PowerShell
Are you looking for information about PowerShell in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about PowerShell.
-
SMB over QUIC and Azure Server: empowering secure and lightning fast file sharing
SMB over QUIC is a network protocol used by Windows. It allows secure, shared use of resources such as files on the network. To use SMB (Server Message Block) without QUIC, TCP port 445 is required. Some Internet providers block TCP port 445 for security reasons. Therefore, it is not possible to connect to a file share on Azure by SMB successfully. To bypass the blocking of TCP port 445, there are several options to choose from, including the following:
-
Azure Arc and Windows Server: The perfect pair for the hybrid cloud
Microsoft Azure Arc is a solution that enables resources to be centrally managed and monitored across multiple environments. Azure Arc extends the management capabilities of Azure to on-premises resources or other cloud providers such as Amazon Web Services (AWS) or Google Cloud Platform (GCP). Resources integrated into Azure Arc are administered via the unified Azure Portal. Regardless of where they are physically or geographically located. Overall, Azure Arc provides consistent, centralized and simplified management of resources. This guide describes how to deploy a Windows Server hosted outside the Azure Cloud step-by-step using the Azure Connected Machine Agent in Azure Arc.
-
Seamless Upgrade of Windows Server on Azure: Best Practices and Step-by-Step Guide
Microsoft Azure supports in-place upgrade to Windows Server 2019 and Windows Server 2022. All data, server roles and settings are taken over in the process. For a successful in-place upgrade there are a few requirements. This guide shows how to successfully perform a direct upgrade to a newer Windows Server version.
-
Windows LAPS in Microsoft Intune
Windows LAPS (Local Administrator Password Solution) provides centralized, simple, and secure management of local administrator passwords through Microsoft Intune. Each device receives its own, time-limited local administrator password. Windows LAPS independently manages the administrator passwords in terms of expiration and rotation. The passwords are stored either in Microsoft Entra ID (formerly Azure Active Directory) or in the local Active Directory. The centralized management of all local administrator passwords simplifies control and monitoring. The time-controlled rotation of passwords significantly reduces their exposure duration. In addition, access to the stored passwords is strictly controlled, which makes unauthorized access more difficult and overall increases the security of the network environment.
-
Microsoft Entra: Roll Over Kerberos Decryption Key
With Seamless Single Sign-On (Seamless SSO), users can leverage the same credentials for both on-premises and cloud-based services. Repeated authentication prompts between these environments are eliminated, as authentication data is automatically exchanged between Active Directory and Microsoft Entra. As part of the Seamless SSO configuration, a computer account named AZUREADSSOACC is created in the on-premises Active Directory. For security reasons, Microsoft recommends rotating the associated Kerberos decryption key every 30 days.