Search This Blog

Saturday, November 28, 2015

Error “Online-Verify WinRM 3.0 service installed, running, and required firewall ports are open”

 

You are trying to manage a computer by using Server Manager on Windows Server 2012 R2. However encountered an error message

“Online-Verify WinRM 3.0 service installed, running, and required firewall ports are open”

after added new server.

Error

[ Resolution ]

On the new computer that you would like to add, execute the following command in Powershell:

winrm qc

step1

[ Final result ]

Click Refresh button on Server Manager. Problem resolved and you can manage your server from Server Manager.

solution1

Thursday, November 26, 2015

Force Refresh Azure RMS Template

 

By default, Azure RMS Template will refresh every day. To manually force to get a template, you are requiring to remove these settings from:

a) Delete the registry cache at HKEY_CURRENT_USER\SOFTWARE\Classes\Local Settings\Software\Microsoft\MSIPC\<GUID of connection>\Template

image

b) Delete the file system cache at %localappdata%\Microsoft\MSIPC\Templates (e.g. C:\Users\laiys\AppData\Local\Microsoft\MSIPC\Templates)

image

c) Delete the explorer right click cache at HKEY_CURRENT_USER\SOFTWARE\Classes\Microsoft.IPViewerChildMenu

image

Try to protect the document and you will able to view new Azure RMS Template has refreshed.

image

Monday, November 23, 2015

Restore Data from Azure Backup Services

Hey folk, anyone has perform restoration before after backup using Azure Backup Services?

Restoration is easy when existing server is still intact. How about when source server has corrupted due to avoidance circumstances and beyond from any repair options ?

In this post, we are looking into worse scenario and leverage on using Azure Backup Services to perform recover.

Before we start, you must have perform backup of application data by using Azure Backup Services from on-premise to Azure. Check out our previous post here on how to perform backup.

BackupServices

Let get started on recovery option.

Pre-requisite:-

  • 1st make sure you get ready your existing passphrase key (16 char). Without this key, you wont able to recover.

Passkey

Next, create a new virtual machine on Azure or on-premise either running same OS version or supported OS by Azure Backup Services.

Recover

If recover when target server = source server computer name:

  • On Backup vault, click “Allow Re-registration” of your protected server.

1

  • Install Azure Backup Services agents.
  • Enter same passphrase key

3

  • On Microsoft Azure Backup, click Recover Data and select This Server (same computer name)

4

5

If recover when target server not equal to source server computer name:

  • Install Azure Backup Agents
  • Click on Recover Data
  • Select Another Server and select Vault Credential

9

  • Select Backup Server (source server)

10

  • Enter correct passphrase key to decrypt

11

That’s all for today on different scenario that you can achieve to recover your data from Azure Backup Services.

Saturday, November 14, 2015

Solving Black Box When Remote Desktop

We encountered a problem where a lot of black box on the display when using RDP and Remote Desktop Connection Manager when access our virtual machines. This prevent us from seeing clearly and unable to click any icon.

We have tried to removed and update our display driver however the problem is still persist on our source machine. So now we sure it is not the driver issue but operating system issue.

Then we change RDP file to disable bitmap cache. Click on Experience tab and uncheck “Persistent bitmap caching”

image

Problem solved for RDP but still can see “black box” when using Remote Desktop Connection Manager. Too bad, we cannot find option to disable bitmap cache.

So we use another workaround by delete cache from our source machine. Go to

C:\Users\<username>\AppData\Local\Microsoft\Terminal Server Client\Cache

Delete all files inside Cache folder. Make sure no remote desktop connection is active.

Once we empty the cache, our problem solved for remote desktop connection manager.

Friday, November 13, 2015

Update Azure Powershell Version

Hey folk,

Microsoft constantly improve and update Azure Powershell and added new fix and cmdlet. Your version may be older version and getting an error when execute certain cmdlet. You can verify by typing the following command:

(Get-Module -ListAvailable | Where-Object{ $_.Name -eq 'Azure' })

| Select Version, Name, Author, PowerShellVersion  | Format-List;

image

Browse to https://github.com/Azure/azure-powershell/releases to check on latest version.

image

Our version is 0.9.8.1

and latest version is 1.0.1.

To update, you can download the latest windows installer.

Thursday, November 12, 2015

Azure Active Directory Connect (AD Connect)with Single Sign On

 

This round, we are going to look at “Single Sign On” option. To do so, you’re require to prepare virtual machine

  • Windows Server 2012 R2 for federation server
  • Windows Server 2012 R2 for the Web Application Proxy
  • An SSL certificate for the federation service name you intend to use. (for example: fs.ms4u.local)

ADFS

Just to recap about AAD Connect :

AAD Connect streamlines the experience of extending your local directories into Azure AD so that fewer tools are required to install; it guides you through the entire experience so you are not required to read many pages of documentation; and it reduces the on-premises footprint because you are not required to deploy many servers.

AAD Connect is a single wizard that performs all of the steps you would otherwise have to do manually for connecting your Windows Server Active Directory to Azure Active Directory:

  • It downloads and installs pre-requisites like the .NET Framework, Azure Active Directory PowerShell Module, and Microsoft Online Services Sign-In Assistant
  • It downloads, installs and configures Dirsync (or AAD Sync), and enables it in your Azure AD directory.
  • It configures either the password sync or the single sign-on scenario, depending on which sign-on option you prefer, including any required configuration in Azure.
  • It checks to make sure that your configuration is working!

[Configuration]

  • Select Sign On

image

  • Enter a domain administrator account to connect to local domain

image

  • Select features :- Exchange hybrid and password write cache

image

  • Select how user should be identified in your on-premise directories

image

image

  • Select to connect to existing ADFS Farm or build a new ADFS farm. Enter your certificate file with private key and password

image

  • On ADFS and Web Proxy VM , execute winrn quickconfig

image

  • Enter your ADFS server farm and Web Application proxy. Here you can enter multiple server that you would like AAD Connect to build

image

image

  • Enter a domain user account which has local admin right on the federation server

image

  • Create a group managed service account or use an existing domain user account

image

  • Select the domain that you would like to be federated

image

Lastly review the summary and click Install to deploy. AAD Connect will start to deploy

  • DirSync on existing VM that you have installed AAD Connect
  • Install and Configure ADFS
  • Install and Configure Web Application Proxy
  • Start the initial synchronization

image

That’s complete the entire process.

Error : The input object cannot be bound because it did not contain the information required to bind all mandatory parameters

Encountered below error message when try to create a container in a storage account.

“The input object cannot be bound because it did not contain the information required to bind all mandatory parameters”

Error1

Initially though related to management certificate. However I’ve created and uploaded management certificate. Yet still failed. After using google for a while, managed to locate a similar case. Credit to Stephel Owen (Microsoft MVP).

Here is the solution:-

1. Use Get-AzureSubscription cmdlet. Found missing “currentStorageAccountName” and not bind to Azure Subscription

Error2

2. Type Get-AzureStorageAccount cmdlet. It listed the result and it is exist.

Error3

Resolution:-

Set-AzureSubscription -SubscriptionName "Converted Windows Azure  MSDN - Visual Studio Premium" ` -CurrentStorageAccountName (Get-AzureStorageAccount).Label -PassThru

Error4

Verify by typing cmdlet- Get-AzureSubscription. Azure Storage Account Name has bind to Azure Subscription and we can proceed to create a container in Azure Storage.

Error5

 

Tuesday, November 10, 2015

Backup On-Premise Application Workload Using Microsoft Azure Backup

 

Recently Microsoft has enhanced Microsoft Azure Backup to protect on-premise application workload.

Azure Backup

You can use it to backup

  • SQL Server
  • Hyper-V VM
  • Sharepoint Server
  • Microsoft Exchange
  • Windows Client

It can support

  • Disk to Disk (short term)
  • Disk to Disk to Cloud (long term)

[ Installation ]

  • Create Backup Vault
  • Download Installer from Microsoft Azure Management Portal after create backup vault. Installer size around 3.17GB

image

  • Install on Window Server 2012 R2 Virtual Machine. During installation, we found out the the interface and installation similar like Microsoft System Center Data Protection Manager.

image

The system will ask for vault credential to register Azure Backup Vault during installation. For the remaining installation, do check out this post on the installation screenshot:- https://azure.microsoft.com/en-us/documentation/articles/backup-azure-microsoft-azure-backup/

image

After installation, double click icon on desktop (Microsoft Azure Backup Server)

image

Gosh! It’s DPM Server but without tape support and integration with other System Center.

image

[ Configuration ]

Before begin to protect workload,  you’re require to

  • add Disk Pool for D2D Backup

image

  • Install Azure Backup Agent. You can install an agent if the workload has not install with DPM agent or Azure Backup agent.

image

  • Create Protection Group to start protect application workload

image

You can configure D2D or D2D2C. By using Azure Backup Server, you’ll be billing according to the following pricing:- https://azure.microsoft.com/en-us/pricing/details/backup/

You will still be billed per protected instance even D2D. Just that no charges on Azure storage as you’re using local disk.

To summarize, you need to pay per protected instance + storage consumed (when configure D2D2C)

For Cloud backup, you can specify maximum of 2 backup time for daily backup.

image

You can set weekly, month and yearly retention range.

image

Make sure you have internet connection to Microsoft Azure. After 15 days without Internet connection, backup job will stop working but you can still restore from Azure and from disk.

[Recovery]

We found out that it also has an option to recovery from another DPM on backup vault.

ExternalDPM

Only DPM servers associated with the same registration vault can recover each other’s data.

image

Add External DPM option is available after install with UR7 (for existing DPM Server) and latest Azure Backup Agent. You can now recover the data you've protected to an Azure Backup vault from any DPM server registered to that vault.

image

[ Summary ]

Azure Backup Server come handy when customer would like to protect the workload without require to buy System Center license but provide customer ability to backup to Azure. (Cloud).

In term of learning curve, configuration to protect and restore workload is similar like DPM configuration. Therefore, you would not have any difficulty if you have DPM knowledge.