I’ve been sitting on this topic for a while. I typically like to pass along information that helps people better understand Azure and other Microsoft products absent of my option. However, this post is slightly opinionated, an opinion that was formulated after seeing problems users ran into while trying to use Azure AD as a replacement for Windows AD.Continue reading “Don’t Use Azure AD Domain Services to Replace Windows Domain Controllers”
This video goes over two Azure IP addresses used for Azure VM’s. The WireServer IP of 220.127.116.11 and the Azure Instance Metadata Service (IMDS) IP address 169.254.169.254. In the video, I go over what each is used for and then give a demonstration on using the WireServer IP address to query DNS. After that, I use the IMDS REST Endpoint to pull metadata including the Azure environment and scheduled events.Continue reading “Two Azure IP Addresses You Need to Know About”
Azure Files SMB Access with Windows AD allows you to access file shares in Azure with NTFS access control. By default, that access won’t extend to an on-prem network over VPN or Express Route. This video shows how to extend access to an Azure Files share with Windows AD to an on-premises network using Private Endpoints.Continue reading “Azure Files SMB Access On-premises with Private Endpoints”
This video goes over two ways of restricting access to Microsoft Azures PaaS services; Service Endpoints and Private Endpoints. Both are used to restrict access to PaaS serviced, but work differently. The video gives an overview if the differences and then does a walkthrough of deploying Service Endpoints and Private Endpoints using an Azure Storage account as an example.Continue reading “Azure Virtual Networking Service Endpoints and Private Endpoints”
Azure Traffic Manager is a global DNS service hosted in Azure. It extends the functionality of DNS beyond simple name to IP resolution, adding load balancing and advanced resolution features such as geo-fencing, weighted priority, performance, and source IP based name resolution.
Just as important to what it is, is what it is not. It is not an IP based Global Load Balancer. Traffic Manager does not handle IP session data, BGP or any other routing protocols. It is only an External DNS solution, it won’t work as an internal DNS solution. Continue reading “Azure Traffic Manager”