About Me

My photo
I am an MCSE in Data Management and Analytics, specializing in MS SQL Server, and an MCP in Azure. With over 19+ years of experience in the IT industry, I bring expertise in data management, Azure Cloud, Data Center Migration, Infrastructure Architecture planning, as well as Virtualization and automation. I have a deep passion for driving innovation through infrastructure automation, particularly using Terraform for efficient provisioning. If you're looking for guidance on automating your infrastructure or have questions about Azure, SQL Server, or cloud migration, feel free to reach out. I often write to capture my own experiences and insights for future reference, but I hope that sharing these experiences through my blog will help others on their journey as well. Thank you for reading!

How to create a DSC File for Azure data Studio

launch powershell ISE in Administrator mode
save the file as InstallAzureDataStudio.ps1
if your  VM does not have PSDesiredStateConfiguration module installed

Go to Powershell console and execute below command

 PS C:\Users\admina> [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

PS C:\Users\admina> Install-packageProvider -name Nuget

PS C:\Users\admina> Install-Module -Name xPSDesiredStateConfiguration -Force

PS C:\Users\admina>

go to the File "InstallAzureDataStudio.ps1"
 and execute this File, this DSC will create a Folder name xfer in C:\ drive.



 Configuration InstallAzureDataStudio
{
   Import-DscResource -ModuleName PSDesiredStateConfiguration
   #Import-DscResource -ModuleName xPSDesiredStateConfiguration

File SetupDir
 {
   Type = 'File'
   SourcePath = "C:\Users\admina\Downloads\azuredatastudio-windows-setup-1.17.0.exe" #This path should exists
   DestinationPath = 'C:\xfer\'
   Ensure = "Present"
  }

  Log AfterFileCopy
        {
            # The message below gets written to the Microsoft-Windows-Desired State Configuration/Analytic log
            Message = "Finished copying file to C:\xfer........ "
            DependsOn = "[File]SetupDir" # Depends on successful execution of the File resource.
        }
     

Package AzureDataStudioPackage
 {
  Ensure = "Present"
  Name = "Azure Data Studio"
  Path= "C:\xfer\azuredatastudio-windows-setup-1.17.0.exe"
  ProductId = ""
  Arguments = "/VERYSILENT"
  }
 
}


InstallAzureDataStudio

First Command
------------------------------
PS C:\Users\admina> C:\xfer\InstallAzureDataStudio.ps1


    Directory: C:\Users\admina>InstallAzureDataStudio


Mode                LastWriteTime         Length Name                                                                             
----                -------------         ------ ----                                                                             
-a----        4/30/2020   6:46 AM           3060 localhost.mof


it has created .mof file in C:\Users\admina

Second Command
------------------------------
PS C:\Users\admina> Start-DscConfiguration -Path "C:\Users\admina\InstallAzureDataStudio\InstallAzureDataStudio" -Force -Wait -Verbose

output:-

VERBOSE: Perform operation 'Invoke CimMethod' with following parameters, ''methodName' = SendConfigurationApply,'className' = MSFT_DSC
LocalConfigurationManager,'namespaceName' = root/Microsoft/Windows/DesiredStateConfiguration'.
VERBOSE: An LCM method call arrived from computer rak-desc-test with user sid S-1-5-21-271070641-441374908-1635702522-500.
VERBOSE: [rak-desc-test]: LCM:  [ Start  Set      ]
VERBOSE: [rak-desc-test]: LCM:  [ Start  Resource ]  [[File]SetupDir]
VERBOSE: [rak-desc-test]: LCM:  [ Start  Test     ]  [[File]SetupDir]
VERBOSE: [rak-desc-test]:                            [[File]SetupDir] The destination object was found and no action is required.
VERBOSE: [rak-desc-test]: LCM:  [ End    Test     ]  [[File]SetupDir]  in 0.0160 seconds.
VERBOSE: [rak-desc-test]: LCM:  [ Skip   Set      ]  [[File]SetupDir]
VERBOSE: [rak-desc-test]: LCM:  [ End    Resource ]  [[File]SetupDir]
VERBOSE: [rak-desc-test]: LCM:  [ Start  Resource ]  [[Package]AzureDataStudioPackage]
VERBOSE: [rak-desc-test]: LCM:  [ Start  Test     ]  [[Package]AzureDataStudioPackage]
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Validate-StandardArguments, Path was C:\setup\a
zuredatastudio-windows-setup-1.17.0.exe
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The path extension was .exe
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Ensure is Present
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] product installation cannot be determined
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] product as boolean is False
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The package Azure Data Studio is not installed
VERBOSE: [rak-desc-test]: LCM:  [ End    Test     ]  [[Package]AzureDataStudioPackage]  in 0.0150 seconds.
VERBOSE: [rak-desc-test]: LCM:  [ Start  Set      ]  [[Package]AzureDataStudioPackage]
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Validate-StandardArguments, Path was C:\setup\a
zuredatastudio-windows-setup-1.17.0.exe
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The path extension was .exe
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Ensure is Present
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] product installation cannot be determined
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] product as boolean is False
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The package Azure Data Studio is not installed
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Validate-StandardArguments, Path was C:\setup\a
zuredatastudio-windows-setup-1.17.0.exe
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The path extension was .exe
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Package configuration starting
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The binary is an EXE
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Starting C:\setup\azuredatastudio-windows-setup
-1.17.0.exe with /VERYSILENT
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Starting process C:\setup\azuredatastudio-windo
ws-setup-1.17.0.exe with arguments /VERYSILENT
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] The machine requires a reboot
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Package has been installed
VERBOSE: [rak-desc-test]:                            [[Package]AzureDataStudioPackage] Package configuration finished
VERBOSE: [rak-desc-test]: LCM:  [ End    Set      ]  [[Package]AzureDataStudioPackage]  in 23.9840 seconds.
VERBOSE: [rak-desc-test]: LCM:  [ End    Resource ]  [[Package]AzureDataStudioPackage]
VERBOSE: [rak-desc-test]:                            [] A reboot is required to progress further. Please reboot the system.
WARNING: [rak-desc-test]:                            [] A reboot is required to progress further. Please reboot the system.
VERBOSE: [rak-desc-test]: LCM:  [ End    Set      ]
VERBOSE: [rak-desc-test]: LCM:  [ End    Set      ]    in  24.1710 seconds.
VERBOSE: Operation 'Invoke CimMethod' complete.
VERBOSE: Time taken for configuration job to complete is 25.696 seconds

PS C:\Users\admina>

you will observe Azure data studio has successfully been installed and you will find the same in control panel.

Go to C:\Program Files\Azure Data Studio and launch azuredatastudio.exe


Thanks for Reading..

No comments:
Labels:

How to Fix the issue when you try to install a module xPDesiredStateConfiguration and it gets fail with below error..

How to Fix the issue when you try to install a module xPDesiredStateConfiguration and it gets fail with below error..

PackageManagement\Install-PackageProvider : No match was found for the specified search criteria for the provider
'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified
package has the tags.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7405 char:21
+ ...     $null = PackageManagement\Install-PackageProvider -Name $script:N ...



PS C:\Users\admina> Install-Module -Name xPDesiredStateConfiguration
WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
WARNING: Unable to download the list of available providers. Check your internet connection.
PackageManagement\Install-PackageProvider : No match was found for the specified search criteria for the provider
'NuGet'. The package provider requires 'PackageManagement' and 'Provider' tags. Please check if the specified
package has the tags.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7405 char:21
+ ...     $null = PackageManagement\Install-PackageProvider -Name $script:N ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (Microsoft.Power...PackageProvider:InstallPackageProvider) [Install-P
   ackageProvider], Exception
    + FullyQualifiedErrorId : NoMatchFoundForProvider,Microsoft.PowerShell.PackageManagement.Cmdlets.InstallPackageP
   rovider

PackageManagement\Import-PackageProvider : No match was found for the specified search criteria and provider name
'NuGet'. Try 'Get-PackageProvider -ListAvailable' to see if the provider exists on the system.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7411 char:21
+ ...     $null = PackageManagement\Import-PackageProvider -Name $script:Nu ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (NuGet:String) [Import-PackageProvider], Exception
    + FullyQualifiedErrorId : NoMatchFoundForCriteria,Microsoft.PowerShell.PackageManagement.Cmdlets.ImportPackagePr
   ovider

WARNING: Unable to download from URI 'https://go.microsoft.com/fwlink/?LinkID=627338&clcid=0x409' to ''.
WARNING: Unable to download the list of available providers. Check your internet connection.
PackageManagement\Get-PackageProvider : Unable to find package provider 'NuGet'. It may not be imported yet. Try
'Get-PackageProvider -ListAvailable'.
At C:\Program Files\WindowsPowerShell\Modules\PowerShellGet\1.0.0.1\PSModule.psm1:7415 char:30
+ ... tProvider = PackageManagement\Get-PackageProvider -Name $script:NuGet ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : ObjectNotFound: (Microsoft.Power...PackageProvider:GetPackageProvider) [Get-PackagePro
   vider], Exception
    + FullyQualifiedErrorId : UnknownProviderFromActivatedList,Microsoft.PowerShell.PackageManagement.Cmdlets.GetPac
   kageProvider

Install-Module : NuGet provider is required to interact with NuGet-based repositories. Please ensure that
'2.8.5.201' or newer version of NuGet provider is installed.
At line:1 char:1
+ Install-Module -Name XPDesiredStateConfiguration
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (:) [Install-Module], InvalidOperationException
    + FullyQualifiedErrorId : CouldNotInstallNuGetProvider,Install-Module


PS C:\Users\admina>

Resolution :-


in order to fix this issue

PS C:\Users\admina> [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12

PS C:\Users\admina> Install-packageProvider -name Nuget

PS C:\Users\admina> Install-Module -Name xPSDesiredStateConfiguration -Force

PS C:\Users\admina>




No comments:
Labels: ,

Generate an Azure Application Gateway self-signed certificate with a custom root CA



https://slproweb.com/products/Win32OpenSSL.html

  download 32 bit.
then follow below link:-
https://docs.microsoft.com/bs-latn-ba/azure/application-gateway/self-signed-certificates

at section Generate the certificate with the CSR and the key and sign it with the CA’s root key

 instead of

openssl x509 -req -in fabrikam.csr -CA public.crt -CAkey contoso.key -CAcreateserial -out fabrikam.crt -days 365 -sha256

 use this
openssl x509 -req -in fabrikam.csr -CA contoso.crt -CAkey contoso.key -CAcreateserial -out fabrikam.crt -days 365 -sha256

then use below to merge fabrikam.key + fabrikam.crt to fabrikam.pfx

Refer blog

https://www.ssl.com/how-to/create-a-pfx-p12-certificate-file-using-openssl/

command:-
openssl pkcs12 -export -out fabrikam.pfx -inkey fabrikam.key -in fabrikam.crt

 and

 openssl pkcs12 -export -out contoso.pfx -inkey contoso.key -in contoso.crt


then continue with
https://docs.microsoft.com/bs-latn-ba/azure/application-gateway/self-signed-certificates
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

openssl ecparam -out rakeshca.key -name prime256v1 -genkey

openssl req -new -sha256 -key rakeshca.key -out rakeshca.csr

openssl x509 -req -sha256 -days 365 -in rakeshca.csr -signkey rakeshca.key -out rakeshca.crt


~~~~~ server certificate  named rakeshdevops.com issuer is  rakeshca~~~~~~~~~~~


openssl ecparam -out rakeshdevops.key -name prime256v1 -genkey

openssl req -new -sha256 -key rakeshdevops.key -out rakeshdevops.csr

openssl x509 -req -in rakeshdevops.csr -CA  rakeshca.crt -CAkey rakeshca.key -CAcreateserial -out rakeshdevops.crt -days 365 -sha256

openssl x509 -in rakeshdevops.crt -text -noout


Export:-

openssl pkcs12 -export -out rakeshdevops.pfx -inkey rakeshdevops.key -in rakeshdevops.crt


~~~~~other server certificate  named punamdevops.com issuer is  ~~~~~~~~~~~~~~~~~rakeshca~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


openssl ecparam -out punamdevops.key -name prime256v1 -genkey

openssl req -new -sha256 -key punamdevops.key -out punamdevops.csr

openssl x509 -req -in punamdevops.csr -CA  rakeshca.crt -CAkey rakeshca.key -CAcreateserial -out punamdevops.crt -days 365 -sha256

openssl x509 -in punamdevops.crt -text -noout


 Export:-

openssl pkcs12 -export -out punamdevops.pfx -inkey punamdevops.key -in punamdevops.crt




openssl pkcs12 -export -out rakeshca.pfx -inkey rakeshca.key -in rakeshca.crt


openssl s_client -connect localhost:443 -servername www.rakeshdevops.com -showcerts


No comments:

How to ensure Compliance with Azure Policies


Azure Policy service with real world example


Azure Policy is a service in Azure that you use to create, assign, and manage policies. These policies enforce different rules and effects over your resources, so those resources stay compliant with your corporate standards and service level agreements. Azure Policy meets this need by evaluating your resources for non-compliance with assigned policies. For example, you can have a policy to allow only a certain SKU size of virtual machines in your environment. Once this policy is implemented, new and existing resources are evaluated for compliance. With the right type of policy, existing resources can be brought into compliance.

We will create real Azure resources, assign real auditable flags (in the form of Azure tags), and then create a policy to prove the audit state of the objects with Azure policy reporting.

Create Two Virtual Networks
1.    Create the first virtual network.
·         The name can be anything ("HubvNet1" in this example).
·         The primary address space should 10.0.0.0/24.
·         The subnet address range should be 10.0.0.0/26.
2.    Create a second virtual network.
·         The name can be anything ("SpokeVnet1" in this example).
·         The primary address space should 10.10.10.0/24.
·         The subnet address range should be 10.10.10.0/26.
Create a Tag for Each Virtual Network
1.    Add a tag to HubvNet1.
·         Name: Audit
·         Value: Yes
2.    Add a tag to SpokeVnet1.
·         Name: Audit
·         Value: No
Create a Policy
     in the case of the subscriptions and resource groups, the only available option.
1.    Create a policy> Compliance > Assign Policy
2.    Narrow the scope to our resource group.

Go to BASIC and click on rectangle button


3.    Search "Tag" in the available policy definitions list.
4.    Choose Require tag and its value.


5.    Set a Tag Name of Audit and Tag value to Yes


7.    After 15–30 minutes, narrow the scope of the Compliance blade to the resource group, and it should refresh to show the policy as non-compliant: 50%.




No comments:
Labels: , , ,

Securing a Virtual Network with Azure Firewall


                            Securing a Virtual Network with Azure Firewall
Read more »
No comments:
Labels: , , ,

KB2919355 Check Failed. If you have installed KB2919355 on Windows Server 2012 for SQL Server 2017 installation


in some Windows Server  2012 R2, when you install SQL Server 2017 developer/enterprise  edition
The validation check gets fail.


Issue:-





---------------------------
Rule Check Result
---------------------------
Rule "KB2919355 Installation" failed.

KB2919355 Check Failed. If you have installed KB2919355, please make sure you have restarted your machine. For more information, you can visit https://support.microsoft.com/kb/2919355/
---------------------------
OK 
---------------------------


Resolution:-

In order to resolve this error..

you have to do the following

First go ahead and download this KB -- Windows8.1-KB2919442-x64 and install

Then download   Windows8.1-KB2919355-x64 and then install. 

Please note installation of Windows8.1-KB2919355-x64 will take some time.


Thanks for reading..


No comments:
Labels: , ,

Failed to save Transparent Data Encryption settings for SQL resource

Failed to save Transparent Data Encryption settings for SQL resource: myserver0102. Error message: The provided Key Vault URI 'https://mypersonalXXXXvault01.vault.azure.net/keys/XXXXXX/283d045477e04fdab5c0055be37c0eee' is not valid. Please ensure the key vault has been configured with soft-delete.
in order to solve this issue.. go to cloud shell and execute below command


($resource = Get-AzResource -ResourceId (Get-AzKeyVault -VaultName "mypersonalXXXXvault01").ResourceId).Properties | Add-Member -MemberType "NoteProperty" -Name "enableSoftDelete" -Value "true"

 Set-AzResource -resourceid $resource.ResourceId -Properties $resource.Properties
and you are done.

 This issue will get resolved. 
No comments:
Labels:
Subscribe to: Posts (Atom)