|
snackcakes posted:More of an outbound thing. One of the web apps they use is locked down so you have to get your IP address whitelisted and this is how we cut costs I guess. Anyhow I took a break from it today. Tomorrow I'll look into it again and let y'all know when(if) I discover the problem This update is more in case anyone is curious than me looking for answers, but I found that if I build a new WVD hostpool and deploy it using the same image it will deploy the VMs just fine. If I add an additional VM that works too. Once I add the existing VMs in the hostpool to the backend pool for the load balancer, that's when the problem starts for future VM deployments. Getting Microsoft support involved because this is weird
|
#
¿
Aug 5, 2020 22:09
|
|
|
|
| # ¿ Apr 24, 2024 07:01 |
|
|
The web app isn't ours, it's just a vendor who protects access by whitelisting IPs. I'm starting to think the NAT Gateway that Zaepho posted about might be the way to go, but it seems like it's pretty new. The problem is that I'm deploying these WVDs for about 150 people and internal IT is fast tracking this so it's in production way faster than it should have been. My hands are kind of tied now because the only way I can make changes would be after hours. Just for fun, because my company has a bunch of Azure credits, I might build out a test deployment with a NAT gateway and see how well it works It's not like this is really stopping me from rolling out more WVDs, it just sucks that I have to manually register them to the host pool which means an extra 5-10 minutes spent per VM
|
|
#
¿
Aug 6, 2020 01:36
|
|
|
Thanks Ants posted:I'm getting into a bit of a rabbit hole with Windows Hello for Business in a hybrid deployment (Azure AD joined clients managed with Intune, on-prem resources joined to AD), and the whole "have a PKI infrastructure" step is not just a simple task on the route to implementing this. I've only implemented it once and it was in a lab environment, but this video got me most of the way there https://www.youtube.com/watch?v=GfYOyFMc8vA One thing I noticed, at least for non-Azure AD, is that if your AD UPN doesn't match your O365 UPN then Hello for Business won't work. I normally use the mail attribute for the O365 UPN. It took me way too long to figure that out.
|
|
#
¿
Nov 27, 2020 04:06
|
|
|
I'm looking for some guidance in Azure cost monitoring, if anyone's got experience with that. I've been asked to monitor things that could lead to Azure running away with money. We don't host anything too fancy, mostly just Virtual Machines. Looking to get a handle on seeing things like Egress network traffic, and if any Standard SSDs (rare that we would use this) are going wild with IOPS We use a CSP for our Azure subscription, so we have no way of actually seeing costs from within Azure. I think this is going to make my life a lot harder. Any advice on what I might be able to do? I was looking at egress for network interfaces on VMs, but it doesn't seem like it will show me what I need to know. Price tiering looks like Egress to the internet is free up to 5 GB but all of the metrics are capping out in megabytes and I figure surely that can't be true.
|
|
#
¿
Apr 19, 2021 00:44
|
|
|
Thanks for chiming in. Seems like my suspicions are confirmed. They're looking to do alerting through Azure but I'll get a support ticket in with our CSP (Pax8) and see if they've got any recommendations
|
|
#
¿
Apr 19, 2021 02:20
|
|
|
I spoke to my CSP (I have no option of moving away from them, we're an MSP and use them to resell licensing) and it turns out something called "Azure Plan" is becoming available for CSPs and will give us access to Azure Cost Management again. Until then I'm just going to have to wait.
|
|
#
¿
Apr 20, 2021 22:50
|
|
|
Since AVD chat is already happening... I am trying to migrate away from our hybrid AD joined AVDs and move to Azure AD joined AVDs. I got it working with Azure Files for FSLogix disks and I am able to log in just fine with the web client and the Remote Desktop client on Windows, since it supports modern auth. If you take a Mac or try to connect from your phone it gives you the older username/password bars and I get a credential error every time. I can try AzureAD\username, AzureAD\upn, any number of ways and I got nothing. I've read about excluding MFA for Azure VM sign-in but it didn't seem to help. Google has failed me in my search for a solution (or I am failing at Googling properly.) Anyone else ever try this sort of deployment and run into similar issues?
|
|
#
¿
Mar 24, 2023 02:08
|
|
|
Thanks Ants posted:Have you deployed Hybrid Cloud Trust? I probably wrote more than I should have. Getting prompted for credentials for clients connecting to the AVD. I'm pretty sure I'm using the correct client and they work with our AD joined AVDs but not our AAD joined ones. It's probably something dumb that I am missing
|
|
#
¿
Mar 24, 2023 22:30
|
|
|
After trying many things and getting nowhere, I opted to download the beta client of the Remote Desktop app for MacOS and that worked without any problem.
|
|
#
¿
Mar 26, 2023 22:27
|
|
|
Boywhiz88 posted:I've taken over an account creation process and I've been working at automating parts of it. I think for mailbox permissions to groups it has to be a mail enabled group. For license assignments I recommend leveraging dynamic AAD groups as much as you can. It's made my life a heck of a lot easier but obviously everyone's environment/requirements are different
|
|
#
¿
Aug 7, 2023 22:53
|
|
|
nielsm posted:I guess the main catch with SPO/OneDrive for Business is that it works best with the Office suite and other software designed to work with it. Everything else needs to behave well in an environment where files are downloaded and uploaded and there might not be a proper locking mechanism. I've rarely seen it explode in a spectacular fashion, but there have been a few times when I've helped people with an unrelated thing and noticed the red x on their Onedrive. No one ever notices when their Onedrive is broken until it's too late Does azure files work over the internet? Last I looked into it a few years back it seemed to only really be supported with an azure vm. I only really use it with fslogix profiles for AVD
|
|
#
¿
Aug 25, 2023 16:56
|
|
|
A follow up question... Anyone know if hosting a QuickBooks database in Azure files with multiuser mode is possible? Based on what I am reading I think no, but my boss feels certain the answer is yes. Trying to kill off a file server if possible, the only thing it still hosts is QuickBooks.
|
|
#
¿
Aug 25, 2023 23:10
|
|
|
lol internet. posted:Anyone work with Azure Virtual Desktop before? I made a custom image and saved it to the compute gallery. Now I want to go back to modify that same image but I cannot turn on my gold image no more? Do I need to deploy from the compute gallery to update the gold image? What is the process to update a gold image? Build a new vm from the image, make changes, sysprep, capture image. It's a pain in the rear end. I stopped working with custom images and started deploying everything I can via intune
|
|
#
¿
Sep 26, 2023 00:16
|
|
|
sporkstand posted:Similar scenario and question from me. I need to accomplish the same thing, but when I try to purchase the required free license, I get a message stating that I'm not eligible to purchase it :| Do you have any of the following licenses already? Enterprise: Microsoft 365 E3, Office 365 E3, Office 365 E1 Frontline: Microsoft 365 F3, Microsoft 365 F1, Office 365 F3 SMB: Microsoft 365 Business Basic, Business Standard, Business Premium If so, do you have them direct through Microsoft or through a CSP? If it's through a CSP you'll probably need to buy the license through them even though it's free.
|
|
#
¿
Oct 7, 2023 17:47
|
|
|
|
| # ¿ Apr 24, 2024 07:01 |
|
|
kiwid posted:I need to avoid security defaults because we have email accounts for operators that use "general use" PCs throughout our plants. I need CA to avoid ever prompting MFA with anything that is on-site. Are you still going to enable MFA for them just to play it safe? You can have a separate policy that prompts for MFA except for trusted locations. Assuming you have static IP addresses
|
|
#
¿
Mar 22, 2024 00:34
|
|