Use the Get-MgGroupTransitiveMemberAsUser cmdlet that's part of the Microsoft.Graph.Groups module. # Just get all Microsoft.Graph modules, including Microsoft.Graph.Groups Install-Module Microsoft.Graph # Specify the Entra ID object ID of the group $groupId = '<your group ID>` # Connect to the Graph API. Use an account that has permissions to (minimally) read all group information Connect-MgGraph -Scopes … Continue reading Retrieving all transitive user members of an Entra ID security group
In this article, I will show you how to generate an SSH key pair, add it to your GitHub account, and use it to pull contents from a private GitHub repo.
On rare occasions, a bug might slip into the Azure Virtual Desktop (AVD) clients. When that happens, it is highly relevant to know which clients and specific client versions your users are using to connect to the session hosts. Assuming you have enabled diagnostic settings on your host pool* (you really should!), the KQL query … Continue reading Azure Virtual Desktop: Which clients and client versions are in use?
Most Azure customers use App Service to host web sites and applications that are available on the public Internet. However, there are use cases for using the PaaS features of App Service only from your private network. Traditionally in Azure, you would have used an App Service Environment (ASE) for that purpose. With ASE v3 … Continue reading Azure App Service Using a Custom Domain Name in a Private Namespace
Recently, I spent a few hours reading different sources and experimenting to build an Azure Logic App that listens for Azure Blob storage events and creates a new file in a SharePoint Document Library in another tenant. Here's how I put it all together. As you might expect, the key concern is "another tenant." Creating … Continue reading End-to-end: A Logic App to Copy an Azure Storage Blob to Another Tenant’s SharePoint Document Library
I've recently been engaged on several customer projects where file uploads to an Azure Storage account have to be scanned for malicious content. Usually, this functionality is needed to ingest data safely into an Azure-hosted research environment. In this post, I am describing a solution I designed to scan the uploads for malware using the … Continue reading On-Demand Malware Scanning for Azure Storage Blobs with VirusTotal
Update 2021-01-13 9:15 AM CST: Added additional resources at the end of the article Update 2021-03-23 2:31 PM CDT: Added additional firewall configuration for port 514 and additional SELinux configuration. Update 2021-10-24 3:11 PM CDT: I have a GitHub repo with Azure Bicep templates to build a single or multiple syslog forwarders in high availability … Continue reading End-to-End Configuring a RHEL 8 Common Event Format Forwarder for Sentinel
I thought about making the title of this blog post "Creating a uni-directional Azure Virtual Network Peering," but it would have been a bit too click-baity. Still, conceptually, what I am describing in this post is along those lines. Virtual Network Peering and the VirtualNetwork Service Tag When two Virtual Networks (VNets) are peered, the … Continue reading Defaulting Azure Virtual Network Peering from Allowing to Denying Traffic
TL;DR: No. I've been working with numerous customers on Windows Virtual Desktop (WVD) deployments since I started my position at Microsoft. During the process of manually* creating an image, it's common to take snapshots. I especially recommend taking snapshots before sysprepping the image. Once you sysprep an Azure VM, the VM itself is unusable; it … Continue reading Does Deleting an Azure Managed Disk Also Delete Snapshots?
My peers and I work with customers one-on-one, but we also provide "shared" resources. I thought it'd be helpful to share what these resources are. If you're an education IT pro and work with Azure, I am sure you'll find something on this list that will help you do your job more effectively.
Sven Aelterman 