Use the Azure Authenticator App for Office 365 Multi Factor Authentication

If you have enabled Office 365 MultiFactor Authentication and saw a reference to an app but glanced over it, you’re missing the best (and most seamless part)

It’s called the “Azure Authenticator” and it’s an App for Windows Phone, iOS and Android.

When MFA is enabled in Office 365 you will have a few ways of verifying or receiving the PIN

  • Telephone Call (Microsoft computers call you up to confirm)
  • A PIN code (Secret pin is texted to your Cell via SMS)
  • Confirmation is sent / received via an App

The App method I find is actually pretty cool and seamless.  If you’ve ever used the “Authenticator” app for your Hotmail Account it’s pretty similiar in it’s use.

But where do you get it?  I’ll save you the search time

Windows Phone 8/8.1/10

iPhone / iPad (iOS 8 and later)

Android 4.0 and higher

The app works pretty simply too, there is pairing process with Microsoft to get your phone matched up with Azure Active Directory of course. 

But once done when you choose to use the App as your second level of Authentication, all you’ll get on your phone (after of course you enter your password is a little prompt from the App saying “Hey, is this ok to happen?”

It’s a nice seamless way I personally find to use the MFA feature.   If you haven’t tried it out I recommend giving it a shot.  It’s far cheaper than buying up an RSA appliance Smile

Cheers!

Sean
The Energized Tech

A solution to a Murphy’s law fail in Visio

I’m not blaming Visio here.  In fact I blame that sneaky Murphy.  I know for a fact he’s behind this.

I hand spent a good 30 minutes drawing up a Flowchart in Visio.  I was quite happy with it.  File.  Save.  Filename.

…and then Visio aborted and went into a nasty crash (which normally doesn’t scare me in Office 2016 because it usually recovers VERY well)

…….But this time it didn’t.

I stared at the screen.   I blinked.   I muttered some “Magic Words”.   That of course didn’t help at all (except for the looks from a very surprised Squirrel peering into my Window)

So… what to do?  Restarting Visio and Office did not trigger an autorecover.  But I though to myself, often there is something stored in the TEMP folder.  I seem to remember finding bits of files there before. 

Into the Shell I ran to look.  

image

Now if double clicked or tried to launch this file…. *BOOM* … bad things.

However I DID remember that sometimes in Office if things fail it keeps trying to fix that exact file.   If the fixing process is “Borked” as the Swedish Chef would say, it keeps repeating over and over and over….

So the trick would be to convince Office this was NOT the same file as before by…oh I don’t know….. Give it a DIFFERENT name?

Copy Item .\VSOE54A.vsdm $Home\Documents\PleaseWork.vsdx

Moments later I got lucky and was able to open the file.   Mind you I should have stuck with rule 1…. Save Early and Save Often.

But in case you’re ever stuck, this might just save you or your client’s bacon some day.

Sean
The Energized Tech

Deploying Nano Server in TP5

A few weeks ago Microsoft Released Server 2016 Technical Preview 5. With this update also came a newer update to Nano Server.

The process for creating Nano Server has been improved somewhat by Microsoft. The PowerShell module now covers far more scenarios than it did before.

· There are now two SKUs for Nana Server, Standard and Datacenter
· Some new roles have been included for Nano Server including boot from Wim.
· Reverse Proxy is now a default and built in feature.
· Host and Guest scenarios are now treated separately
· Online Domain Joins are NOT yet a part of the Deployment scenario
· Secure Startup is supported
· Shielded VM is supported (only with the Datacenter SKU)

I will now introduce you to the process from Microsoft to create

· A Nano Server image Deployment folder
· A NanoServer VHD or WIM file

Creating the Nano Server Deployment Folder

To create the Nano Server image Deployment folder you will need to mount the Server 2016 TP5 Media. In this case I have mounted the ISO file and it has been assigned Drive Letter E:

Our first task is to launch Windows PowerShell as Administrator (Elevated) as the functions with manage the WIM file require elevated access.

Once you are in the prompt Copy the Nano Server folder to your local drive. Remember in our case it was mounted to drive E: and in this particular scenario I am going to drop it on to Drive C: for building my images. This can actually be any drive including an external USB device.

Copy-Item -Path E:\NanoServer\ -Destination C:\NanoServer\ -Recurse

We will now move in the new folder we have created and import the new NanoServerImageCreator module.

Set-Location –Path C:\NanoServer
Import-Module .\NanoServerImageGenerator\NanoServerImageGenerator.psd1

Having done this we can now access the three Cmdlets within

Get-Command –module NanoServerImageGenerator

Our next task is to actually populate our local NanoServer folder with files needed to generate a bootable image. This is identical to the normal image generation process with one except, we need to provide the parameter –MediaPath which points to the mounted ISO or DVD of Server 2016 TP5.

To do this we will be using New-NanoServerImage to create both the Image and the Image Deployment folder.

For this particular machine we will assume

· Target filename of C:\VM\NanoTest.vhd
· No Roles
· A NanoServer which will be hosted in Hyper-V (Guest)
· Server SKU of Standard
· Password of ‘P@ssw0rd’ (Yes our tried and not-so trusted dummy password)

Even those this image really can’t do anything the purpose is REALLY just to generate the .\Base folder and pull in all of the needed files to create future NanoServers, so it CAN be a useless VHD.

New-NanoServerImage -MediaPath E:\ -BasePath .\Base -AdministratorPassword $Password -DeploymentType Guest -Edition Standard -TargetPath C:\VM\NanoTest.vhd

This process (depending on your system of course) should not take much more than 2 minutes as it copies files over and creates a single NanoServer in a VHD file called NanoTest.VHD

Once you have completed this process you can now Dismount the DVD / ISO file for Server 2016 TP5 and create other Nano Servers.

Creating a NanoServer VHD

Going forward the trick is to understand the various parameters offered up to you by the New-NanoserverImage Cmdlet when creating images. But here’s a simple script you can use to build a VHD file you can attach to a Virtual Machine

# Host or Guest
$Type=’Host’

# Standard or Datacenter
$Edition=’Standard’

# Location of boot media and temporary files
$Base=’.\Base’

# Name of Nanoserver
$Computername=’TestNano’

# Folder for Completed file
$TargetFolder=’C:\VM\’

# Media type VHD or WIM
$TargetType’VHD’

# A little PowerShell to Build it all together
$TargetPath=$TargetFolder+$Computername+’.’+$TargetType

# Maximum size if building a VHD file
$MaxVHDSize=20GB

# Administrator Password
$Password=’P@ssw0rd’

$SecurePassword=(ConvertTo-Securestring –asplaintext –force $Password)

# The magic to tie it all together
New-NanoServerImage -DeploymentType $Type<br>-Edition $Edition
-BasePath $Base <br>-TargetPath $TargetPath
-MaxSize $MaxVHDSize <br>-Storage -Defender
-ComputerName $Computername <br>-AdministratorPassword $SecurePassword </strong> <p>*or if you prefer you can read the Cmdlet like this without the Backticks ()

New-NanoServerImage -DeploymentType $Type -Edition $Edition -BasePath $Base -TargetPath $TargetPath -MaxSize $MaxVHDSize -Storage -Defender -ComputerName $Computername -AdministratorPassword $SecurePassword

Another great way if you prefer is to use the Show-Command Cmdlet to get a free GUI interface to build out that line in PowerShell.

Show-Command New-NanoServerImage

This will present you with a nice GUI interface with which you can select the options for the Cmdlet and have it built out the results.

clip_image002

At this point you can click on Copy to copy the Cmdlet and its parameters to your clipboard.

If you’d like a breakdown of the various parameters in this Cmdlet just read up on http://aka.ms/NanoServer

There is also an alternate Community developed module called DeployImage you can pull down from the PowerShellGallery.com. You can use it if you’d like to play with a different way of creating the Windows Image file for Nanoserver or would like some pre-created PowerShell Windows PE media

I highly encourage for you to check out the new Nano Server in Server 2016 TP5. You can download the current trial version at https://www.microsoft.com/en-us/evalcenter/evaluate-windows-server-technical-preview

Cheers and enjoy the Powers of Nano Server!