Network Watcher is a regional service that enables you to monitor and diagnose conditions at a network scenario level in, to, and from Azure. Network diagnostic and visualization tools available with Network Watcher help you understand, diagnose, and gain insights to your network in Azure. Use Network Watcher, a service that enables you to monitor and diagnose conditions at a network scenario level.
Network Watcher currently has the following capabilities:
- Topology – Provides a network level view showing the various interconnections and associations between network resources in a resource group.
- Variable Packet capture – Captures packet data in and out of a virtual machine. Advanced filtering options and fine-tuned controls such as being able to set time and size limitations provide versatility. The packet data can be stored in a blob store or on the local disk in .cap format.
- IP flow verify – Checks if a packet is allowed or denied based on flow information 5-tuple packet parameters (Destination IP, Source IP, Destination Port, Source Port, and Protocol). If the packet is denied by a security group, the rule and group that denied the packet is returned.
- Next hop – Determines the next hop for packets being routed in the Azure Network Fabric, enabling you to diagnose any misconfigured user-defined routes.
- Security group view – Gets the effective and applied security rules that are applied on a VM.
- NSG Flow logging – Flow logs for Network Security Groups enable you to capture logs related to traffic that are allowed or denied by the security rules in the group. The flow is defined by a 5-tuple information – Source IP, Destination IP, Source Port, Destination Port and Protocol.
- Virtual Network Gateway and Connection troubleshooting – Provides the ability to troubleshoot Virtual Network Gateways and Connections.
- Network subscription limits – Enables you to view network resource usage against limits.
- Configuring Diagnostics Log – Provides a single pane to enable or disable Diagnostics logs for network resources in a resource group.
- Connectivity (Preview) – Verifies the possibility of establishing a direct TCP connection from a virtual machine to a given endpoint.
Lets start with creating the Network Watcher.
Open Powershell :
Login-AzureRmAccount
Register-AzureRmProviderFeature -FeatureName AllowNetworkWatcher -ProviderNamespace Microsoft.Network
Get-AzureRmProviderFeature -FeatureName AllowNetworkWatcher -ProviderNamespace Microsoft.Network
Go to the https://portal.azure.com
As you can see I have several with status disabled and one with partially enabled
Enabling the Network Watcher is easy just do a right click on the 3 dots and enable this for all regions or just one, or set this as a default.
Now that we enabled the Network Watcher We create a separate Storage Account for this, as all the logging goes to this storage account. We don’t want to place log files all over the subscription.
Our just run a PowerShell command to do this. I use a own resource group for this
New-AzureRmResourceGroup -Name "rsg-netwatcher01" -Location "westeurope"
New-AzureRmStorageAccount -ResourceGroupName "rsg-netwatcher01" -Location "westeurope" -Name "stnetwatcher01" -SkuName Standard_LRS
Topology – Provides a network level view showing the various interconnections and associations between network resources in a resource group.
TO view the topology from your network could be very handy- Remember this is only ARM so no ASM
and yes the pictures getting large
This is all the basic stuff IP flow verify is the more interesting part.
IP flow verify
IP flow verify checks if a packet is allowed or denied to or from a virtual machine based on 5-tuple information. This information consists of direction, protocol, local IP, remote IP, local port, and remote port. If the packet is denied by a security group, the name of the rule that denied the packet is returned. While any source or destination IP can be chosen, this feature helps administrators quickly diagnose connectivity issues from or to the internet and from or to the on-premises environment.
IP flow verify targets a network interface of a virtual machine. Traffic flow is then verified based on the configured settings to or from that network interface. This capability is useful in confirming if a rule in a Network Security Group is blocking ingress or egress traffic to or from a virtual machine.
Remember If you have multiple regions you must enable Network Watcher in all regions.
The flow is easy the Source Machine and Port number and the destination Machine and Port number. as this is all in the same subnet but If you are running this in more complex networks then this could be very useful.
Checking the Security Groups all settings in just one overview that is also very handy when troubleshooting.
So all thing in the Network Watcher is nice but one this that is always a pain is troubleshoot the VPN connections and get the log files etc.
In the Network Watcher there is an option on troubleshoot the VPN connection
Network Watcher – VPN Diagnostics
This is also the place where the storage container is needed. Just select the Virtual network gateway and add the Storageaccount with the Start Troubleshooting. This could take a few Minutes to complete!
When the trace is done there is a Zipfile GatewayTenantWorker_IN_0.zip placed in the folder with a date folder structure so no overwrite of the file.
In the Zip file are 2 files unless you have issues.
Connectivity State : Connected
Remote Tunnel Endpoint :
Ingress Bytes (since last connected) : 202242292718 B
Egress Bytes (Since last connected) : 2435917732003 B
Connected Since : 8/15/2017 9:41:08 AM
In the connection stats you can see the traffic between the VPN connection.
When you have issues with the VPN connection then there will be more files in the zip file. Beside the ConnectionStats.txt and the CPUStat.txt, we got IKEErrors.txt, Scrubbed-wfpdiag.txt, wfpdiag.txt.sum and wfpdiag.xml.
The IKEErrors.txt and Scrubbed-wpfdiag.txt will get you the most detail about the error of the VPN connection
Pricing details
There are no charges to use Network Watcher today. On October 1, 2017, the pricing model below goes into effect.
| Feature |
Monthly allotment |
Overage charge |
| Network Logs Ingested |
5 GB |
€0.422 per GB |
| Network Diagnostic Tools |
1,000 checks |
€0.844 per 1,000 checks |
- Network logs are stored within a storage account and have a retention policy that can be set from one day to 365 days. If a retention policy is not set, the logs are maintained forever. Corresponding charges will apply for storage, Log Analytics, and event hubs respectively.
- Network Watcher Diagnostic Tools and Topology features are billed for the number of Network Diagnostic checks initiated via Azure Portal, PowerShell, CLI, or Rest.
As the Cost are minimal and easy to use so enable this today.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Like this:
Like Loading...
With the new VM sizes in Azure you may want to change the Size as you get more VM for less money. but remember the VM will restart! so better fi
But changing the VM by hand is a time consuming job So Powershell could be very handy in this case. you can change the Vm size easily with a one-liner
So first we need to login into the azure Subscription.
Login-AzureRmAccount
If you have multiple Subscriptions you need to select the right subscription.
$subscrip=Get-AzureRmSubscription | Out-GridView -OutputMode Single -Title ‘Please select a Azure Subscription.’
Select-AzureRmSubscription -TenantId $subscrip.TenantId
Get-AzureRmVM
$vm = Get-AzureRmVM -VMName MVPCB10 -ResourceGroupName RSG-VNET
$vm.HardwareProfile.VmSize = "Standard_D2_v3"
Update-AzureRmVM -VM $vm -ResourceGroupName RSG-VNET
Ok this seems nice but I have 50 VM’s that I like to change
#set new Size to VM
1..5 | % {
$vm = Get-AzureRmVM -ResourceGroupName RSG-VNET -VMName MVPCB1$_
$vm.HardwareProfile.VmSize = "Standard_D13_v2_Promo"
Update-AzureRmVM -VM $vm -ResourceGroupName RSG-VNET
}
Better But if you used random names then the above will not really help you in quick size changing. The next step would be selecting all the VM that needs to be changed and selecting a Size for changing. That sounds great but how to start ?
With the Out-GridView you can do great things. to bad that the price is not available in this.
The script would be like this :
$VMList = Get-AzureRmVm | Out-GridView -OutputMode Multiple -Title ‘Please select an Azure Virtual Machine to resize.’;
$TargetSize = Get-AzureRmVmSize -Location westeurope | Out-GridView -OutputMode Single -Title ‘Please select a target Azure Virtual Machine size.’;
foreach ($VM in $VMList) {
Write-output "Resizing Microsoft Azure Virtual Machine" $VM.Name "in Resource Group" $VM.ResourceGroupName "to size" $TargetSize
Update-AzureRmVm -VM $VM -ResourceGroupName $VM.ResourceGroupName -Verbose
}
Get-AzureRmVm
After this the VM’s are all changed in a other Size.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
https://rdstweakers.com
Like this:
Like Loading...
You can migrate Azure VMs between regions using Site Recovery. In other words, you can replicate the Azure VMs and fail them over to another region. In this blog we set up a Recovery Services vault, deploy an Azure configuration server to manage replication, add it to the vault, and specify replication settings. Enable replication for the machines you want to migrate, and run a quick test failover. Then you run an unplanned failover with the Complete Migration option. Seems easy and it is all in Azure. In my other blog post I’ll covered the other ASR scenarios .
https://robertsmit.wordpress.com/2017/02/07/replicate-hyper-v-virtual-machines-to-azure-using-azure-site-recovery-asr-bcdr-winserv-cloud-msoms/
https://robertsmit.wordpress.com/2014/08/27/azure-site-recovery-service-asrs-hyper-v-to-azure-recovery-mvpbuzz/
https://robertsmit.wordpress.com/?s=ASR
But an Important lesson always look for “Is my System Supported “
Support for Azure to Azure replicated machine OS versions
The below support is applicable for any workload running on the mentioned OS.
Windows
- 64-bit Windows Server 2012 R2
- Windows Server 2012
- Windows Server 2008 R2 with at least SP1
Linux
- Red Hat Enterprise Linux 6.7, 6.8, 7.1, 7.2, 7.3
- CentOS 6.5, 6.6, 6.7, 6.8, 7.0, 7.1, 7.2, 7.3
- Oracle Enterprise Linux 6.4, 6.5 running either the Red Hat compatible kernel or Unbreakable Enterprise Kernel Release 3 (UEK3)
- SUSE Linux Enterprise Server 11 SP3
Lets build this configuration
First we go to the Recovery service and create a new vault.
Place this vault where every you want.
the Next step is creating a Site Recovery configuration and choose the VM’s that need protection.
As we are using Azure as a Base we don’t need any infrastructure preparations. It is just an easy Click. Unless….
The First step is selecting the Source Resource Group and Region
The Second step is picking the VM’s to protect. And as Microsoft is hamering on “use Managed disks” Well there is an little Issue.
Ok that is an Issue can’t move this VM’s to an other Region. But it is a preview so plenty of time to fix this. Or is it to Soon for Managed disk ? Well that’s an other discussion and maybe a new Blog post about Managed disks – What Not to do.
After We select the VM to Protect and the Portal pops up a suggested configuration but you can change this in the customize settings
I leave this all to default
But the Retention Policy need to change but this is all up to you.
After this the system does a validated and then you can Enable the Replication. And then we wait.
But What ? an Error eh everything looks ok. Lets check the Error log in Azure
ARM debug yes check been there done that.
code": "151021", "message": "Site recovery extension does not support the Windows operating system running on the virtual machine."
Is there something Wrong with My Server ? I could It is a DC and I never logon to this locally Let me check the Server.
It is Running and the Agent is healthy Ah but I need to change My password could this be the Issue ?
Still Let me dive a bit deeper in the Azure Logging I checked the Replication Policy In the Portal.
But wait there is more a web link As I did not Read the Requirements for Azure to Azure Replication.
https://aka.ms/a2a-os-support-matrix
Support for replicated machine OS versions
The below support is applicable for any workload running on the mentioned OS.
Windows
- 64-bit Windows Server 2012 R2
- Windows Server 2012
- Windows Server 2008 R2 with at least SP1
So no Windows Server 2016 so far the Replication from and to Azure. All my servers are 2016 and I’m not going Back. just need to wait for the next preview update.
https://aka.ms/a2a-os-support-matrix
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Like this:
Like Loading...
Microsoft just released the Azure Cloud Shell option in the Azure Portal. here is a quick step by step on how to use this and how to add this with storage explorer when creating a storage account.
Azure CLI 2.0 is optimized for managing and administering Azure resources from the command line, and for building automation scripts that work against the Azure Resource Manager
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
a LRS storage account is created on your behalf with an Azure file share containing a default 5-GB disk image.
This disk image is used to sync and persist your $Home directory. Regular storage costs apply. Three resources will be created on your behalf:
- Resource Group named: cloud-shell-storage-<region>
- Storage Account named: cs-uniqueGuid
- File Share named: cs-<user>-<domain>-com-uniqueGuid
So that’s it. To easy?
As the default help shows you with az account list you get a list off your azure subscriptions
For selecting the right subscription when creating resources
- az account set –subscription "MVP-platforms"
Remember using options use – and not like in powershell –
Now creating a Resource group in the selected Subscription
- az group create –name clustermvp –location westus
So very handy on quick creating items in the shell, Still I prefer PowerShell but that’s my thing and I see the options of this and It is a nice new feature.
Quick on creating a new storage account and get the right connection
create a new storage account
- az storage account create –resource-group clustermvp –location westus –name clustermvp –sku Standard_LRS –kind Storage
Now you need to get the connection string to use
az storage account show-connection-string –resource-group clustermvp –name clustermvp
Copy the connection string for usage in storage explorer or other usage.
Using the connection string in storage explorer
Fully working string.
If you want to know more about the Azure CLI check the docs site on azure CLI
https://docs.microsoft.com/en-us/cli/azure/install-azure-cli
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Like this:
Like Loading...
In the past 6 months I haven’t done much with SCCM only sideways jobs but with all the new features in the Preview Branch SCCM will survive the Cloud. as it moves more and more to the cloud and integrates with it. As I build a fresh lab environment with all the latest updates and previews. As I broke my previous lab environment ( FUBAR – Fucked up beyond all repair) So Becarefull when you upgrade your machine make backup/ snapshots. Or just start over. this could be a learn full process also you may want to get things faster easier and before you know it you spend weeks on everything except on the SCCM blog post.
Well as I did take my time to write this blog post there is already a new version the 1704 for the Technical Preview Branch of System Center Configuration Manager. The installation process is the same. For more info about the 1704 build checkout the two links below,
https://docs.microsoft.com/en-us/sccm/core/get-started/capabilities-in-technical-preview-1704
https://docs.microsoft.com/en-us/sccm/core/get-started/technical-preview
New features in the 1704 version are:
- Improvements to operating system deployment
- Reload boot images with current Windows PE version
- Configure Android apps with app configuration policies
- Add child task sequences to a task sequence
- Hardware inventory collects Secure Boot information
New features in the 1702 version are:
- Azure Active Directory Domain Services support – You can install a ConfigMgr site on an Azure virtual machine that is connected to Azure Active Directory Domain Services, and use the site to manage other Azure virtual machines connected to the same domain.
- Improvements for in-console search – Based on User Voice feedback, we have added several improvements to in-console search, including searching by Object Path, preservation of search text and preservation of your decision to search sub-nodes.
- Windows Update for Business integration – You can now implement Windows Update for Business assessment results as part of Conditional Access compliance policy conditional rules.
- Customize high-risk deployment warning – You can now customize the Software Center warning when running a high-risk deployment, such as a task sequence to install a new operating system. The default string regarding data may not apply in scenarios like in-place upgrade.
- Close executable files at the deadline when they would block application installation – If executable files are listed on the Install Behavior tab for a deployment type and the application is deployed to a collection as required, then a more intrusive notification experience is provided to inform the user, and the specified executable files will be closed automatically at the deadline.
This release also includes the following improvements for customers using System Center Configuration Manager connected with Microsoft Intune to manage mobile devices:
- Non-Compliant Apps Compliance Settings – Add iOS and Android applications to a non-compliant apps rule in a compliance policy to trigger conditional access if the devices have those applications installed.
- PFX Certificate Creation and Distribution and S/MIME Support – Admins can create and deploy PFX certificates to users. These certificates can then be used for S/MIME encryption and decryption by devices that the user has enrolled.
- Android for Work Support – You can now manage Android for Work devices. This enables you to enroll devices, approve and deploy apps, and configure policies for Android for Work devices.
Update 1702 for Technical Preview Branch is available in the Configuration Manager console. For new installations please use the 1610 baseline version of Configuration Manager Technical and upgrade from this.
To get the Updates go to the cloud services and check for updates. this could take a whale.
But when the Update is arrived you can update the SCCM version. I choose for the test first and do later the Update. Just to make sure I don’t wreck the SCCM server directly. and as always in SCCM there are plenty of log files.
As showing the Progress in the GUI you can check every step. So installing this is just easy and I did first the prereqs check and then when installing there is no point off doing the check again therefor there is a little checkbox.
As you can see I can select the options but If you can’t no problem you can do this later. just go to the Hierarchy Setting Properties, under General, check the box “Consent to use Pre-Release features“. Furthermore once you decide to use these features and enable it, you cannot undo the changes. So if you have decided to use these features, check the box, click Apply and OK. And every preview is only valid for 90 days so once updated you need to go with the updates every time.
I don’t have a preview collection everything is already test so start the installation.
The installation is taking some time so don’t worry it things are going that fast.
When opening the console again the console does his upgrade to the new version.
After this the new Version is installed and ready for testing. But for this testing you may need to install some other updates than SCCM what about the ADK version for the new Windows 10 deployments ?
While upgrading do the Update from the ADK also Download Windows ADK for Windows 10 Version 1703
What’s new in ADK kits and tools
Windows Configuration Designer
Previously known as Windows Imaging and Configuration Designer (ICD), the tool for creating provisioning packages is renamed Windows Configuration Designer. Windows Configuration Designer in Windows 10, version 1703, includes several new wizards to make it easier to create provisioning packages.
And even this simple installation It has some prereq’s to to.
To see the newest unattended settings, go to Changed answer file settings for Windows 10 for desktop editions.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Like this:
Like Loading...
Well it is here it took some time but now you can start testing with the Xenapp Essentials. Is it any good and Can I use it for production. Well I was a little disappointed I was charged upfront and the VM image I used was not usable because the Xenapp Essentials can’t handle Azure managed disks, As azure is pushing use managed disk. is Citrix Xenapp Essentials not capable of using managed disk. therefore I had to rebuild a new Image. The look and feel is the same as in Azure RemoteApp the nice thing is you can change sizing and scaling and to save money a time schedule. But for testing in a MSDN subscription I hate the upfront billing and Citrix did not tell this.
But why not build a RDS farm in Azure ? will show this in a the post below and using a Profile Cluster in Azure is also supported.
https://technet.microsoft.com/en-us/windows-server-docs/compute/remote-desktop-services/rds-storage-spaces-direct-deployment
For those who are unfamiliar with Azure Remote App check my blog post below.
https://robertsmit.wordpress.com/2014/06/20/microsoft-azure-hybrid-deployment-of-remoteapp-step-by-step-azure-microsoft-remoteapp-mvpbuzz-rds-hrdaas/
In this part I show you how to set things up. there are multiple ways and each has is own choices. Citrix is delivering a default Image and this is a Windows 2012 Image, well I’m not going for a default image but a custom. this need some work. This will be a log blog post and tons of pictures in it, As I tried to do step by step but some items you just need to know in Azure. Else it is gonna be a real long blog. But If you need more info on any item just ping me.
Well first I thought lets do this and writ a quick blog on hoe great this is. The amount off steps it took to get thing running is more than I expected. but it is not a bad thing. But be prepared it takes time!
The interesting part is should I use the Same Image or is there an easy migration path. Well it all depends as most things in IT.
The Deployment Xenapp Essentials workflow in just 7 tiles you are done. but some tiles takes several other little steps.
Do you want to stay on Windows server 2012R2 ? Well I don’t think so but there are good reasons to migrate as is but will this work. As this blog post is just on how to setup the Citrix Xenapp Essentials, the next post would be this integration and migration
As the Citrix Xenapp Essentials is in the Azure market place we also need a Citrix Account.
You can easily create a new Citrix Cloud by going to the following site: https://onboarding.cloud.com
there are a couple of questions and then you are ready to use the account.
In case you have an issue with your account just open a support ticket and the Citrix Support will fix your issue quickly.
So In the Azure portal you can add the Citrix to the menu and go from there.
You can only manage from here and not add any this, so go to the Azure Marketplace (click NEW or +) do a Citrix search.
Select the Citrix XenApp Essentials
Do Create. and pick a name for the resource and use or create a resource group.
Give it a name and create or use an existing Resource Group.
As things are default you can change it and read the Text. Default it creates 25 users Cost Estimate : $456.25 per month
Well for my demo I don’t need 25 users In need just 1.
Oh the minimum usage is 25 Ok then I need 25 users.
Pricing
$12.00 per user per month for XenApp Essentials Service, including Citrix NetScaler Gateway Service for secure access and 1 GB data transfer per user per month.
Users added today will be charged at the a prorated rate of $11.60 for the remainder of the current month. This amount will be charged immediately.
$6.25 per user per month for Microsoft Remote Access fee to use XenApp Essentials Service without purchasing a separate RDS CAL for this workload. Contact your Microsoft representative to bring your own RDS CAL.
Users added today will be charged at the a prorated rate of $6.04 for the remainder of the current month. This amount will be charged immediately.
You can purchase additional 25 GB Data Transfer Add-on. The cost is $12.00 per add-on per month
When you add users and data transfer add-on to the service, the new charges apply immediately. You can change the number of users and data transfer add-on each month. Your subscription renews automatically at the end of each month unless canceled.
Well the deployment took 6 seconds. that is the Place holder and not the VM’s self An order may take up to 4 hours to provision your service.
Shown from the Azure Portal
Visit Citrix Cloud to simplify the provisioning, on-going management and monitoring of Windows apps hosted on Azure. Here in the Azure portal, purchase additional seats and data transfer add-ons on-demand to meet the needs of a dynamic workforce.
An order may take up to 4 hours to provision your service, and you will receive an email from the Citrix Cloud when your service is ready. If you do not receive an email within this time, please contact Citrix Support
Log into the XA Essentials Portal https://essentials.apps.cloud.com/
If you need more users you can add them in Azure.
Log into the XA Essentials Portal https://essentials.apps.cloud.com/
An order may take up to 4 hours to provision your service, and you will receive an email from the Citrix Cloud when your service is ready. If you do not receive an email within this time, please contact Citrix Support
In almost 4 hours I got the email 
Your Citrix product has been shipped via electronic delivery on April 01, 2017, to the email specified on your
purchase order.
Your Citrix order is completely fulfilled. All items on your purchase order have been shipped to the requested
address.
Depending on your other Citrix product you choose the Xenapp Service.
There are 3 steps needed Linking the Subscription and upload a master Image and last create your catalog.
The Microsoft login dialog box us prompting for credentials . You mus use an account that has admin privileges to your Azure Subscription.
Remember : If your user account is not working. the Account MUST be an Azure AD Account.
Next step is creating the XA Essentials Catalog. In these steps the Image will be mounted ,AD connections ,Network,Applications.
A important step with full of options. To setup XA Essentials you need:
- Azure Subscription
- Resource Group’s for Cloud connector,Images,etc but you can also use just one Resource Group
- Domain Controller with Active Directory Domain Services and DNS
- Virtual Network configured for domain usage
- A Subnet with free IP addresses
Click Create Catalog.
Select the Network and the Resource group
As I need some extra resources for creating Image I’ll use Extra Storage accounts
Image Requirements
Use the following requirements to create a custom image:
- Create the image by using Azure Resource Manager.
- Configure the image to use standard (not premium) storage.
- Select Windows Server 2012 R2 or later.
- Install and configure your apps
- Install the Server OS VDA. You can download the VDA by using the Downloads link on the navigation bar.
- Shut down the virtual machine and note the VHD location. Do not Sysprep the image.
And DON’T use Managed Storage accounts for a Custom Image in Xenapp Essentials Can’t use this in the Citrix Images #Fail.
and a good thing there is a brake on my Azure credits. Not for the blog. Seems Citrix is charging upfront. another Failure #Fail but this is only on my MSDN subscription. at this point I can’t finish my blog post #GRRRRR
So but the nice thing are picking my machine type like an G5 just for fun or needed.
Using a default VM as a D2 and for a default of 25 users. Think again and see your Perf resources right now. the cost will be at least the double for 25 users.
Scale settings For my Current Costumers we had a custom script in place for Automatic Scaling of Remote Desktop Session Hosts in Azure Virtual Machines
https://gallery.technet.microsoft.com/scriptcenter/Automatic-Scaling-of-9b4f5e76/view/Discussions
but in Citrix it is all there Currently it is maximized to 200 users but If I build more collections I can scale up even in the test environment
yes there are flaws in it but it is a replacement for ARA. second building this could take up some time but as you already paid for a month that renewing every month!
the pricing is as described on the citrix site
Requires 25 user minimum. Includes NetScaler Gateway Service with 1 GB Data transfer per user per month. Additional NetScaler Gateway Service 25 GB Data transfer Add-on available for $12 per pack per month
Available from Azure Marketplace when purchasing XenApp Essentials. Please consult your Microsoft representative to bring your own RDS CAL.
So there are now a couple options build a RDS farm in Azure good for large Company’s or who are in need of more flexibility or using Citrix XenApp essentials and will microsoft come with an replacement for Azure remote App, when checking my blog post I see a huge hit on Azure RDS. the Citrix solution isn’t that cheap and has a minimum of 25 users. but building it you self it could be done on 1 server but the price will be more than $486 but who wants to run >2 users on a D2. when using SaaS applications or other Webbase stuff the 3 Gb memory and 14% or more CPU usage is not uncommon
Cheap No use full yes and an Azure Remote App Replacement yes Perfect absolutely NOT
In my next post I will do a dive deep into some configuration issues. see this like Azure RDS vs CXE.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Like this:
Like Loading...
When using System Center Configuration Manager current branch Build 1610, you can extend it to OMS and you don’t need the OMS portal or the Classic portal. All from the Azure Resource Manager portal.
When opening the SCCM Manager it maybe that the OMS Connector option is not available, This connector is currently in preview and therefore you need to enable this option by hand. All the SCCM servers need to have a OMS Agent (at least the service connection point site system role Server)
In the Option can be enabled in Consent to Use Pre-Release Features.
Navigate to the Administration workspace in your Config Manager console, expand Site Configuration and select Sites.
Click on the Hierarchy Settings tab at the top of your screen.
select the General tab, and read the disclaimer under the Consent to use Pre-Release features.
After that You need to enable the feature in update and servicing. Right Click and turn it on.
Close and open the Management console and the option is there.
But before we can use this we need to configure the Web Api in Azure Resource Manager.
Logon to the Azure Portal and go the the Azure Active Directory and check the App registrations and ADD a new APP
Create a New APP Pick a name and Sign-on URL as we are not using the url it does not Mather what name it is.
When created we can change some properties like a Custom Logo
Placing a custom logo is not needed but it looks nice when you search the app 
Next Step is creating a KEY for the APP SCCM is using this key to connect to OMS.
Just choose a Name and a valid certificate expire date and a value and check save else the key is not saved.
Now to give the application the proper permissions in OMS we need to give the APP rights on the Resource Group where OMS based.
Go to the OMS resource group and pick Access Control IAM and add a new USER.
Select the Contributor Role and add this to the Just create application.
Now the Azure part is ready the next step is Creating the Connector in SCCM.
In the Cloud Services open the OMS connection Click on “Create connection to Operations Management Suite”
Now you’ll need to enter the details of your Azure AD tenant (The name) and the Client ID and Key from the Azure AD Application created previously then click Verify to ensure the details are correct and finally click Next.
The Tenant is your Tenant azure Account.
the Application ID is the Client ID
and the Client Secret is the Key that you created.
If you are using the Classic portal you should use the Client ID
With this we are almost ready just pick the groups that you want to populated in the OMS site.
Selecting the Groups and you are ready. In the OMS site you can see the SCCM option connected.
It could take some time to connect to all the groups. and only Groups with an agent are connected to azure so empty groups will not be used or seen in OMS. the connector runs every 6 hours so just wait.
Type=ComputerGroup (GroupSource=”SCCM”) | measure count() by Group
Type=ComputerGroup GroupSource=SCCM
As I just set this up I did not have any results. and this is also the option for a Part 2 SCCM with OMS. But with the results you can create a custom dashboard to show the status.
Follow Me on Twitter @ClusterMVP
Follow My blog https://robertsmit.wordpress.com
Linkedin Profile Http://nl.linkedin.com/in/robertsmit
Google Me : https://www.google.nl
Bing Me : http://tinyurl.com/j6ny39w
LMGTFY : http://lmgtfy.com/?q=robert+smit+mvp+blog
Like this:
Like Loading...
