Category: Windows Server 2019

Copy files to Azure VM using PowerShell Remoting

Copy Files to Azure VM using PowerShell Remoting

There are a couple of different cases you want to copy files to Azure virtual machines. To copy files to Azure VM, you can use PowerShell Remoting. This works with Windows and Linux virtual machines using Windows PowerShell 5.1 (Windows only) or PowerShell 6 (Windows and Linux). Check out my blog post at the ITOpsTalk.com about copying files from Windows to Linux using PowerShell Remoting.

Prepare your client machine

Prepare the client machine to create PowerShell Remote connections to a specific remote VM.

Set-Item WSMan:localhost\client\trustedhosts -value "AZUREVMIP"

You can also enable remoting to all machines by using an asterisk.

Set-Item WSMan:localhost\client\trustedhosts -value *

Copy Files to Windows Server Azure VM

If you want to copy files to an Azure VM running Windows Server, you have two options. If you are copying files from Windows to Windows, you can use Windows PowerShell Remoting; if you are copying files from Linux or macOS to Windows, you can use the cross-platform PowerShell 6 and PowerShell Remoting over SSH.

Using Windows PowerShell Remoting

To copy files from a Windows machine to a Windows Server running in Azure, you can use Windows PowerShell Remoting.

Prepare the host (Azure VM) to receive Windows PowerShell remote commands. The Enable-PSRemoting cmdlet configures the computer to receive Windows PowerShell remote commands that are sent by using the WS-Management technology.

Enable-PSRemoting -Force

Now you can create a new PowerShell Remoting session to the Azure VM.

$cred = Get-Credential
 
$s = New-PSSession -ComputerName "AZUREVMIPORNAME" -Credential $cred

After the session was successfully created, you can use the copy-item cmdlet with the -toSession parameter.

Copy-Item .\windows.txt C:\ -ToSession $s

Some important notes

  • You need to configure the Network Security Group for the Azure VM to allow port 5985 (HTTP) or 5986 (HTTPS)
  • You can use PowerShell Remoting over Public Internet or Private connectivity (VPN or Express Route). If you are using the Public Internet, I highly recommend that you use https. I also recommend that you use Just-in-time virtual machine access in Azure Security for public exposed ports.

Using PowerShell Core 6 PowerShell Remoting over SSH

If you are running PowerShell Core 6, you can use PowerShell Remoting over SSH. This gives you a simple connection and cross-platform support. First, you will need to install PowerShell 6. After that, you will need to configure and setup PowerShell SSH Remoting together with OpenSSH. You can follow my blog post to do this here: Setup PowerShell SSH Remoting in PowerShell 6

Now you can create a new PowerShell Remoting session to the Azure VM.

$s = New-PSSession -HostName "AZUREVMIPORNAME" -UserName

After the session was successfully created, you can use the copy-item cmdlet with the -toSession parameter.

Copy-Item .\windows.txt C:\ -ToSession $s

Some important notes

  • You need to configure the Network Security Group for the Azure VM to allow port 22 (SSH)
  • You can use PowerShell Remoting over Public Internet or Private connectivity (VPN or Express Route). Exposing the SSH port to the public internet maybe is not secure. If you still need to use a public SSH connection, I recommend that you use Just-in-time virtual machine access in Azure Security.

Copy Files to Linux Azure VM

Copy File Windows to Linux using PowerShell Remoting

If you want to copy files to a Linux VM running in Azure, you can make use of the cross-platform PowerShell capabilities of PowerShell 6, using PowerShell Remoting over SSH. As for the Windows virtual machines, you will need to install PowerShell 6. Next, you will need to configure and setup PowerShell SSH Remoting together with OpenSSH. You can follow my blog post to do this here: Setup PowerShell SSH Remoting in PowerShell 6

After installing and configuring PowerShell Remoting over SSH, you can create a new PowerShell Remoting session to the Azure VM.

$s = New-PSSession -HostName "AZUREVMIPORNAME" -UserName

After you successfully connected to your Azure VM, you can use the copy-item cmdlet with the -toSession parameter.

Copy-Item .\windows.txt /home/thomas -ToSession $s

I hope this gives you an overview about how you can copy files to Azure VMs using PowerShell Remoting. If you have any questions, let me know in the comments.



Nigel Frank Migrating and extending with Microsoft Azure

Article about Azure Migration on Nigel Frank International

This week my blog post on Azure Migration and Hybrid Cloud on the Nigel Frank International blog went live. The title of the article is, Migrating and extending your on-premises environment with Microsoft Azure. In that blog post, I what your advantages are by using the cloud and some of the different approaches to use Microsoft Azure. Before I then go deeper on different Azure scenarios and topics.

I cover a lot of different Azure options like:

Nigel Frank International

The public cloud is becoming more and more important for companies that want to stay agile and flexible to meet their business demands. But if a company decides to move to the public cloud, what are the best ways to migrate to Microsoft Azure? In this blog post, we’ll take a quick look at what services Microsoft offers to make your cloud migration easier.

It was fun to work with the team at Nigel Frank International and I hope you like the article.



Azure Bastion Windows VM

Azure Bastion – Private RDP and SSH access to Azure VMs

Azure Bastion is a new service which enables you to have private and fully managed RDP and SSH access to your Azure virtual machines. If you wanted to access your Azure virtual machines using RDP or SSH today, and you were not using a VPN connection, you had to assign a public IP address to the virtual machine. You were able to secure the connection using Azure Just in Time VM access in Azure Security Center. However, this had still some drawbacks. With Azure Bastion you get a private and fully managed service, which you deploy to your Virtual Network, which then allows you to access your VMs directly from the Azure portal using your browser over SSL.

Azure Bastion Architecture

Source: Microsoft Docs

Azure Bastion brings a couple of advantages

  • Removes requirement for a Remote Desktop (RDP) client on your local machine
  • Removes element for a local SSH client
  • No need for local RDP or SSH ports (handy when your company blocks it)
  • Uses secure SSL/TLS encryption
  • No need to assign public IP addresses to your Azure Virtual Machine
  • Works in basically any modern browser on any device (Windows, macOS, Linux, etc.)
  • Better hardening and more straightforward Network Security Group (NSG) management
  • Can remove the need for a Jumpbox

If you want to know more directly here is the link to the Azure Bastion announcement blog and the Microsoft Docs.

Public Preview

Azure Bastion is currently in public preview. The public preview is limited to the following Azure public regions:

  • West US
  • East US
  • West Europe
  • South Central US
  • Australia East
  • Japan East

To participate in this preview, you need to register. Use these steps to register for the preview:

Register-AzureRmProviderFeature -FeatureName AllowBastionHost -ProviderNamespace Microsoft.Network
 
Register-AzureRmResourceProvider -ProviderNamespace Microsoft.Network
 
Get-AzureRmProviderFeature -ProviderNamespace Microsoft.Network

To use the Azure Bastion service, you will also need to use the Azure Portal – Preview.

How to set up an Azure Bastion host for a private RDP and SSH access to Azure VMs

Create Azure Bastion Host

First, you will need to deploy Bastion Host in your virtual network (VNet). The Azure Bastion Host will need at least a /27 subnet.

AzureBastionSubnet

Access Azure virtual machines using Azure Bastion

Azure Bastion integrates natively in the Azure portal. The platform will automatically be detected if Bastion is deployed to the virtual network your virtual machine is in. To connect to a virtual machine, click on the connect button for the virtual machine. Now you can enter your username and password for the virtual machine.

Azure Portal connect to Linux VM SSH

This will now open up a web-based SSL RDP session in the Azure portal to the virtual machine. Again, there is no need to have a public IP address assigned to your virtual machine.

Private access to Azure Linux VM

 

Roadmap – more to come

As Yousef Khalidi (CVP Azure Networking) mentions in his preview announcement blog, the team will add more great capabilities, like Azure Active Directory and MFA support, as well as support for native RDP and SSH clients.

The Azure networking and compute team are doing more great work on creating a great Azure IaaS experience. I hope this gives you an overview of how you can get a private RDP or SSH access to your Azure VM. If you want to know more about the Azure Bastion service, check out the Microsoft Docs for more information. If you have any questions, feel free to leave a comment.



Microsoft Hyper-V Server 2019

Download Hyper-V Server 2019 now

A lot of people have been waiting for this. After the release of Windows Server 2019 back in October 2018, you were able to download Windows Server 2019 Standard, Datacenter and Essentials. Today you can also download Microsoft Hyper-V Server 2019. This is the free version of the Hyper-V role which you can find in Windows Server 2019. It includes all the great Hyper-V virtualization features like the Datacenter Edition. This is especially interesting if you don’t need to license Windows Server VMs, and is ideal when you run Linux Virtual Machines or VDI VMs.

This version of Hyper-V also comes with a lower footprint, since it is only available as Server Core and doesn’t include any other roles and features, which are not related to virtualization. That said, it does not come with other Software Defined Datacenter features like Storage Spaces Direct (S2D). These features are only included in the Windows Server Datacenter edition.

Microsoft Hyper-V Server is a free product that delivers enterprise-class virtualization for your datacenter and hybrid cloud. Microsoft Hyper-V Server 2019 provides new and enhanced features that can help you deliver the scale and performance needs of your mission-critical workloads.

The Windows hypervisor technology is the same as what’s in the Hyper-V role on Windows Server 2019. It is a stand-alone product that contains only the Windows hypervisor, a Windows Server driver model, and virtualization components. It provides a simple and reliable virtualization solution to help you improve your server utilization and reduce costs.

You can download Microsoft Hyper-V Server 2019 ISO from the Microsoft Evaluation Center. You should also have a look at the Windows Admin Center, which is a locally deployed, browser-based app for managing servers, clusters, hyper-converged infrastructure, and Windows 10 PCs

If you want to learn more about the new Hyper-V and Windows Server 2019 features, check out my blog: Windows Server 2019 – What’s coming next



CDC-Germany 2019

Speaking at the Cloud and Datacenter Conference Germany 2019

One of the best conferences when it comes to cloud and datacenter topics of IT Pros, is the Cloud and Datacenter Conference Germany 2019 organized by Microsoft MVP Carsten Rachfahl. I had the opportunity to speak at CDC-Germany 2016, 2017 and also in 2018. I am happy that I again was invited to speak at CDC-Germany 2019. The two day, Cloud & Datacenter Conference Germany will be held in Hanau, Germany on May 21-22. The CDC Germany will be focusing on Microsoft Technology and will have 6 tracks full of great Microsoft Cloud and Datacenter content with speakers from all over the world.

Featured Speakers CDC-Germany 2019

My Sessions at the Cloud and Datacenter Conference Germany 2019

I happy to speak in 1 of the main sessions and 2 breakout session about Hybird Cloud topics, like Azure Cloud Shell, Azure Stack, Windows Server 2019, Windows Admin Center, Azure Stack HCI and much much more.

Hybrid is the New Black!

Hybrid Cloud is not just a state during your cloud migration, it is here to stay! Hybrid Cloud goes far beyond Microsoft Azure Stack, and in this session you will see an overview about the different solutions you can use to extend your on-premises environment with Microsoft cloud services.

Windows Server 2019 – The Next Generation of Software-Defined Datacenter

Join this session for the best of Windows Server 2019, about the new innovation and improvements of Windows Server. Learn how Microsoft enhances the SDDC feature like Hyper-V, Storage and Networking and get the most out of the new Azure Hybrid Integration and Container features. You’ll get an overview about the new, exciting improvements that are in Windows Server and how they’ll improve your day-to-day job. In this presentation Thomas Maurer (Microsoft MVP) will guide you through the highly anticipated innovations in Windows Server 2019 and the Semi-Annual Channel including: Windows Server Containers Azure Integration Hyper-V features Storage Networking Security Windows Server Containers And more!

Mastering Azure using Cloud Shell, PowerShell and Bash!

Azure can be managed in many different way. Learn your command line options like Azure PowerShell, Azure CLI and Cloud Shell to be more efficient in managing your Azure infrastructure. Become a hero on the shell to manage the cloud!

My Session at the Hyper-V Community + Hybrid Cloud Community Pre-Day

I will also be speaking at the Hyper-V Community + Hybrid Cloud Community Pre-Day at May 20, 2019.

Extend the Intelligent Cloud to the Edge with Azure Stack and Azure Stack HCI

Azure Stack allows you to extend Azure to your datacenter and run Azure Services under your terms. With Azure Stack HCI, the latest member in the Azure Stack family, we also offer a great hyper-converged infrastructure solution, with optional Azure connected services. Find out more about Azure Stack and Azure Stack HCI, how these solutions can help you to in your Hybrid Cloud strategy. Learn about the features and services you will get by offering Azure Stack to your customers and how you can build a true Hybrid Cloud experience.

I am really looking forward to the Cloud and Datacenter Conference Germany 2019, and I hope to see you there!



Microsoft Ignite The Tour Amsterdam 2019 Thomas Maurer Speaking

Microsoft Ignite The Tour 2019 Azure Hybrid Session Recordings

As you might know, had the chance to present my first sessions as a Microsoft employee at Microsoft Ignite The Tour 2019 in London and Amsterdam. A couple of weeks ago, the session recordings from Amsterdam are now available. My sessions were part of the Azure Hybrid Cloud learning path.

Building and maintaining your Azure hybrid environment
Tailwind Traders has seen exponential growth over the last two years, transitioning from a midsize company to a worldwide corporation. This growth has required extending Tailwind’s existing infrastructure into Microsoft Azure in a hybrid deployment, with some important workloads remaining in the organization’s on-premises datacenter, while increasing numbers of critical workloads running in Azure.

In the five modules for this learning path, you’ll learn how to plan and configure hybrid network connectivity, apply best practice security configuration to Azure resources, learn how to effectively monitor and maintain those resources, ensure that those resources meet organizational compliance requirements, and ensure that workloads in Azure are highly available and protected against catastrophe.

Sessions at Microsoft Ignite The Tour 2019

HYB10 - Planning and implementing hybrid network connectivity

Once your organization has decided to implement a hybrid model, you need to start figuring out how to ensure that communication between your on-premises environment and your hybrid workloads is both secure and reliable. You also need to ensure that those workloads are protected from internal and external network threats. In this module, you’ll learn how to assess your organization’s on-prem network infrastructure, how to plan and then implement an appropriate networking design for Azure. You’ll learn how to implement appropriate Azure virtual network technologies, including securing connectivity between on-premises and Azure using VPNs and ExpressRoute as well as how to strategically deploy firewalls, network security groups and marketplace appliances to protect those resources and workloads.

HYB20 - Securing your Azure environment

With Cloud resources now connected with our datacenter, secure administrative access to critical workloads needs to be configured appropriately. It’s also important from an organizational and compliance perspective to ensure that workloads have a security configuration aligned with industry best practice. In this module, you’ll learn how to improve the security of privileged accounts used to manage Azure resources, manage software updates for both on-premises and cloud hosted virtual machines, and how to get the most out of Azure Security Center for assessing and remediating security configuration issues in a hybrid environment.

You can find more  Microsoft Ignite The Tour recordings on the offical website.



Azure File Sync Windows Admin Center

Sync File Servers with Azure File Sync in Windows Admin Center

One of the biggest challenges a lot of customers are facing, is the capability to provide access to files everywhere and have DR plans in place. This becomes especially true when you are dealing with classic file server infrastructures. Where it is difficult to manage capacity, availability, replication and much more. The Azure Storage team is addressing that need with Azure File Sync. Azure File Sync allows you to sync your file servers with an Azure Files. Azure File is a simple, secure, and fully managed cloud file share solution, using SMB 3.0 and HTTPS.

Azure File Sync

In addtion the service allows customer to use functionality like:

  • Cloud Tiering
  • Cloud Access
  • Multi-site Sync
  • Cloud Backup
  • Rapid File Server DR

In this post I will cover how, Windows Admin Center will help you to deploy Azure File Sync, if you want to know more, check out the Azure File Sync documentation page.