Static Public Source IP in Azure with Network Address Translation (NAT) Gateway

NAT Gateway Icon

In this video, we configure an Azure Network Address Translation (NAT) Gateway.  A NAT Gateway provides a static source public IP or IP range for resources in an Azure VNet.  It can be used for controlling the source IP for sites that may restrict access by a whitelist, or as an exclusion in MFA Conditional Access policies.  The video walks through an example of using a NAT Gateway for a Windows Virtual Desktop (WVD) deployment so users bypass MFA when logging in from a WVD Session Host.

Continue reading “Static Public Source IP in Azure with Network Address Translation (NAT) Gateway”

Windows Virtual Desktop JoinDomain Error

This video goes over “JoinDomain” error sometimes experienced in Windows Virtual Desktop (WVD).  The video reviews the requirements for WVD and configuration errors that could lead to the “JoinDomain” error.  I give several tips to resolve issues that could cause this error and give a suggestion at the end to help identify if the source of the problem is WVD or the Azure Environment.

Continue reading “Windows Virtual Desktop JoinDomain Error”

Application Masking with FSLogix in Windows Virtual Desktop

With FSLogix, you can mask applications based on Users, Groups, OU, Computers and registry settings.  This video reviews specific of FSLogix and then applies app masking rules to a WVD host pool.

Continue reading “Application Masking with FSLogix in Windows Virtual Desktop”

Change .PDF Default from Edge to Adobe Reader in Windows 10


If you found this post, you are probably facing a frustrating and persistent issue, changing the default program to open Adobe PDF files from Microsoft Edge to Adobe Reader in Windows 10.  The best option would be to remove Microsoft Edge since the primary purpose of Edge is to download Chrome.  But, as you probably have already found, that’s not an option.

Continue reading “Change .PDF Default from Edge to Adobe Reader in Windows 10”

Azure Privileged Identity Management (PIM) For Beginners

Azure Privileged Identify Management, or PIM, is a Microsoft service that enables management, control and monitoring of privileged access in Azure.  In this video, I give you an introduction to Azure PIM.  We go over the basics of on boarding a user to PIM, adding a user for active and eligible access, activating an eligible role, requiring an activation approval on a role and creating access reviews.

MFA Conditional Access Policy Breaks AD Connect Synchronization

I ran into this issue today and sharing for anyone else that may run into the same problem.  The scenario is fairly simple, Azure AD Connect synchronizing to Azure AD.  All works fine until MFA policies were enabled, and then sync stops working.  Running a Sart-ADSyncSyncCycle returns a lot of red, but the basic are:

Continue reading “MFA Conditional Access Policy Breaks AD Connect Synchronization”

New! Azure Spot Virtual Machine

Azure Spot VM
Azure Spot VM

Azure Spot Virtual Machines are an IaaS server option offered at a deep discount compared to pay-as-you-go and Reserved Instance pricing.  This video walks through deploying the new Azure Spot VM’s with the Azure Portal.  The video also gives an overview of what Azure Spot VM instances are and some considerations to using them. 

Continue reading “New! Azure Spot Virtual Machine”