The End of AzureAD and MSOnline PowerShell: Time to Move On

If you’re still scripting against AzureAD or MSOnline, you have just 4 days left. Microsoft has officially confirmed the retirement schedule: MSOnline is retiring on 30th March 2025 AzureAD follows on 30th June 2025 This isn’t just a date on the calendar. If you’ve been relying on either module, you already know the shift to Microsoft Graph PowerShell isn’t just a syntax change,it’s a complete rework of how identity automation is done. Continue reading

What’s the best IaC tool for Azure?

Many of you will already be using Infrastructure as Code (IaC) day to day but for some choosing the right tool to ensure success is the real first stumbling block. So with so many options, how should you go about choosing the one that’s right? In the Microsoft corner there’s; PowerShell, Azure Resource Manager (ARM), Bicep and in the 3rd party corner HashiCorp Terraform each offer benefits and drawbacks. The choice comes down to your team’s skills, the complexity of your environment, and your cloud strategy. Continue reading

Azure to Azure Migration

Due to mergers, acquisitions or sale it’s likely that companies develop a need to migrate key services from platform to platform. Although it is currently possible to migrate resources between subscriptions it is not possible to migrate across tenants natively. The below covers the steps required to migrate tenant to tenant using MigAZ a community tool availble from GitHub (covering ARM to ARM migration) https://github.com/Azure/migAz Pre-reqs Windows 8 or higer Latest PowerShell AzureRM module Install-Module -Name AzureRM -AllowClobber Import-Module -Name AzureRM Separate “Owner” role accounts for both tenants The resource being migrated should be powered off & any active connections removed Disk encryption using ADE v1. Continue reading

Removing ADE v1.1

Azure Disk Encryption leverages BitLocker to provide full disk encryption on Azure virtual machines running Windows. This solution is integrated with Azure Key Vault to manage disk encryption keys and secrets in your key vault subscription. There are two versions of extension schema for Azure Disk Encryption (ADE): v2.2 - A newer recommended schema that does not use Azure Active Directory (AAD) properties. v1.1 - An older schema that requires Azure Active Directory (AAD) properties. Continue reading

Configuring a Routable Domain

Clients wishing to migrate to Office365 will usually utilise Azure Active Directory Connect to form part of the migration, this will synchronise Active Directory to Azure to be used throughout the Office365 suite. Previously it was best practise to append domain names with .local or similar as routable domains were not previously required. Synchronising users with non-routable suffix’s will fail generating alerts and the users will not be synchronised. Prior to migration its possible to highlight the risk using Microsoft’s IDFix tool found here. Continue reading