Work and live with IT

Optimize your Microsoft Teams traffic with QoS on a UniFi USG

At times like these, when everybody is working from home and the whole family uses the internet as well, the traffic requirements can be tough on your internet connection. When you are using real-time collaboration tools, such as Microsoft Teams, that rely on a good and stable internet connection for voice, video and screen sharing, parallel Netflix/Disney+/Hulu/Amazon Prime traffic can make the experience subpar for everybody involved. Thankfully it’s possible to optimize your outgoing traffic based on what services are used.

Certificate management with Azure Automation and Let's Encrypt

The Let’s Encrypt project has had a lasting impact on the Internet landscape. Free SSL certificates for everyone can be created automatically and signed by Let’s Encrypt. Due to the broad acceptance by browser manufacturers and cross-signing, the certificates are valid almost everywhere. However, an automated solution is absolutely necessary due to the short validity period of 90 days. Using PowerShell in Azure Automation, a workflow can be created that takes care of certificate renewal and secure central storage.

Is this ip address part of the Office 365 IP address range?

The analysis of firewall logs in Office 365 projects repeatedly raises the question: Is this blocked IP address part of the Office 365 address range? Thanks to PowerShell and the information published by Microsoft, the answer is only a few lines of code away. My script “Test-IsO365IpAddress.ps1” simply needs the IP address in question and optionally the TCP/UDP port. It retrieves the current list of address ranges from Microsoft and checks if the IP address is part of one of the IP networks.

SCHANNEL settings in Azure Windows Marketplace image changed

A couple of weeks ago I recognized new registry keys the SCHANNEL settings of the Windows 2016 Azure Marketplace image. Those setting are different from a manually deployed and updated Windows machine! The newly created registry keys disable the following ciphers and protocols Ciphers RC4 128/128 RC4 40/128 RC4 56/128 Protocols SSL 2.0 Client SSL 3.0 Client/Server First of all: The settings changed are regarding old ciphers and protocols that should be disabled in any secure environment after all!

Query the Log Analytics Workspace for all Azure VM

Sometimes you just need to know to which Log Analytics Workspace (OMS for the old folks out there) a VM send it’s data to. Or even all of you Azure VMs an once. With the following script this task is easy as pie. And thanks to RamblingCookieMonster and his PSExcel modul you can send the result straight to everybody who is fond of Excel. ReportLogAnalyticsWorkspacePerVM.ps1 #region Report: All VMs including the status, and OMS workplace $Subscriptions = Get-AzureRmSubscription | Where-Object { $_.

Azure Log Analytics - RegEx case insensitive

When searching in Log Analytics, matches regex can be very helpful. By default, the Regular Expression Case is Sensitive. To change this, the parameter i must be passed. Here is a sample query that searches the IIS logs for logs from a particular computer. W3CIISLog | where ( Computer matches regex "(?i)MyCoMpUtEr" ) // (?i) = Case insensitive