Category Archives: it consulting

#AzureAD Domain Services admin UX in the new Azure Portal is now in Public Preview

Back in October 2015 and 2016 I’ve written some posts related to the new Azure AD Domain Services feature of Azure Active Directory, which is a brilliant way to provide managed domain services like domain join, group policy, LDAP, and Kerberos/NTLM authentication, all fully compatible with Windows Server Active Directory. You can search and read these articles by clicking on this link here: https://systemplus.gr/?s=azure+ad+domain+services

We’re happy to see that today we have a user interface to manage this great feature just right into the new Azure Portal, so let’s see how it works. As you will see, it’s now possible to create virtual networks, configure group membership of the delegated administrator group, and enable domain services into a simple, intuitive, step-by-step experience.

  1. If Azure AD Domain Services is not enabled for your Azure directory – Create a new managed domain using the new Azure portal, we’ll talk about this in a moment.

  2. If you’ve already enabled Azure AD Domain Services for your Azure directoryContact the Azure AD team via email to migrate your existing managed AD domain to the new Azure portal. From there, you can administer your existing managed AD domain using the new Azure portal.

So what do you need to do in order to enable Azure AD Domain Services?

  1. Go to the Azure portal.
  2. In the left pane, click on New.
  3. In the New blade, type Domain Services into the search bar:

1

Click to select Azure AD Domain Services from the list of search suggestions. On the Azure AD Domain Services blade, click the Create button:

2

Then you should proceed to the next step, which is to specify the DNS domain name for the managed domain. You can also choose the resource group and Azure location to which the managed domain should be deployed:

3

Choose the DNS domain name for your managed domain.

  • The default domain name of the directory (with a .onmicrosoft.com suffix) is specified by default.

  • You can also type in a custom domain name.

Ensure that the DNS domain name you have chosen for the managed domain does not already exist in the virtual network. Specifically, check whether:

  • You already have a domain with the same DNS domain name on the virtual network.

  • The virtual network where you plan to enable the managed domain has a VPN connection with your on-premises network. In this scenario, ensure you don’t have a domain with the same DNS domain name on your on-premises network.

  • You have an existing cloud service with that name on the virtual network.

The next configuration task is to create an Azure virtual network and a dedicated subnet within it. Click Virtual network to select a virtual network.

  1. On the Choose virtual network blade, you see all existing virtual networks. You see only the virtual networks that belong to the resource group and Azure location you have selected on the Basics wizard page.

  2. Choose the virtual network in which Azure AD Domain Services should be enabled. Click Create new, if you prefer to create a new virtual network. It is highly recommended to use a dedicated subnet for Azure AD Domain Services.

4

Click Subnet to pick the dedicated subnet in this virtual network, within which to enable your new managed domain. In the Create subnet blade, specify a name for the subnet, and click OK when you’re done. For example, create a subnet with the name ‘DomainServices’, making it easy for other administrators to understand what is deployed within the subnet.

5

The last step is to create an administrative group in your Azure AD directory. This special administrative group is called AAD DC Administrators. Members of this group are granted administrative permissions on machines that are domain-joined to the managed domain. On domain-joined machines, this group is added to the administrators group. Additionally, members of this group can use Remote Desktop to connect remotely to domain-joined machines. The wizard automatically creates the administrative group in your Azure AD directory. This group is called ‘AAD DC Administrators’. If you have an existing group with this name in your Azure AD directory, the wizard selects this group. You can configure group membership using the Administrator group wizard page:

6

The last step is to actually start the deployment of Azure AD Domain Services:

7

Don’t forget to check the related documentation here.

Thanks for your time!

Introducing Windows AutoPilot deployment

Advanced Threat Protection across Windows 10 and Office: for those of you that make fun of Windows Defender

ATTENTION: New scam e-mail claiming to be from Microsoft

In case you receive the following e-mail, DO NOT click anywhere in the message and delete it immediately (please notify your administrator).

It’s a fake message and has nothing to do with Microsoft. As you can see, the sender is by no way related to Office 365 services:

—–Original Message—–
From: Office 365 Online [mmiyazawa@gasei.cl]
Received: Δευτέρα, 12 Ιουν 2017, 6:23
To: user@company.com
Subject
: Terms of Service Update

Dear Office365 User,

Your account is not updated and will be shutdown within the next 24hours if you fail to update it.

Click here to update your email account now

Thank you for your patronage.

Sincerely,

Microsoft office365 Team

Copyright © 2017 

This e-mail may contain information that is privileged and confidential. If you suspect that you were not the intended recipient, please delete it and notify the sender as soon as possible.

Microsoft Official Courses at special prices to get certified

 

Do you want to attend a Microsoft Official Course and get certified at a special price? Now you have the option to do it.

If you live in Europe and you want to get a Microsoft certification, but you still cannot afford the high course prices in your country, you should consider to attend a course at our training center in Greece.

A typical Microsoft course in Greece costs a fraction of the price that you should pay in most European countries. This is mainly because of the cost of living in Greece. For example, an official Microsoft course in Germany could cost around 2500 euros (exam not included), while in Greece the exact same course costs around 1000 euros.

Our offer: We can arrange your accommodation during your stay in Greece, we can also arrange transfers to/from the airport at no additional fee and we can arrange your flights if you need to.

The courses are delivered in English by our instructors, we provide you with the official Microsoft Learning material (books, labs) and you have the option to go for the exam as soon as you finish the course! So practically you go back home certified!

Now let’s calculate the costs: Microsoft course including lecture and training material = 1000 euros
Microsoft Exam = 120 euros
Accommodation 6 nights at a 4-star hotel, including breakfast = 500 euros
Flight to/from Greece = 250 euros (or even less, some airlines can offer tickets as low as 100 euros)
Total cost = 1720 to 1870 euros

Teaching Microsoft courses for 17 years now around Europe, allows us to offer you the exact same content at a special price. Do not hesitate to contact us and take a look for more details here: https://systemplus.gr

Azure AD: What is Multifactor Authentication?

Το βίντεο της παρουσίασης είναι τώρα διαθέσιμο στα ελληνικά. Ας δούμε μαζί πως μπορούμε να χρησιμοποιήσουμε την τεχνολογία του MultiFactor Authentication που υπάρχει ενσωματωμένη στο Azure Active Directory. Σε αυτή την online παρουσίαση θα δούμε τι χρειάζεται για να υλοποιήσουμε το MFA, το configuration που απαιτείται, αλλά και ποια είναι η εμπειρία του τελικού χρήστη.

One more hotel, one more challenge!

10685578_10152846675372767_3903580727177378033_nA few months ago our team was involved in a big migration project, strictly related to Microsoft technologies. In October 2014 we had the chance to spend some days in Paris, in order to migrate the basic servers’ infrastructure and the e-mail infrastructure of the well-known and famous Le Bristol Paris. The hotel is located on the prestigious rue du Faubourg Saint-Honoré at the heart of Paris’ fashion and arts district, where it has been welcoming its esteemed guests since 1925.

Tough project really, because we had to make the migration with limited downtime, so to do not interrupt the hotel’s normal operation. Endless sleepless nights, because we had to make it quick, using that specific part of the day when the hotel staff is at home. If you ever got involved in IT projects you know what I mean: you have to work when everybody else sleeps.

We should mention that the hotel’s IT staff guys were more than professionals: they were absolutely fabulous. So everything went smoothly, completing the project one day ahead of our estimated schedule, so we had the time to hang around in Paris!

The next challenge: Eden Rock Hotel St Barths

edenrocklogosm

It seems that we are attracted by the hotel and tourism industry, because in September 2015 we started our next project: Eden Rock Hotel at St Barths. As they describe this stunning hotel and location at their website:

“French Art de vivre in the Heart of The Caribbean: Eden Rock – St Barths is ‘beyond perfect’.”

hotel-newsAnd it really is. The bad thing is that we have to focus on the job and forget about the environment. Again we had to be quick and prepared. So we asked the IT staff to prepare the hardware in advance, so we should not loose time to create virtual machines, install operating systems and so on.

We had to upgrade the basic infrastructure that nowadays is normal to be found in every modern business environment: DHCP, DNS, Active Directory, File Services to name a few. And since we build a new infrastructure, is a good idea to implement some interesting new features that the Windows Server OS has to offer: advanced Group Policy settings, Deduplication, PowerShell scripts that can do the job quickly and effectively, again just to name a few.

leisure-beach-artbook1314-2

Another step of the project was to upgrade the communication infrastructure of the hotel. This is probably very crucial for a high-class hotel of this kind, especially if you consider that all reservations are made using e-mail (and other specialized hotel software). Downtime here is unacceptable: a single reservation missed could cost to the hotel a 5-digit number of euros or maybe more, if you consider the price of a villa, a suite or a beach house. Good preparation and planning is the key to a successful implementation.

acc-suites-diamond-waterlilly-2

So if you think that we can help your company to invest in proven Microsoft technologies by real experts, we are here to help.

You can take a look at our case studies here, learn more about us here, and don’t hesitate to contact us by using the info you can find here.

(All hotel photos are located at http://www.edenrockhotel.com)