Upgrade Windows Server 2012 to Server 2019

Posted on February 15, 2020 by Cloud Build

Reading Time: 3 minutes

Microsoft recommend upgrading your server OS to the latest version, but we all know that this is not always possible. Your business may be running third party applications that have not yet been tested or even compatible with later Windows Server Operating Systems.

Always check whether the applications running on your current Operating System are supported, before you decide to upgrade to a higher version OS. It will save you a lot of time and disappointment.

So let’s continue on the basis that you have carried out your checks and the applications currently running on your server to be upgraded supports Server 2019.

First, as you will already be aware, ensure you have a full backup of your server, so in the event the upgrade goes horribly wrong, you have a backup to restore to.

Note: If you have Microsoft Endpoint Protection installed, you will be prompted to remove this app. This app is not compatible with server 2019

Now, that you are all set, you may be thinking, can I upgrade directly from server 2012 or server 2012 R2 to Server 2016? The answer is yes, you can and it’s a supported method. See support matrix from Microsoft below. So whether you decide to upgrade from Server 2012 to 2019 or from 2016 to 2019 a one hop in-place upgrade is support.

Ok, so we now have a full system backup, and we know that third party apps are supported with server 2016/2019.

Before we get started with the upgrade, Microsoft recommend that you collect some information from your device, for diagnostic and troubleshooting purposes. Because this information is intended for use only if your upgrade fails, you must make sure that you store the information somewhere that you can get to it off of your device.

To collect your info

Open a command prompt, go to c:\Windows\system32, and then type systeminfo.exe.
Copy, paste, and store the resulting system information somewhere off of your device.
Type ipconfig /all into the command prompt, and then copy and paste the resulting configuration information into the same location as above.
Open the Registry Editor, go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion hive, and then copy and paste the Windows Server BuildLabEx (version) and EditionID (edition) into the same location as above.

Upgrade Server 2012 to 2019

1) Patch your server with the latest windows updates if not already up to date
2) Locate the Windows Server 2019 Setup media, and then select setup.exe
3) Select the Windows Server version you wish to upgrade to

Screen to choose which Windows Server 2012 R2 edition to install

4) Accept the licensing terms

5) If you’re running Microsoft Endpoint Protection on your server, setup will prompt for this app to be removed as it isn’t compatible with Windows Server 2019

6) Select Keep personal files and apps, and then select Next

7) After Setup analyses your server, setup will prompt you to proceed with your upgrade by clicking install

Screen showing you're ready to start the upgrade

8) Wait for the upgrade to complete

9) To ensure the upgrade completed successfully

– Open the Registry Editor, go to the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion hive, and view the ProductName. You should see your edition of Windows Server 2019, for example Windows Server 2019 Standard. Make sure all of your applications are running and that your client connections to the applications are successful.

If you think something might have gone wrong during your upgrade, copy and zip the %SystemRoot%\Panther (usually C:\Windows\Panther) directory and contact Microsoft support.

How to build a server in Azure

Posted on February 8, 2020 by Cloud Build

Reading Time: 5 minutes

Building a server in Microsoft Azure is simple and has become easier as Microsoft have made improvements on the portal over the years.

In this example, i’ll be building a Windows 2019 Server, so lets get started

Logon to your Azure Portal, search for virtual machines and click + Add

The below interface appears, select your subscription from the drop down list. If you only have the one, it will already be selected

Next, drop down and select a resource group.

What is an Azure Resource Group?
A resource group is a container that holds related resources for an Azure solution. The resource group includes those resources that you want to manage as a group. You decide which resources belong in a resource group based on what makes the most sense for your organisation.

For the purposes of this demo, I’m going to create a new resource group

Next, lets give our virtual server a name and select a region. I have selected UK South

Next, I’m going to create this VM in a new availability set, because I will be building and adding another virtual web server and including it within the same availability set to provide for high availability. If you’re not interested in creating an availability set, you can skip these steps. But because it doesn’t cost anything to create an availability set, you may want to add the server to an availability set if you have plans of setting up redundancy in the future. You’ll obviously be charged for the second server, but the availability set is free. If you decide at this point you don’t require redundancy, but in the future change you’re mind, you will have to delete and recreate the VM to allow you to add it to a new availability set.

What is an Azure availability set?
An availability set is a logical grouping of VMs within a datacenter that allows Azure to understand how your application is built to provide for redundancy and availability. Azure makes sure that the VMs you place within an Availability Set run across multiple physical servers, compute racks, storage units, and network switches.
More info at: Azure Availability Options

Create a new availability set (I’m leave the defaults) and click OK. When you create another server, drop down and select an existing availability set. The below screenshot shows my new availability set. It’s worth looking into how fault domains and update domains function.

Next, select your Operating System. I have selected Windows Server 2019 Datacenter and a size of Standard DS1 v2 for this demo. The higher spec server the more it will cost you so ensure you select the correct server size depending on requirements

You may have noticed Azure Spot Instance. What is Azure Spot? Azure Spot offers unused Azure capacity at a discounted rate versus pay as you go prices. Workloads should be tolerant to infrastructure loss as Azure may recall capacity for pay as you go workloads. It’s recommended to use Azure Spot only if you’re testing and are happy for Microsoft to delete your VM without much notice. Never use this for production or even a test environment you require access to at all times.

Next setup your local administrator account and a strong password. For inbound public ports, I have set none. I will be accessing this server internally via RDP and don’t want to expose RDP to the outside world. If Bastion is available with your region, you could set it up so you can access your VM from within the portal. For more details on how to configure Azure Bastion, click How to Configure Bastion? If you have a requirement for public RDP to be enabled, lock down access to certain IP addresses and it’s worth setting up Azure Just In Time Access.

What is Azure Just In Time Access?
Just-in-time (JIT) virtual machine (VM) access can be used to lock down inbound traffic to your Azure VMs, reducing exposure to attacks while providing easy access to connect to VMs when needed. The just-in-time feature is available on the Standard tier of Security Center

Click next, to configure disks. Select your disk types depending on your server/application requirements

You may also have a requirement to add an additional disk, such as a data disk. Don’t worry about creating a page file disk. You’ll get a temporary disk assigned by default

So here is what my disk configuration looks like. OS and a data disk

Click next to visit networking settings

Select your virtual network, subnet, a public IP if required and basic or advanced NSG. The common NSG is basic but will obviously depend on your company requirements. You can also control the NSG at subnet level within your VNET, or even route all traffic to an external firewall, such as a Paloalto firewall. It’s worth consulting with your networks team on security requirements.

When ready click next and configure management settings as required

I have set my machine to auto shut at 7pm. It’s only a test server and doesn’t need to be powered on after 7pm. Will save me on costs while it’s powered down.

Click next. If you have any requirements to install any extensions, such as Microsoft Antimalware, you can select here. If you’re not sure just yet, don’t worry about it, as you can select extensions after the VM build. It’s worth taking a look at the available extensions though. Click Next when ready

Create tags if required. Explanation of tags below

And click review and create

You’ll receive a notification after the VM has been built

I hope this post was useful. Feel free to comment below if you have any further questions.

Only enable https connections to Azure Storage Account

Posted on February 1, 2020 by Cloud Build

Reading Time: 2 minutes

Click configuration from the left pane, and then from the right pane, switch Secure Transfer Required to enabled, and click save

If you wish to secure your storage account further, lock down your storage account so only certain networks are able to access it. The default setting is All networks (including the internet, can access this storage account)

To lock down your storage account to a particular VNET or even a IP address, click Firewalls and Virtual Networks from the left pane

Click selected networks, and then click the link + Add existing virtual network, or if you wish to lock down the storage account to an IP address, scroll down a little further within your Azure Portal

Select your VNET, Subnet and click enable

Save Costs with Azure Advisor

Posted on January 26, 2020 by Cloud Build

Reading Time: 2 minutes

Azure Advisor is a great feature which provides recommendations on High Availability, Security, Performance and saving costs. Yes, that’s right, Microsoft help you save costs. It’s not all about making money for Microsoft, they want to help their customers save costs.

So how do they help customers save? Well, Microsoft will scan your Azure environment and report back any services which you could delete or downgrade via Azure Advisor. Services include:

– Optimize virtual machine spend by resizing or shutting down underutilized instances

– Reduce costs by eliminating unprovisioned ExpressRoute circuits

– Reduce costs by deleting or reconfiguring idle virtual network gateways

– Buy reserved virtual machine instances to save money over pay-as-you-go costs

– Delete unassociated public IP addresses to save money

– Delete Azure Data Factory pipelines that are failing

– Use Standard Snapshots for Managed Disks

How to access Cost recommendations in Azure Advisor

1) Login to the Azure portal
2) Search for and select Advisor

3) On the Advisor dashboard, select the Cost tab

It’s good to know that Microsoft are looking out for their customers when it comes to costs savings. It’s not all about making money for them, but they are passing down savings to the customers aswell.

Microsoft Ignite Free Certification Exam

Posted on January 18, 2020 by Cloud Build

Reading Time: 2 minutes

For further details including terms and conditions, click Microsoft Ignite and Microsoft Ignite The Tour: Free Certification Exam Offer