Cloud Services and Solutions

Change the Subnet for Web Application Gateway 

Connect-AzureRmAccount
$AppGw = Get-AzureRmApplicationGateway -Name BSFAppGW-Staging -ResourceGroupName BSFRSG-Staging
Stop-AzureRmApplicationGateway -ApplicationGateway $AppGw
$Vnet = Get-AzureRmVirtualNetwork -Name BSFVN-Staging -ResourceGroupName BSFRSG-Staging
$NewSubNet = Get-AzureRmVirtualNetworkSubnetConfig -Name BSFAGWsnet-staging -VirtualNetwork $Vnet
$AppGw = Set-AzureRmApplicationGatewayIPConfiguration -ApplicationGateway $AppGw -Name $AppGw.GatewayIPConfigurations[0].Name -Subnet $NewSubNet
Set-AzureRmApplicationGatewayAutoscaleConfiguration -ApplicationGateway $Appgw -MinCapacity 5
Set-AzureRmApplicationGateway -ApplicationGateway $AppGw
Start-AzureRmApplicationGateway -ApplicationGateway $AppGw

Capture Reference Image using DISM 

IT Pro that support Small Business with 10 or 20 users maybe it’s not going to setup MDT 2013 to deploy Windows or Office. 

In the past i wrote an article Windows Sysprep Tool for Virtual Machines which describe how can use sysprep to generalize a Virtual Machine. 

But what if you want to use sysprep to generalize a Virtual Machine and use it to deploy in a Physical PC? 

I face this scenario before a month in small business and today i publish the article with step by step what you can do to create an image with all your Applications and deploy it in Workstations. 

I decide to create a Windows 10 Virtual Machine in HYPER-V because it’s easier and faster. 

• Download Windows 10 from https://www.microsoft.com/en-us/software-download/windows10 
• Setup the Virtual Machine.  
• Install Office and other applications that used by company 
• When you are ready It’s time to capture it and create an image that will use it when you need to deploy it. 

Generalize Windows 10 Installation 

After create a Windows 10 PC base on your company requirements the first step is to generalize the Windows 10 to safely use it for deployment.  

With  /generalize option in sysprep command will remove unique pc specific information like SID , restore points  which allows you to safely use windows image in another Workstation/Laptop. 

If you want more details you can find it in Sysprep (Generalize) a Windows installation from Microsoft. 

• Open cmd as administrator the cmd. 
• Go in path c:\windows\system32 
• Type the following command 
  sysprep /generalize /shutdown 

  

• After run the command will appear a window. 
• Be sure that is selected the option Enter System Out-Of-Box Experience and check the Generalize. Click OK to start. 

  

• When the sysprep finish the VM will shutdown. 

Capture Windows 10 after Generalize 

After have generalize the Windows 10 installation it’s time to capture the image. Because we don’t have Microsoft Deployment Toolkit we must do it with Dism command. 

So let’s start 

• Boot the Workstation/Laptop from Windows 10 boottable USB that you create to setup your Workstation/Laptop. 
• Click Next 

  

• Click in Repair Computer 

  

• Select the Troubleshooting 

capture-image-step3.png 

  

• Select Command Prompt 

  

• When command prompt open run the following dism command 
   dism /capture-image /imagefile:c:\win10refimg.wim /capturedir:c:\ /name:”win10 reference image” 
  The /imagefile command determine that path which the image will save it. 
  The /Capturedir specify the directory which the image was applied. 

  

• Wait until finish 

Copy the Image file in network share 

The image file created but must be copy in network share folder to have access on it for the deployment. 

To accomplish this the Workstation/Laptop must be connected in LAN 

• Run the start /w wpeinit  
• Type ipconfig to verify that has take an ip address from your DHCP. 
• If you don’t have a dhcp run the following command to give a static ip address 
  netsh ip set address “Interface name” static <ip><netmask><gateway> 

  

• Identify the ip address of network share that you will copy the image file 
• Use net use command to map a drive from network share folder 
  net use f: \\192.168.50.250 /user:admin admin 
• Run the following command to copy the image file 
  copy c:\win10refimg.wim f:\ 

Backup and Restore of DNS Zone 

Backup 

Logon to Domain Controller, Open Windows PowerShell and type the following commands to backup DNS zones. 

  

  

  

  

dnscmd KTM-DC01-2K12 /ZoneExport  msserverpro.com backup\msserverpro.com.dns.bkp 

dnscmd KTM-DC01-2K12 /ZoneExport  _msdcs.msserverpro.com backup\_msdcs.msserverpro.com.dns.bkp 

where KTM-DC01-2K12 is dnsserver name. The backup copy (text file) of the DNS Zone will be saved to 

C:\Windows\System32\dns\backup folder 

2. Open explorer and navigate to the C:\Windows\System32\dns\backup folder to verify its contents. 

From <http://www.msserverpro.com/configuring-dns-backup-and-recovery-in-windows-server-2012-r2/>  

Restore 

Use DNSCMD command line tool to restore the domain DNS zone: 

1. Open DNS Manager Console. 

2. Expand the Server, KTM-DC01-2K12, then right click Forward Lookup Zone and Click New Zone.. 

3. On the New Zone Wizard, Click Next. 

4. On the Zone Type Wizard, select Primary zone  and Uncheck the Store the zone in Active Directory (available only if DNS server is a writeable domain controller) 

5. On the Zone Name Wizard, type the name of the zone being restored, msserverpro.com and click Next. 

6. On the Zone File Wizard, select the option Use this existing file and Click Next. 

Make sure the current backup of the msservepro.com is present in the following path,C:\Windows\System32\dns\backup . 

Copy the msserverpro.com.dns.bkp file to the parent folder (C:\Windows\System32\dns). Rename the file from msserverpro.com.dns.bkp to msserverpro.com (remove the .bkp extension). Click Yes. 

7.  Now go back to the Zone File Wizard, and click Next. 

8. On the Dynamic Update wizard page, select Allow both nonsecure and secure dynamic updates and Click Next. 

9. On the Completing the New Zone Wizard page, Click Finish. 

10. Make sure the msserverpro.com is created. Then right Click the msservepro.com zone and select Properties. 

  

11. On the msserverpro.com Properties dialog page, Click the Change.. button at Type: Primary field. 

12. On the Change Zone Type page, make sure Primary zone is selected and select the option Store the zone in Active Directory (available only if DNS server is a domain controller) and click OK. 

13. On the DNS dialog box, Click Yes to accept the change. 

14. On the msserverpro.com zone Properties page, select Secure only at Dynamic updates field. 

15. Finally, we should have our DNS Zone up and running.. 

From <http://www.msserverpro.com/configuring-dns-backup-and-recovery-in-windows-server-2012-r2/>  

Backup and Disaster Recovery

Altaro : Setting up Grandfather-Father-Son (GFS) Archiving 

Setting up Grandfather-Father-Son (GFS) Archiving  

Modified on: Tue, 21 May, 2019 at 2:13 AM 

Please note this feature is only available for Unlimited, Unlimited Plus and Subscription users. 

Instead of deleting all old versions, you also have the option to enable GFS Archival (onsite only) to keep Weekly, Monthly and Yearly Backups beyond your Retention Policy. 

Over and above your Retention Policy, with GFS Archiving enabled, Altaro VM Backup will keep: 

• 1 Backup per week for [XX] weeks 
• 1 Backup per month for [XX] months 
• 1 Backup per year for [XX] years 

The time periods shown are always calculated from the time of the last successful backup, shown with example figures below: 

Enabling GFS Archiving 

In order to enable GFS Archiving, you can do so by navigating to the Retention Policy screen. Please note that this is enabled per policy, so in order to do so, click on the little pencil icon in order to Modify the Policy. 

A pop-up window will open, allowing you to select “Archive Old Backups (GFS)” under “Archival Plan for Backups that are older than the set Retention Policy” and then simply click [Modify]. As you can see the amount of Weeks, Months and Years are all fully customisable: 

Therefore, we’ll be keeping Weekly, Monthly and Yearly Backups beyond the 1-month Retention Policy

Adding a New Disk Drive to an Ubuntu Linux System 

Adding a New Disk Drive to an Ubuntu Linux System 

Jump to: navigation, search  

Previous	Table of Contents
Sharing Ubuntu Linux Folders with Remote Windows Systems

eBookFrenzy.com

Purchase and download the full version of this eBook in PDF & ePub formats for only $12.99 PDF/ePub version contains 39 chapters and 255 pages.

One of the first problems encountered by users these days is that they run out of disk space to store data. Fortunately disk space is now one of the cheapest of all IT commodities. In this chapter we will look at the steps necessary to integrate a new disk drive into an Ubuntu system.  

Contents  [hide]  1 Getting Started 2 Finding the New Hard Drive in Ubuntu 3 Creating Linux Partitions 4 Creating a Filesystem on an Ubuntu Disk Partition 5 Mounting a Filesystem 6 Configuring Ubuntu to Automatically Mount a Filesystem

Android Studio 3.0 Development Essentials Android 8 Edition eBook $24.99  eBookFrenzy.com

Getting Started 

This tutorial assumes that the new physical hard drive has been installed on the system and is visible to the operating system. The best way to do this is to enter the system BIOS setup during the boot process and ensure that the BIOS sees the disk drive. Sometimes the BIOS will provide a menu option to scan for new drives. If the BIOS does not see the disk drive double check the connectors and jumper settings (if any) on the drive.  

Finding the New Hard Drive in Ubuntu 

Assuming the drive is visible to the BIOS it should automatically be detected by the operating system. Typically, the disk drives in a system are assigned device names beginning hd or sd followed by a letter to indicate the device number. For example, the first device might be /dev/sda, the second /dev/sdb and so on.  

The following is output from a system with only one physical disk drive:  

ls /dev/sd* 
/dev/sda  /dev/sda1  /dev/sda2  /dev/sda5 
 

This shows that the disk drive represented by /dev/sda is itself divided into three partitions, represented by /dev/sda1, /dev/sda2 and /dev/sda5.  

The following output is from the same system after a second hard disk drive has been installed and detected by the operating system:  

ls /dev/sd* 
/dev/sda   /dev/sda1  /dev/sda2 /dev/sda5 /dev/sdb 
 

As shown above, the new hard drive has been assigned to the device file /dev/sdb. At this point the drive has no partitions shown (because we have yet to create any).  

Creating Linux Partitions 

The next step is to create one or more Linux partitions on the new disk drive. This is achieved using the fdisk utility which takes as a command-line argument the device to be partitioned (in this case /dev/sdb):  

sudo fdisk /dev/sdb 
[sudo] password for johndoe: 
Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel 
Building a new DOS disklabel with disk identifier 0xc2fe324b. 
Changes will remain in memory only, until you decide to write them. 
After that, of course, the previous content won’t be recoverable. 
 

Warning: invalid flag 0x0000 of partition table 4 will be corrected by w(rite) 
 

Command (m for help):  
 

In order to view the current partitions on the disk enter the p command:  

Command (m for help): p 
 

Disk /dev/sdb: 2147 MB, 2147483648 bytes 
255 heads, 63 sectors/track, 261 cylinders 
Units = cylinders of 16065 * 512 = 8225280 bytes 
Disk identifier: 0xc2fe324b 
 

Device Boot      Start         End      Blocks   Id  System 
 

As we can see from the above fdisk output, the disk currently has no partitions because it is a previously unused disk. The next step is to create a new partition on the disk, a task which is performed by entering n (for new partition) and p (for primary partition):  

Command (m for help): n 
Command action 
   e   extended 
   p   primary partition (1-4) 
p 
Partition number (1-4):  
 

In this example we only plan to create one partition which will be partition 1. Next we need to specify where the partition will begin and end. Since this is the first partition we need it to start at cylinder 1 and since we want to use the entire disk we specify the last cylinder as the end. Note that if you wish to create multiple partitions you can specify the size of each partition by cylinders, bytes, kilobytes or megabytes.  

Partition number (1-4): 1 
First cylinder (1-261, default 1):  
Using default value 1 
Last cylinder or +size or +sizeM or +sizeK (1-261, default 261):  
Using default value 261 
 

Now that we have specified the partition we need to write it to the disk using the w command:  

Command (m for help): w 
The partition table has been altered! 
 

Calling ioctl() to re-read partition table. 
Syncing disks. 
 

If we now look at the devices again we will see that the new partition is visible as /dev/sdb1:  

ls /dev/sd* 
/dev/sda  /dev/sda1  /dev/sda2  /dev/sda5 /dev/sdb  /dev/sdb1 
 

Now that the disk has been successfully partitioned, the next step is to create a file system on our new partition.  

Creating a Filesystem on an Ubuntu Disk Partition 

We now have a new disk installed, it is visible to Ubuntu and we have configured a Linux partition on the disk. The next step is to create a Linux file system on the partition so that the operating system can use it to store files and data. The easiest way to create a file system on a partition is to use the mkfs.ext3 utility which takes as arguments the label and the partition device:  

sudo mkfs.ext3 -L /photos /dev/sdb1 
mke2fs 1.40.2 (12-Jul-2007) 
Filesystem label=/photos 
OS type: Linux 
Block size=4096 (log=2) 
Fragment size=4096 (log=2) 
262144 inodes, 524112 blocks 
26205 blocks (5.00%) reserved for the super user 
First data block=0 
Maximum filesystem blocks=536870912 
16 block groups 
32768 blocks per group, 32768 fragments per group 
16384 inodes per group 
Superblock backups stored on blocks:  
        32768, 98304, 163840, 229376, 294912 
 

Writing inode tables: done                             
Creating journal (8192 blocks): done 
Writing superblocks and filesystem accounting information: done 
 

This filesystem will be automatically checked every 28 mounts or 
180 days, whichever comes first.  Use tune2fs -c or -i to override. 
 

Mounting a Filesystem 

Now that we have created a new file system on the Linux partition of our new disk drive we need to mount it so that it is accessible. In order to do this we need to create a mount point. A mount point is simply a directory into which the file system will be mounted. For the purposes of this example we will create a /photos directory to match our file system label (although it is not necessary that these values match):  

sudo mkdir /photos 
 

The file system may then be manually mounted using the mount command:  

sudo mount /dev/sdb1 /photos 
 

Running the mount command with no arguments shows us all currently mounted file systems (including our new file system):  

mount 
/dev/sda1 on / type ext3 (rw,errors=remount-ro) 
proc on /proc type proc (rw,noexec,nosuid,nodev) 
/sys on /sys type sysfs (rw,noexec,nosuid,nodev) 
varrun on /var/run type tmpfs (rw,noexec,nosuid,nodev,mode=0755) 
varlock on /var/lock type tmpfs (rw,noexec,nosuid,nodev,mode=1777) 
udev on /dev type tmpfs (rw,mode=0755) 
devshm on /dev/shm type tmpfs (rw) 
devpts on /dev/pts type devpts (rw,gid=5,mode=620) 
lrm on /lib/modules/2.6.22-14-generic/volatile type tmpfs (rw) 
securityfs on /sys/kernel/security type securityfs (rw) 
/dev/sdb1 on /photos type ext3 (rw) 
 

Configuring Ubuntu to Automatically Mount a Filesystem 

In order to set up the system so that the new file system is automatically mounted at boot time, an entry needs to be added to the /etc/fstab file. This may be edited by issuing the following command in a terminal window:  

sudo gedit /etc/fstab 
 

The following example shows an /etc/fstab file configured to automount our /photos partition:  

# /etc/fstab: static file system information. 
# 
# <file system> <mount point>   <type>  <options>       <dump>  <pass> 
proc            /proc           proc    defaults        0       0 
# /dev/sda1 
UUID=4a621e4d-8c8b-4b39-8934-98ab8aa52ebc /               ext3    defaults,errors=remount-ro 0       1 
# /dev/sda5 
UUID=9c82bf09-c6f7-4042-8927-34e46518b224 none            swap    sw              0       0 
/dev/scd0       /media/cdrom0   udf,iso9660 user,noauto,exec 0       0 
/dev/fd0        /media/floppy0  auto    rw,user,noauto,exec 0       0 
/dev/sdb1       /photos         auto    defaults        0       0 
 

eBookFrenzy.com

Purchase and download the fully updated Ubuntu 11.04 version of this eBook in PDF & ePub formats for only $12.99 PDF/ePub version contains 39 chapters and over 250 pages.

Accidentally changed UPN of Directory sync service account on Office 365 

set-msoluserprincipalname -userprincipalname SyncAccount@domain.net  
-newuserprincipalname SyncAccount@domain.onmicrosoft.com 

From <https://serverfault.com/questions/768123/accidentally-changed-upn-of-directory-sync-service-account-on-office-365>  

»How to Sync an Existing Office365 Tenant into a New Active Directory Domain 

How to Sync an Existing Office365 Tenant into a New Active Directory Domain 

Posted By Ian@SlashAdmin in Office 365 | 5 comments 

Normally you would have a network setup in a domain and you need to migrate into Office365. Usually away from small business server or another type of email system but what do you need to do if there is no existing domain? What if you work in a workgroup and users use Office365 but now you need to setup a domain infrastructure and synchronise that local domain with Office365, what do we need to do? 

Well no worries let’s see how you do it! 

You can either watch the video here or scroll down to read the blog post  

Get this blog post sent to you as a PDF file to read later 

Enter your email address and press Send Now 

Part 1 – Add UPN Suffixes into Active Directory 

Log in to the portal as a global administrator and navigate to settings then domains. Make a list of all of the custom domains you are using not including the default onmicrosoft.com. These will be added as UPN suffixes into active directory so that users can have the same username in the local AD as they do in Office 365 

Log into a domain controller and open Active Directory Domains and Trusts. Right click on the root and click on properties. This will allow you to add the UPN suffixes. Add all of the custom domains you have listed in the domains section in Office 365 with exception of the onmicrosoft.com domain. 

Here we add office365lab.co.uk and press OK. 

Part 2 – Check all user accounts and groups have a logon domain 

Check each user account has one of your custom domains included in the user name and not the onmicrosoft.com domain. 

If any user accounts have a username which is not a custom domain then go into the account and update the username and save the changes. Its ok to have a cloud admin account with is cloud only and has the onmicrosoft.com. If you want to sync everything else into your active directory then ensure all accounts have a logon domain which matches one of your custom domains. 

As well as all user accounts do the same to each group in the Office 365 tenant. 

Part 3 – Create object in active directory 

Now its time to go down your list of user accounts in the portal and recreate them in your local active directory. Pay special attention to the user names and primary email address and aliases. 

On one of your domain controllers open up active directory users and computers and start creating new user objects. 

Enter the details exactly as you see them in the Office365 portal and ensure you set the user logon name suffix so that it matches the office 365 logon name in the portal. 

Set a password and press Next, its not too important what the password is here because it will need resetting after the initial sync before the user can logon. 

Now ensure the primary address of the user in the portal is entered on the general tab in the e-mail field. 

Next go to the Attribute editor and find the proxyAddresses attribute. Here is where you enter all of the email addresses assigned to the account so add any email alises which are listed on the account in the portal. 

The primary email address must be prefixed with SMTP: in capitals and all other aliases should be added in lowercase smtp: This is important so pay attention when adding all of the addresses. 

The primary address (aka the send as address) has SMTP: prefixed on it and all others have a lowercase smtp: 

Part 4 – Install Azure Active Directory Connect (AAD Connect) 

Download the latest version of the AAD Connect tool onto one of your domain controllers or a member server which will host the sync software. 

https://www.microsoft.com/en-us/download/details.aspx?id=47594

Run the installer, agree to the terms and select Continue. 

We are going to go for an express setup here but if you want to explore the advanced options go for it. Select Express if you want it to work using this guide. 

Enter the logon credentials of a global administrator in the Office365 tenant. Just remember that if you update the password to this account you will need to rerun the AAD Connect configuration wizard to update the password. 

Enter the a domain administrator account and the same applies as above, if you update the password then simply rerun the wizard. 

The wizard will verify that your custom domains have been added as UPN suffixes. If you followed part 1 of this guide your good to go. 

Press install and let the configuration complete which will take a few minutes. 

Once AAD Connect has been installed it will kick off a sync. Leave the system for about 20 minutes to allow this initial sync to complete in the background. 

You can test the sync is working correctly by adding a new email alias into one of your active directory user accounts and see if those changes sync into the office 365 portal. We can see all of the additional aliases we added earlier in this guide have synced into the 365 portal so we have success! 

Every change you make from now on will sync with Office 365 every 30 minutes by default. You wont see the changes straight away so be patient or open Powershell on the domain controller and type the following command to force a sync 

Start-ADSyncSyncCycle -PolicyType delta 

Summary 

Setting up a new AD when a client is already using Office365 involves a lot of manual work. Never fear because Power Shell can do all of this for us within a minute! sign up for the newsletter at the top of the page to be informed when I post that script. 

Author: Ian@SlashAdmin 

Share This Post On 

• Google 
• Facebook 
• Twitter 

5 Comments 

Mathieu 
29TH JULY 2018 
Hi, i follow all the step for 28 users, but 3 of them, the sync create like a duplicate user with conflit smtp information, the user in my on-premise AD where copy paste from the office 365, but those 3 that had some other user smtp alias doesn’t work. 
Can i delete the extra alias from the on-premise ad user smtp? 
or what can i do to fix everything? 
Regards 
Post a Reply 

Sergii 
14TH MARCH 2019 
Hi Ian, 
thank you very much for this very detailed and useful post. 
Small question: if I edit or add some data on the Office 365 portal and run Start-ADSyncSyncCycle Powershell command on the Local AD server, does it mean that Local AD will sync the changes from the O365? Or O365 will be overwritten by current data from the Local AD? 
Thanks. 
Post a Reply 

Ian@SlashAdmin 
14TH MARCH 2019 
Any changes in 365 won’t replicate to the local AD. Likely the script will fail on existing objects. Any new objects in 365 should get created. Best thing to do is run once then setup AD Connect to get a perminant sync from local to 365. Hope that helps  

Post a Reply 

Ed 
20TH MARCH 2019 
Hi, 
I was wondering if I create a local AD domain with the UPN as in the on prem domain will not be office365lab.local but office365lab.co.uk. 
Will this make any difference or do you recommend having it as .local and add .co.uk? 
Thanks 
Post a Reply 

Ian@SlashAdmin 
20TH MARCH 2019 
Hi Ed, 
It’s recommended to have .local and add the .co.uk UPN. This avoids confusion with the internal domain space and the public one. 
Hope this helps. 
Post a Reply 

Trackbacks/Pingbacks 

1. How to Sync an Existing Office365 Tenant into a New Active Directory Domain Using PowerShell | SlashAdmin Life in IT - […] http://www.slashadmin.co.uk/how-to-sync-an-existing-office365-tenant-into-a-new-active-directory-dom… […] 

Submit a Comment 

Your email address will not be published. Required fields are marked * 

This site uses Akismet to reduce spam. Learn how your comment data is processed. 

Categories 

• Azure 
• Events 
• Hardware 
• Office 365 
• PowerShell 
• Product Testing 
• Software 
• Training 
• Uncategorised 
• Windows Server 

Recent Comments 

• Syncing Existing Office 365 Users to newly created AD Domain – Scattered Tech on How to Sync an Existing Office365 Tenant into a New Active Directory Domain Using PowerShell 
• Steve on Azure Intune Compliance policy Not evaluated Error 65001 (Not applicable) 
• Andrew on Office 365: Selectively Wipe a Mobile Phone 
• Martin Park on How to Setup a Unifi Cloud Controller in Azure 
• Daniel on Office 365 Room Booking System Using Power Apps 

• Home 

  

• Subscribe to the Blog 

  

• About Me 

Designed by Elegant Themes | Powered by WordPress 

From <https://www.slashadmin.co.uk/how-to-sync-an-existing-office365-tenant-into-a-new-active-directory-domain/>