Kevin Remde's IT Pro Weblog

  • Create a Windows Azure Network using PowerShell – 31 Days of Servers in the Cloud (Part 19 of 31)

    Try Windows Azure FREE for 90 daysBack in Part 10 of our “31 Days of Servers in the Cloud” series, my good friend Bob Hunt wrote up an excellent step-by-step  for creating a virtual network in Windows Azure.

    His article and guide was so good, in fact, that I am going to attempt to do the very same task – to create and configure a network in Windows Azure; but instead of using the Windows Azure portal, we’re going to do it entirely using PowerShell and some special Windows Azure Management Cmdlets.

    “Are you out of your mind?”

    Perhaps.  The goal, as it was in Bob’s article, is that in the end we have a network configured and ready to securely connect to (and extend our) existing on-premises network.  From Bob’s introduction:

    Before we get started, it’s important to set the stage of what we’re trying to accomplish.  The Windows Azure Virtual Network you are about to create establishes a Site to Site (S2S) VPN between your company’s network and the Windows Azure Cloud Service using the steps outlined below, and requires that you have an already installed VPN device on your premise.  The list of currently supported VPN devices is located hereWindows Azure currently supports up to 5 S2S VPN tunnels, allowing you to have multiple Virtual Networks hosted in Windows Azure, such as a Test Network and a Production Network.

    Contoso's Deployment


    Set up PowerShell

    To make this happen, of course, we’re going to have to have done a couple of things in advance:

    1. Get a Windows Azure account (start with the free 90-day trial),
    2. Get the Windows Azure PowerShell tools, and
    3. Follow some simple instructions to set up the secured connection for Windows Azure management.

    Once you have this done, open up your Windows Azure PowerShell window, and open up notepad.

    “Huh?  Notepad?”



    The .netcfg File

    For configuring networking in Windows Azure using PowerShell, there are only two Set-AzureVNet commands:

    There are Get-AzureVNet…  commands that retrieve information (and objects), but for actually creating and configuring the networking, you’re going to be using an XML formatted document that has (by default) a .netcfg extension, and then using Set-AzureVNetConfig to upload that file.  And then we use New-AzureVNetGateway and Set-AzureVNetGateway to configure and connect the gateway. 

    Again, in Bob’s article, we created a network.   So as a starting point for creating the network using PowerShell, I’m going to use Get-AzureVNetConfig to retrieve his configuration into a .netcfg file.

    Get-AzureVNetConfig -ExportToFile C:\Users\kevrem\Desktop\MyAzureNetworks.netcfg

    And the resulting file looks something like this:


    <?xml version="1.0" encoding="utf-8"?>
    <NetworkConfiguration xmlns:xsd="" xmlns:xsi="" xmlns="">
             <DnsServer name="YourDNS" IPAddress="" />
          <LocalNetworkSite name="YourCorpHQ">
          <VirtualNetworkSite name="YourVirtualNetwork" AffinityGroup="KevRemWestUS">
              <Subnet name="FrontEndSubnet">
              <Subnet name="BackEndSubnet">
              <Subnet name="ADDNSSubnet">
              <Subnet name="GatewaySubnet">
              <DnsServerRef name="YourDNS" />
                <LocalNetworkSiteRef name="YourCorpHQ" />


    Go ahead and copy/paste the above text into Notepad, and save it as a file named MyAzureNetworks.netcfg

    Now please note the highlighted portions. Those are unique for your account.  You’ll need to put your own public VPN gateway address, and use your own pre-created affinity group

    Also note the bold text.  These are the items that you customize.  Put your own names and desired addresses in there, such as your DNS Server name and address.  Remove or add <Subnet> </Subnet> sections, or <Subnets>. 

    But once you have that information, you should be able to use this file with the Set-AzureVNetConfig PowerShell cmdlet to create the same network and subnets.  If you’ve saved the file (let’s say to the root of your C:\ drive), and you have the Windows Azure PowerShell window open and connected..

    “How do I know it’s connected?”

    Try this PowerShell command:


    This should return some details on your connected subscription.

    Anyway, once that’s verified, and as a first test of creating a network using PowerShell, run this:

    Set-AzureVNetConfig -ConfigurationPath C:\MyAzureNetworks.netcfg

    This should return successful. 

    Now open up the Windows Azure Portal, login, and click on the Networks tab.  Do you see something like this?:


    “Yes, I do!”

    Good job!  Click on the Local Networks, DNS Servers, and Affinity Groups tabs.  You should see the values assigned and items created that match what you configured.

    Back in Virtual Networks… Clicking on the network name and opening up the network details should look something like this:


    Do you see the problem?  We haven’t yet created and enabled the gateway.  We can do that with PowerShell, too.


    Create the Gateway

    To do this, we’ll use the New-AzureVNetGateway command, and specify the name we used for our Azure NetworkThe command for our example looks like this:

    New-AzureVNetGateway –VNetName “YourVirtualNetwork”

    Once you run that, if you refresh the Windows Azure Portal screen, you’ll see this:


    The creation of the gateway may take as long as 15 minutes.  You can also check the status of this creation by using the Get-AzureVNetGateway cmdlet.



    In fact, you can see from my result in PowerShell that my gateway creation has completed, and my gateway address assigned.  Now the Windows Azure Portal looks like this:




    But we still have one more thing to accomplish.  We haven’t yet connected our Azure network to our corporate network.


    Connect the Gateway

    This is also very simple: Set-AzureVNetGateway is the cmdlet we’ll use. 

    Set-AzureVNetGateway -Connect –LocalNetworkSiteName “YourCorpHQ” –VNetName “YourVirtualNetwork”


    Which shows up on the Windows Azure Portal like this:


    Of course, it’s not going to succeed in connecting until we actually have something to connect to on the corporate side.  As you’ll recall, there are specific VPN endpoint devices that are supported on the corporate side, and to configure them you can use the Windows Azure Portal to download the Configuration as well as the Shared Key.

    “But.. can you do that with PowerShell, too?”

    Absolutely.  Well, two out of three, anyway…


    Get the Gateway IP Address and Shared Key

    There are three things you’ll need to configure the VPN device on your corporate side:

    1. The Gateway IP Address
    2. The Shared Key, and
    3. A Device Configuration Script

    You can use the Get-AzureVNetGateway cmdlet to find the Gateway IP Address:

    Get-AzureVNetGateway -VNetName YourVirtualNetwork


    To get the shared key, use the Get-AzureVNetGatewayKey cmdlet:

    Get-AzureVNetGatewayKey -LocalNetworkSiteName YourCorpHQ -VNetName YourVirtualNetwork


    For the getting a script that will automatically configure your device, you’re still want to use the Windows Azure Portal.  Down at the bottom of the page while looking at your network dashboard, you see the “Download” button:


    Click that, and then walk through the wizard to select your device type and version information.


    The result will be a script that can be used by your VPN / Network administrator to configure the device.  You can get the VPN configuration script from the Management Portal or from the About VPN Devices for Virtual Network section of the MSDN library.  For more information, see Establish a Site-to-Site VPN Connection and your VPN device documentation.

    The remainder of this article is “borrowed” directly from the end of Bob Hunt’s excellent article:

    The procedure assumes the following:

    • The VPN device has been configured at your company.

    To configure the VPN device:

    1. Modify the VPN configuration script. You will configure the following:

      a. Security policies

      b. Incoming tunnel

      c. Outgoing tunnel

    2. Run the modified VPN configuration script to configure your VPN device.

    3. Test your connection by running one of the following commands:

    Cisco ASA

    Cisco ISR/ASR

    Juniper SSG/ISG

    Juniper SRX/J

    Check main mode SAs

    show crypto isakmp sa

    show crypto isakmp sa

    get ike cookie

    show security ike security-association

    Check quick mode SAs

    show crypto ipsec sa

    show crypto ipsec sa

    get sa

    show security ipsec security-association

    Once the Virtual Network tests out, you’re ready to go.  Enjoy!

    Thanks, Bob.  I think we will!


    Try Windows Azure free for 90 days

  • Download Windows Server 2012

    Click on me for the VHD evaluation

    Download the Evaluation ISO

    Download the Evaluation VHD
    Download the ISO Download the VHD

    Click on me for the ISO download.Windows Server 2012 is available.  It offers businesses and service providers a scalable, dynamic, and multitenant-aware cloud-optimized infrastructure.  Windows Server 2012 helps organizations connect securely across premises and helps IT Professionals to respond to business needs faster and more efficiently.

    Need more information? See the product details page.

    Register for Download and Evaluation

    Access technical product resources—forums, solution accelerators, white papers and webcasts—at the Windows Server 2012 Resource Page.

    Step 1

    Review Windows Server 2012 system requirements

    Step 2

    Register, then download and install full-featured software for a 180-day trial

    Step 3

    Receive emails with resources to guide you

    The Windows Server 2012 evaluation software is available in Standard and Datacenter editions. You will be prompted to choose a version during the set-up and registration process.

    ALSO: For additional testing and training, be sure to try out the Windows Server 2012 Virtual Labs.

    ISO available in: Chinese (Simplified), English, French, German, Italian, Japanese, Russian, Spanish.
    VHD available in: English

  • Step-by-Step: Connecting System Center 2012 App Controller to Windows Azure (Part 12 of 31)

    The article I’m writing for part 13 our “31 Days of Servers in the Cloud” series involves using App Controller to create a virtual machine.  But to do this, you first need to connect and associate App Controller (a component of System Center 2012) with your Windows Azure subscription.

    So in today’s Part 12, as a preliminary document for part 13, in this article I’m going to show you how to connect App Controller to your Windows Azure account.

    To do this, we need to have a few preliminaries in place:

    1. You have a Windows Azure subscription, and have requested the ability to preview the use of Windows Azure virtual machines.  (If you don’t have an account, you can start a free 90-day trial HERE.)
    2. You have System Center 2012 App Controller installed.  (Download the System Center 2012 Private Cloud evaluation software HERE.) 
      NOTE: In my examples I’m using System Center 2012 SP1 App Controller, which at the time of this writing is available to TechNet and MSDN subscribers and volume license customers only; but will very soon be generally available.  I will update this blog post as soon as that happens.

    Connect App Controller to your Windows Azure subscription

    To make this happen, you first have to have a management certificate in place.  This makes up the bulk of the complexity involved.  It must be a management certificate that has a key length of at least 2048 bits and resides in the Personal certificate store.  To make this all work, you’ll need both a .cer file, which is the exported certificate that you’ll upload as the management certificate in Windows Azure, and a.pfx (personal information exchange) certificate file that you’ll  use to connect App Controller to your Azure subscription.  You can create this self-signed certificate easily in one of two ways:

    1. If you have Visual Studio installed, you can use the makecert command from the Visual Studio command prompt to create the certificate and at the same time create the exported .cer file that you can upload into Azure.   Ore…
    2. More likely if, like me, you’re not a developer, you’ll use IIS (Internet Information Services) to create the self-signed certificate.  Add IIS either as a role to a Windows Server, or even as an to Windows 8.

    For my example, I’m going to use IIS that I’m going to install on Windows 8.

    Install IIS on Windows 8

    In the “Turn Windows features on or off” section of the “Add or Remove Programs” (just search from your Start Screen), add the IIS Management Console feature:


    Generate the Self-Signed Certificate

    Once installed, open up the IIS Manager.  Double-click on “Server Certificates”, and then in the Actions pane on the right, select “Create Self-Signed Certificate”.


    Give your certificate a friendly name that you’ll recognize later, and click OK.

    Export the .pfx File

    Next, we need to export the new certificate as a .pfx file.  (This is the file we’ll later use to connect App Controller to our Windows Azure subscription.)  You can create this from IIS Management as well.   With your new certificate selected, click export in the Actions pane.  Choose a file name and destination for the file, set a password, and click OK.


    Once this is done, and if you have no further use of IIS on your Windows 8 machine, you can remove it just as easily as you added it.  You won’t need it for anything more here.

    Generate the .cer file.

    Now we need a .cer file – the exported certificate that we will upload into our Windows Azure subscription.  The certificate we just created is in the Local Computer certificates store, so we could either need to use MMC and the “Certificates” snap-in to get to and export the certificate from there, OR we could import the .pfx into the personal certificate store and then export it from there.  I’ll describe the latter..

    Run certmgr.msc as a quick way to open up MMC connected to the current user’s certificate store, and navigate to Personal –> Certificates


    Right-Click on Certificates, and under All Tasks, select Import…

    In the Certificate Import Wizard, click Next, and then browse to and select your recently created .pfx file.  (NOTE: You’ll have to change the file type you’re looking for to include .pfx files in order to see it as you navigate)


    Click Next.

    Enter the password you used to secure your .pfx file, and click Next.

    Leave the Certificate Store as the Personal store.  Click Next, and then click Finish to complete the import.

    Now in the list of your certificates in the personal certificate store, you should see a certificate that contains a friendly name you used earlier (in my case it’s “MyAzureMgmtCert”).   Right-click on your certificate, and under All Tasks, select Export.

    Just use the defaults through this wizard, browse to a location for and name your certificate:


    Click Next and then Finish.

    Okay.  Now you have both the .pfx and the .cer files you’ll need to connect App Controller to Windows Azure.

    Upload the .cer to Windows Azure.

    In the Windows Azure portal, at the bottom left, select Settings, and then click Upload.



    Browse to and select your .cer file:


    Click the Check Box, and in a few seconds you should see a notification telling you that your upload is successful.  You should also see your certificate added to the list of management certificates

    Connect App Controller to Windows Azure

    Before we make the connection, we’ll need to have our Windows Azure Subscription ID.  The subscription ID is a long set of numbers, formatted to look something like this: 00000000-0000-0000-0000-000000000000 
    You can get this a number of different ways.

    • If you have any storage defined or any virtual machines created, you can select them and see the subscription ID on the bottom right of the “quick glance” information.
    • If you have Windows Azure PowerShell installed and connected to your subscription, you can simply run the “Get-AzureSubscription” cmdlet to see the Subscription ID.
    • Or most easily since we’ve just uploaded one, you can see the subscription ID as one of the columns in our list of management certificates. 

    Copy the subscription ID to the clipboard.

    Now we’re ready to open up App Controller and log in as your administrative account.

    In the Overview pane, under Public Clouds, click “Connect a Windows Azure Subscription


    Paste your subscription ID into the appropriate field, browse to and select your .pfx certificate file, enter the password, and give your connection a name and optional description.


    Once you click OK, you should soon see that you have a Windows Azure subscription connected.  If you had any virtual machines or services running in Windows Azure, you’ll be able to see those represented here also.


    And that’s it!  You’re connected!

    Now you can do really cool things like using App Controller to create Virtual Machines in Windows Azure.


    I hope you found this useful!  If you have any questions or comments, please add them to the comments and we can discuss them.

  • Use Windows Azure to learn Windows Server 2012 Storage Spaces – 31 Days of Servers in the Cloud (Part 27 of 31)

    What an amazing platform and opportunity for learning.   Creating virtual machines in Windows Azure is a great platform for trying out functionality that would otherwise be hard or expensive to do in your own test lab or on your own hardware.

    So in this Part 27 of our “31 Days of Servers in the Cloud” series, and with the help of some instructions from some of our earlier articles, I’m going to help you set up a server that you can use to then go through a hands-on-lab on the subject of Windows Server 2012 Storage Spaces.

    “Sounds great, Kevin.  How do I begin?”

    It’s pretty simple.  Here are the steps required to make this happen:

    1. Get a Windows Azure subscription.  (You can sign up for a free 90-day trial HERE.)
    2. Create a new virtual machine running Windows Server 2012.
    3. Attach new, blank disks to your server.
    4. Connect (remote desktop) to your server.

    And once these three easy steps are done, it’s simply a matter of using the attached lab manual and walking through the training.

    Step 1 is easy.  Hopefully by now you have your Windows Azure subscription.

    Step 2 is also easy.  Creating a virtual machine using the Windows Azure Portal is well documented in my friend Tommy Patterson’s Part 2 of our series.  Or you can use PowerShell, as my friend Brian Lewis showed you in Part 14.  And last but certainly least, I showed you how you can use App Controller to create VMs in Part 12 and Part 13.

    Whichever method you decide to use to create your virtual machine, make sure that you create a machine running Windows Server 2012, and make sure that it is of size MEDIUM or larger. 

    “Why can’t it be a SMALL virtual machine?”

    Because the lab requires four (4) data disks be connected to the virtual machine.  SMALL size only allows up to two (2) disks.  MEDIUM allows up to four (4).

    Networking is not important for this lab.  Other than running Server 2012, the only thing this machine will need is the extra disks.  Which leads me to…

    Step 3: Attach new, blank disks to your server.

    Assuming you have your machine created and running, and you’ve selected it in the Windows Azure Portal, you should see something like this:

    (click to open and view)

    Notice that my machine “kevremserver2012” is currently running, has two core2, and if I scroll down a little…

    (click to open and view)

    …we see that I only have the one disk (the operating system disk) configured in this machine.

    Now, see at the bottom where it says “Attach”?  That’s what you’ll click on to attach new disks.  To play with Storage Spaces, let’s attach 4 additional disks to this server. 

    Mouse-over Attach, and choose “Attach empty disk”.  You’ll see this:


    The only thing you have to fill in on this is the size of the disk you’re creating.  Enter 10 (as in 10 GB), and click the checkmark.

    Now you should see this towards the bottom of your browser:


    This will take a minute or two to complete. When it’s done, do it 3 more times so that you have four additional disks connected to your virtual machine:

    (click to open and view)

    And now you’re ready to do the labs.  Print out the attached lab manual, and connect and login to your virtual machine by clicking the Connect button at the bottom of the browser window.  This will download and prompt you to open a .rdp file that will then open a remote desktop connection to your machine.

    Again, the lab manual is attached to this blog post, down at the bottom.  Enjoy!


    Did you find this useful?  I certainly hope so!  Ask questions or give opinions in the comments.

  • Using Windows Azure VMs to learn: Networking Basics - 31 Days of Servers in the Cloud (Part 29 of 31)

    Try Azure 90 days for freeAs we’ve shown in previous articles of our series, Windows Azure is a very useful tool for setting up a testing and training environment. 

    Today in part 29 of “31 Days of Servers in the Cloud”, Don Noonan (guest writer) shows us how to set that up and take advantage of it.



    Try Windows Azure free for 90 days

  • 31 Days of Servers in the Cloud – Creating Azure Virtual Machines with App Controller (Part 13 of 31)

    As you know, if you’ve been following our series, “31 Days of Servers in the Cloud”, Windows Azure can become an extension of your datacenter, and allow you to run your servers in the cloud.

    “We get it, Kevin.”

    And you’ve seen excellent articles in this series already, describing how to use the Windows Azure portal to create your virtual machines, how to upload your own VM hard disks into the cloud and use them to build machines, and more.  In today’s installment, I’m going to show you how easy it is to connect App Controller (a component of System Center 2012) to your Windows Azure account, and then how to use App Controller to create virtual machines in your Windows Azure cloud.

    To do this, we need to have a few preliminaries in place:

    1. You have a Windows Azure subscription, and have requested the ability to preview the use of Windows Azure virtual machines.  (If you don’t have an account, you can start a free 90-day trial HERE.)
    2. You have System Center 2012 App Controller installed.  (Download the System Center 2012 Private Cloud evaluation software HERE.) 
      NOTE: You will need System Center 2012 SP1 App Controller, which at the time of this writing is available to TechNet and MSDN subscribers and volume license customers only; but will very soon be generally available.  I will update this blog post as soon as that happens.

    So, with nothing more assumed then just those basics, let’s walk through the following steps:

    1. Connect App Controller to your Windows Azure subscription (READ THIS POST for the instructions on how to do this.)
    2. Create a Storage Account in Windows Azure
    3. Use App Controller to create a new Virtual Machine

    Assuming you’ve done part 1, and have your connection to your Windows Azure subscription set up in App Controller, let’s move on.


    Create a Storage Account in Windows Azure

    There are many ways to create a new storage account:

    • I could use the Windows Azure administrative portal
    • I could use PowerShell for Windows Azure and the New-AzureStorageAccount cmdlet
    • Or I could do it using App Controller.

    For our purposes, let’s use App Controller.

    Open App Controller and login as your administrative account.  On the left, select Library.


    Click Create Storage Account.  Give your storage account a name, and choose a region or an affinity group.


    Click OK.  You should see something that looks like this at the bottom-right of the browser window:


    After a few minutes, a refresh of the Library page should show you that you now have your new storage account available. 


    Now we need to create a container to hold our machine disk(s).  With your new storage account selected, Click Create Container.


    Give your container a name and click OK.

    In a very short while, you’ll see your new container. 


    Now we’re ready to create virtual machines.


    Use App Controller to create a new Virtual Machine

    Open App Controller and login as your administrative account.

    On the left, select Virtual Machines.  This is where we can see, manage, and create new virtual machine and service deployments.  (If you’re doing this for the first time, you won’t see items in your list here just yet.)


    Click Deploy.  The New Deployment window opens up. 


    Under Cloud, click Configure…, then select your Windows Azure connection as the cloud into which you’re going to deploy your new virtual machine. 
    (Note: In my App Controller, I’ve also connected to a local VMM Server, which is why I see this other cloud in my list.)


    Click OK.

    Now you will see this:


    Click Select an Item… under Deployment Type.  Now you’ll see a screen that looks something like this:


    This is where you can choose to build a new machine or service based on existing, provided images, or images or disks you’ve uploaded into your own Windows Azure storage.  In this example, I’m going to select Images on the left, and choose to build a new Windows Server 2012 machine using the provided image.

    Once I click OK, I now see this:


    So the next thing I need to do is click Configure… under Cloud Service.  Virtual machines and services all run in the context of cloud services.  For our example, we’re going to assume that you haven’t created any machines or other items that requires a service, so your list is going to be empty.  You’ll use this screen to create and then select your new service.


    Click Create…  and then fill in cloud service details (Name, Description) and the cloud service location (a unique public URL, plus a geographic region or affinity group).

    imageClick OK, and then select your new service and click OK again.


    Next we need to configure the deployment:


    Click Configure… under Deployment.  Now you’ll see this:


    Enter a deployment name, and optionally associate your machine with a virtual network if you have one.  (If you don’t have, or don’t select a network, you will be creating the machine and service to handle networking within the service automatically.)  Click OK.

    Now it’s time to configure the virtual machine itself.


    Click Configure… under Virtual Machine.

    Now we set the general properties…


    Note: an Availability Set is not required, but a new one can be created or an existing one selected from here.

    Set the Disks…


    When I click Browse…, I’m given the ability to choose the location for my disks in Windows Azure storage, as well as to add (or create) additional data disks for this machine.  For our example let’s use the storage account and container we created earlier.  I won’t be adding any data disks.


    For the Network…


    …I’ll just leave the default.  I could use this opportunity to define additional endpoints for connections to services on this machine, or I could do it later.

    For Administrator password


    …enter a password for the local administrator account.  (It also looks like you can use this to assign the computer to a domain if you happen to have a domain controller in the same network or service.  I haven’t yet tried, this, so I can’t comment further.)

    Click OK. 


    And now click Deploy.

    You’ll see a notification towards the bottom right that should look something like this:


    And after several minutes, looking in the Virtual Machines area of App Controller, you will see your new machine appear.  Its status will change to “provisioning”, and eventually “running”. 


    Notice also that if you select your new machine, you also have the option now to connect to it via Remote Desktop!  (Cool!)  Log in as the Administrator with the administrator password you assigned, and you’re in!


    Naturally, you can very easily use App Controller to delete your machines, disks, storage containers, and storage accounts, too.  (Remember to do that when you’re done.  Even if a machine isn’t running, you’re still being billed for it and for the storage being used!)


    Useful stuff?  I hope so.  Let me know in the comments if you have any questions or… comments.  Smile 

    And if you missed any of the other parts of our series, you can find the entire list HERE.

  • Reimagining Windows (Episode 6) - Windows 8: Client Hyper-V and Why It Matters

    In today’s episode, I welcome Microsoft MVP, Mitch Garvis to the show.  We discuss how Windows 8 Enterprise and Windows 8 Professional now include Microsoft Hyper-V as an optional feature.  Tune in as we discuss WHY you would want to use the power of Hyper-V virtualization on your desktop, laptop or tablet running Windows 8.


    Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.



  • Now Available: New Microsoft Virtual Academy courses on System Center 2012 SP1 (Free training!)

    Free training online!

    I just got word that there is new content up on Microsoft Virtual Academy.  Here is the text from the e-mail I received:

    New Microsoft Virtual Academy Courses: System Center 2012 SP1

    With System Center 2012 SP1, you get the most cost effective and flexible platform for managing your traditional datacenters, private and public clouds, and client computers and devices.  System Center 2012 is the only unified management platform where you can manage multiple hypervisors, physical resources, and applications in a single offering.

    Microsoft Virtual Academy is launching three new courses in January, each focused on helping IT professionals understand the benefits of System Center 2012 SP1:

    • Microsoft Virtualization for VMware Professionals - Learn how Windows Server 2012, Hyper-V, and System Center 2012 SP1 can help you build, deploy, and manage private cloud architecture.
    • System Center 2012 Service Pack 1 Updates - Learn about the enhancements to each of the System Center 2012 SP1 components, which includes added support for Windows Server 2012, SQL Server 2012 and tighter integration with Windows Azure. 
    • System Center 2012 SP1 Capabilities - Learn about the configuration and management of the infrastructure, services and application available from System Center 2012 SP1. NOTE: Course will be available on Jan 31.

    Sign-in to MVA to take these free technical courses and check back regularly, as new courses are added each month.

  • Windows Azure Hybrid Cloud Authentication and Access Architectures - 31 Days of Servers in the Cloud (Part 31 of 31)

    Try Windows Azure FREE for 90 days!At last we have reached the end!  it’s been 31 straight days of what I hope you have found to be useful information; all about using Windows Azure as an Infrastructure-as-a-Service option for testing, training, and extending your datacenter.
    If you’ve missed any, I highly recommend you look at and bookmark the “31 Days of Servers in the Cloud” page:

    But what about authentication?  If I’m building a hybrid-cloud – which, in case you’re not familiar with it, is a company’s private cloud that spans beyond and into the public cloud domain – then how do I architect a solid solution for identity management, authentication, and authorization for my applications, services, and data?

    Today, Ira Bell (via my friend Bob Hunt) describes in great detail several scenarios (six of them!) for authentication and access using Windows Azure.



    Try Windows Azure free for 90 days

  • Using Windows Azure VMs to learn: RDS - 31 Days of Servers in the Cloud (Part 30 of 31)

    Try Windows AzureAs we’ve shown in previous articles of our series, Windows Azure is a very useful tool for setting up a testing and training environment. 

    Today in part 30 of “31 Days of Servers in the Cloud”, Dan Noonan (via Tommy Patterson’s blog) shows us how to set that up, and build “a classroom in the sky”, as an example of what you can do.



    Try Windows Azure free for 90 days

  • Yes, you can build your own SQL Server in the cloud – 31 Days of Servers in the Cloud (Part 22 of 31)

    imageWhy not? 

    We’ve shown you how easy it is to create your own servers in Windows Azure, and there’s no reason one of those machines couldn’t be running Microsoft SQL Server 2012.  In fact, we’ll even provide an evaluation image that you can start with.

    In today’s Part 22 of “31 Days of Servers in the Cloud”, my floridated friend Blain Barton provides you a detailed step-by-step on how it’s done.



    He lives in Florida.  I know.. the word is “Floridian”, but he’s not originally from there… so at some point he got “floridated”.  Smile


    Try Windows Azure free for 90 days

  • Windows Azure Add-Ons from the Windows Azure Store - 31 Days of Servers in the Cloud (Part 28 of 31)

    Get a free Windows Azure trial for 90 daysOne of the great things about “the cloud” is that not only can you build solutions that are globally available, but you can also purchase and use components and services from other providers and easily include their functionality as a part of your own solutions 

    Today in part 29 of “31 Days of Servers in the Cloud”, my Pacific northwest friend Chris Avis shows us how this works, and does a great job of stepping us through how these Windows Azure Add-Ons work.



    Try Windows Azure free for 90 days

  • Deleting .VHD files in Windows Azure - 31 Days of Servers in the Cloud (Part 18 of 31)

    Brian would want you to click here. Something important to be aware of when you’re using Windows Azure is: How much is this costing me?  And in particular, which items cost me what amount?

    One of those items that might be easy to overlook is the amount of storage you’re currently using.  If you’ve got a lot of old .VHD files that were formerly being used as OS or data disks, but they’re now just sitting there doing nothing – that’s still costing you something.

    Today in part 18 of our “31 Days of Servers in the Cloud” series, my friend from just-over-the-boarder Brian Lewis gives us a couple of useful methods for deleting those old-and-no-longer-needed .VHD files from your Windows Azure storage.



    Try Windows Azure free for 90 days

  • 31 Days of Servers in the Cloud – Move a local VM to the Cloud (Part 5 of 31)

    VMs up, up, and away!My turn!

    In todays installment of our “31 Days of Servers in the Cloud”, we wanted to show you how easy it is to load a locally created, Hyper-V based virtual machine into Windows Azure.

    “But it’s not really that easy, is it?  I’ve had a heckuva time trying to make this work!”

    Actually, once the preliminaries are in place, it is easy.  But to upload anything from your local machine into a Windows Azure storage account requires you to connect to your Azure account.. which means having a management certificate in place to authenticate the connection.. which is a process that is hard to discover.  Searching for a quick solution was confusing, because the tools are always changing.. and what was required several months ago isn’t necessarily the easiest way to do this.

    This leads me to a little disclaimer, which really could apply to every single article written for this series:

    This documentation provided is based on current tools as they exist during the Windows Azure Virtual Machine PREVIEW period.  Capabilities and operations are subject to change without notice prior to the release and general availability of these new features. 

    That said, I’m going to try to make this process as simple as possible, and leave you not only with the ability to launch a VM from your own uploaded .VHD (virtual hard disk) file, but also leave you in good shape for using some pretty useful tools (such as Windows PowerShell) for managing your Windows Azure-based resources. 

    The rest of this article assumes that you already have a Windows Azure subscription.  If you don’t have one, you can start a FREE 90 TRIAL HERE.


    Create a local VM using Hyper-V

    I’m going to assume that you know how to use Hyper-V to create a virtual machine.  You can do this in Hyper-V running on Windows Server 2008 R2 or Windows Server 2012.  You could even use Hyper-V installed on Windows 8.  The end result should be that you have a virtual machine installed as you want it, sysprepped (important!), and ready to go.  It’s that machine’s .VHD (the virtual hard disk) file that you’re going to be uploading into Windows Azure storage.

    If you want further help building and preparing a virtual machine, check out the first part of this article on how to build a VM: Creating and Uploading a Virtual Hard Disk that Contains the Windows Server Operating System

    NOTE: If you’re going to use one of the storage exploring tools I will be mentioning later, you will want to create your disk as (or convert your disk to) a fixed-format VHD.  This is because those tools won’t convert the disk file on the fly, and the disk in Windows Azure storage is required to be a fixed disk (as opposed to a dynamic disk, which is the default). 


    Setup Windows Azure Management

    Before we can connect to our Windows Azure storage and start uploading, we need to have a management certificate in place, as well as the tools for doing the upload installed.

    Although there are manual ways of creating and uploading a self-signed certificate, the easiest method is to use the Windows Azure PowerShell cmdlets.  Here is the download location for those:

    Windows Azure PowerShell: 

    Note that although the page says that it’s the November 2012 release, it actually gives you the December 2012 release.  That’s important, because the extremely beneficial Add-AzureVHD PowerShell cmdlet was only introduced in December.

    Once those are installed, you can follow the instructions here:

    Get Started with Windows Azure Cmdlets:

    Specifically THIS SECTION which describes how to use the Get-AzurePublishSettingsFile, which generates a certificate in Windows Azure and creates a local “.publishsettings” file that is then imported locally using the Import-AzurePublishSettingsFile cmdlet.  Once that’s done, you’ll have the management certificate in place locally as well as in your Azure account.  And the best part is, this relationship is persistent!  From this point on the opening of the Windows Azure PowerShell window will be properly associated with your account. 

    For a really great write-up on setting up and using PowerShell for Windows Azure, check out Michael Washam’s excellent article HERE.


    Create an Azure Storage Account

    If you have already created a virtual machine in Windows Azure, then you already have a storage account and container that you can use to hold your disks.  But if you haven’t already done this, you will want to go into your portal and create one.

    At the bottom of the portal, click “+ New”, and then choose Data Services –> Storage –> Quick Create


    You’ll give your storage a unique name and choose geographical location, and then create it.

    Once it’s created, select the new storage account and create a new “Blob Container” by selecting the CONTAINERS tab, and then clicking “CREATE A BLOB CONTAINER”.




    Note the URL.  Copy it to the clipboard or otherwise keep it handy.  This URL will be used when we upload our VHD.


    Upload the Hard Disk into Windows Azure Storage Container

    “Kevin..  you also mentioned that we’ll need some tool to do the actual uploads.”

    That’s right.  Until recently, the only tool provided by Microsoft for doing this is the “csupload” tool, which is a commandline utility that is installed with the Windows Azure SDK.  (Windows Azure Tools: – But don’t install it just yet… it installs much more than you need to complete this exercise.)

    Once the SDK is installed, and you have the SubscriptionID and the Certificate Thumbprint for your connection, you open the Windows Azure Command Prompt and use the csupload command in two steps: to setup the connection, and to do the upload.  Here is the text from the article, Creating and Uploading a Virtual Hard Disk that Contains the Windows Server Operating System , which describes how to use the csupload tool.

    All that said… DON’T DO IT!  Unless you’re a developer, the Windows Azure SDK is much more than you need!

    “So what’s the alternative, Kevin?”

    PowerShell!  Yes.. you already have the PowerShell for Windows Azure installed, so now you’re going to use two PowerShell CmdLets: Add-AzureVHD and Add-AzureDisk

    Add-AzureVHD is the upload.  This is the one that takes a LONG TIME to run (depending on the size of your .VHD and your upstream connection speed).  The result is that you have a new Page Blob object up in your storage.

    Add-AzureDisk essentially tells Windows Azure to treat that new blob as a .VHD file that has a bootable operating system in it.  Once that’s done, you can go into the Windows Azure Portal, create a new machine, and see your disk as one of the machine disks available.

    So in my example, with a fresh, sysprepped, fixed-disk (10GB) .VHD installation of Windows Server 2012, I run these two commands:

    Add-AzureVhd -Destination -LocalFilePath d:\SmallTestServer.vhd

    Add-AzureDisk -DiskName SmallTestServer -MediaLocation -OS Windows

    (Of course, the first one takes quite a while for me.  About 13 hours.  Ugh.)

    “Hey Kevin.. what if I want to use and re-use that image as the basis for multiple machines?”

    Excellent question!  And the good news is that basically instead of using Add-AzureDisk, you use the Add-AzureVMImage CmdLet to tell Windows Azure that the disk should be made available as a re-usable image.  Like this:

    Add-AzureVMImage -ImageName Server2012Eval -MediaLocation -OS Windows

    Once that’s done, instead of just having a disk to use once for a new machine, I have a starting-point for one or more machines.


    Create the Machine

    In the portal it’s really no more complex than creating a new machine from the gallery:


    Your disk should show up towards the bottom of the list.  Select it, and build your machine.

    Once created, you should be able to start it as if it were any other machine built from a previoulsy installed disk.

    If you chose to add your disk as an image in the repository, then you also could create it using QUICK CREATE, because it is an image that is now available for you to use and re-use.


    Other Errata

    As long as we’re discussing working with Windows Azure Storage, here are a couple of tools that make it easier to manage, navigate, and upload/download items in your storage cloud:

    Both have free trials, and aren’t really all that expensive.  I’ve had mixed results, and you have to be careful that you’re creating “page blobs” and not “block blobs”.  And with a slow upload connection, these tools are rather fragile.  Benefit –  Both of these allow you to configure a connection to your Windows Azure subscription and multiple storage accounts in order to upload and download your .VHD files.  For our purposes, these will do what the Add-AzureVHD cmdlet did for us, plus let you create or manage storage containers.  You’ll still need to run the Add-AzureDisk and Add-AzureVMImage commands to configure your disks for use.

    (Major kudos to Joerg of ClumsyLeaf Software (makers of CloudXplorer), who answered my support questions in a matter of minutes!  And on a Saturday, no less!)


    What do you think?  Are you going to try this out?  At the very least I hope that this article helps you get PowerShell configured for working with your Windows Azure objects.  Give us your questions or feedback in the comments.

  • Connect your Azure PaaS to your IaaS – 31 Days of Servers in the Cloud (Part 24 of 31)

    You can try Windows Azure for 90 days.. FREE.As you know, we’ve been talking about Infrastructure-as-a-Service (IaaS) for the entire month.

    “Really?  I thought you were talking about Windows Azure and virtual machines.”

    Yes, that’s true.  And these virtual machines can be the foundation of or an extension of a Private Cloud outside of the walls of your own datacenter.  Microsoft is providing an infrastructure on which to do this extension.  And this is new.  Windows Azure originally started as a “Platform-as-a-Service” solution, whereby companies could build and test applications locally, package them up, and then place them on a platform without concern or consideration for the details of the platform itself.  Sure, foundationally it is virtualization and instances that can scale up and scale out (and back) as needed, but you didn’t have to build or manage the virtual machines themselves.  Yet, as I’m sure you know, there are still reasons why sometimes building and maintaining the OS as a foundation for other non-PaaS-friendly applications is still beneficial. 

    “Okay.  But what if I have an application or solution that I’d like to use PaaS application components, but maybe I want to have it connect to my own SQL Server?”

    If you want to run the SQL Server locally, but connected to-and-from Windows Azure applications, you can use Windows Azure Connect.  Or you can securely connect your entire local network to an Windows Azure network using a Windows Azure Virtual Network.

    “That’s cool, but what if I now want to move that SQL Server into the cloud as a virtual machine running in Windows Azure?”

    Bingo.  That’s the topic for today’s part 24 in our “31 Days of Servers in the Cloud” series.  Harold Wong, my Arizonian (is that correct?**) friend and coworker, writes about how to connect PaaS applications to IaaS (virtual machine) applications. 


    **Arizonite?  Arizonaminian?  Arizonaphobea? …  He’s from Phoenix, so.. does that make him a Phonecian Arizonian?


    Try Windows Azure free for 90 days

  • TechNet Radio: Cloud Innovators – (Part 5) Private Cloud and Identity Management

    Concluding our Private Cloud basics series, Tom Shinder, Yuri Diogenes and I focus on the important topic of identity.  Tune in as we discuss the implications of Identity Management as it relates to a Private Cloud environment.

    After watching this video, follow these next steps:

    Download and evaluate Windows Server 2012

    Step #1 – Download Windows Server 2012
    Step #2 – Download Your FREE Copy of Hyper-V Server 2012
    Step #3 – Start Your Free 90 Day Trial of Windows Azure

    If you're interested in learning more about the products or solutions discussed in this episode, click on any of the below links for free, in-depth information:


    Websites & Blogs:

    Parts 1-4:

    Virtual Labs:

    clip_image003Follow @technetradio
    clip_image004Become a Fan @

    clip_image0019Follow @KevinRemde
    clip_image00212Become a Fan of Full of I.T. @

    clip_image006Subscribe to our podcast via iTunes, Stitcher, or RSS


  • Beyond IaaS – 31 Days of Servers in the Cloud (Part 21 of 31)

    Beyond IaaS for the IT ProToday we have a guest author!

    “Oh yeah?  Good.  I’m getting tired of you same bunch writing everything.”

    Um.. okay… well, then you’ll be happy to see that today’s author is Bill Wilder

    “Bill Wilder is a hands-on developer, architect, consultant, trainer, speaker, writer, and community leader focused on helping companies and individuals succeed with the cloud using the Windows Azure Platform.”

    And his article – part 21 of our “31 Days of Servers in the Cloud”, is a very good answer to the ultimate question.

    “I thought the answer to the ultimate question is ‘42’.”

    No.. that’s the answer to the ultimate question “of life, the universe, and everything”.  Bill answers the ultimate question: Why is the cloud something I should consider as my platform (or infrastructure) of choice?  And in his answer, he does an excellent job of defining the question and the implications such a decision will entail.


    And thanks, Bill, for contributing to the series!


    Try Windows Azure free for 90 days

  • Incorporating AD in Windows Azure - 31 Days of Servers in the Cloud (Part 23 of 31)

    Try it yourself!In Part 23 of our “31 Days of Servers in the Cloud” series, my buddy Tommy Patterson has enlisted Don Noonan to write up the steps to including Active Directory in your Windows Azure virtual machine environment.



    Try Windows Azure free for 90 days

  • Copy a VM to Windows Azure using App Controller – 31 Days of Servers in the Cloud (Part 25 of 31)

    2System Center 2012 contains a relatively new component that I don’t think many of you are familiar with.  At least not yet.  But if you saw my Part 12 and Part 13 articles in our “31 Days of Servers in the Cloud” series, you know already know how to connect App Controller to your Windows Azure account, and then use App Controller to create a virtual machine.

    In part 25 of the series, my friend on the east coast Yung Chou is taking it to the next level.  He shows you how System Center 2012 and App Controller can copy a VM to your Windows Azure cloud.

    “I get it.  You use App Controller to control apps.”

    You’re so smart.

    If you haven’t had a chance to install and evaluate System Center 2012 w/SP1, you can download the evaluation HERE.

    And if you haven’t already started your evaluation of Windows Azure, CLICK HERE for your 90 Day FREE Trial.



    Try Windows Azure free for 90 days

  • Extending Active Directory to the cloud – 31 Days of Servers in the Cloud (Part 20 of 31)

    Connect your datacenter to the cloud.

    If you’ve been following our blog series for any length of time, you already know that “the cloud”, in the form of Windows Azure, is becoming an option for IT organizations in which to extend their datacenters.  And believe it or not, this includes the ability to create an Active Directory domain controller in the cloud and have it be in just another site in your directory services.

    “I don’t believe it.”

    On second thought: Believe it.  Today in part 20 of our “31 Days of Servers in the Cloud” series, Keith Mayer (teammate and friend with an awesome blog) gives us the rundown on how to configure this very thing.



    Try Windows Azure free for 90 days

  • Windows 8 and Enhanced End-to-End Security – Reimagining Windows (Episode 5)

    In today’s episode of our “Reimagining Windows” series, I talk to Sr. Product Manager on the Windows Commercial Team, Stephen Rose.  We discuss a number of new security enhancements and features such as Bitlocker and BiitLocker-to-Go, MBAM, Secure Boot and File History found in Windows 8.



    Download the Windows 8 Enterprise Evaluation today and test your applications, hardware and deployment strategies with Windows 8.



  • How much is this gonna cost? - 31 Days of Servers in the Cloud (Part 15 of 31)

    You should try this.Sure, we know that Windows Azure is Microsoft’s cloud solution for Platform-as-a-Service (Paas) and now Infrastructure-as-a-Service (IaaS), becoming not only a platform for globally scalable applications, but also a foundation and an extension of your IT infrastructure.  But…

    “What is this going to cost me, Kevin?”

    That’s a good question.  And fortunately for you and me, my east coast friend and coworker Dan Stolts is going to take on that question today in part 15 of our “31 Days of Servers in the Cloud” series. 



    Try Windows Azure free for 90 days

  • Templates and Automation in Windows Azure – 31 Days of Servers in the Cloud (Part 17 of 31)

    Create new objects in Windows AzureToday in part 17 of our “31 Days of Servers in the Cloud” series, we’re going to show you (or more specifically, my friend Keith Mayer is going to show you) how to create and use your own virtual machine templates that can be used and re-used “in the cloud" in Windows Azure.

    (HINT: If you don’t yet have a subscription in Windows Azure, you can start with a 90-day FREE TRIAL HERE.)



    Try Windows Azure free for 90 days

  • Windows 8 Office Hours at the Mall of America Microsoft Store

    Windows 8 ROCKS!This is going to be fun!  My two other local (Minneapolis/Saint Paul area) Technology Evangelists and I are holding office hours at the Microsoft Store at the Mall of America in Bloomington, MN.  Jeff Brand, Adam Grocholski, and I will be making ourselves available to chat with you about Windows 8 from 1-3PM on Mondays, from this coming week and likely through the end of June, 2013.

    “But, Kevin..  you’re an IT Pro Evangelist, and those guys are Developer Evangelists.  Are you going to all be talking about the same stuff?”

    We’ll be happy to answer any general Windows (or even Microsoft) questions you may have.  But if you are a developer and have development questions, then Jeff and Adam are who you should try to meet up with.  If you’re an IT Pro, and perhaps have deployment, security, or management questions, then I’m your guy.  Make sure you come on a day to work with the person that makes the most sense for what you want to learn more about.

    “Are there going to be presentations?  Or prizes?”

    No.  And no.  This is a completely informal time to just chat about whatever you want to chat about (within reason). 

    Here is the schedule as it stands today.  Again, the time is 1:00pm to 3:00pm Central Time:

    Date Evangelist
    1/21/2013 Jeff Brand
    1/28/2013 No coverage (we’re all out of town)
    2/4/2013 Adam Grocholski
    2/11/2013 Kevin Remde
    2/18/2013 Jeff Brand
    2/25/2013 Adam Grocholski
    3/4/2013 Kevin Remde
    3/11/2013 Jeff Brand
    3/18/2013 Adam Grocholski
    3/25/2013 Kevin Remde
    4/1/2013 Jeff Brand
    4/8/2013 Adam Grocholski
    4/15/2013 Kevin Remde
    4/22/2013 Jeff Brand
    4/29/2013 Adam Grocholski
    5/6/2013 Kevin Remde
    5/13/2013 Jeff Brand
    5/20/2013 Adam Grocholski
    5/27/2013 Kevin Remde
    6/3/2013 Jeff Brand
    6/10/2013 Adam Grocholski
    6/17/2013 Kevin Remde
    6/24/2013 Jeff Brand

    So again, come and see me (Kevin Remde) if you’re an IT Pro and have IT Pro questions.  Otherwise, Jeff and Adam are the guys you developers will want to sit down with.

    See you there!

  • Even More Reasons for IaaS in the Cloud – 31 Days of Servers in the Cloud (Part 16 of 31)

    "I wonder if I can try Windows Azure FREE for 90 days?"Today, my vacationing friend Matt Hester is the author of part 16 in our “31 Days of Servers in the Cloud” series.


    Yep.  How’s that for dedication? 

    “Oh.. he probably wrote it before he left, and scheduled it to go live today.”

    Something like that.  Smile 

    Anyway, today he gives us even more very good reasons why you should consider using Windows Azure as an extension of your datacenter.



    Try Windows Azure free for 90 days