Monday, May 28, 2018

How to Start/Stop Azure VMs during off-hours

If you host your VM’s on Azure then you need to think about a ways that you can save something form the solutions that you have selected for yourself or the propose solution for the client.

Here I'm talking about large scale server list which is hosted in the Azure.

This solution provides a decentralized automation option for users who want to reduce their costs by using server less, low-cost resources. With this solution, you can:

  • Schedule VMs to start and stop.
  • Auto-stop VMs based on low CPU usage.
  • Schedule VMs to start and stop in ascending order by using Azure Tags (not supported for classic VMs).

Prerequisites,

* VMs need to be in the same Subscription.

* These regions only supported for the time Australia Southeast, Canada Central, Central India, East US, Japan East, Southeast Asia, UK South, and West Europe.

* If you want the email notification to be setup then select Yes to deploy the SendGrid.

          ** SendGrid is a third-party service. 

Limitations with SendGrid are:

  • A maximum of one SendGrid account per user per subscription.
  • A maximum of two SendGrid accounts per subscription.

To deploy the solution you can follow the below steps,

  1. In the Azure portal, click Create a resource.
  2. In the market place page , type the keyword start/Stop and search for “Start/Stop VMs during off-hours [Preview]” resource
  3. Click create.

image

4. then Need to ad the solution, First select the OMS Workspace. If you don't have one create a new OMS Workspace.

image

You can give a name for the Workspace and select the subscription if you have more,

Then Select the Resource Group and the Location(Available locations are Australia Southeast, Canada Central, Central India, East US, Japan East, Southeast Asia, UK South, and West Europe.)

image

5.  Add an Automation Account

Under the Add Solution page, select Automation account. If you are using a  new Log Analytics workspace, then you need create a new Automation account to be associated with it.

Select Create an Automation account, and on the Add Automation account page, provide the following:

Name : Name for the Automation account

All other options are automatically filled based on the Log Analytics Workspace selected. You can’t modify those options.


SNAGHTML5e0dfb22

6. Add a Parameter.

Here you can set the parameters.

Specify the Target ResourceGroup Names. These are resource group names that  contain VMs to be managed by this solution. You can enter more than one name and separate each by using a comma (values are not case-sensitive). Using a wildcard is supported if you want to target VMs in all resource groups in the subscription.


Specify the VM Exclude List (string). This is the name of one or more virtual machines from the target resource group. You can enter more than one name and separate each by using a comma (values are not case-sensitive). Using a wildcard is supported.


Select a Schedule. This is a recurring date and time for starting and stopping the VMs in the target resource groups. By default, the schedule is configured to the UTC time zone. Selecting a different region is not available. To configure the schedule to your specific time zone after configuring the solution, see Modifying the startup and shutdown schedule.
To receive Email notifications from SendGrid, accept the default value of Yes and provide a valid email address.


image

Once click create it will take more than 5 min to complete the task. then you can see the below mentioned dashboard and after few runs you will be able to see the summary of the job which you have created.

image

Wednesday, May 9, 2018

[Solved] CredSSP encryption oracle remediation error

Today after the MS patch installation, most of them experience an issue with the Remote desktop. 

An Authentication error has occurred.

The function requested is not supported.

Remote computer: <#servername#>

This could be due to CredSSP encryption oracle remediation

image

This will be effecting to the Windows Server and the Win 7/10 environments as well.

when I checked the hotfix details I saw that yesterday there were few updates and this will cause the issue.

image

While I'm searching this on the internet found that this is because of the below mentioned three hotfixes.

KB4103725 (Windows 8/10)
KB4103727 (Server 2016/2012)
KB4103718 (Windows 7)

If you have them installed frequently, uninstall them and check.

But as a quick fix you can add a registry value and fix this the details are mentioned bellow,

-------------------------------------------------------------------------------------------------------------

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\CredSSP\Parameters]
"AllowEncryptionOracle"=dword:00000002

-------------------------------------------------------------------------------------------------------------

Copy and paste this into a notepad and save as a .REG file. Then run the Registry editor as a run as admin.

image

Import this registry file and once that is done you will be able to see that that new registry value is set as below,

image

Restart your PC after that and see the status. Now you will be able to RDP again.

For me this works without restarting the PC.

Note :  This is not a permanent fix. Once the MS Patch is released, need to remove this.

Friday, May 4, 2018

Azure Service Health

Azure Service health gives a customizable dashboard which helps to track the Azure service health status. Region wise technical issues updates and many more.

You can track active events like ongoing service issues, upcoming planned maintenance, or relevant health advisories. When events become inactive, they get placed in your health history for up to 90 days. Finally, you can use the Service Health dashboard to create and manage service health alerts which proactively notify you when service issues are affecting you.

Mainly there are three things tracked and those are,

1. Service issues - Problems in the Azure services that affect you right now.

2. Planned maintenance - Upcoming maintenance that can affect the availability of your services in the future.

3. Health advisories - Changes in Azure services that require your attention. Examples include when Azure features are deprecated or if you exceed a usage quota.

Service Health dashboard is like below,

image

By default this service is active under your Azure subscription and to easy access you can ping that into the dashboard.

To do that Search Health Service under All services and from there ping that into the dashboard.

image

Tracking ID

This will be a problem tracking number and you can copy paste the mentioned URL if you want to send this details to some third party.

image

Summary Download

Here you can download a summary of the problem as a PDF doc and that also can use as a reference or send to the people who doesn't have access to the Azure portal. Or

Can scan the QR code on you mobile and grab more detail about the event while you are travelingWinking smile

image

Best part is to configure the notification. For that you can click on Service Health Alert and configure.

image

If you need more information about the notification profile setup, Please check my previous post about SQL notification setup. Which can be found in http://www.hemalekanayake.com/2018/04/enable-azure-hosted-sql-service.html location.