Azure

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.

Share tech news, updates, or what's on your mind.

Sign up to Post

We are trying to identify some workgroup computer which the user did not put the name of the workgroup correctly.  

Is there a way to identify the IP of the computer?
0
Fundamentals of JavaScript
LVL 13
Fundamentals of JavaScript

Learn the fundamentals of the popular programming language JavaScript so that you can explore the realm of web development.

Have some issues with a Domain - windows Server 2016 acting as a PDC and fileserver and some Windows10pro clients.

Windows clients connect to the fileserver without issues. They mount the fileserver shares and can read and write files. But there's one issue I haven't found a solution yet:
If a user wihthout administrator rights stores an office file (MS Office as well as LibreOffice!!) into a folder of a fileserver share, the store command works without any issues. But if the user closes the document, it vanishes. It doesn't vanish completely but only for non-administrative users. Administrators see the document and can open, modify and store it. If you take a look at the properties of the document in the security tab, there is no owner assigned to the document. Some Administrator must assign an owner and give rights to "Everybody" "Full Access" - then the document is visible and modifiable by non-administrators as well. It stays visible, if a non-administrator stores it again.
This behaviour is only with office documents. A text document (notepad, wordpad etc...) works without any issues.

Is there somebody who has seen this behaviour and has hints for me to solve it?
Best Regards
Bernhard
0
I'm setting up Windows Server 2016 Standard.
My objective is to have 2 VMs that are connected into their own subnet for a testbed.
I've read about the internal switches, etc. but don't see how to make a physical connection to each of the subnets AND be independent.
(Perhaps the testbed objectives are a bit different than a typical production network).
I am imagining adding a couple of NICs so there will be:
A NIC for the Hyper-V manager.
A NIC for each of the subnets.

A nudge in the right direction would help a lot!
0
My boss is unimpressed by the fact that AlwaysOn Availability Groups on our non-clustered environment can only do a Manual Failover in the event of disaster.

I have been tasked with redesigning our setup to support Automatic Failover, and everyone knows you need a clustered environment to do that (right?)

However, before even getting down to the details, Automatic Failover requires that the Availability Group be set up with Synchronous Commit, which is obvious, but in the testing phase of our current AG-setup, we discovered that the performance (responsiveness, readiness) of our instances were dramatically slower on Synchronous Commit vs Asynchronous Commit.

To please my boss, I would have to set up our AG to have the responsiveness of Asynchronous Commit while having the high availability of Automatic Failover.  Is there any hope for me?

Our Environment:

Servers:
Intel Xeon 2643 v2 x 2
1.50 TB RAM
All-flash Samsung Enterprise SSD storage in RAID 10
Windows Server 2016 Datacenter
SQL Server 2017 Enterprise
Mellanox Dual 40G NIC

Network:
Cisco Nexus 3132X 40G (access layer)

A typical database in our environment is 300GB-1TB, and tables can easily have 10 million records.
0
Hi

I have an Excel VB.net Add-in project that interacts with an Azure SQL database using a connection string.
I want to control which tables a user can see and edit.
What is the best way to do this. Should it be set up inside the Azure  SQL database per user name
and then a different connection string given to various people?

Thanks
0
ADFS installed on Windows 2016 with WAP server on Windows Server 2016 in DMZ.

Continually receive event 253 in ADFS Admin event logs on WAP server.

Cannot find any information on Google (first time ever) regarding this event and possible resolutions.

AD FS proxy service failed to start a listener for the endpoint 'Endpoint details:
       Prefix : /.well-known/webfinger
       PortType : HttpsDevicePort
       ClientCertificateQueryMode : None
       CertificateValidation : None
       AuthenticationSchemes : Anonymous
       ServicePath : /.well-known/webfinger
       ServicePortType : HttpsDevicePort
       SupportsNtlm : False
'
Exceptiondetails:
System.Net.HttpListenerException (0x80004005): Access is denied
   at System.Net.HttpListener.AddAllPrefixes()
   at System.Net.HttpListener.Start()
   at Microsoft.IdentityServer.WebHost.HttpListenerBase.Start(UInt32 contextPoolSize)
   at Microsoft.IdentityServer.ProxyService.ProxyHttpListener.Start()
   at Microsoft.IdentityServer.ProxyService.EndpointManager.ApplyConfiguration(ProxyEndpointConfiguration proxyEndpointConfiguration)

User action: Ensure that no conflicting SSL bindings are configured for the specified endpoint.

I am using the same wildcard goDaddy cert on both ADFS and WAP servers. Although I have read that this is recommended.

The WAP server is successfully trusted by the ADFS server. Have tried moving WAP server from DMZ to local network although same event 253 is recorded every minute.

Have installed and …
0
I would like to deploy an old asmx web service to azure from visual studio 2017.  Need to deploy the database as well. I can create the database using sql and populate it using sql if that is easier.  Please advise best recommendation.  Thanks in advance.
0
I manage an active directory domain at the Windows Server 2012 Domain and Forest functional levels with two replicating DCs.  This domain was first created as a 2000 AD domain, and then migrated to Windows Server 2003, then migrated to Windows Server 2008 R2, and then again to Windows Server 2012.  So the AD domain has been active for about 20 years now, and I am concerned the domain may now have a lot of extra baggage that is no longer needed or even applies.  Our environment has also hosted Exchange NT Server, Exchange Server 2003, and now an Exchange 2010 server.  We plan on moving to O365 as well. I do not plan on O365 mailboxes integrated/managed by AD.  We are looking at no more than 20 mailboxes.

I also believe AD now employs more secure channels of replication that needs to be manually applied, and was not automatically applied during the 2012 AD level migration.

Later this year, I will purchase a new Windows Server 2019 server that will host a new DC. My understanding employing a new 2019 server as a domain controller only allows functional levels at 2016 domain and forest functional levels, so there is no 2019 domain/functional level option.  

So I have two options:

I have the choice of migrating the existing AD domain again to the 2016 functional levels once again of which is pretty easy and not much fuss.

Or, I can go ahead and setup a brand new 2016 AD domain/forest with a 2016 Server as a replicated DC, and 2019 server functioning as the primary …
0
We have a physical server that has had problems creating recovery points and running backup jobs for a while.

I've completely removed it from DPM and re-added it already and it still isn't helping.

I just get this:

"The replica of System Protection Computer\System Protection on server.domain.com is inconsistent with the protected data source. All protection activities for data source will fail until the replica is synchronized with consistency check. You can recover data from existing recovery points, but new recovery points cannot be created until the replica is consistent. For SharePoint farm, recovery points will continue getting created with the databases that are consistent. To backup inconsistent databases, run a consistency check on the farm (ID 3106).

DPM cannot create a backup because Windows Server Backup (WSB) on the protected computer encountered an error (WSB Event ID: 546, WSB Error Code: 0xAE1831C0). (ID 30229 Details: Internal error code: 0x80990ED0).

For resolution actions and more information on the WSB error, go to http://technet.microsoft.com/en-us/library/cc734488(WS.10).aspx.

Synchronize with consistency check."

I ran that sync with consistency check already. I ran all the options DPM gave me already. I also went to the Event Viewer and got this:

"The backup operation attempted at '‎2019‎-‎04‎-‎16T12:23:48.302153100Z' has failed to start, error code '2155413611' (%%2155413611). Please review the event details for a solution, and…
0
Hi,

I have a small environment within Azure and have extended the on prem DCs into Azure - I have two behind a load balancer with the FSMO role holder staying on prem (in the meantime).  Traditionally, I would setup the DCs DNS as the FSMO IP and the second one being the DC's IP but now with load balancers in place, should I change this traditional approach.

Cheers.
0
Introduction to Web Design
LVL 13
Introduction to Web Design

Develop a strong foundation and understanding of web design by learning HTML, CSS, and additional tools to help you develop your own website.

Last year we did a few things starting with: https://www.experts-exchange.com/questions/29064169/Introducing-Windows-Server.html
Next, one of the Experts engaged in a planning task for us that was tailored to our particular situation; the result was an outline of an approach that makes sense to *me* and I'll be revisiting that soon.
Next, I set up a test lab with Windows Server 2016 Hyper-V VMs.  Not that I *plan* to have two servers per site but that I *anticipate* the possibility.
That's going to be revved up now and I'll probably configure a 2-subnet arrangement with a DC out of the 2 VMs on each.  That will do a pretty good job of emulating the real environment.
(I'm a rather great believer in partitioning machine roles and in keeping things simple to understand as much as is possible).

Some had asked what we are trying to accomplish:
- We aren't trying to implement file serving up front because we already have a pretty good system set up for that and it's not the focus.  BUT, I'm willing to consider it.  And that's the purpose of THIS question.
- We need to provide User and Access controls - that's the focus.  And, I'm hoping to grease the skids for things like SIEM that we now do sans-server.  Keeping individual machines "connected" either passively or with agents still proves to be challenging.  There are always a handful of machines that don't respond - even after ALL the machines have been made responsive.  I suspect Windows updates more than anything has …
0
Hi experts,
We are in the process of identifying what is the best choice for IDP (identity and provider authentication) for Office 365 - 1) stay with native Azure AD passthrough or 2) using a 3rd party IDP.

Just wanted to know your experiences what are the benefits and disadvantages.

Thanks!
0
I am thinking this could be an issue with ANT and JAVA 8, but not quite sure. I am attempting to perform a build with ANT and I am getting the following error. This is being completed on Windows Server 2016. Any pointers would be great. Attached is the output for, ant -d  I have performed this same build on Server 2008 R2 leveraging Apache Ant(TM) version 1.8.4 and JAVA 6 with no issues.

Cause: The name is undefined.
Action: Check the spelling.
Action: Check that any custom tasks/types have been declared.
Action: Check that any <presetdef>/<macrodef> declarations have taken place.

D:\Program Files\ANT\bin>ant -version
Apache Ant(TM) version 1.10.5 compiled on July 10 2018


D:\WebSphere85\AppServer\java\bin>java -version
java version "1.8.0_171"
Java(TM) SE Runtime Environment (build 8.0.5.17 - pwa6480sr5fp17ifix-20180726_01(SR5 FP17+IJ08001))
IBM J9 VM (build 2.9, JRE 1.8.0 Windows Server 2016 amd64-64-Bit Compressed References 20180725_392885 (JIT enabled, AOT enabled)
OpenJ9   - a8cda37
OMR      - 4d1cb10
IBM      - 21870d6)
JCL - 20180619_01 based on Oracle jdk8u171-b11
build.txt
0
Windows 2016 server always logs in as a temporary user
0
On a Windows 2016 Server Standard, single server, which also functions as the domain controller for a small office, upon each restart I get Event ID 1202 shown below

"The DFS Replication service failed to contact domain controller  to access configuration information. Replication is stopped. The service will try again during the next configuration polling cycle, which will occur in 60 minutes. This event can be caused by TCP/IP connectivity, firewall, Active Directory Domain Services, or DNS issues.
 
Additional Information:
Error: 160 (One or more arguments are not correct.)"


While searching for solutions or tips on this Event ID, I saw an advice on running the following command: Dfsrdiag pollad /verbose. When I run the command, I get the expected result -Operation Succeeded - see attached screenshot. This error happens upon each reboot. It clearly says that the service will run again in 60 minutes. The error doesn't come back in 60 minutes, so apparently there is no issue. Does anyone have an explanation why do these errors come up upon reboot on a single domain server?

Thank you.
Dfsrdiag_command_results.jpg
0
Has anyone successfully managed to get automatic user provisioning working in Netsuite from Azure AD. (Release 2019.1)

As the below guide doesn't help.
https://docs.microsoft.com/en-us/azure/active-directory/saas-apps/netsuite-provisioning-tutorial


Background:

We are about to move over to Netsuite and i have access to the Sandbox environment.

I have managed to setup Azure SSO integration with Netsuite and its working.
Tested by creating a test account in Netsuite and assigned the SAML role and creating a similar account in our O365 portal.
I can login via the Azure integration Url <https://myapps.microsoft.com/signin/Netsuite/MyNETSUITEAPPonAZUREID> it works fine.

But in the user provisioning section (the above URL);  I used a new account that i created in netsuite with Administrator role and SAML role, the test connection works fine, but no users are getting created in Netsuite.

The Netsuite documentation does not state what netsuite account should be used for user provisioning and whether that account would automatically add the correct roles to this new account.

Desired roles:

- SAML SSO Role
- Device Access Role
- Standard User.

I have created tickets with Netsuite support and they seem to be blaming Microsoft for the integration issue and asking me to seek their assistance.
But i dont believe its MS issue as the Provisioning Admin account works in the Test Connection section.
0
What software/offsite storage is ideal for backing up servers? Do you do a file backup as well as an image/vm backup?
0
Dear EE,

How can i rename AZURE CLOUD VM.

e.g
If i have created VM001.
Now i want to change this VM001 to VM_001

Thanks
0
Looking for trustworthy recommendations for an IT contracting/consulting company in Brazil (Piracicaba, Sao Paulo service area).
Need some on-site hands to install new server and networking equipment along with VMware and Windows OSes.
Must be enterprise level capable.

Thanks.
0
HTML5 and CSS3 Fundamentals
LVL 13
HTML5 and CSS3 Fundamentals

Build a website from the ground up by first learning the fundamentals of HTML5 and CSS3, the two popular programming languages used to present content online. HTML deals with fonts, colors, graphics, and hyperlinks, while CSS describes how HTML elements are to be displayed.

I have a domain controller Windows 2012 R2 and Windows 2016 and I am trying to find out who added DNS A and CNAME records to the internal DNS zones.

Is there a way to accomplish that?

for example, user firstname.lastname added record "wrongdns" in zone "internal.company.com" ?
0
hi guys,
just a general question.

how do i find out what version of .net framework is installed in my server.
got a windows 2016 server, wanted to know what version .netframework i got ?

if i go to control panel- add/remove programs, it shows .netframework 4 multi-targeting pack and version as 4.0.30319
0
Hello everyone,

I think I know the answer beforehand but I have to ask anyway. Is there ANY possible scenario where I keep my passwords (for LDAP, SQL, etc) in some sort of encrypted way in my server running Windows Server and IIS?

Here's the deal. I'm making a corporate intranet site for my company in PHP and they want me to have all the passwords for all the services in different files that even I will not be able to access or, if I do, I can't "read" the passwords because they are encrypted.

I suppose encryption is out of the way as I would have to know the "salt" and unencription method to actually be able to use those passwords but I was thinking that, being under a Windows enviroment, I could have PHP read the values from some TXT files in a directory where I couldn't get access to. Is that possible to do in IIS? Could one PHP file get the neccessary permission to read a TXT file in another local/remote server so it can read the different passwords from different files?

It's not exactly the kind of security they're asking me (they love encryption) but in this way, I think I might be able to convince them. They do not even believe having these files outside the root folder for the site is secure enought as I will be able to read them (LDAP user for example needs to have a non-expiring password that I can't get).

Thanks in advance.
0
I have a Server 2016 RDS Farm that currently has 1x Gateway, 2x Connection Brokers in HA, and 1x session host. It will expand in the future, but just in testing mode right now.

Functionally, everything works perfectly, however when connecting to the environment, cached credentials cannot be used and the "Remember Me" box is missing from the RDP Login box. Note that all connecting machines are going through the RDS Gateway and are not members of the target domain.

I also noticed that this is not an anomaly with this environment. I have a completely separate 2012 RDS farm on a different unrelated domain that exhibits the same behavior. Domain machines bypassing the gateway can save credentials, external people going through the Gateway can't and the checkbox is completely missing .

Being that the same issue exists in 2 different environments, is there a setting somewhere that I can get this working?

The group policies on both the server side and client side are completely stock and I have already tried defining the "Allow Delegating Saved Credentials" Client GPO and defined the connecting "TERMSRV/*" target, which didn't have any effect. Also have verified that the "Allow Delegating Saved Credentials" is also not defined on the server or client side.

My client machine is Windows 10, however I also tried it on an older Windows 7 machine with the same result.
1
I have a Windows Server 2016 r2 and want to prevent users from being able to move any files. They need to be able to edit and add to the folders. What is the best way to accomplish this?
0
Unable to start the Azure Protection Sensor on server.
ATP-4-1.jpg
0

Azure

Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.