Archive

Archive for the ‘Windows Azure’ Category

Configure Directory Integration between Azure Active Directory and Windows Server Active Directory with Azure AD Connect

December 12, 2015 Leave a comment

image_thumb Image result for office 365

 

In this section we will configure Directory Integration between Azure Active Directory and Windows Server Active Directory using the Azure AD Connect Tool.

First let’s download the Azure AD Connect Tool. Once you downloaded the tool follow below instructions to install the tool and configure the Synchronization.

 

image

 

Accept terms and conditions and click Continue

image

 

In the below step you can either select “Customize” or “Use express settings”

image

 

I will select Customize settings then it allows you to manually enter below options,

image

 

So I am going to enter the Service Account name to the AD Connect tool to continue with the Sync.

image

 

In this step let’s select Password Synchronization as we need to Sync all the passwords attached to local Active Directory Users.

image

 

Before we go to the next option we have to create a service account for DirSync in Office 365 Directory.

Note: The created user should have Global Admin privileges assigned.

 

image

 

Once it is done we can enter the created DirSync service account information

image

 

Then insert Domain Admin account information and add Directory

image

 

Let’s click next and continue the installation

image

 

Since we have single Active Directory forest I will go with “Users are represented only once across all directories” option. Incase if you have more than one forest you may select the “Users are represented only once across all directories” option.

Once again let’s keep the default values for “Select how users should be identified with Azure AD option”.

image

 

Select “Synchronize all users and devices” radio button

image

 

In addition to the default selection I have selected “Password write back” option as well.

What is Password Writeback : By enabling this option, password changes that originate with Azure AD will be written back to the onpremises Directory.

image

 

Let’s start the installation,

image

 

image

 

As you can see below installation is completed with a warning. This is what I wanted you to see at the end so intentionally select password write back option in “Optional Feature” step. Since I am using the Azure Active Directory Basic edition I am not eligible to this facility. In order to have this feature you need to have AAD Premium edition. This article provides detail information about Azure Active Directory editions.

image

 

Click Exit.

As you can see in the below screenshot our onpremises users are synced with Azure Active Directory.

image

 

I hope this article would helpful for you guys.. Happy reading Smile

Advertisements
Categories: Office365, Windows Azure

Windows Azure Site Recovery Scenarios

December 6, 2015 Leave a comment

image

Windows Azure Site Recovery provides a complete DR solution (replication of workloads and automated DR for failover/failback). ASR helps you to automate the replication of your on-premises servers and virtual machines to a secondary data center.

 

Deployment Scenarios 

ASR provides you five different options to protect your on premises VM workloads from to an extended data center.

 

1. Hyper-v to Hyper-v (On Premises)

image

In this scenario you can orchestrate and automate workloads running on virtual machines hosted on Hyper-V servers that are managed by Virtual Machine Manager (VMM) private clouds to replicate to the secondary site. All the virtual machines are replicated from primary site VMM to a secondary VMM site by using Hyper-v replica.

 

image

Hyper-V to Hyper-V (On Premises) step by step – https://azure.microsoft.com/en-us/documentation/articles/site-recovery-vmm-to-vmm/

 

2. Hyper-V to Hyper-V SAN Replication

image

In this scenario you can orchestrate and automate workloads running on virtual machines hosted on Hyper-V servers that are managed by Virtual Machine Manager (VMM) private clouds. All the virtual machines are replicated from primary site VMM to an extended VMM site by using Storage Array-Based (SAN) replication. SAN replication capabilities provided by storage partners across both Fiber Channel (FC) and Internet Small Computer System Interface (iSCSI) storage. This supports for asynchronous replication for flexibility or synchronous replication for the lowest RPO/RTO.

 

image

 

Hyper-V to Hyper-V SAN Replication step by step – https://azure.microsoft.com/en-us/documentation/articles/site-recovery-vmm-san/

 

3. Hyper-V to Windows Azure

image

In this scenario you can orchestrate and automate workloads running on virtual machines hosted on Hyper-V servers that are managed by Virtual Machine Manager (VMM) private clouds to replicate to the secondary site. All the virtual machines are replicated from primary site VMM to a secondary VMM site by using Hyper-v replica.

 

image

 

Hyper-V to Windows Azure step by step – https://azure.microsoft.com/en-us/documentation/articles/site-recovery-vmm-to-azure/

 

4. VMWare or Physical to VMWare

image 

Microsoft has acquired InImage in 2014 and merged with Azure Site Recovery service in order to give customers a simple, cost-effective way to ensure business continuity with the power and scale of the Azure global cloud. This supports heterogeneous replication and protection of physical and virtual environments regardless of underlying hardware.

 

image

 

Prod Servers

•Discovery of production server OS & configuration (physical & virtual)

•Continuous capture of changing data blocks (CDP)

•Continuous transfer of captured blocks to Process Server cache

•Application detection and consistency

 

Process Server

•In-line compression of incoming CDP data on behalf of prod. servers

•Caching of compressed CDP data and resiliency to WAN outages or QoS problems

•Bandwidth throttling of replication traffic to a Master Target

•Encryption of replication traffic

•Capture of each prod. server & volume level change rate stats

 

Configuration Server

•Replication and recovery policies stored in its DB

•Web-based UI with extensive graphs, reports, and UI/email/SNMP alerts

•User management

•Management dashboard, monitoring pie-charts, real-time granular RPO display

 

Master Target Server

•Downloading data from Process Server and writing to DR VM disks for multiple prod servers (on behalf of all the powered off DR VMs)

•Copying older data from DR VM disks into a journal to allow point-in-time recovery

•Cataloguing the application consistency and recovery points

•Virtual snapshots to allow file and folder recovery at any point in time

•Recovery and cloning of DR VMs for failover as well as non-disruptive drills

•N-tier application recovery

•Inter application recovery sequencing

•Network adaptation of DR VMs to the recovery IP subnet/VLAN

 

Note: Incase you plan to failover VM’s from DR site to Primary Data Center, it is mandatory to have a Master Target server setup in Primary Data Center.

 

VMware or Physical to VMWare step by step – https://azure.microsoft.com/en-us/documentation/articles/site-recovery-vmware-to-vmware/

 

5. VMware or Physical to Windows Azure

image

In this scenario you can plan to replicate, failover and recovery of on premises VMware Virtual machines, Physical Windows and Linux Servers by using Azure Site Recovery Service.

If you have one or more VMware Data Centers now you can failover over all the Onpremises VM work load to the Windows Azure with a technology call SCOUT. This technology falls under the azure site recovery umbrella which lets you manage and orchestrate your disaster recovery. This is using the guest based replication technology to failover VM’s between Onpremises and Windows Azure.

 

image

 

Vmware or Physical to Windows Azure Step by Step – https://azure.microsoft.com/en-us/documentation/articles/site-recovery-vmware-to-azure/

 

FAQ:

Azure does not support VHDX. Is VHDX supported for replication?

Yes. Microsoft converts VHDX to VHD for failover. On failback, and get back to VHDX.

Is Gen2 supported?

Yes. ASR converts Gen-2 VMs to Gen-1 on Azure.

What are the OSes supported?

ASR supports all the OSes supported in Azure, which includes most flavors of Windows and Linux.

Can I send my replication traffic over ExpressRoute?

Yes. You can use ExpressRoute to send your replication traffic in a secure and fast manner.

Can I control the network traffic used for replication?

Yes you can use the network throttling on the host agent to control how much network bandwidth is used for replication.

What is the RTO for failover?

Depends on the applications of the customer. The SLA for Azure is 4 hours

http://azure.microsoft.com/en-in/support/legal/sla/

How do I connect to the VMs post failover?

If you are connected to the on-premises network via Azure Network Gateway, you connect in the same way as before failover. You can open the RDP port on the VMs if you are planning to connect to the VMs via the public internet.

Do I pay for the IaaS VM?

When you are protected, you are paying for the ASR license. Only post failover, you will pay for the license of the Iaas VM.

Is failback supported?

Yes – you can failback to on-premises. There are flexible options which optimize for resources or for downtime.

 

Source: ASR Partner Presentation

I hope this article would help for you guys.. Happy reading… Smile

Categories: Windows Azure