to implement a monitoring tool for an Azure tenant. What are other people using / recommend? We are using the tools available in Azure itself but looking to add a 3rd party tool to monitor from the outside whether it be on premise or in the cloud.
Looking for recommendations / feedback on existing tools out there.
Thanks in advance!
From my understanding there are three ways to enable MFA:
1) User or O365 MFA
2) Conditional Access
3) Azure AD Identity Protection MFA
If Conditional Access MFA is enabled and Azure AD Identity Protection MFA is enabled for users, would that cause a conflict? Are you only supposed to enable one method of MFA in an environment?
Hi,
Can I create a VM of macOS 10.14 Mojave on Azure?
If yes, please let me know, how to create?
Regards
InTechSys
InTechSys
Hi,
I am trying create custom Activity Log log alert for "Resource Health" of a VM using ARM Template, following the below link..
Ref: https://docs.microsoft.com/en-us/azure/service-health/resource-health-alert-arm-template-guide
Error: Alerts are unable to fire
I want Activity Log Alerts triggered with an Email every time the Resource health of a VM goes from "Available" to "Unavailable".
Kindly Help me out with this.
Thanks.
We are getting our website rebuilt in wordpress. This has nothing to do with Azure only in that our website is hosted on Azure.
Our Third Party Developer needs access to our Azure account in order to manage the transition. We want to keep the same domain.
What is the best way to restrict his access, but still enable him to do his job?
I am quite non-technical and do not often use Azure so this is proving quite difficult.
Any help would be appreciated.
Many thanks,
Jack
I have subscription when everything was OK. One day I saw I don't have access to blob storage of my storage account. Now I don't have privileges to delete VMs, storage accounts, network intefaces, nsg and so on... I can't enter to blob storage in any storage account. Now I can't start VMs because they are in state marked for deletion:
I'm owner of my MPN subscription I don't see any access denied or something what is wrong with my privileges. And my subscription don't have Account Admin, only me as Service Admin. I will appreciate some help.
I have an NSG that I need to monitor for any changes to the inbound or outbound rules. I've tried the pre-canned NSG update/modify alert type, but that doesn't seem to capture NSG rules updates. From the activity log, I can see my changes to individual NSG rules and create an alert for that specific rule, but that doesn't help me monitor all of the rules at once, or any new rules that are created.
I found an ARM template online that will alert me on ANY NSG rule changes, but I only want to alert for one specific NSG. I exported the JSON for an alert I created to monitor one specific rule, and tried to blend the two templates together to make something that will work for what I need, but I'm not having much luck.
Here's the template that alerts for ANY NSG rule changes:
{"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","parameters": {"activityLogAlertName": {"type": "string","metadata": {"description": "Unique name (within the Resource Group) for the Activity log alert."
}
},"activityLogAlertEnabled": {"type": "bool","defaultValue": true,"metadata": {"description": "Indicates whether or not the alert is enabled."
}
},"actionGroupResourceId": {"type": "string","metadata": {"description": "Resource Id for the Action group."
}
}
},"resources": [
{"type": "Microsoft.Insights/activityLogAlerts","apiVersion": "2017-04-01","name": "[parameters('activityLogAlertName')]", "location": "Global","properties": {"enabled": "[parameters('activityLogAlertEnabled')]","scopes": ["[subscription().id]"
], "condition": {"allOf": [
{"field": "category","equals": "Administrative"
},
{"field": "operationName","equals": "Microsoft.Network/networkSecurityGroups/securityRules/write"
},
{"field": "resourceType","equals": "Microsoft.Network/networkSecurityGroups/securityRules"
}
]
},"actions": {"actionGroups":
[
{"actionGroupId": "[parameters('actionGroupResourceId')]"
}
]
}
}
}
]
}And here's the template that alerts for one specific NSG rule:
{"$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#","contentVersion": "1.0.0.0","parameters": {"activityLogAlertName": {"type": "string","metadata": {"description": "Unique name (within the Resource Group) for the Activity log alert."
}
},"activityLogAlertEnabled": {"type": "bool","defaultValue": true,"metadata": {"description": "Indicates whether or not the alert is enabled."
}
},"actionGroupResourceId": {"type": "string","metadata": {"description": "Resource Id for the Action group."
}
}
},"resources": [
{"type": "Microsoft.Insights/activityLogAlerts","apiVersion": "2017-04-01","name": "[parameters('activityLogAlertName')]", "location": "Global","properties": {"enabled": "[parameters('activityLogAlertEnabled')]","scopes": ["[subscription().id]"
], "condition": {"allOf": [
{"containsAny": null,"equals": "Administrative","field": "category"
},
{"containsAny": null,"equals": "/subscriptions/<removed>/resourceGroups/RG_Test/providers/Microsoft.Network/networkSecurityGroups/NSG_TEST/securityRules/NSG_TEST_RULE","field": "resourceId"
},
{"containsAny": null,"equals": "Microsoft.Network/networkSecurityGroups/securityRules/write","field": "operationName"
},
{"containsAny": null,"equals": "informational","field": "level"
},
{"containsAny": null,"equals": "Succeeded","field": "status"
}
]
},"actions": {"actionGroups":
[
{"actionGroupId": "[parameters('actionGroupResourceId')]"
}
]
}
}
}
]
}Could someone help me put together an ARM template that will alert me for any inbound or outbound rule changes (new, modify, delete) for one specific NSG?
I'm at work, on the corporate network using SSO. The last few days, I haven't been able to login to the portal using Windows 10 & IE11. I go to portal.azure.com and go through a few redirects and get stuck athttps://portal.azure.com/signin/index/ which is a blank white page. If I look in the IE11 debugger, it shows:
SCRIPT5007: Unable to get property 'getItem' of undefined or null reference
index (10,54)
Works in Edge and Chrome. I've cleared my browser history, including cookies, rebooted, system restore back to last week when I know it worked. I've also gone into Credential Manager in Windows and deleted the SSO credential. No matter what I do, it gets stuck on that signin/index page which is a blank white page.
How can I fix this?
An attempt to add a custom domain name I own "technology.museum" fails. It also fails via the Office 365 Admin portal.
museum is a sponsored top-level domain (sTLD) and I have control of the technology.museum DNS domain.
Is this a bug or feature?
Longer term, I would like to use the technology.museum domain with Azure Active Directory Domain Services. The .com domain that is used for our email (museumoftechnology) is over 15 characters long which is too long! Ideally, I would like users to authenticate with their email credentials but use the .museum domain for DNS. Is that feasible?
Hi, i am bit noob in AD so pls bear with me.
Background: Company abc.com currently has On-prem AD in place, and also ADFS with Azure AD (without password hashing).
In Azure AD portal, the federation is enable for domain abc.com, disable seamless SSO and pass-through authentication due to security reason.
Now, the company abc.com want to introduce one new Learning & Development online system so wish to get the seamless sync all the ID from on-prem AD to new service provider directory. As we cannot install the directory sync tools, so how can we make this happen? Is it to add one more domain in federation? Thanks.
Hello,
Our Cloud Services continue going into a state of “Busy (Starting role... System is initializing)”. This is causing major issues with our system, and causing the websites we provide to our clients to become unavailable.
In my research, I’ve discovered that this may be a carry over issue from the “Azure initiated maintenance action” on Monday that caused our system to go down for a short time.
Any ideas on what's causing this?
Tory