Search This Blog

Tuesday, March 31, 2015

Backup Azure Virtual Machine By Using Azure Backup

It is about time ! Something to cheer off on this enhancement to protect Azure Virtual machine..Recently Microsoft has added a new enhancement to Azure Backup which allow us to backup virtual machine on Microsoft Azure without any impact to production workloads and without shutdown of VM. Depend on your virtual machine guest operating system, Azure backup perform

  • application level consistency for Windows OS
  • file system level consistency for Linux OS

Let have a quick walkthrough on this feature:

[ Pre-requisite]

Created a Backup vault on the same region as IaaS VM

+New | Data Services | Recovery Services | Backup Vault


[ Our test scenario]

  • 1 Windows Server 2008 R2 VM
  • 1 Ubuntu VM
  • 1 Windows Server 2012 R2 VM


To configure, you must perform 3 steps:

  • Run discovery
  • Register VM
  • Protect VM

Step 1: Go to Vault | Click Registered Items | Click Discovery


Step 2:- Register VM

Make sure virtual machine is up and running and not Deallocated state in order to successful on registration.

Click on Register | Select VM that you would like to protect


Once VM status is “Registered”, proceed to step 3


Step 3:- Backup VM

To configure backup policy, click PROTECT


Click PROTECT, select VM to backup and select your backup policy


You can set backup frequency to

  • Daily
  • Weekly
  • Frequency :- Time every 30 minute
  • Retention range- by default 30 days


It’s agentless backup and able to protect multiple virtual machine.

Once it is protected, you cannot add the same VM on another backup policy and add an additional backup time into same policy.

[ Perform on demand backup]

Click on PROTECTED ITEMS TAB, click “Backup Now”


In our test scenario, the on-demand backup work as when VM is running or DEALLOCATED state.

[ To Remove/ Modify Backup Policy ]

Click on POLICIES tab, select the policy that you would like to remove and press DELETE.

You can select the policy and modify the protection configuration.


One set back that we found is cannot remove each individual VM without remove the policy.

[ Tracking Progress and Success / Failure ]

To view detailed job view for tracking progress and success/failure.


Once backup has completed, you able to view the number of recovery point listed.


That’s all about our walkthrough. We are currently wondering if the back end system is running “Microsoft System Center Data Protection Manager”. Smile 

What do you think ???

Saturday, March 28, 2015

Bulk Remove Azure Active Directory User and Group Using Powershell



  • Using Azure Active Directory
  • Has used AAD Sync to sync on-premise user account and group
  • Discovered has accidently sync user account and group to Azure Active Directory but require to remove it.

It’s quite a painful experience to delete each individual user account and group from Azure Management Portal. Wonder why no multiple select option and quite annoying when it asking for confirmation and refresh. But lucky enough got powershell to do the job.


[ Configuration]

After install the pre-requisite, open the Azure Active Directory Module for Windows Powershell.

Connect to Azure Active Directory by entering the Global Administrator account.

$msolcred = get-credential
connect-msolservice -credential $msolcred

Export the user account to csv file format

Get-MsolUser –All | Export-CSV C:\users.csv

Open the csv file and remove the Microsoft account and Global Administrator account. We just want to remove others account and retain the Global administrator account.

Export the group to csv file format

Get-MsolGroup –All | Export-CSV C:\Groups.csv

Final step is start to remove bulk users account and groups

Remove Users

Import-CSV C:\Users.csv | Remove-MsOlUser –Force

Remove Groups

Import-CSV C:\Groups.csv | Remove-MsOlGroup –Force

Deletion process is quite long period if you’ve more than 8000 records.

Tuesday, March 24, 2015

System Center Data Protection Manager (DPM) Backup Summary Report


DPM  by default included with default reporting on the product. Below are the reports available and most of the time is insufficient for reporting.


Therefore we dig further and found UR5 for DPM has enhanced reporting with Data Protection Manager Central Console. However at this moment of writing this post, we found out that this MP has pull back and unavailable. We’re stuck without any other report.


Hmm…then we are lucky to found out that System Center MVP, Steve Buchanan has released “DPM Backup Summary Report” and we decide to explore the report. Time to import the report into DPM Report Server and able to see the result of report.

[DPM Pre-requisite ]

This report works with

  • DPM 2010
  • DPM 2012
  • DPM 2012 SP1
  • DPM 2012 R2

[ Report ]

The report provides

  • Ability to select day, week, month (Time range)
  • Ability to select a single server or many
  • Ability to select a single protection group or many
  • Ability to select disk, tape or both backup type
  • Summary of the backup success and failures with a percentage of the successes (Success Rate/SLA)
  • Health trend of backups (day, week, month)
  • Backup detail including:Individual data sources (What was actually backed up)
  • The status including the error (if there is an error)
    • Date and time the backup was created
    • How much data was transferred during the backup
    • Total time it took to backup to complete



DPM Backup Report Summary can export to


From a single pane of glass, the report provide a good reporting and information require by an administrator.

If you’re interested to get it , please feel free to download from Technet Gallery DPM Backup Summary


Backup VMM Database Using DPM 2012 R2 Failed With ID 3170 and ID 33424



  • System Center Data Protection Manager 2012 R2
  • System Center Virtual Machine Manager 2012 R2


[ Error ]

When we try to configure DPM to backup VMM Database by using VMM Express Writer, the protection group backup failed and displayed an error message with an ID 3170 and ID 33424




1. Login to VMM and use SQL Management Studio to modify NT Authority\SYSTEM to include “sysadmin” roles


2. Open DPM Management Console, perform consistency check


By right, now your backup will work.

Friday, March 20, 2015

Countdown Earth Hour 2015


Synchronize Directory to Azure Using Microsoft Azure Active Directory Sync Services (AAD Sync)


We have been busy with recent project on Enterprise Mobility Suite (EMS) and the first tool that we are going to use is using Directory Synchronization tool. We used to use DirSync to synchronizes users, password, security groups, distribution lists, contacts, etc. However DirSync tool has been replaced by AAD Sync (Azure Active Directory Sync Services)

Here is a quick directory synchronization tool comparison:

Tools Description
DirSync support for single forest syncronization
AAD Sync support single and multi forest synchronization
Password write
AAD Connect Includes AAD Sync
Will assist to setup ADFS
Will assist to setup Web Application Proxy

In this articles, we are going to deploy AAD Sync

[Download AAD Sync]

To download – [Last update Feb 2015] – Click here


  • Define the location to install the Azure AD Sync


  • Click on Install . It will install few components such as SQL Express, Synchronization Services. This will take a while


  • Enter the Azure AD Account which has global administrator right and click Next. Remember to “Activate” Directory Synchronization in Azure.


  • Enter your domain admin authentication and forest name. It will install AD connector services


Define the user matching attribute


  • On Optional features page, select an additional features that AAD Sync perform. Example
      • Exchange Hybrid Deployment
      • Password Synchronization
      • Password write back
      • Azure AD App and attribute filtering


  • Click Configure and wait for AAD Sync tool to perform the changes


Just wait for a while and it will start to sync directory to Azure. To check the result, go to Azure Management Portal and able to view on-premise user and group has sync to Azure Directory.

It is still a simple tool and work exactly like DirSync

For other tool, please check out

Wednesday, March 18, 2015

Free Ebook: Microsoft System Center Deploying Hyper-V with Software Defined Storage and Networking

Microsoft System Center Deploying Hyper-V with Software-Defined Storage and Networking

MS Press just released a new ebook which talked about software defined datacenter; virtualization, storage and networking.

Summary of the content:-

  • Chapter 1 – Design and Planning
  • Chapter 2 – Deploying the management cluster
  • Chapter 3- Configuring network infrastructure
  • Chapter 4 – Configuring Storage Infrastructure
  • Chapter 5 – Configure Compute Infrastructure
  • Chapter 6 – Configure Network Virtualization

To download,

Download the PDF (5.48 MB)

Download the EPUB file (6.41 MB)

Download the Mobi for Kindle file (12.6 MB)

Tuesday, March 10, 2015

AD Intelligent Pack Available in Microsoft Azure Operational Insight


Not long ago, we have walkthrough about Microsoft Azure Operational Insight in this article:-

This round, we are going to look on new Intelligent Pack: Active Directory which recently released by Microsoft. Operational Insight AD Assessment Intelligence Pack assesses the risk and health of your Active Directory environment on a regular interval. It provides a prioritized list of recommendation tailored to your deployment. Let have a quick look on the beauty of AD IP.

1. Browse to Microsoft Azure Operational Insight portal:-

2. Add new Intelligent Pack by click on Intelligent Pack


3. Select AD Assessment


Remember to deploy an agent into your domain controller server. We have leave an agent into our domain controller for a few days.

[ After few days….here is the result]


Oh my…the overall dashboard reported

  • 5 High Priority
  • 7 Low Priority
  • And 83 Passed on check

[Let drill further]


The report was good as it provide explanation and highlighted that our AD issue. Example:-

- one of DC does not configure properly on the DNS

- since when our last backup of active directory database

- missing inbound replication links

- a single global catalog server


How about give a test and try out Microsoft Operational Insight in your environment. You will be surprised on the findings. Good luck on your AD IP test.

Friday, March 6, 2015

4th Book Reviewed : Learning System Center App Controller

Without I realize, the book which I’ve reviewed has published to public. Well, this is my 4th Book as a Technical Reviewer and also 1st book that successful publish on 2015.

About the book:-

System Center App Controller provides an integrated console that helps you manage public and private clouds, as well as cloud-based virtual machines and services.

Learning System Center App Controller guides you through a successful implementation of App Controller in minimal time. The book starts by covering how to install the prerequisites and System Center Virtual Machine Manager Server and concludes with topics such as backup and recovery. By the end of this book, you will have extensive knowledge and a firm understanding of how to use App Controller efficiently.

This book is a step-by-step guide that introduces you to System Center App Controller and quickly moves on to the common tasks that are faced by an IT professional managing virtual and physical environments within a data center.

8538EN_B04004_Learning System Center App Controller

[Table of contents]

  • Introduction to System Center 2012 R2 App Controller
  • Installing and Working with Different App Controller Components
  • Deploying and Configuring System Center Virtual Machine Manager Server
  • Customizing App Controller
  • Exploring Advanced Options
  • Backup and Recovery

[ Credit ]


[ Reviewer Biography (Mine is at located at the last section) ]




You can get the book from here:_

Thursday, March 5, 2015

Hyper-V Inventory Reporting Updated to ver1.5


Our MVP peer (Serhat) has just released an updated powershell script to help you to understand virtualization inventory, capacity and general resource availability in your stand alone or clustered Hyper-V environment.

Sample report:-



What's New in Get-HyperVReport.ps1 v1.5

Windows 8 and 8.1 OS support for script runtime environment

In order to run script on Windows 8 and 8.1, you need to enable Hyper-V and Clustering PowerShell modules manually.

New Cluster Overview section

In this new section script reports momentary resource usage about Hyper-V cluster environment.

  • Physical Resources
  • Node - Number of nodes in the cluster (Up/Total)
  • Logical Processor - Number of logical processors on "$" up nodes
  • Memory - Memory size on "$" up nodes (Used/Total)
  • Storage - Storage size on online clustered disks (Used/Total)
  • Virtual Resources
  • vMachine - Number of clustered VMs (Running/Total)
  • vProcessor - Number of VPs on "$" running and "$" paused clustered VMs
  • vMemory - Memory size of running or paused clustered VMs (Assigned/Maximum)
  • vStorage - Virtual hard disk size of running clustered VMs (Current/Maximum)

Storage Overcommitment (Active VHD column in Disks/Volumes section)

This is my favourite feature in this release :) It reports active VHD (which is assigned to a running VM) number per volume. Also it predicts volume space over commitment by calculating current file size and maximum disk size information and creates an alert which is shown by a highlight in the relevant volume cell.

Supports for Extended Replica reporting

In this version, script can also report all replication modes (Primary, Replica and Extended) and creates notifications about replication status.

Hyper-V host information extended

  • Virtual Processors per Logical Processor ratio
  • Computer Manufacturer, Model
  • Processor Manufacturer, Model, Ghz
  • Running VM count detailed as Clustered and Non-clustered

VM Virtual Network information added

  • Network adapter device type
  • Connection status
  • Virtual switch name
  • IP address (v4/v6)
  • Advanced - MAC Address, MAC Type, DHCP Guard, Raouter Guard, Port Mirroring, Protected Network

New $ReportFileNameTimeStamp parameter

Default value of this parameter is $true. If you set it to $false then html report’s filename will not have date and time value and it will always has the same filename. With this method it will be easy to publish the report on various web servers.

Please feel free to check out full example report with new features on this url

To download, click here:-

Download Azure VHD to On-Premise

We’ve created VM on Azure and tested on it. Then once complete your testing on it and you would like to move the virtual disk back to on-premise. There are few ways to do so:-

Option 1:- Use Save-AzureVHD cmdlet

Save-AzureVHD –source (azure storage account) –LocalFilePath (local destination)

#Download VHD from a blog to a file
save-azurevhd -source
-LocalFilePath d:\azure\avtest01.vhd


Option 2:- Download from Azure Storage Container

Navigate to Azure Storage Container, select the disk and click DOWNLOAD


Option 3:- Use Import/ Export.

You can use Export service to transfer large quantities of data resident in Blob storage to your on-premises installations in a timely and cost-effective manner.

It is faster and save from using your organization Internet bandwidth. Just ship your 3.5” SATA II/III hard disk and make sure each disk is not more than 4TB. Remember to provide drive ID, which is the serial number assigned by the drive manufacturer to a specific hard disk on Azure Portal. Go to Azure Storage Dashboard and click Import/Export.


Click Create Export Job


If you’re from Malaysia, the caurier is using DHL. The wizard will let you know on which courier service to use.

Cost per disk is around RM200 (or USD 80) for retail price. For more detail, please use Azure calculator:-


Both option 1 and 2 require to have big Internet bandwidth throughput on-premise in order to download the fixed virtual disk. So think careful on which option that is suitable for you.

Once virtual hard has moved back to on-premise either any of the option above, you can use Hyper-V to run it.