Azure AD Administrative Units

Azure AD Administrative Units

In this video, I go over Azure AD Administrative Units.  Azure AD Administrative units are a way to delegate admirative tasks to a subset of Azure AD users.  We review how to create Admin Units and how to add users and groups to an Administrative Unit. We also delegate administrative rights to a user to on an Administrative Unit.

Continue reading “Azure AD Administrative Units”

The subscription is not registered to use namespace Microsoft.VirtualMachineImages

I am finally getting around to some hands-on with Azure Image Builder.  More to come on that shortly.  For now, I want to document my first issue for anyone who may experience the same problem.  When creating the image builder template with the New-AzImageBuilderTemplate command, I got the following error message:

Az.ImageBuilder.internal\New-AzImageBuilderTemplate @PSBo …
The subscription is not registered to use namespace ‘Microsoft.VirtualMachineImages’. See for how to register subscriptions.

The subscription is not registered to use namespace 'Microsoft.VirtualMachineImages'
Subscription not registered

The error indicates that a required resource provider, Microsfot.VirtualMachineImages in this instance, is not registered.  The provider can be registered with PowerShell or through the portal.  Below are the steps for each.

From the portal, go to your Subscription, then find Resource Providers under Settings.

Resource Provider in the Azure Portal
Resource Provider in the Azure Portal

Search for the resource provider Microsoft.VirtualMachineImages.  Notice the status is Not Registered.  Click the Register button in the portal to register the resource provider.

Resource Provider Not Registered
Resource Provider Not Registered

To register a provider from PowerShell, log into Azure with rights to register a resource provider, such as subscription admin.  Next, use the Register-AzResourceProvider command below to register the provider.

Register-AzResourceProvider -ProviderNamespace Microsoft.VirtualMachineImages

The provider will go to a state of registering.  It could take a few minutes for the service to register.

Resource Provider Registering
Resource Provider Registering

From PowerShell, use the command Get-AzResourceProvider to verify the status.

Get-AzResourceProvider -ProviderNamespace Microsoft.VirtualMachineImages

Once finished, the resource provider changes to the Registered status.

Resource Provider Registered
Resource Provider Registered

The New-AzImageBuilderTemplate should run now without an error.

Static Public Source IP in Azure with Network Address Translation (NAT) Gateway

NAT Gateway Icon

In this video, we configure an Azure Network Address Translation (NAT) Gateway.  A NAT Gateway provides a static source public IP or IP range for resources in an Azure VNet.  It can be used for controlling the source IP for sites that may restrict access by a whitelist, or as an exclusion in MFA Conditional Access policies.  The video walks through an example of using a NAT Gateway for a Windows Virtual Desktop (WVD) deployment so users bypass MFA when logging in from a WVD Session Host.

Continue reading “Static Public Source IP in Azure with Network Address Translation (NAT) Gateway”

Enable MFA for WVD ARM


In this video, we go over enabling Multi-factor Authentication, or MFA, for Windows Virtual Desktop (WVD) Spring Update, or ARM.  We use an Azure AD Conditional Access Policy to enforce MFA on a group of users.  We also set an MFA Trusted IP address to exclude a public IP source from the MFA Policy.

Continue reading “Enable MFA for WVD ARM”

Find Patch Tuesday with PowerShell

Patching Windows computers is essential, but the inconsistent date of “Patch Tuesday,” the second Tuesday of the month, can make scheduling automation difficult.  The PowerShell Script outlined in this video provides a function that will return the second Tuesday of the current month.  Leverage this logic to generate automation that targets specific dates related to patch Tuesday.

Continue reading “Find Patch Tuesday with PowerShell”