Sync the Azure AD

In this post, will show you on how to sync the Azure AD on your premise and password.

just to make thing simpler, I quickly run the Get-ADSyncscheduler to show you the parameter.

1ed

in this command, it shows you type of policy, sync enabled, and the next synchronization will going to be happened.

Let’s say if you have recently created the new users in some OrganizationalUnits you permit to sync, then you have to wait 3o minutes.

To sync the recent changes or force the sync, you have to run this:

2

Also, you can run this command below to full sync from initial:

3

 

you may refer this article below:

https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnectsync-feature-scheduler/

http://www.msexchange.org/blogs/walther/news/azure-ad-connect-11-forcing-synchronization.html

 

Connect and Integrate AD Identities On-Premise to Azure AD

In this topic, I would like to cover to connect and integrate  your existing AD accounts at home or office (premises) to Azure AD. This could benefit you to have single sign on to other applications such as office 365, dropbox, etc.

All you need is to install the Azure AD Connect Tool. you may download at this link here.

Follow this step below.

Step 1: At the welcoming wizard of Microsoft Azure Active Directory Connect, you need to check the box “I agree to the license terms and privacy notice” and click Continue

w1.JPG

 

Step 2: You may use the express setting for faster installation. This is to get you understand on how you can connect to the Azure AD. In this express setting, the wizard will automatically discover your forest. In this example is NETOVERME.

To continue, click on Express Settings

w2.JPG

 

Step 3: You need to input the Azure AD account. If you have multiple accounts in this Azure, you need to use the account which has “Global Admin” role.

In my example, I use “aliyani@example.onmicrosoft.com”. click Next to continue.

w3.JPG

 

Step 4:  Then, you will ask the admin account in your premise AD forest. click Next.

w4.JPG

 

Step 5:  Final step is to start installation.

w5.JPG

finish.jpg

 

Output Success: This is the screenshot that I captured from my Azure.

SUCCESS.jpg

 

 

Assign Static IP Address in Domain Controller Virtual Machine Azure

Hi,

I would like to share you some information on how to assign the static IP Address in virtual machine Azure where some of the VMs need static IP Address such as Domain controller.

We need to use Azure Powershell to configure the the static IP Address.

Firstly, We need to use Test-AzureStaticVNetIP.

Type the command: For example, Test-AzureStatic -VNetName ‘TestNetwork’ -IPAddress ‘10.0.0.10’. if the operationstatus is succeeded, that means we can use the IP address.

Type the command : Get-VMAzure -ServiceName ‘Nom-DC1’ -Name ‘NOM-DC1’. This is to verify the IP Address of the VM which were assigned by DHCP. Here the IpAddress value is 10.0.0.4get-azurevm1

Then after that, we need to assign the IP address from 10.0.0.4 (by DHCP) to static ip address 10.0.0.10

Type the command:

Get-AzureVM -ServiceName ‘Nom-DC1’ -Name ‘Nom-DC1 | Set-AzureStaticVNetIP -IPAddress ‘10.0.0.10’ | Update-AzureVM

get-azurevm2

Then verify it by typing “get-azurevm -servicename ‘nom-dc1’ -name ‘nom-dc1’. You see the IP address have changed to 10.0.10 and the powerstate is ‘starting’

get-azurevm3

 

 

New ADMT 3.2 installed in Windows 8

Hi,

I actually wanted to share you earlier however I have something to post first.hehehe.

Ok. Back to our topic, As an AD administrators, you will already know that the previous ADMT version can be installed in Windows Server only.

if you try to install the old ADMT in windows 8, you will have a warning.

warning

However the new ADMT3.2 can be installed in your Windows 8.1. So I feel much better to do this.

1

To install the ADMT3.2, you need SQL Server Express or Standard or Enterprise Version.

You can install SQL Server Express in your Workstation Windows 8.1 as well.

Shot 1:

2

 

Shot 2:

3

Shot 3:

4

Shot 4:

6

Shot 5:

7

Shot 6:

8

Disable IE Enhanced Security Configuration via Group Policy

Hi,

I just want to blog on how to disable the IE Enhance Security Configuration via group policy.

One thing I share this post is because, usually, I create the test environmental lab in virtual machine (VMWare or Hyper-v or VirtualBox), I turn off this IE ESC and Windows Firewall.

Step 1:

Create a new group policy under Group Policy management (gpmc.msc) in your domain controller.

1

Step 2:

Right-click the group policy and edit.

Under Computer configuration, expand Preferences -> Windows Setting -> Registry

Step 3:

Create New Registry item and under HKEY Local Machine -> Software -> Microsoft -> Active Setup -> Installed Components ->

Find this ID. this GUID is turning off the IE ESC

for Administrators:

A509B1A7-37EF-4b3f-8CFC-4F3A74704073 - ADministrators

For Users:

users1

Step 4: Modify the value under “IsInstalled” to 0

is

Hyper-V Dynamic Memory…

In Windows Server 2012, I find myself cool on this dynamic memory on Hyper-V environment, because I ran my virtual labs everyday.

in each virtual labs, you can configure the dynamic memory according your appropriate host server’s capability. Usually, At startup, Windows requires more memory. Also, some application will requires memory. Even though you set to 1GB memory, but when enabling the dynamic memory will help to stabilize your servers. The screenshot below is just the example of dynamic memory. You could also check the performance at your task manager how the memory plays.

dynamic memory