Azure App Service Certificates provide a convenient way to purchase SSL certificates and assign them to Azure Apps right from within the portal, but one question I see a lot is whether it is possible to use this certificate elsewhere, outside of the app service, particularly if you have purchased a wild-card certificate. The certificate provided by App Service Certificates isn’t anything special, it’s a pretty standard SSL cert, the service just provides a nice easy way to provision it and assign it to your web service.

Following on from my post on joining Azure batch pools to a vNet, this leads on to a requirement to access resources on the vNet and this means credentials are needed. Rather than hard-coding these credentials in scripts, we want to obtain these from a secure storage location on demand and this is where Azure KeyVault comes in, providing a secure, encrypted storage location for our credentials. Obviously there is no point putting your admin credentials in KeyVault, then hard-coding credentials to access KeyVault in your script, so the solution is to use a certificate to give your batch VM’s access to KeyVault.

User profile disks for RDP session hosts are VHD files used to store the users profile information so that it can roam with the user between session hosts. By default the UPD’s are mounted on the session hosts at login, and appear as symlinks under the C:\users folder so that applications can access them using standard profile paths, this all works fine without any setup required. There may be some occasions where you need to change where these are mounted, for example in an Azure hosted RDS environment I needed to have these mounted under the temporary D drive so that access to the C drive could be completely locked down.

A recent update to Azure Batch added the ability to join a batch pool to a virtual network. By doing so it is possible for batch compute nodes to access resources inside a vNet (file servers, SQL servers etc.). vNet Requirements There are some limitations on the vNet configuration if you wish to do this: Only Cloud Services Configuration pools can be assigned a VNet. This is no longer the case The VNet must be: - In the same Azure region as the Azure Batch account.

I’ve seen a few forum questions lately from AWS users who want to (or have to) use Azure and whilst there are a lot of similar services in either platform, the new user experience and terminology can be very confusing if your used to AWS. This article is the first in a series of posts that I’m hoping will help users coming from AWS get to grips with Azure. To be very clear, I’m not looking to argue about which platform is best or why you should use one or ther other, I’m simply providing the information an AWS user needs to quickly get a grasp of Azure and relate it to what they already know.

The AAD DS team has released new features that mean some of the limitations in this article are no longer present. Be sure to read my update on this service to get the latest information. Azure AD has always been a little bit confusing to new users of Azure, the name implies it’s a cloud version of AD, but it quickly becomes clear to most that it very much is not.

Earlier last week I had a need to delete an Azure AD tenant, and this turned out to be a much more difficult task than I had originally anticipated so I thought I would document the steps I went through in case others encounter the same problems. 1. Disable AD Sync If your syncing your on-prem AD up to Azure AD you need to disable this from inside the Azure Portal so that it disconnects your users from the sync, otherwise you cannot delete your synced users.

At this weeks Ignite conference we’ve seen a number of new VM sizes either be announced or hinted at during the sessions. Here’s a quick update on the new machine types: H Series Designed for High Performance Computing (HPC), the H series VM’s are available in public preview in the South Central US region today and will be rolled out to other regions soon. The H series contain the fastest processers of all Azure VM SKU’s as well having Infiniband networking.

I’ve been doing a lot of working lately with running Remote Desktop Service (RDS) in Azure and have been fairly frequent errors relating to Excel, one of the applications we are publishing. This error would manifest as an error when launching Excel which seemed to indicate that Excel had run out of memory or disk space. After investigating memory and disk usage to no avail, all looked fine, I stumbled upon the answer, user profile disks.

The PowerShell DSC Package resource can be used to install (and uninstall) software from a machine using DSC. This is a great resource to get software installed, but it does have a slight complication, in that it requires a product ID for the package you are installing. It’s understandable why, it uses this to confirm that the particular version of the software is present, but it can be a pain to get this ID.