This post walks you through two things: an upgrade of an existing AD Connect installation converting from ADFS to pass-through authentication Turning off ADFS setting up pass-through authentication and single sign on Recently Microsoft announced the new Azure AD Pass-Through Authentication and Seamless Single Sign-on. It’s a way of signing in to AAD (Azure AD) and AAD services using on-prem credentials as a reputable replacement to ADFS. This also includes any any third party apps all like Concour or SalesForce as well as custom apps. You can use AAD Premium to setup SAML 2.0 authentication to any custom app that supports claims…

This is perfect for connecting to a remote server using PowerShell WinRM and you don’t need to worry about any client certificates. No longer need to worry about using the correct CN. Perfect for spinning up Azure virtual machines e.g. Nano Server and connecting to and managing Azure hosted Windows Nano server using PowerShell. This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters Show hidden characters #region Connect to Remote PowerShell…

Below is some example PowerShell which integrates with OMS (Operations Management Suite). It has some examples on how you can pull out OMS saved searches and run saved searches. It also has some examples of gathering some information from the Security & Audit solution working with some particular security domains. To be able to use PowerShell against OMS successfully, you can’t logon to PowerShell using a Microsoft account. You need to use an organisational based account. This same account would need to have the necessary permissions against OMS. I recommend you install this Azure PowerShell module https://github.com/Azure/azure-powershell/releases/tag/v3.0.0-September2016 as this contains the cmdlets you…

You might know about my most favourite add-in for Microsoft Excel called Fuzzy Lookup. It’s the best, most accurate and fastest tool to compare a string of text against a table of data. For example, I can have a table of songs (my entire music library of 12K+ songs), then in another table I can have a list of songs that a radio station has played over the past week – for example. With Fuzzy lookup, I can compare the two tables. Table A which contains songs played on a radio station and Table B which represents my library. For each…

This is similar to my other blog post I did recently on sequentially starting and stopping virtual machines where I demonstrated setting up Azure automation using a normal user account in Azure AD as the credential. There is also another blog post I did about setting up SPNs (Service Principal Names) in Azure AD – similar to service accounts. So this blog post merges both Azure Automation and SPNs for credentials together. The difference being, you just need to add an additional Azure Automation Variable for the Azure Tenant ID. You’ll will need to set yourself up an SPN first using my script,…

Using Azure SPNs is a massive benefit more so for the pure fact that it creates a specific user account in Azure (like a service account) which you can use to automate PowerShell scripts against Azure subscriptions for specific tasks. You don’t need to worry about whether the account needed is a Microsoft account, which you know that you can’t automate an Azure logon with PowerShell using a Microsoft account. You can however create an SPN and use this instead. The other benefit, you’re using a task based account. The SPN is created on the tenant (Directory) which can essentially…

This post covers using the Azure REST API in PowerShell. First of you need to install the latest and greatest Azure PowerShell Module on your machine. Best place to do this is to install the good old fashioned MSI available from https://github.com/Azure/azure-powershell/releases Once you have the latest Azure PowerShell Module on your machine, you’ll need to restart. For the remainder of this post we will be focusing on the Rest API for Azure, the reference for the Azure Classic Rest API is here and the Rest API reference for Azure ARM is here. The script below will have you Logon…

You can see the Azure automation version of sequentially starting & stopping Azure VMs on my other post. Have you ever wanted to sequentially start and stop your Azure Virtual Machines all in one hit? Not just Azure VMs, you can use this same method for any sequential job you want to run in Azure. The following script will start and stop your Azure VMs in parallel by using background jobs in PowerShell. Please note, this script is based on Azure Resource Manager, however with easy change to the code, this same structure will still work with Azure Service Management….