Azure Centric

0

Unable to RDP into Azure VMs

After patching all the Windows Server in Azure, a colleague calls me in panic, because their users, could not access their VMs through RDP. They were getting a CredSSP error (picture bellow).  So, after reading the link bellow, it seems it could be related with the March update. https://support.microsoft.com/en-us/help/4093492/credssp-updates-for-cve-2018-0886-march-13-2018 Rebooting the VM didn’t sort the issue, there’s a few mitigations listed in this post https://blogs.technet.microsoft.com/mckittrick/unable-to-rdp-to-virtual-machine-credssp-encryption-oracle-remediation/ Then I realize that was...

0

How to enable RDS license on an Azure VM

In some organization, it’s common practice to have a jump server in Azure to be used, specially when you have several tools that need to run “locally” on the server. Usually this machine is on a segregated network and not domain join. Although, if you enable RDS licenses to have more than the 2 normal RDP sessions that a Windows Server 2016 give to us, you probably will see some...

0

Changing the Azure Gateway subnet with Express Route

One of the things that I like to do when I start a new Azure Architecture, is what I called an Azure Foundation workshop, where I can validate all the infrastructure configuration, so we can design accordingly. But not always happens on that way. So, this is the scenario: Costumer has an Express Route setup between their datacenter and Azure. The Express Route terminates on the Core VNet. But the...

0

How to remotely disable Network Level Authentication (NLA) on Azure Virtual Machine

Today, I received an email from a colleague, saying that he could RDP into his Azure VM after he rebooted the machine through the OS (applying patches).   When he tried to access his Azure VM through an RDP session, he got the following message: “The remote computer that you are trying to connect to requires Network Level Authentication (NLA), but your Windows domain controller cannot be contacted to perform NLA....

0

What Accelerated Networking can do on Azure VMs

Microsoft have been making a lot of enhancements on Azure VMs, specially on the performance. One of those is Accelerated Network adapters that is available on some of the Azure VM Series. Although they have made huge improvements in throughput that benefited VMs both with Accelerated Networking and those without. However, there are some things that only Accelerated Networking can do because it makes use of hardware to improve networking...

0

Understanding the limits on Azure Key Vault

When you are designing the architecture for your application on Azure, I always revisit the Azure Subscription Service Limits to see if all the requirements are not over the Azure Limits. Although, this time after evaluating and discussing with the team the Key Vault Limits, to be more precise the number key transactions that application is allowing to use regarding each type of key, I have to say that was...

0

Adding an IP to an existing Azure Virtual Network Gateway

So, you have a Virtual Network Gateway deployed in Azure and it’s working just fine, although you would like to add another public IP to an existing Azure Virtual Network Gateway to be used as an Active/Active BGP scenario. The question is: Can I update the IP configuration for the existing gateway or do I have to remove/rebuild the gateway to add the new public IP? The answer is: You...

0

Global VNet Peering is available

Finally! I have been waiting for this to blog it and start to setup. Being an Azure MVP is AWESOME, although sometimes you can’t share what is coming with no one. Even your costumers! I’m working on a project that this is key for a global dispersed Azure architecture that I’m working right now. I have been designing all of this, without telling the costumer that is possible, although saying...

0

Azure Update Management for Linux VMs

Another day, I started to play around with the Update Management, to see how I could automate the patching of Linux VMs on Azure. I’ve been using this feature to patch Windows VMs, and I want to try on Linux VMs. Although when I try to be specific and implement some exclusion, it seems to want the KB of the patch to exclude. Most of the Linux patches doesn’t have...

0

Unresponsive Azure VM

Another day I was at one of my costumers, and a system engineer come to me asking me if I could help him troubleshoot an issue with an unresponsive Azure VM. I love this moments, specially when I can always learn new ways that users are using Azure. OK, lets move to the issue. Here is the list of issues that he reports to me: No RDP into VM VM...