Watching the watcher – Monitoring the EC2Config Service

17th of May, 2017 / Shariq Mustaquim / No Comments

EC2Config service is a nifty Windows service provided by Amazon that performs many important chores on instances based on AWS Windows Server 2003-2012 R2 AMIs. These tasks include (but are not limited to):

Initial start-up tasks when the instance is first started (e.g. executing the user data, setting random Administrator account password etc)
Display wallpaper information to the desktop background.
Run Sysprep and shut down the instance

More details about this service can be found at Amazon’s webpage
Another important aspect of EC2Config service is that it can be configured to send performance metrics to CloudWatch.… [Keep reading] “Watching the watcher – Monitoring the EC2Config Service”

VPC ( Virtual Private Cloud) Configuration

15th of May, 2017 / Syed Naqvi / No Comments

Introduction

This blog is Part 01 of a 02 part series related to custom VPC configurations
Part 01 discusses the following scenario

Creating a VPC with 02 subnets ( Public and Private )
Creating a bastion host server in the public subnet
Allowing the Bastion host to connect to the servers in the Private Subnet using RDP.

Part 02 will discuss the following

Configuring NAT Instances
Configuring VPC Peering
Configuring VPC flow Logs.

What is a VPC

VPC can be described as a logical Datacenter where AWS resources can be deployed.… [Keep reading] “VPC ( Virtual Private Cloud) Configuration”

Understanding Password Sync and Write-back

15th of May, 2017 / Dan Thom / 5 Comments

For anyone who has worked with Office 365/Azure AD and AADConnect, you will of course be aware that we can now sync passwords two ways from Azure AD to our on-premises AD. This is obviously a very handy thing to do for myriad reasons, and an obvious suggestion for a business intending to utilise Office 365. The conversation with the security bod however, might be a different kettle of fish. In this post, I aim to explain how the password sync and write-back features work, and hopefully arm you with enough information to have that chat with the security guys.… [Keep reading] “Understanding Password Sync and Write-back”

Patching EC2 through SSM

8th of May, 2017 / Syed Naqvi / 48 Comments

Why Patch Manager?

AWS SSM Patch Manager is an automated tool that helps you simplify your operating system patching process, including selecting the patches you want to deploy, the timing for patch roll-outs, controlling instance reboots, and many other tasks. You can define auto-approval rules for patches with an added ability to black-list or white-list specific patches, control how the patches are deployed on the target instances (e.g. stop services before applying the patch), and schedule the automatic roll out through maintenance windows.… [Keep reading] “Patching EC2 through SSM”

Akamai Cloud based DNS Black Magic

1st of May, 2017 / raihanalberuni / 1 Comment

Let us start with traditional DNS hosting with any DNS hoster or ISP. How does traditional DNS name resolution works? When you type a human readable name www.anydomain.com on the address bar of internet explorer, that name is resolved to an Internet Protocol (IP) address hosted by an Internet Service Provider (ISP). The browser presented the website to the user. By doing so, the website exposed the public IP address to everyone. The good and bad guys know the IP address and can trace globally.… [Keep reading] “Akamai Cloud based DNS Black Magic”

Re-execute the UserData script in an AWS Windows Instance

23rd of April, 2017 / Nivlesh Chandra / 11 Comments

First published at https://nivleshc.wordpress.com
Bootstrapping is an awesome way of customising your instances in AWS (similar capability exists in Azure).
To enable bootstrapping, while configuring the launch instance, in Step 3: Configure Instance Details scroll down to the bottom and then expand Advanced Details.
You will notice a User data text box. This is where you can provide your bootstrap script. The script will be run when your instance is first launched.
AWS_BootstrapScript
I went ahead and entered my script in the text box and proceeded to complete my instance configuration.… [Keep reading] “Re-execute the UserData script in an AWS Windows Instance”

Migrating VirtualBox VDI Virtual Machines to Azure

5th of April, 2017 / Darren Robinson / 4 Comments

Overview

Over the years I’ve transitioned through a number of laptops and for whatever reason they never fully get put out to pasture. Two specific laptops are used semi-regularly for functions associated with a few virtual machines they hold. Over the last 10 years or so, I’ve been a big proponent of VirtualBox. It’s footprint and functionality aligned with my needs. The downside these days is needing to sometimes carry two laptops just to use an application or two contained inside a Virtual Machine on VirtualBox.… [Keep reading] “Migrating VirtualBox VDI Virtual Machines to Azure”

A Closer Look at Amazon Chime

28th of March, 2017 / Arran Peterson / No Comments

In news this quarter AWS have released a web conferencing cloud service to their existing ‘Business Productivity‘ services which already includes Amazon WorkDocs and Amazon WorkMail. So my thought was to help you gauge where this sits in relation to Skype for Business. I don’t want to put this into a Microsoft versus Amazon review but I do want you to understand the product names that ‘somewhat’ align with each other.

Exchange = WorkMail

SharePoint/OneDrive for Business = WorkDocs

Skype for Business = Chime

The Microsoft products are reasonably well known in the world so I’ll give you a quick one liner about the Amazons products:

WorkMail “Hosted Email”

WorkDocs “Hosted files accessible via web, PC, mobile devices with editing and sharing capability”

So what is Chime?

… [Keep reading]

Dynamically rename an AWS Windows host deployed via a syspreped AMI

20th of March, 2017 / Bobbie Couhbor / 2 Comments

One of my customers presented me with a unique problem last week. They needed to rename a Windows Server 2016 host deployed using a custom AMI without rebooting during the bootstrap process. This lack of a reboot rules out the simple option of using the PowerShell Rename-Computer Cmdlet. While there are a number of methods to do this, one option we came up with is dynamically updating the sysprep unattended answer file using a PowerShell script prior to the unattended install running during first boot of a sysprepped instance.… [Keep reading] “Dynamically rename an AWS Windows host deployed via a syspreped AMI”

Azure AD Connect – Upgrade Errors

16th of March, 2017 / Moazzam Ali / No Comments

Azure AD Connect is the latest release to date for Azure AD sync or previously known as Dirsync service. It comes with some new features which make it even more efficient and useful in Hybrid environment. Besides many new features the primary purpose of this application remains the same i.e. to sync identities from your local (On-Prem) AD to Azure AD.
Of the late I upgraded an AD sync service to AD connect and during the install process I ran into a few issues which I felt are not widely discussed or posted on the web but yet are real world scenarios which people can face during AD connect Install and configuration.… [Keep reading] “Azure AD Connect – Upgrade Errors”