Katy's Tech Blog

22nd January 202122nd January 2021

WAC: Azure Backup

If you’ve connected Windows Admin Centre to Azure you’ll find a section called Azure Backup. This will allow you to back up your on-site workloads to Azure using the Microsoft Azure Recovery Services agent. It’s ideal for backing up physical servers or individual virtual machines, however if you’re after backing up all the guests on your Hyper-V host you’re better off looking into Azure Backup Server, which runs on the host rather than the guest.

In this post I’m going to look at configuring and backing up a server through Windows Admin Centre, and then at how to recover the data – both for a partial failure (such as some files being deleted but the server still boots) and a total failure.

Continue reading “WAC: Azure Backup”

16th January 2021

Windows Admin Centre

Windows Admin Centre is a web based server (and desktop) administration package which, eventually, should replace the majority of the work currently done through MMC consoles and snap-ins. If you’ve ever opened Server Manager on a Windows 2019 machine you’ll have seen the popup telling you to “Go get Windows Admin Centre!”. Whilst it’s not there yet, it is constantly being updated and improved and I find it really useful.

It’s a lot more than just managing a couple of systems – when I set up our hyperconverged Hyper-V cluster I primarily did this from within WAC (post to follow on this if I get chance to write it up) – and it integrates nicely with a lot of Azure services (including any Azure VMs you might have)

Continue reading “Windows Admin Centre”

16th January 202116th January 2021

Getting the thumbprint of an installed SSL certificate

If you’re installing something that won’t let you browse for certificates and instead asks for a thumbprint – e.g. Windows Admin Centre – you can get this using either the management console or PowerShell.

Continue reading “Getting the thumbprint of an installed SSL certificate”

13th January 20214th February 2021

Intune Part 3 – iPads

In this part of the Intune series of posts I’m looking at getting iPads enrolled and managed, and deploying apps. In my case I’m looking to migrate some iPads from an existing MDM into Intune, so I’m assuming you already have an Apple ID set up to create the push certificates and already have Apple School Manager (or Business Manager) set up.

Continue reading “Intune Part 3 – iPads”

8th January 20212nd March 2021

Universal Print

Universal Print is the new way to cloud print from your devices. It replaces Hybrid Cloud Print and is a lot easier to set up and manage. You’ll need your devices to be connected to Azure AD (either domain joined or hybrid joined, or registered).

It’s included in the following subscriptions:

Microsoft 365 Business Premium
Microsoft 365 Enterprise F3/E3/E5 and Windows 10 Enterprise E3/E5
Microsoft 365 Education A3/A5 and Windows 10 Education A3/A5

There’s also a stand-alone licence but this requires (but does not include) Azure AD.

Continue reading “Universal Print”

8th January 202117th January 2021

Hybrid Cloud Print

Hybrid Cloud Print is a solution to allow users to print to on-premise printers from their devices without needing to be on site or even have VPN connectivity – they just need Internet access. It is however fairly complicated to set up and requires multiple app registrations in Azure, and an Application Proxy server setting up. In this post I go through the steps on how to set it up and print from an Intune managed device.

Hybrid Cloud Print is being replaced with Universal Print, which is a lot easier to set up and manage – no messing with SQLite and it has a portal in Azure, however it’s only currently available in preview to people with specific existing subscriptions. I’ve also gone through setting up Universal Print.

Continue reading “Hybrid Cloud Print”

6th January 202114th January 2021

Intune Part 2 – Autopilot/Win10 – Applications

Today I’m going to look at deploying applications to devices managed by Intune. Back in part 1 I looked at enrolling devices, setting up Autopilot, some basic configuration policies and also created a few Azure AD groups containing the devices.

There’s quite a lot of different application types in Intune, covering iOS, Android and Windows devices. As this series is focussed on Windows I’m not going to look at the iOS or Android ones at this time.

This post will go through the steps for installing/deploying the following:

Microsoft 365 Apps – Hassle free Office 365 deployment,
Microsoft Store Apps – primarily Store for Business/Education apps, including linking Intune to the Store for Business/Education, but you can also deploy without setting up the Business/Education store.
Web Apps – essentially shortcuts to a website
Windows Applications (Win32) – your traditional Windows apps which come with a setup.exe or setup.msi.

Continue reading “Intune Part 2 – Autopilot/Win10 – Applications”

20th December 20209th February 2021

Intune Part 1 – Autopilot/Win10

Once the user has put their credentials in they’ll see this screen while all the profiles and apps you’ve configured set themselves up. Neat.

As we plan to move towards 1:1 mobile device deployment I decided to take a look at how this would actually work – I don’t want to be unboxing devices and having my team run each one through an OS Deploy task sequence. Pretty much all our services have moved to the cloud (“My Documents” are in OneDrive, “Shared drives” are in Teams) I thought it’d be a good idea to look at Intune and Autopilot, with the devices being Azure AD domain joined, rather than local AD or hybrid. In this post I’ll go through what I’ve done and how far I’ve got things set up.

As a pre-requisite you’ll need to have either a fully cloud based domain, or have set up AzureAD Connect to sync your user accounts. On our network we have AADConnect syncing the user accounts and ADFS for authentication, with password writeback enabled to support self-service password reset.

My aim here is to be able to hand the sealed box to the end user, for them to unwrap, power up and configure without any intervention from us.

The Intune admin centre can be accessed through the Azure portal, or directly at https://endpoint.microsoft.com/ Continue reading “Intune Part 1 – Autopilot/Win10”

9th December 20207th February 2021

FTTC VDSL on a Cisco 897VA

I’ve recently changed broadband to Fibre-to-the-cab (FTTC) VDSL connection. As I have a small data cab in the house I wanted a rack mount router instead of the ISP provided one, and I had a spare Cisco 897VA hanging around which is perfect for the job.

Unfortunately there isn’t a web based config on this router so I’ve had to configure via terminal/SSH but it’s not too difficult to get running on your VDSL connection.

Continue reading “FTTC VDSL on a Cisco 897VA”

19th October 202017th January 2021

Azure Backup Server – protecting our Hyper-V workload

The Azure Backup Server console showing jobs in progress

We recently migrated our VMWare 3-node plus SAN cluster to a 2-node hyperconverged Hyper-V setup, and after reviewing a few options for backing the thing up I decided on Azure Backup Server.

Our previous setup involved Veeam doing the local backups, then Cloudberry transferring all this into an Azure storage account periodically. I like this setup but want to simplify it (and save money). Best thing here is Azure Backup Server is essentially free – you’re just paying for the data transfer and storage costs in Azure – which I am already paying for anyway. It will do local backups, i.e. Disk-to-disk, but also allow you to back up to Azure (hence the name), i.e. Disk-to-disk-to-cloud. Perfect.

Continue reading “Azure Backup Server – protecting our Hyper-V workload”