Category: Azure

Azure Automation runbook logging redux

This time I wanted to show a more comprehensive example from a real life need and how I went about solving it.

The challenge we faced was that we had previously set our Azure AD Connector to use the e-mail field in AD to be synced to Azure AD as the UPN. This would have been fine if not for that our need changed. As we matured in the use of cloud services we needed to also add some of our contractors to Azure AD. The problem was that in the local AD the email field was populated with the contractor’s actual email, and this would make the sync fail if the accounts were added. read more

By Morten Lerudjordet October 29, 2018 0

Azure Automation runbook logging

For any automation tool, logging is pretty important. Though I would also say readability of the logs is something one should also think about when writing code.

The general consensus in AA for logging is that one should use:


as the accepted ways of moving information to the different log types. Here I want to focus on Write-Error, and how one can structure its use to get good readable logs in AA. In addition I will speak to handling error situations in general as an extension to this. Specific how I combine the use of try/catch and Write-Error flow in Runbooks I author. read more

By Morten Lerudjordet October 26, 2018 0

Azure AD Connect: Export filter OU list

Just a quick one to remind myself as I’m taking in some coffee.

If you need to get the set OU filters for the Azure AD Connector, this little Powershell snippet might help:

Does not seem a way to import as of yet though 🙁

Will update if I find a workaround for this.

Happy tinkering!

By Morten Lerudjordet June 26, 2018 0

Azure Automation: update them modules

I have been working a lot with Azure Automation lately. It’s a great product, helping organize the use of Powershell making an awesome language even better.

With AA as any other of the Azure services there are always some challenges, one is modules and how some keep ever changing…I’m looking at you AzureRM. This is why I wanted to get some automation into this process. And as it is in the product name this is only fitting.

Browsing the AA teams github I found the following Runbook that looked promising. Though in testing it has some issues with modules on gallery that did not use the same title as module name, like you know AzureAD. Therefore I did some fast triaging to get it into shape. As with everything, check to see if somebody else already have figured it out before creating the wheel anew. Browsing the web this guy had it all figured out, so I borrowed the code. read more

By Morten Lerudjordet May 18, 2018 0

Give me security; WordPress&MySQL!

This is a follow-up on a previous blog post of mine. I don’t like to leave the security of the solution hanging as we are exposing the MySQL database to the internet up in the cloud. There exist a possibility to use Azure internal virtual network, though for that your web site must use a more expensive tier. So therefore I will address how to set up a secure connection from the WordPress frontend to the MySQL backend.

First you will need to download OpenSSL (I’m using the Windows lite version found here). read more

By Morten Lerudjordet May 14, 2016 0

Give me more datadisks

With lower tier VM’s in Azure you have a limit on how many data disk you can attach. As an example an A1 can only have 2 datadisks of 1 TB each attached. So if you just want to use Azure for storing a lot of data like backup you are kind of out of luck. You would either need to get a higher tier VM that allows for more datadisks or use a service like Azure Backup instead.

Let me give you one more option, Azure Files Shares.
Now, I hear a lot of you say; “you can’t use a share as a local disk”. And you would be correct, you can’t. Though let’s be a bit sneaky, and get around that limitation. read more

By Morten Lerudjordet April 24, 2016 0

AzureRM WordPress migrate to Docker MySQL complete story

Wanted to document my journey to get this blog up and going in Azure. This was a experiment as much as anything. Though the result was not too shabby.

First we start by creating a new Azure WordPress Web App. Press New and search for WordPress


Choose the WordPress web app and accept the terms.


Fill out the details needed. Create a resource group to hold your application.AzureRMWPConfig

Also create a service plan and choose the resources you want to use.


Then choose the details for the MySQL database. I am using the default name, though I highly recommend to change this to something else. It will make the database retrieval easier later. Choose the free Mercury tier. read more

By Morten Lerudjordet December 16, 2015 1

Creating Site to Site VPN in Azure Resource Manager

This will be a short post, just wanted to have all Powershell code needed to create a connection between a network outside Azure and your ARM resources in one place.

I tried to set this up with my local TMG server, though this did not work as it did with ASM. Check this page for supported configurations.

Even if it does not work for my setup, the code is nice to have in one place.

To create the bits needed:

To test the connection(more):

To remove what was created ( remember to remove all resources in the ARM network beforehand):

Note: With all the changes in resent Azure Powershell modules, there can be some inconsistencies. This was done on 1.0.1. read more

By Morten Lerudjordet December 15, 2015 0

Azure Automation and logs in OMS

In this installment, we will look closer at some aspects of automation especially in the era of Azure Automation. I am a monitor person of hearth, and firmly believe that every piece of software running out there should adhere to the principal “more information the better”. By that, I mean that every piece of running code should as a minimum log what it does logically. By this I mean if you are using New-ADUser cmdlet to create a new user, as a minimum one should log what parameters are used in creating this user. I am also a firm believer of using multiple sources, and one of those sources should be a monitoring solution. For creating a new user, I would typically do this when it comes to logging. For me this is good practice, but your mileage may vary.

So the logic aspect of it, creating the user and the values for the attributes, are logged to an outside source. In this case, both the Automation database and the local computers event log. The eventlog is used so a monitoring system like SCOM (System Center Operations Manager) can pick up the information and make it available through views for administrators to check. Monitoring systems are usually very powerful when it comes to visualization of what is happening in the different logical layers of the infrastructure, so it is good practice to feed these with additional data to give the possibility of drawing a more complete picture of what is happening. Not just for problems, but also to see that there is a matchup of what the business logic dictates, and what the actual code logic does. read more

By lerunBloggAdmin December 14, 2015 0