Azure 533 to Admin Associate

A few years ago I set my journey to get more involved with Virtualization which branched out in the Cloud Computing. So one of the first exams I went through was the 70-533 or Implementing Azure Infrastructure Solutions. 

While I didn’t have professional experience into the subject, I was still able to translate the Virtualization and Infrastructure knowledge that I have gained till that point to the new concepts. Today though as I am in an Azure oriented positon the transition exam AZ-102 felt so much more achievable than back in December of 2014.

I do look forward for transitioning my 534 , while it is not possible directly , AZ-300 and AZ-301 are in the future roadmap.

Start/Stop VMs during off-hours solution

Microsoft recently released, in Azure, a VM Start/Stop Solution. And I have been fiddling with it the last few days, as we were working already to overhaul our old runbooks.

Azure portal

While it is straightforward there are a few things that need to be improved like retry on failure and multiple schedules for start. So I started working on those issues by adding another automation account, an Azure storage table, two new runbooks into the mix and a scheduled job which will call the one of the runbooks via a webhook. The end result will be looking close to that.

fintz vm startstop

Continue reading

Access Delegation on DC’s WMI

Re-blog frοm Source

It is always good to remember  that the Administrators group provides full control over the Domain Controllers and is just as critical of a group to keep users out of.

In the Domain Admins group, we all have seen accounts for monitoring, PowerShell queries, etc. Those typically only need WMI access to pull information to monitor/audit. By following the theory of least privilege, it allows you to still give access needed to watch your infrastructure, without potentially compromising access.

Continue reading

VMware VSphere 6.7

VMware is announcing vSphere 6.7, delivering simple and efficient management at scale, comprehensive built-in security, a universal application platform, and seamless hybrid cloud experience.

vSphere 6.7 delivers key capabilities to address the following notable trends that are putting new demands on the IT infrastructure.

Continue reading

New File Share Witness in Windows Server 2019

A new feature for the windows server 2019 that is currently released in the Windows insiders. If you want to test it out and provice feedback please follow the link and sign up.

One of the quorum models for Failover Clustering is the ability to use a file share as a witness resource.  The File Share Witness is designated a vote in the Cluster when needed and can act as a tie breaker in case there is ever a split between nodes.

There is a specific requirement that the witness should be joined to the domain and part of the same forest. And the reason is that it needs Kerberos to connect and authenticate with the share.

Continue reading

File Share Witness and DFS

For Windows Server 2019, additional safeguards have been added to help protect from misconfigurations. We have added logic to check to check if the share is going to DFS.

Microsoft does not support running the File Share Witness on a DFS share and did not support it in the past and we will not support it for the foreseeable future.

In a Windows 2016  4-node multi-site Cluster with two nodes at each site running SQL FCI, where each side utilizing a storage replication for the shared drives. This connection to the file share Witness, a part of the DFS share.

Continue reading

Windows Server Storage Migration Service

The Storage Migration Service was created to migrate servers and their data without re-configuring applications or users.

  • Migrates unstructured data from anywhere into Azure & modern Windows Servers
  • It’s fast, consistent, and scalable
  • It takes care of complexity
  • It provides an easily-learned graphical workflow

Windows Server 2019 and the Storage Migration Service are not supported in production environments!

Continue reading

In Search of a Logo

I have requested from a friend for his help, as I am  looking  for  a personalized logo. I do believe that we are getting closer.


SQL Information Protection for Azure and On-prem

Microsoft announced  the public preview of SQL Information Protection, introducing advanced capabilities built into Azure SQL Database and on-premises SQL Server via SQL Server Management Studio for discovering, classifying, labeling, and protecting the sensitive data in your databases.

  • Helping meet data privacy standards and regulatory compliance requirements, such as GDPR.
  • Data-centric security scenarios, such as monitoring (auditing) and alerting on anomalous access to sensitive data.
  • Controlling access to and hardening the security of databases containing highly sensitive data.

Continue reading