Podcast: Play in new window | Download (Duration: 35:52 — 24.7MB)
Subscribe: Spotify | Amazon Music | Pandora | iHeartRadio | Email | RSS
In Episode 183, Ben and Scott go through some of the recent announcements for network performance recommendations and the general availability of Azure Files AD DS authentication.
- [Ben] Welcome to episode 183 of the Microsoft Cloud IT Pro Podcast recorded live on June 12th, 2020. This is a show about Microsoft 365 and Azure, from the perspective of it pros and end users, where we discuss a topic or recent news, and how that relates to you. In this episode, Ben and Scott, jump back into Microsoft 365 land, to talk about recent announcements around network performance recommendations from Microsoft, as it relates to Microsoft 365. They also spend some time in Azure talking about Azure files and active directory authentication.
- [Ben] How was week one? You are one week in the books as a blue badge.
- [Scott] I survived it.
- [Ben] Remotely, so you survived it. What is the first week kind of like a first week, anywhere else where you just, I think I saw it. You were just watching a bunch of videos, and doing a bunch of learning and figuring out where everything is, and what you're supposed to do, and where you're supposed to find that and all that.
- [Scott] Yeah. Yeah, I mean, you go to a new company, you get to learn the way they do things.
- [Ben] Yep, exactly. And now, since you're in the Eastern time zone, and they're in the Pacific time zone, are your hours like 11 to eight?
- [Scott] No. No, I'm primarily in my hours so far.
- [Ben] You're just sticking your hours so far.
- [Scott] So far, mostly.
- [Ben] Perfect. All right. So essentially, we're now a blue badge. I have a question for you that I ran across on Facebook. I'm going to not say who it is or not say which Facebook group I saw it in, so said person could remain nameless. But I have a question for you, Scott. Do you know, or the question was anyone, does anyone know what is the best way to add WordPress plugins, for creating their own design in SharePoint 2019?
- [Scott] Step one, uninstall SharePoint 2019 step--
- [Ben] install WordPress.
- [Scott] Step two, install WordPress, yes. PHP and.net and com are not compatible.
- [Ben] They don't work together, it made me laugh.
- [Scott] You could certainly write your, well I dunno, maybe like your SPFx thingamajiggers and put them in I-frames or something. And those could be in WordPress right?
- [Ben] And then pull in a WordPress site. Just put WordPress in an I-frame in SharePoint, in teams.
- [Scott] .
- [Ben] Bingo.
- [Scott] It's all just code somewhere.
- [Ben] Inception for Office 365 and WordPress. Now I was making breakfast this morning and I saw that, and it just gave me a chuckle.
- [Scott] Indeed, yeah well.
- [Ben] Yeah, I don't have anything else, I'm tired. It's been a long week, I'm going on vacation next week.
- [Scott] Yeah.
- [Ben] Yeah.
- [Scott] Disney's open again.
- [Ben] No, We are actually going up. We're going North now, we're going up to Georgia.
- [Scott] Georgia is not North, it's still in the South.
- [Ben] It is North for me.
- [Scott] very true.
- [Ben] As is just about everything.
- [Scott] There we go, very true.
- [Ben] Yeah, so we're taking out for a week and just getting away with the whole family. Some of my in-laws us, we rented a house and we're gonna go social distance somewhere in the woods, in Georgia.
- [Scott] Excellent, we're thinking about doing the same, but we'll do it closer to when the leaves change. 'Cause Palm tree leaves don't really change color, but if you do go to Georgia or North Carolina or South Carolina, you start to get into leaves. That actually changed, so we're gonna do that more in like October, November.
- [Ben] Got it, nice, I think we might, well, it's not a might actually later this year, we aren't gonna brave the airports too and fly up to Michigan to see my family. We bought plane tickets the other day. They were cheap. Nice thing is it's a direct flight from one small airport to another small airport with no layovers, no Atlanta, no anything. So we shall see how that goes. I will let you know how the airports are later the summer.
- [Scott} Basket up.
- [Ben] Yup. Well, so it was interesting when I booked the flights, they actually give you a, they put a disclaimer on there that based on how many plane tickets we're gonna sell, we may not be able to adhere to social distancing guidelines on the plane. And then they give you a check box. Do you want to be notified when this flight is over like 60% sold? So you can book these flights and then get notified if your plane is gonna be really full and if you can adhere to social distancing. And I'm assuming they'd let you cancel or reschedule if you're uncomfortable with a over 60% full flight, which just seems weird because the last time I was on a flight that had that few people. I don't remember the last time I was on a flight that had that few people.
- [Scott] Yeah, that'd be a pretty interesting thing.
- [Ben] So, I will let you know on that other news I'm just full of random tidbits of news.
- [Ben] As IT professionals and the cloud era. Sometimes it feels like we don't speak the same language as the rest of the organization. So when stakeholders from finance or other departments start asking about a specific project or teams that Azure costs, they don't always realize how much work is involved in obtaining that information. Sifting through cluttered CSVs and a complex, massive metadata in order to manually create custom views and reports. It's a real headache. On top of helping you understand and reduce your organization's overall Azure spend ShareGate Overcast, lets you group resources into meaningful cost hubs and map them to real world business scenarios. This way you can track costs in the way that makes most sense with your corporate structure, whether it's byproduct business unit, team, or otherwise. It's a flexible, intuitive and business friendly way of tracking Azure infrastructure costs. And it's only available in ShareGate Overcast. Find out more on sharegate.com/it pro.
- [Ben] So I'm trying something else. I'm gonna do some self promotion. Could I do some self promotion at the beginning of our podcast. I'm I allowed to do that?
- [Scott] Sure. As long as it's shameless self promotion.
- [Ben] As long as it's shameless. So July 9, I'm gonna try something new, I'm gonna actually do a one day workshop, like all in teams for 20 people. And it's gonna be a combination of some videos. We'll have some live calls, some office hours, some resources people can download and it will be within teams from 7:00 a.m Eastern to 7:00 p.m Eastern time. And...
- [Scott] 12 hours.
- [Ben] 12 hours. But it's not gonna be that you have to be there for 12 hours. So 77 bucks, you can go sign up. I'm limiting it to 20 people. So I have enough time to give everybody attention and you can come in, watch the videos work through like challenges that I'm gonna have in your team in terms of configuring teams policies, and some of the team settings and messaging policies and all of that. And then you'll have resources you can download. And during those 12 hours I'll be available for chat for office hour type calls for some one on one calls and then you'll have access to everything for like 30 days after that. But I won't be actively monitoring that team's channel anymore
- [Scott] Gotcha.
- [Ben] So there is going to be a registration in the show notes because I need to make sure I have the URL, right? So go look at the show notes 'Cause I'm still getting the registration all set up and configured. But if you are interested in learning all about teams policies in a one day workshop and then have a bunch of resources to go take and do at your your own tenant and, or threaten your own tenant, Go click the registration link in the show notes and find out more.
- [Scott] Very cool.
- [Ben] And then maybe I'll do more. If people like it and I fill up, I can always do more workshops for 20 people, or I may expand it out and do one day or two day or three days on different topics. So if this isn't your cup of tea, let me know and we'll see what other workshops we can do.
- [Scott] Just like that. You're so accommodating.
- [Ben] Just like that. I am, I do it for the people Scott. All about the people.
- [Scott] All about them, huh.
- [Ben] Okay. All about, yes, Okay. We're gonna stop. Now we'll get into some real news. Do you wanna talk about, well that's real news. Do you wanna talk about other news? That's not my news.
- [Scott] Yeah, how about network assessments? You wanna start there?
- [Ben] Network assessments. So this one was interesting. And if you have been paying attention to conferences, this was actually initially announced back getting night. As I went back and dug through it. And I really hadn't seen anything else about it. And then Jeff Teper has recorded a keynote that has been playing at a few of the conferences going around. It was at the virtual marathon that I took part in. I think there was... What was the one in Europe? There was one in Europe, I think this past week.
- [Scott] The European Collaboration Summit.
- [Ben] Yeah. I thought they had a different name. But I know it's the...
- [Scott] ECS.
- [Ben] ECS, Okay. So there was that one, I think there was one other one. And then there's the Collab365 Summit that is their global Cantu. That's actually gonna be going on when this comes out. But in there Jeff Teper and I can't remember who else. Somebody else joined him for the keynote, but he talked about a network performance tool. And as you have, it's tied to Office or Office 365, Microsoft 365. And as you set up your offices in different locations, this tool can tell you about network performance in these different locations around the world or around whatever country you're in and what the experience is like based on network performance. And I haven't had a ton of time to play with this yet, but they said you could get to it through the Microsoft 365 admin center. I was not able to find it and I haven't dug around a ton yet, but I don't know exactly where it is in the admin center, but I did find the URL to the preview of it. The interesting things it's not at admin.microsoft.com. It's at portal.microsoft.com /adminportal/homepound/network performance. It's kind of nifty because you can go in and manually enter your different locations or it can go detect where all your different end points are and pull in those locations automatically and start developing again, just kind of a connectivity and network performance map on. Hey, people in this location are not having a great experience because network performance isn't great, or these people have a great experience. So it starts giving you some insights, especially with everybody working from home or companies that have multiple locations around how your network is actually performing, as it relates to people accessing Office 365.
- [Scott] Yeah. It's pretty interesting. I don't know how it's coming up with the metrics around where your users are located. If it's using actual location data or if it's just based on usage location or the actual location of the user in their Ad profile, which is pinned in for data residency and a bunch of other different things.
- [Ben] So in the portal, it talks about, this is straight from the portal that says this list shows office locations discovered from network telemetry as well as locations you've added manually. So guessing it polls based on IP address would be my theory.
- [Scott] Yeah.
- [Ben] Because only telemetry, would it be Ad locations? I wouldn't think.
- [Scott] Yeah, I don't know where that all falls out. Like it does say in the docs that it's live data, but Microsoft has things like Demo Tenants. Like we've talked, I think about like demos.microsoft.com and CDX tenants and things like that. If you're a partner and you have the ability to spin up, CDX tenants go spin up a CDX tenant and it will have a bunch of data in it. And those are not live tenants. They're quick tenants that are kind of sitting around ready to go, but they're loaded up with a bunch of fake data and things. So it's pretty interesting that the maps even show up in there. So clearly they're doing some fun stuff. So for like some locations, they just see it as a, it looks like when you go into the locations in the portal and you can add a location or you can import new ones, it looks like for some, they actually catch insights for them. Like you see like, this location potentially has peers in it , or we see users using a proxy. And then for some they're just empty, it's just a straight city or location that's coming back to you.
- [Ben] Yeah. And they'll start as they start drilling into this too, it'll even get to the point where it's giving you recommendations around, based on these insights, go take this recommended action. Maybe like stop having all your users connect to VPN and route through a central egress or ingress point or ones that require for research. So really trying to help you give some insight and actions you can take to improve that end user experience when users are accessing their M365 tenant.
- [Scott] Yeah, one of the cool things is, if you think about connectivity to something like Microsoft 365 workloads, it's potentially more than just TCP traffic. So it will show you things like poor UDP connectivity in there. If they're seeing those come through, you'll have a better sense potentially over where Office 365 or M365 pops are and kind of how you can get in there. So just from spinning up a CDX tenant really quick and looking at the map in there. So it's got locations for, it looks like New York, something in Texas, it's gotten Australia, New Zealand and New Zealand is the only one that shows as green for, hey, we're pretty much like ready to go and in good network health. And that's because New Zealand has a couple of pops right there and it can connect straight across to Australia, which is funny because like if I look at this map, it says Auckland has better connectivity to Sydney than Melbourne does or something like in Adelaide, which is funny because those are both on the continent, but whatever.
- [Ben] Yeah, who knows, but some interesting metrics and insights you can pull out. Again, I haven't, I dug through my admin center a little bit to see if I could find the link to this in the admin center directly. And I can't find it.
- [Scott] I don't think it's in there. Like even if you click into a detail for a location, Link in this one is if you click into Auckland, there's no back button to get me back to the actual overview dashboard. Either need to use back in my browser or just go and paste in the URL manually again. Cause it totally loses the context. It's almost like you're just on the homepage of the admin center. 'Cause you really are. You're at portal.microsoft.com. Admin portal home. And you're just hitting an anchor tag on that homepage. So they're just doing some rendering there.
- [Ben] Right. And I would anticipated would show up like under health, the reports and your admin center once it's there. But if you do wanna go look at it and check it out, go hit the link in the show notes to get to the about page, to have the link to where this is in your admin center.
- [Scott] Yeap So there are some prerequisites for it as well that are called out in the docs. So before connectivity measurements can appear, you do have to have at least two computers running at the office locations that you wanna see and they need to specifically be running the OneDrive for business sync client. So they've got version requirements and things like that in there. And if you're running Windows, you also have to have the Windows location service turned on and consented to.
- [Ben] Got it, which is interesting. It must be using sync data then or file sync data with OneDrive to pull those network performance or there's something embedded in OneDrive that is measuring that.
- [Scott] It's worth choosing telemetry for your synced files. Like this client is syncing from this location and that just happens to be telemetry that's stored in OneDrive as part of the logging.
- [Ben] True that could be as well, time to go put a network sniffer on there and see what's going on if you're watching this.
- [Scott] But that's it, prereq's get some OneDrive clients out there and light it up and...
- [Ben] Yeah, I'm gonna have to go turn on a VM so I can actually get some data in my environment.
- [Scott] I think it's an interesting thing. So if you're a customer today, who's doing M365 workloads and you're not potentially doing split tunneling or things like that for your users that are on your VPNs at this point, then this gives you some kind of data to understand where those pops are and potentially how those connections could be far more performing than you're potentially making them today.
- [Ben] Right? Oh, absolutely. So good stuff.
- [Ben] Outlook add-ins are a great way to improve productivity and save time in the workplace. And Sperry software has all the add-ins you'll ever need. To save as PDF Add-in is a best seller and is great for project backups, legal discovery, and more. This admin saves the email and attachments as PDF files. It's easy to download, easy to install and Sperry software's unparalleled customer service is always ready to help. Download a free trial at sperrysoftware.com. S-P-E-R-R-Y, S-O-F-T-W-A-R-E.com and see for yourself how great save as PDF is. Listeners can get 20% off their order today by entering the code cloudIT. That's cloud it C-L-O-U-D IT. All one word at checkout. Sperry software work in email, not on email.
- [Ben] You had some news Scott, Azure Files. We're gonna dive in, well, you're doing blob, but we're going to dive into Azure Files. What has happened with Azure Files? And I've been working with this too a little bit over the last month, as we have talked about in other episodes, what happened with Azure Files this week?
- [Scott] So couple different things, G Ad for Azure files very recently, like yesterday and earlier this week. We can probably talk about some of the new stuff. Then I think it'll be fun to talk about some of the things that you've done in the real world with them. Those always tend to be enjoyable conversations.
- [Ben] So you're just like laughing at my convoluted hack job of them.
- [Scott] Well, yes, but it is what it is.
- [Ben] Alright.
- [Scott] So soft delete for Azure Files has been enabled. This is a capability that's been in Blobs for awhile now. So just if you're doing Azure Blobs, like things in general containers, you could have turned on soft delete for Blobs and done restores from those, but now you're getting the same capability inside of Azure Files. So I think rather than thinking about it as it's not a snapshotting capability or anything like that, but because we're just dealing with like generic Windows file shares at that point, There should be file shares. I think you can distill it down and just say it's as easy as, it's easy enough that you've given yourself a recycle bin specifically for file shares. So we're not talking about individual files, soft delete. This is soft delete for an entire file share. So I create a new file share for HR. So the HR share goes up and I give it a two terabyte quota and boom, it stands up and then somebody accidentally comes in and deletes that share you'll have the capability to restore it.
- [Ben] Got it. This is kind of nice. I feel like for individual files would be nicer or yeah. Just because my experience is people don't tend to delete the whole share. They just delete the files. But we had to start somewhere. Right?
- [Scott] Well, I think you can kind of have your cake and eat it here too. So really we're talking about maybe a management plane control, to say let's protect overall file shares and make sure that if somebody did have acces s to my storage account, they don't have the ability, like say I had an owner of a storage account who didn't know what they were doing, and they just went into files and they click the wrong button and they click delete. That's not a good thing. So having soft, soft delete for the entire file share is good. There's some limitations there, right? You can delete a file share, but if you delete a file share to recover it back, it's basically got to go right back to where it was. But the nice thing is, If, when it goes away and when it comes back, it comes back with all the things that it had. So one of the pieces there is Azure Files also supports snapshots. So you have the ability to take point in time snapshots of a file share, and then snapshots can build up incrementally over time. So it's basically, I take a snapshot on day one. That's a snapshot of everything. I take a snapshot on day two, that's a Delta of everything that changed from day one to day two, I take a snapshot of day three. That's my Delta of day two to day three and so on and so forth. So you can manually take snapshots through The Portal, PowerShell, CLI or you can also use Azure backup and the snapshot management service that's built into Azure Files. So all that's kind of G Ad and kicking around as well. So if you're taking snapshots, then you can just use, say, you're like doing Windows. So you go ahead and mount your file share. You can just use the previous versions functionality that's built directly into Windows and go ahead and restore previous versions right from there.
- [Ben] Got it.
- [Scott] Then that is item left for restore.
- [Ben] Right? So that way you can do that for your item level and then just keep your soft delete for your file share as a whole.
- [Scott] Correct, Yep. And then if you are taking snapshots soft delete also captures your snapshots. So when you restore, you're not just doing a point in time restore right back to where you were. You're doing a point in time restore with all your snapshot history.
- [Ben] With all your snapshots included. And it looks like the soft delete, it doesn't give you the option to actually look through what was in there. You either just kind of choose to restore it, or you choose not to restore it. There's no real browse through and soft delete it. 'Cause like today, if you think recycle bin, you can go into a recycle bin, browse through it, look through everything and then pick and choose what you're gonna restore. Like you said, this is just, let's just, choose that soft delete, go restore the whole thing. There's no real digging into it or looking what's actually in that
- [Scott] Yeah.
- [Ben] Recycle bin of sorts.
- [Scott] So to see what is in it, you've gotta go and restore it back and then remount it someplace and then you could kind of dig through and see what's there.
- [Ben] All right. So I think I actually have speaking of my Azure Files, I think I actually have it all working.
- [Scott] Yeah.
- [Ben] It is.
- [Scott] I was gonna say, let's talk about that one. 'Cause you were doing some Azure active directory domain services with Azure Files.
- [Ben] So I Was and I backed out of that and just went to a domain controller. So here's the scenario and you can very much tell me I'm crazy, but it actually is working for the most part. There's one thing that I'm not crazy about that we're playing with. So I have an On-Prem Domain Controller and I have a domain controller in Azure. So synchronize domain controllers. They're both as that that sync is happening no problem. We have a site-to-site VPN setup between the on-prem location and Azure, so that all that syncing and traffic is going over the safe say, VPN. We've set up an Azure File Share and we set up Azure File Sync on the server. So all of our files on the local server are syncing up to Azure Files to a file share in Azure, that is set up to use SMB permissioning with that cloud-based Azure Ad domain controller. So when people go connect to our Azure File Share, they throw in their Azure credentials, their Azure ID credentials, and can connect to Azure Files without any problem. The goofy part of all of this that we were playing around with is users that are in the office. They wanted those users to be able to connect to the on-prem server, to get those files that are sent to Azure Files. Just for a speed thing. Obviously going back and forth between Azure to pull the files out is going to be slower than going over your local network to a local file share. So none of that changed that all works great, but then everybody is working from home or sometimes working from elsewhere. So then they were like, well, can we actually map a network drive then to Azure Files when we're not in the office? And that's where it all got a little goofy. So we did a point to site VPN. So it's using the exact same network doing a point to site VPN. So users can go to coffee shop. They can be at home. They can be wherever they are, go connect that point to site VPN network and map a network drive to the Azure file share location. But where it got a little interesting was that they needed to actually make sure they hit that on-prem domain control or not the On-Prem Domain Controller, the Azure Domain Controller in order to authenticate for Azure Files. Otherwise the routing got really goofy. So there was an article I found that told you how to go into that VPN connection to Azure. And you can update the DNS servers and by updating all those DNS servers to point to the Azure server, whenever it goes to authenticate and look for the domain, it's hitting that Azure server first and users are allowed to authenticate and they can then get to their Azure Files from anywhere which are then synceed back to the on-prem server and kind of go in at those two different points based on where they are. There was something else I was gonna say with that. Oh, we had problems though, with those mapped network drives, reconnecting to Azure Files with the VPN. I think it has more to do with Windows than anything else. So we had to do a little goofy stuff, get a batch file that the users can just double click on their desktop and it essentially deletes and recreates the map network drive to Azure and it all works great. So that was one kind of goofy workaround that I haven't come up with a better solution for yet. And then the other one is Azure File Sync, only sync from on-prem to Azure once every 24 hours. So there can be significant delays, especially if people are trying to collaborate on the same file. I've seen some PowerShell scripts that are supposed to, that you could like run an Azure automation to trigger that to happen more frequently. It doesn't look like the one I tried is working. So I still need to see if there's a way to force that to sync quicker than once a day, because there are some scenarios where they're like. If it's once an hour, once every 30 minutes, once even every couple hours, it'd probably be okay. But once a day can be a little troublesome, If somebody else has to view the file. In theory, because of the site to site VPN, they could always map those network drives to the Azure File Share on-prem and go in that way. But that was my scenario that for the last week or so we haven't, we kind of worked through all the last details other than that sync timing. And it seems to be working okay.
- [Scott] Like you said there is a PowerShell command, that invoke easy storage sync change detection cmdlet which can potentially help you out there.
- [Ben] And just like you said, go ahead and automate it inside, Azure automation or something like that along the way, if you need to, but yeah.
- Yeah, that was the one I was looking at. And Azure Automation, the most frequently you can run a run book is once every hour. So if you don't wanna blow through Azure Automation minutes, you get once an hour. If you wanna do it more frequently, you essentially have to write a script that runs for an hour and just pauses like every 10 minutes. And then it goes, triggers that again, pauses for 10 minutes, triggers it again. It runs for an hour and then it starts all over again. So essentially you have a run book running 24 hours a day, which is going to blow through a bunch of Azure Automation minutes.
- [Scott] Yeah. I remember when we talked about this one in the beginning, when we talked about file shares this way and things like that might not be the best solution.
- [Ben] Yes.
- [Scott] You're trying to use a tool for something that it's not necessarily meant for. So the other thing that's happening there is you said you've got batch scripts that now go out and end users can run those batch scripts and things like that. So when you connect to an Azure File Share and you mount to share the way you mount shares is by having access to one of the access keys for the account. So there's a primary key and a secondary key. So how are you like everybody's good with that. Nobody wants to live with mitigation of you just gave away kind of the keys to the kingdom for that whole storage account.
- [Ben] Also the whole SMB thing. Once you connect it to that domain controller, whether it's a server running active directory or Azure Ad Domain Services, they actually use their Azure Ad username. So it's a net use T slash and then space and then the path to the file share. And then they can actually pass in like a slash U user at--
- [Scott] Gotchu
- [Ben] My domain.com. So they're actually using their Azure ID credentials now to connect to those Azure File Shares. So no keys involved. I had to use the key initially to set up some of the permissions, but Azure File Sync keeps all of the same permissions when it syncs it up to Azure Files.
- [Scott] Yeah it syncs all your ACls and everything, which is nice.
- [Ben] So all those get synced up. And then once you enable the active directory permissioning for Azure Files, it uses all the same ones. So it's, they're using the exact same username because Azure the connect is set up and all of that. So exact same username and password to access the file share whether they're on-prem or whether they're going to Azure Files and all the SMB file share permissioning is the same using those, that active directory user.
- [Scott] Very cool. I wonder how you could have gotten around some of your kind of sync and timing issues maybe which is like DFS and having a single endpoint that clients connect to. And then having those two distinct shares kind of hanging out in both environments on-prem and up in your Azure Vena, and then using Azure Files as your kind of backing file store. But that way, whichever share they hit, they always hit, you know, the, the most current one.
- [Ben] They hit the most, yeah.
- [Scott] But then you got more infrastructure in there too. It's a weird, it's a weird scenario for such a small customer, you know?
- [Ben] Yes And already there was like all the different moving pieces and Azure resources. It increased quickly and the amount of different things that all had to be connected and talking to each other and working properly together, but it was kind of a fun exercise to go through to figure it all out. So that was my Azure File story. And a lot of that came out. We talked about it before is all of this would have been significantly, eh, nah, it wouldn't have been easier. Part of it originated because all the internet providers Block Port 445, which is used for SMB file shares.
- [Scott] There is that as well.
- [Ben] Which is why we had to do point to site VPN. But you kind of have to do point to site VPN anyways, because you have to authenticate to a Ad directory service and you don't want that going over the internet.
- [Scott] Yeah you need hit a DC at some point.
- [Ben] Do you feel overwhelmed by trying to manage your Office 365 environment? Are you facing unexpected issues that disrupt your company's productivity Intelligent is here to help much like you take your car to the mechanic that has specialized knowledge on how to best keep your car running, Intelligink helps you with your Microsoft Cloud environment because that's their expertise. Intelligink keeps up with the latest updates in the Microsoft Cloud to help keep your business running smoothly and ahead of the curve. Whether you were a small organization with just a few users up to an organization of several thousand employees, they want to partner with you to implement and administer your Microsoft Cloud technology. Visit them at intelligink.com/podcast. That's I-N-T-E-L-L-I-G-I-N-k.com/podcast for more information or to schedule a 30 minute call to get started with them today. Remember intelligink focuses on the Microsoft Cloud so you can focus on your business.
- [Ben] Right, so in, in theory, I probably could have set up the routing. It gets, a little hairy. I'm probably could have set up the routing. So they went over the point to site VPN up into the Azure, through the Azure sub-net and then back over that site-to-site VPN to hit their local domain controller. Obviously there's some risks there in that if that network connection goes down, you can't get to a domain controller. So having went up in Azure gives them a nice secondary backup domain controller. They're not as dependent on that site-to-site VPN, but your routing tables to get people routing through all the different subnets and V-nets and all of that can get a little wild as well.
- [Scott] It will run away from you quickly. And then all of a sudden you're just, you've implemented asymmetric routing and nothing works anyway.
- [Ben] Yeah. Or something breaks, and you can't remember where everything is configured.
- [Scott] Never happened.
- [Ben] No. Not at all. We don't speak from experience there one bit. Yeah. So that was, that's my story. And again, it all seems to be working. I just have to get that PowerShell command to actually sync the files. 'Cause it didn't appear to be triggering it or for some reason the PowerShell command wasn't picking up one of the changed files.
- [Scott] Yeah. Well, I mean, you've gotta invoke it and then it still has to go out and reach out through the sync group and talk to the sink server and capture everything and then get it across the wire. So there's still, it's not immediate.
- [Ben] So that can well be, well this was like seven or eight hours. Well, this commanded run like seven or eight times and there was still a file that wasn't syncing.
- [Scott] Tell the user to close it if the lock
- [Ben] 'Cause it was after like eight hours of waiting and then it was there the next day. So we'll see, I'll go dig through that and figure that out. But it would be nice if they could just authenticate against Azure ID and not need that separate domain service for the Azure Files. But I'm guessing there's something there with the whole SMB and the fact that Azure ID, isn't a real active directory.
- [Scott] Welcome to legacy authentication stuff.
- [Ben] Yes. We just need to all use SharePoint because that takes here the sync issues. The only thing you don't have is you don't have it as a map network drive. Use OneDrive. Go listen to our previous episodes when we talked about clouds for file share.
- [Scott] There you go. And on that note.
- [Ben] We shall wrap up and let you go listen to those episodes.
- [Scott] Just like that.
- [Ben] Wow. That was such an anticlimactic ending. Should we put a hint track? Should we give like three minutes of silence? The hidden after show.
- [Scott] No we should not.
- [Ben] Okay, all right, Sounds good. Well go enjoy your weekend, Scott, stay safe, stay healthy, work hard. Get that computer all set up and everything learned and we will talk to you next week.
- [Scott] Thanks Ben.
- [Ben] If you enjoyed the podcast, go leave us a five star rating in iTunes. It helps to get the word out so more it pros can learn about Office 365 and Azure. If you have any questions you want us to address on the show or feedback about the show, feel free to reach out via our website, Twitter or Facebook. Thanks again for listening and have a great day.
Sign up to receive email updates
Enter your name and email address below and I'll send you periodic updates about the podcast.
Sponsors
- Sperry Software – Powerful Outlook Add-ins developed to make your email life easy even if you’re too busy to manage your inbox
- ShareGate – ShareGate’s industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Azure usage & costs
- Office365AdminPortal.com – Providing admins the knowledge and tools to run Office 365 successfully
- Intelligink – We focus on the Microsoft Cloud so you can focus on your business
Show Notes
- Intelligink Microsoft Teams Policies Workshop Registration
- Network performance recommendations in the Microsoft 365 Admin Center (preview)
- Azure Files enhances data protection capabilities
- General availability of Azure Files on-premises Active Directory Domain Services authentication
- Troubleshooting: Azure point-to-site connection problems
- Invoke-AzStorageSyncChangeDetection
About the sponsors
Every business will eventually have to move to the cloud and adapt to it. That’s a fact. ShareGate helps with that. Our industry-leading products help IT professionals worldwide migrate their business to the Office 365 or SharePoint, automate their Office 365 governance, and understand their Azure usage & costs. Visit https://sharegate.com/ to learn more. | |
Sperry Software, Inc focuses primarily on Microsoft Outlook and more recently Microsoft Office 365, where a plethora of tools and plugins that work with email have been developed. These tools can be extended for almost any situation where email is involved, including automating workflows (e.g., automatically save emails as PDF or automatically archive emails that are over 30 days old), modifying potentially bad user behaviors (e.g., alert the user to suspected phishing emails or prompt the user if they are going to inadvertently reply to all), and increased email security (e.g., prompt the user with a customizable warning if they are about to send an email outside the organization). Get started today by visiting www.SperrySoftware.com/CloudIT | |
Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info. |