Azure – Create Kubernetes Cluster with ACR Integration

How to create a Kubernetes Cluster with ACR Integration and Service Principal Authentication.

Create Kubernetes Cluster, Select the Kubernetes Services Blade> Cloud Shell

You will be prompted for storage if not already configured

Type “az” to use Azure CLI

Run script from Microsoft docs here

Create a new AKS cluster with ACR integration. If you haven’t got a service principal created, skip to the next section before creating the AKS cluster

# set this to the name of your Azure Container Registry. It must be globally unique

$MYACR=myContainerRegistry

# Run the following line to create an Azure Container Registry if you do not already have one

az acr create -n
$MYACR -g myContainerRegistryResourceGroup –sku basic

# Create an AKS cluster with ACR integration

az aks create -n myAKSCluster -g myResourceGroup –generate-ssh-keys –attach-acr
$MYACR

To configure Registry authentication service principals – MS doc guide to create Service Principal, (script is formatted for the Bash shell)

Create a service Principal

#!/bin/bash
# Modify for your environment.
# ACR_NAME: The name of your Azure Container Registry
# SERVICE_PRINCIPAL_NAME: Must be unique within your AD tenant
ACR_NAME=<container-registry-name>
SERVICE_PRINCIPAL_NAME=acr-service-principal
# Obtain the full registry ID for subsequent command args
ACR_REGISTRY_ID=$(az acr show --name
				$ACR_NAME --query id --output tsv)
# Create the service principal with rights scoped to the registry.
# Default permissions are for docker pull access. Modify the '--role'
# argument value as desired:
# acrpull:     pull only
# acrpush:     push and pull
# owner:       push, pull, and assign roles
SP_PASSWD=$(az
				ad
				sp create-for-rbac --name http://$SERVICE_PRINCIPAL_NAME --scopes $ACR_REGISTRY_ID --role acrpull --query password --output tsv)
SP_APP_ID=$(az
				ad
				sp
				show --id http://$SERVICE_PRINCIPAL_NAME --query appId --output tsv)
# Output the service principal's credentials; use these in your services and
# applications to authenticate to the container registry.
echo "Service principal ID: $SP_APP_ID"
echo "Service principal password: $SP_PASSWD"

The author does not verify any of the scripts are test and everything should be done in Dev only.

EXO V2 Module – Microsoft 365 Exchange Online – PowerShell Module

EXO v2 Exchange Online PowerShell Module download here

Some PowerShell commands to help you manage your Microsof 365 Exchange. 

More information on the Microsoft Site here

How to load the EXO v2 Module

Run PowerShell ( I used the ISE) as Administrator    (+ be connected to the Internet)

Install-Module -Name ExchangeOnlineManagement    #Execute this command

You will need to say “Yes to All” on Trust the repository prompt (Well that’s what I needed to do)

How do you connect to Exchange Online

Connect-ExchangeOnline -EnableErrorReporting -LogDirectoryPath C:\temp\logs –LogLevel All

Enter your tenancy credentials

(This will work and prompt for MFA enabled accounts.)

Example EXO V2 PowerShell Commands

Example 1 – Return Mailbox details for a specific user command (Settings you might see in Active Directory)

Get-EXOMailbox -Identity <ENTER EMAIL ADDRESS HERE> -Properties DisplayName,EmailAddresses,Alias

Example 2 – Return Mailbox details for a specific user command ( Settings like MAPI & POP status, Email Addresses)

Get-EXOCASMailbox -Identity “< ENTER EMAIL ADDRESS HERE >” 

Example 3 – Check User Permissions

Get-EXOMailboxPermission -Identity “< ENTER EMAIL ADDRESS HERE >”


Example 4 – What Devices have accessed the mailbox.

This showed multiple devices and which supported remote wipe. If you are reviewing security footprint and what devices have access corporate email, this is a good starting point.

Get-EXOMobileDeviceStatistics -Mailbox “< ENTER EMAIL ADDRESS HERE >” -ActiveSync


Then finally how to Disconnect

DisConnect-ExchangeOnline

Then select “Yes to All”

Disconnected Successfully

WVD – Windows Virtual Desktop – Admin Tasks, Tips and Useful Blogs

New Release: PowerCLI 11.4.0

Great news for all the scripting people out there. New Release: PowerCLI 11.4.0 #PowerCLI #Scripting #WhatsNew

New Release: PowerCLI 11.4.0

August is always a great month when it comes to new releases, and this year is no different. Even before VMworld, there have already been announcements for vSphere 6.7 Update 3, NSX-T 2.4.2, and a new version of HCX. The PowerCLI team has one more exciting release for you in the form of PowerCLI 11.4.0! […] The post New Release: PowerCLI 11.4.0 appeared first on VMware PowerCLI Blog.


VMware Social Media Advocacy

Ping sweep script test

POWERSHELL
import-CSV "" | 
foreach 
{ 
$result = Test-Connection -ComputerName 
$_.Name -Count 1 -Quiet $_.name, $result -join ',' | out-file "c:\scripts\PingSweep\computer_results.txt" -Append 
}       


COMMAND /BATCH SCRIPT
Create list of computers to ping Comupters.txt 

Create batch file pingsweep.bat  

for /f %%s in (computer.txt) do (ping -n 1 %%s) open  cmd pingsweep.bat >> PINGSWEEPQUOTES.TXT 


Please test all scripts in a lab environment. We have no liability for any issues caused.


If you would prefer a more advanced script in PowerShell, check out this  example of a ping script in PowerShell written by Jamie Crookes "Ping utility function/module for PowerShell" can be found here http://www.powerscript.net/handy-ping-utility-function/

New Release: PowerCLI 11.0.0

New Release: PowerCLI 11.0.0

New Release: PowerCLI 11.0.0

PowerCLI has been moving at quite the rapid pace over the last 2 years. In 2018, we’ve been releasing roughly every other month to make sure we get the latest features, performance improvements, and updates available as quickly as possible. Well, it’s been two months and we’re not going to break this trend. Today, we […] The post New Release: PowerCLI 11.0.0 appeared first on VMware PowerCLI Blog .


VMware Social Media Advocacy

List Computers in Specific OU which are Enabled and Output to CSV

# Out puts computer accounts including status Enabled True or False
# Targets a specific OU
# Lists computer names

# OU Variable to set
$OU_HotWiredUK_location = “OU=Computers,OU=HotWiredHQ,OU=UK,DC=test,DC=com”

# Out put CSV to c:\scripts\…
Get-ADComputer -Properties * -Filter * -SearchBase $OU_HotWiredUK_location | Select Enabled, Name, DistinguishedName | export-csv C:\Scripts\OU_HotWiredUK_location.csv

Task : Output A List Of Home Drive Paths Configured In Active Directory

#DSQuery

dsquery user -name “*” -limit 0 | dsget user -samid -hmdir -hmdrv -profile >c:\temp\usersV2.txt

 

#PowerShell # More flexibility # Includes the state of the computer account (Enable or Disabled)

Get-ADUser -Filter * -Property Name,CanonicalName,CN,DisplayName,DistinguishedName,HomeDirectory, HomeDrive,SamAccountName,UserPrincipalName | export-csv -path (Join-Path $pwd HomeDrive.csv) -encoding ascii -NoTypeInformation

List all users in the domain and email addresses

 import-module activedirectory

#List all users in the domain

# Display Name and Email Address

get-aduser -Filter *  -SearchBase “dc=Test,dc=com” -Properties Displayname,emailaddress | select displayname ,emailaddress | Export-Csv C:\temp\users_and_email.csv