Deploy Azure SQL Database with AZ PowerShell Module (Part 1)

Hi All,

Finally i have some time to do a Project i've always wanted to do.
In a Series of Blog Article i will create a SQL Server / SQL Database in Azure and compare diffrent Deployment Methods.

Let's start with the PowerShell AZ Module
Install-Module AZ

The Script can also be found on my GitHub Repo

###############################################################################
# Demo01-SQLDB-Az.ps1
# Create SQL Server / Firewall Rule / SQL Database with AZ.* Powershell Modules
# 05.04.2022 - Initial Version - Andres Bohren
###############################################################################

###############################################################################
# Connect AzAccount
###############################################################################
Connect-AzAccount

###############################################################################
# Set Subscription
###############################################################################
Set-AzContext [SubscriptionID/SubscriptionName]

###############################################################################
# Create Resource Group
# https://docs.microsoft.com/en-us/powershell/module/az.resources/new-azresourcegroup?view=azps-7.4.0
###############################################################################
$ResourceGroup = "RG_Demo01"
$Location = "westeurope"
New-AzResourceGroup -Name $ResourceGroup -Location $Location

###############################################################################
# Create SQL Server Object
# https://docs.microsoft.com/en-us/powershell/module/az.sql/new-azsqlserver?view=azps-7.3.2
###############################################################################
$Credential = Get-Credential
$SQLServerName = "icewolfsqldemo01"
$MinimalTLSVersion = "1.2"
New-AzSqlServer -ResourceGroupName $ResourceGroup -Location $Location -ServerName $SQLServerName -SqlAdministratorCredentials $Credential -MinimalTlsVersion $MinimalTLSVersion

#Get SQLServer
Get-AzSqlServer -ResourceGroupName $ResourceGroup | Format-List ResourceId, ServerName, FullyQualifiedDomainName, SqlAdministratorLogin, ResourceGroupName

###############################################################################
# Create SQL Server FirewallRule
# https://docs.microsoft.com/en-us/powershell/module/az.sql/new-azsqlserverfirewallrule?view=azps-7.3.2
###############################################################################
#Allow Azure
New-AzSqlServerFirewallRule -ResourceGroupName $ResourceGroup -ServerName $SQLServerName -AllowAllAzureIPs

#Add Corporate Public IP
$RuleName = "IcewolfPublicIP"
$StartIpAddress = "95.143.60.18"
$EndIpAddress = "95.143.60.18"
New-AzSqlServerFirewallRule -ResourceGroupName $ResourceGroup -ServerName $SQLServerName -FirewallRuleName $RuleName -StartIpAddress $StartIpAddress -EndIpAddress $EndIpAddress

#Get Firewall Rules
Get-AzSqlServerFirewallRule -ResourceGroupName $ResourceGroup -ServerName $SQLServerName


As you can see the SQL Server has been created in the right Resourcegroup.
All the Settings like MinimumTLSVersion and Firewall Rules are set


Now we create the SQL Database

###############################################################################
# Create SQL Database
# https://docs.microsoft.com/en-us/powershell/module/az.sql/new-azsqldatabase?view=azps-7.3.2
###############################################################################
$DatabaseName = "db_demo01"
$Edition = "Basic"
New-AzSqlDatabase -ResourceGroupName $ResourceGroup -ServerName $SQLServerName -DatabaseName $DatabaseName -Edition $Edition


The Database has been created with the correct SKU


Finally we need to clean up and delete the Demo Resource Group

###############################################################################
# Remove-AzResourceGroup
# https://docs.microsoft.com/en-us/powershell/module/az.resources/remove-azresourcegroup?view=azps-7.4.0
###############################################################################
$ResourceGroup = "RG_Demo01"
Remove-AzResourceGroup -Name $ResourceGroup -Force



Regards
Andres Bohren


Azure PowerShell Module Az 7.4.0 released

Hi All,

Just a few Hours ago the new Microsoft Azure PowerShell Module AZ 7.4.0 has been released.

Microsoft Azure PowerShell Module Az 7.4.0


To check your installed Module and what Version is available in the PowerShell Gallery you can use the following commands

Get-InstalledModule AZ
Find-Module AZ


AZ is just a Wrapper - the Modules have names Az.*

Get-InstalledModule AZ.*


I've checked my installed Modules. It's a mess - multiple Versions of the Modules.

Get-Module AZ.* -ListAvailable


So i've written a short Script to cleanup.

The Script is also available on my GitHub Repo

###############################################################################
# Cleanup-AzModules.ps1
# If you have multiple Versions of AZ.* PowerShell Module installed
# This Scripts uninstalls the Old versions and installs only the Current Version
# 25.04.2022 V0.1 - Initial Draft - Andres Bohren
###############################################################################
#Script needs to Run as Administrator to uninstall/install PowerShell Modules
#Requires -RunAsAdministrator

#Remove loaded az.* Modules
Remove-Module az.*

#Iterate through Modules and uninstall
$Modules = Get-Module AZ.* -ListAvailable | Where {$_.Name -ne "Az.Accounts"} | Select-Object Name -Unique
Foreach ($Module in $Modules)
{
    $ModuleName = $Module.Name
    $Versions = Get-Module $ModuleName -ListAvailable
    Foreach ($Version in $Versions)
    {
        $ModuleVersion = $Version.Version
        Write-Host "Uninstall-Module $ModuleName $ModuleVersion"
        Uninstall-Module $ModuleName -RequiredVersion $ModuleVersion
    }
}
#Uninstall Az.Accounts
$ModuleName = "Az.Accounts"
$Versions = Get-Module $ModuleName -ListAvailable
Foreach ($Version in $Versions)
{
    $ModuleVersion = $Version.Version
    Write-Host "Uninstall-Module $ModuleName $ModuleVersion"
    Uninstall-Module $ModuleName -RequiredVersion $ModuleVersion
}

#Install newest Module
Write-Host "Install newest AZ Module"
Install-Module AZ
Write-Host "Cleanup finished"


It takes a while to uninstall all the old modules and then the newest Modules


Just wait until "Cleanup finished" appears



Regards
Andres Bohren


ExchangeOnline: Changing the behavior of MoveRequest cmdlets

Hi All,

A few Days ago Microsoft has anounced some changes in the MoveRequest cmdlets.
Some Properties will be removed and two will be renamed and one will be added (see Table below).
These Changes will pe appearing on 30 April 2022.

Changing the behavior of MoveRequest cmdlets


I've created a Screenshot:
Red: These Properties will be removed
Blue: These Properties will be renamed


The Blog Article does not mention any changes in the MoveRequestStatistics. I've put these Screenshots here for my own Documentation. So i can compare later on.




Regards
Andres Bohren


Microsoft Bookings

Hi All,

By default Microsoft Bookings is enabled in Exchange Online.
If you have disabled it like me, you need to enable it first in the Exchange Online OrganizationConfig.

Turn Microsoft Bookings on or off

Get-Organizationconfig | fl *booking*
Set-Organizationconfig -BookingsEnabled $true


In the Default OwaMailboxPolicy all users can create Booking Mailboxes.

Get-OwaMailboxPolicy -Identity OwaMailboxPolicy-Default | fl *booking*


If you want to enable the Bookings creation only for one Mailbox you have to create a new OWAMailboxPolicy

Set-OwaMailboxPolicy "OwaMailboxPolicy-Default" -BookingsMailboxCreationEnabled:$false
New-OwaMailboxPolicy -Name "BookingsCreators"
Set-CASMailbox -Identity <someCreator@emailaddress> -OwaMailboxPolicy "BookingsCreators"

Create a Bookings Mailbox

Open Microsoft Bookings in the App Launcher in Office 365 https://outlook.office.com/bookings




Choose "Add new Booking Calendar"


The Name will be the Mailbox of the Booking Calendar



Okay, i change to the new Booking Experience
















I've added a Logo here


Enduser view of Bookings

This is the Screen the Enduser can book a Meeting


Check out the Mailbox: The RecipientTypeDetails is "SchedulingMailbox"

Get-Mailbox icewolf | fl PrimarySMTPAddress, DisplayName, *type*



Regards
Andres Bohren


New Microsoft Whiteboard Version saves on OneDrive

Hi All,

I've checked today if there where any updates from the Microsoft Store.
As you can see the Microsoft Whiteboard App was updated.


I've checked the App and was able to Open the Diagrams again


So i was curious and created a new Whiteboard and named it "Brainstrom".


I had applied for the Microsoft Whiteboard OneDrive Opt-In

Microsoft Whiteboard OneDrive Opt-In

As you can see the new Whiteboard is saved in OneDrive.



Regards
Andres Bohren


Convert HTML to Markdown with Node.js and cloudconvert-cli

Hi All,








I was looking at a way to convert HTML to Markdown


So i signed up and created the API Key

There is a Node.js Library

npm install -g cloudconvert-cli
npm list -g


Set the API Key as a Variable (in Windows) and run the HTML File with output MD

SET CLOUDCONVERT_API_KEY=<YourAPIKey>
Cloudconvert convert -f md C:\GIT_WorkingDir\exchange-2016-cu15-security-update-kb4536987.html


This is the converted MD File


If you look at the Preview


The With and Heights of the Image could not be interpreted. Other than that it would do the job



Regards
Andres Bohren

Exchange Hybrid OWA Redirection in Exchange Online

Hi All,

I recently had a customer where the OWA Redirect in Exchange Online (Exchange Hybrid configuration) did not work.
The reason was, that the TargetOWAURL was not set

Get-OrganizationRelationship
Get-OrganizationRelationship -Identity "O365 to On-Prem*" | fl


I have a SharedMailbox OnPrem where my User has FullAccess


In Exchange Online i go to Outlook on the Web https://outlook.office.com/mail/ and select "Open another Mailbox"


I search for the Mailbox and hit "Open"


At this point the Customer was presented an Error
"Something went wrong" OwaUserHasNoMailboxAndNoLicenseAssignedException

But i've set the TargetOWAURL and i get the Link to the OnPrem OWA.
It is basically the OWA URL + Emailadress: https://mail.domain.tld/owa/email@domain.tld


Depending on the configuration of your Exchange Organization you need to login with Domain\Username or UserPrincipalname/Email


As nobody has ever logged into that Mailbox before you will be presented the Languange and  TimeZone dialoge


Now i am logged into the Shared Mailbox on OnPrem OWA




Regards
Andres Bohren


Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) 2.0 released

Hi All,

A few days ago a new Version of the Microsoft Defender for Office 365 Recommended Configuration Analyzer (ORCA) Module has been released.

ORCA 2.0


Use the following commands to Install the Module

Find-Module Orca
Install-Module Orca
Get-InstalledModule Orca


You can already connect to Exchange Online (Or the Script will do it also for you)

Connect-ExchangeOnline


There is just one simple Command to run the Report

Get-OrcaReport


It's recommended to run the report from Time to Time. I've corrected some settings and improved from 89% to 91%


Orca still recommends to enable EnduserSpamNotifications and set the frequency lower than 3 Days


I guess here is an error - as i have enabled the EnduserSpamNotifications

Get-HostedContentFilterPolicy -Identity "PolicyName" | fl *SpamNotification*


SafeLinks and SafeAttachements are not applyied to all Domains (in my Environement due to Licensing)


DKIM is not set for the Teams Direct Routing Domain (can be ignored)


SPF is not set for the Teams Direct Routing Domain (can be ignored)



Regards
Andres Bohren


Microsoft Teams Shared Channels Policy enabled by default

Hi All,

Be aware that the Teams Policies have the Shared Channels enabled by default.
So disable them or create a separate Policy for your tests.


My Teams Client is in Preview Mode


But i am still not able to create Shared Channels


According to the Article below - it will look like below

Microsoft Teams Connect shared channels is rolling out to public preview



Regards
Andres Bohren


MicrosoftTeams PowerShell Module 4.1.0 released

Hi All,

Yesterday the PowerShell Module for MicrosoftTeams 4.1.0 has been released as GA.

MicrosoftTeams 4.1.0


Find-Module MicrosoftTeams
Install-Module MicrosoftTeams -Force


Usually i test some of the Commands

Connect-MicrosoftTeams
Get-Team
Get-CsOnlineUser -Identity a.bohren@icewolf.ch | fl *Ent*,*host*,*voice*, *um*


Be aware, that for new M365 Tenants you can only use MicrosoftTeams PowerShell Module 4.x.x.
Older Tenants have to switch to 4.x.x until June 2022.

Teams PowerShell Module - Supported Versions



Regards
Andres Bohren