Folks of the Bay Area and surrounding counties – if you want to learn about Microsoft commercial technology such as Azure, Lync, Hybrid Cloud, ADFS, OS deployment, and more, then you need to check out TechDays. If I lived in 49er country then I would register.

The speaker list is a whos-who from the west coast Microsoft community. The location is easy to find – it’s the MSFT office near the terminus of the Powell cable car. There’s loads of public transport routes in/out – I know this and I’ve only visited the Bay three times from Ireland.

So check out the agenda, register, attend, and learn something to advance your career.


1,000,000 IOPS from Hyper-V VMs using a SOFS? Talk about nerd-vana!!! Here are the links I found interesting over the last 48 hours:


I did not expect this announcement until WPC, but it’s come out today. Microsoft announced, via a video, that Microsoft Azure will be available for resellers to sell, and customers to buy, through Open licensing on August 1st 2014. Yes, Azure is coming to the channel. Previously Azure has only been available direct (credit card) or via Enterprise Agreements.

Phil Sorgen took to the webcam to record this message. A blog post was also written by Josh Waldo, Senior Directory, Cloud Partner Strategy. There is also a FAQ for Azure in Open licensing. There will be a “ramp up” online event on Microsoft Azure in Open Licensing on June 4th. Register here.


Sorgen starts off by saying that Microsoft believes in joint success with partners, and in making business with Microsoft easier for partners. These two pillars are central to an exciting new opportunity for partners.

He announces it: Azure will be available through the distribution channel via Open licensing for partners to resell to their customers.

Azure allows partners to serve more customers without increasing their footprint. Successful cloud partners have learned how to expand their services beyond basic deployments. Think business IT-enabled consulting. Partners have increased revenues, but they had to evolve their business models.

Personally, I know of one services business that automates to an incredible level and cloud services fits their model perfectly. Before the recession they shifted tin like everyone; they evolved and now they are flourishing, and taking business from legacy service providers.

“Moving to cloud is a process not an event”: true for partners and customers. Azure can become even moer compelling. Note that Azure contains many hybrid cloud services, enabling “on ramps” to services that extend the functionality of on-premises IT, making it easier for businesses to explore and adopt Microsoft’s public and hybrid cloud offering.

Azure in Open will be flexible, provide compliance manageability, and provide value for customers. The consumption based billing provides a low barrier to entry, making it easier for SMEs to deploy services without huge CapEx costs. “Consumption aligned billing” is one of the buzz phrases. Focus on services instead of tin.

There is a new licensing model with Azure in Open.

Moving over to the blog post:

The cloud is growing 5 times faster than traditional IT. Microsoft alone is thought to purchase 17% of all servers on the planet in a year. “Additionally, partners that are building strong cloud businesses have 1.6X of recurring revenue as a portion of total revenue versus other partners”.

How does this licensing model work?

When you resell Azure in Open Licensing, you purchase tokens from your preferred Distributor and apply the credit to the customer’s Azure Portal in increments of $100. The credits can be used for any consumption-based service available in Azure. To add more credit, you simply purchase new tokens and add them to the account. This gives you the opportunity to manage your customer’s portal, setup services, and monitor consumption, all while maintaining a direct relationship.

In other words, you will buy Azure credit in the form of $100 tokens (I guess there will be localized versions). You can then use that credit in any way on Azure. It will be up to you (the end customer) to have enough credit to do what you need to do or to keep your services online. The advantage here is that you’re controlling costs (unlike post-usage credit card) and you don’t need to pre-purchase a huge credit (like with EA) before you know what your services will cost. I suspect that if partners want to, they can operate a service to help customers manage their credit.

A token comes in the form of an Online Services Activation (OSA) key. If you want $1000 in credit, you buy 10 SKUs of $100 and get 1 OSA key for the sum credit. The value has a 12 month life, starting from when the customer redeems the OSA key online – this credit will not roll over so don’t over purchase for a year. A customer can top up at any time. If they cannot reach a reseller (weekend), the customer can top up using a credit card. The program will be available through:

  • Open commercial
  • Open Academic
  • Open Government

Partners can request co-administrator accounts on their customers’ accounts to help them manage their service. Alerts can be configured for when credit runs low and needs to be topped up.


IMO, this is great news for partners. They can now choose to resell Azure if they want, and keep the billing/customer relationship – something that caused fear in the past (“cloud vendor X is trying to steal my customers”). Some might not want billing overhead and might go with another option.

Also, this announcement reinforces Microsoft’s unique selling point in the cloud wars. They are the only company with a private/public hybrid cloud model that spans on-premises customer owned, hosting partners, and Azure. Microsoft is also the only cloud vendor with a partner-enabling model.

By the way, partners & customers in Ireland, if you want your techies to learn about Hybrid Cloud then you might want to send them to TechCamp 2014 in June.


I took a break from these posts last week while I was at TechEd, and then had work catch up to do this week. Let’s get back a rockin’. There is a distinct tendency towards cloud and automation in the news of the last week. That should be no surprise.


I wouldn’t be where I am today without the TechNet subscription. I signed up for it way back when I first decided to become a contractor and I started this blog. I needed content that I could use in a lab. I needed that content to be up to date and, most importantly, affordable. That was TechNet. It allowed me to install software from scratch, learn how it worked, and dive deeper than a canned lab could ever allow.

As we all know, the TechNet subscription was killed off by Microsoft, seen by many as a stab at the heart of IT pros.

This email came in to me over the past hour or so. It’s sad; we may never see IT pros gain the same access to on-premise software again for test and evaluation purposes.



This was a live blog post that I wrote using the online feed.

Prologue: Some might say that this post is too snarky. I respond with The definition of insanity is “doing the same thing over and over again and expecting different results” – Albert Einstein.

Satya Nadella wants to talk about the next step of devices and clouds, which is devices. I guess talking about dreams of Surface making a profit are more important than courting the IT pros at TechEd? Empowering people to be more and do more is a unifying theme in MSFT, apparently. They want products and technologies that enable people to dream and get stuff done.


They are not making h/w for h/w’s sake. No fridges or toasters … hmm … someone been listening to me talk about MSFT sales strategies? MSFT want to create new categories and spark demand for their entire ecosystem.

Today is the start of dreaming the impossible – selling Surface? I jest! But they are in every show on CBS. That’s an accomplishment in product placement.

Here comes Panos Panay, the hardware guy that’s always out to talk Surface “design”. He’s cool cos he says “what’s up dude?” to a person in the audience. The work involved in “this device” spans many parts of Microsoft apparently. Panos is excited. I am sceptical.

Some people said nice things about Surface. They liked that. No mention of the bad things.

Seriously though – I recognize Steve Gleason in the promo video, a sufferer of ALS and former NFL New Orleans Saints player. He’s using a Surface to speak now.


96% of people using an iPad also own a laptop. The camera focuses in on a bunch of media types with MacBooks on their laps.

Tablets are consumed for you to sit back and watch movies, read books, surf the web, and snacking on apps. Laptops are designed to get stuff done – Panay.

Wide variety of laptops out there from sleek to clunky depending on the design point. Battery got better … and then laptops and tablets began to blur. People walk into a store (no matter what store) then there is a conflict for the purchaser – do you buy a tablet or laptop – “what am I supposed to buy?”. Sales rep will ask “what is it that you want to do?” – at least they should ask that and not respond with “buy an iPad”.

MSFT wants to take that conflict away so 96% of people don’t go home after buying a tablet and a laptop. A new device that spans both must offer best of both. All day battery life. Thin – but not too small that it can’t be used for productivity.

Today they introduce Surface Pro 3. It’s thin (9.1 mm). It uses the same floppy keyboard as the previous versions – sigh – it’s not a laptop replacement in my opinion. See the Dell Venue 11 Pro for a real laptop replacement.


This has a 12” diagonal screen instead of 10.6”. It’s still smaller than most ultrabooks, but it has a 3 x 2 screen ratio (new). Highest screen contrast on the market (a big deal in my opinion – even the Pro 1 has a great screen).

It is 800 grams. Remember that this is not an ARM tablet, it is an Intel Core i-powered machine, like an Ultrabook. Panay puts a Surface and a Macbook Air on a weighing scales:


He’s really pushing the “replace your laptop and tablet with Surface Pro 3” sales line. The new Core i7 is in this tablet. Thinnest machine of this kind, with 10% more performance than the Surface Pro 2. The device has a pressurised cavity to contain all of the pieces. Every tablet is custom machined to fit – allegedly.

He drops the tablet from head height to prove the build quality, despite being thinner.


He picks out a journalist with a Macbook and gives her the demo unit to keep. It was the one he just dropped.

Out comes the docking station – I wonder if it still scratches the surface of the docked … Surface. You can display to a 4K monitor.

Michael Goth (sp?) of Adobe is brought out to show off Photoshop on Surface Pro 3. He’s got a stylus in his hand. It seems that customers wanted Photoshop to take more advantage of touch and pen. He touts Creative Cloud’s advantage when it comes to speed of development. Some drawing and navigation is done.

Back to Panay to talk about the kickstand. To me, Surface has made a kickstand a mandatory feature of a tablet. He shows off the new angles. There is finally a fully adjustable full friction hinge, like in my €180 Yoga 8 Android tablet.


The myth of Surface lap-ability is brought out again. It does not work in my lap with the keyboard – I am not 7 foot tall. A new Surface Pro type keyboard. There is a new track pad – 60% bigger, better friction, etc. A necessary tool on a touch device without a mouse to point at stuff when doing productivity.

Try type with this sucker. Where are your hands? All T-rexed in front of your belly. The tablet will also move on the loose hinge while you type.


This is meant to stabilise the keyboard. It will not change a thing:


My hands will be curled up by my belly. The hinge will extend beyond my knees. The tablet will still move – too many points of contact. They should have gone the same way as Samsung and Dell with their pro tablets.

He moves on to the stylus to talk about pen and touch. A crossword demo. I wonder if the Surface stylus docks in the tablet … like in the Samsung ATIVs, the Toshiba i5 machine, or even my Yoga laptop? No? Ah – just what a business customer wants … hundreds of machines where users will be losing the peripheral because it does not securely dock – I do not count a magnet lock into the power supply port – that’s because I have to remove the very losable peripheral to power the tablet.

The Surface pen tip is closer to the “ink” because the glass is thinner. Writing has a low latency apparently. OneNote & SkyDrive is pushed (nothing new there – I live on that on my Yoga laptop). Apparently the stylus (Surface Pen) has a button that launches OneNote (1 click) and saves to SkyDrive (2 clicks). Now we get a OneNote demo that goes on for way too long.

Panay tries to sync a OneNote to the WSJ journalist that just got a free tablet. The camera pans to her, and she’s shaking her head!!!!! The camera gets off of her quickly.

Sales start at $799 in 3 configs, with i3, i5, and i7.

The press in attendance get an “on loan” unit with keyboard and pen.

Summary – Surface Pro 3 is a little bigger and thinner. They’ve a new keyboard double hinge to try solve a problem that Microsoft has created by not offering a real keyboard. They push productivity, but do not sell Surface through a channel so it can be sold to business by system integrators. It’s new Surface, same old Surface. I’ll stick to my 8” Android tablet for consumption and my Windows Yoga Pro laptop for productivity, thanks very much. I don’t work for the Wall Street Journal, so I don’t expect Panos Panay to give me a Surface for free :)

Oh – and where was the Surface Mini? It was a no-show. I think there might have been some serious re-thinking. A device of that size relies on “Metro” apps like no other, and there is still a dearth of quality apps. Plus – I wonder if the new ARM version of Windows will be compatible with current hardware … or will Windows RT be able to upgrade to the new OS?


Mary Jo Foley tweeted that the Surface Pro 3 will go on sale on June 20th (I’d say probably USA only at first). The batter life is up to 9 hours.



Mary Jo went on to tweet a price list. Note that the stylus is included with the Surface Pro 3. They keyboard is not included. This is the same as before. Note that the last minute leaks had the correct pricing. Those stories also talked of a limited edition Surface Pro 3, and the possibility of getting it in 3 non-black colours.

Technorati Tags: ,

So I told you that I had qualified as a wildcard to the final of Speaker Idol in TechEd North America 2014. The judges also said I need to give them a tech talk rather than my tall tale based on photography. This would be a challenge. Other finalists would tweak existing decks that they’d worked on for ages. I had to start from scratch and get it right in less than a day. The most difficult thing is … it’s a 5 minute session and they time you. It’s one of the judging criteria. An hour long session is much easier to prepare.

So I got to the hotel on Wednesday night and started working. I knew what my topic would be: WS2012 R2 Live Migration. I had a demo script and a lab in Dublin … but there is no reliable speaker net at the podium so I would have to record my demo. VPN was too unreliable.

I built up my deck. No problem there. I knew the rules: the judges expect you to stick to a format. I went to build my demo but I had some problems with PowerShell modules in my VMM-deployed labs. It took some time, but I figured them out and got the demo ready. Then Camtasia did it’s thing … I remembered to record the video at eactly the screen resolution used by the big screen at the podium. One run through of the session and it was … nearly 9 minutes long. I needed to edit the deck, the demo, and me … brutally.

At 00:30 I was exhausted. I set the alarm for 06:00 and slept like a baby. It was the first morning that the alarm woke me. No jetlag on Thursday. I had a few hours to get myself ready for the final at 12:30. I rehearsed again and again, finally figuring that if I said certain things at the right time in the demo, and left out others, I could hit 4 minutes 45 seconds. Perfect!

So off I went to TechEd. I attended a session on Azure connectivity and thin skipped a fairly dull second slot, opting to go through my deck. I remembered something Mark Minasi told me last year – when he was not a judge. Speaker Idol judges and the audiences are a mixture of IT pros and devs. Give both audiences a hook. So I did: more service uptime and “your aps stay running while IT does stuff”.

The time came. I went to the area and waited. A crowd started to gather … and then people I knew started to arrive. The Hyper-V PM team from Redmond, the Irish MVP gang (John McCabe [ex-mvp, now MSFT]), Kevin Greene, Damian Flynn), readers of my blog and twitter followers, the gang from Petri, the Ferrills (father and son tech journalists, and so many more.

I was nervous. I do not get nervous when I speak. I really don’t. I’m comfortable speaking. I enjoy it – it’s a buzz when you’ve got something to share and you can see that the audience want to hear it. But damn I was nervous. I got on stage, and completely forgot that I had a clicker on the desk. I stood with Richard Campbell (the organizer, and famed for things like RunAs Radio) as I was introduced to the crowd.


I realized how much of the audience were people rooting for me. I was amazed. These people took the time to come and support me. The view from the podium was so cool.

My plan might work. I had 5 minutes to impress … starting now!

First thing: “How is everyone? Is everyone enjoying Speaker Idol?”. And they whooped. Thankfully! That got things going well. I did my intro slides and completely let the fact that I had a clicker slip out of mind. I like to get out from behind a podium so I was walking back and forth, pressing the keyboard to progress. Yuk! I did my demo and screwed up my timing and included stuff that I shouldn’t have. I included the “It does stuff” line and people laughed. Damn, this was going OK.

I wrapped up and waited for comments. I went over 5 minutes, nearly hitting 6 minutes. Argh! I was toast. Maybe I should have trimmed the intro slide. Some comments about font and bullet points. But overall, great comments about delivery and inclusion of the audience. The dev outreach worked.

I thought the guy that did the Azure talk would win. I liked his pace (I was a bit rushed) and he seemed very polished to me. I was sure I was not winning. We were all called up for the results. The judges said this was a tough one, tougher than it used to be in past years because people know what to bring now.


Mark Minasi (who recused himself of voting because we are friends) announced the results. It was a non-American (there was a presenter from Finland who also did a good job). And the winner of a speaking slot in TechEd North America 2015 is …

Aidan Finn.

Instantly pressure slid off. And the lack of stress left me … I was shattered. I think the stress was holding me up. Afterwards I talked for about an hour with people from all over. When it all died down I was ready to drop.

A few beers were had to celebrate :)


Speakers: Ganesh Srinivasan (Azure Networking), Jai Desai (StorSimple), Jon Ormond (MSIT).

Legacy Connections for Site-Site in Azure

  • Secure point-site VPN: for developers. POCs. Small scale deployments. VPN in from a machine. Based on STP.
  • Secure site-to-site VPN: This is for SMB and enterprises. Connect your business to Azure compute. IaaS and PaaS workloads. Configuration generally done on and on-rem edge device. Based on IPsec.

Now added: Private site-to-site called ExpressRoute. For SMB (with WAN) and enterprises. Mission critical workloads. Backup/DR, Media, HPC. Based on services provided by WAN ISP that are Azure networking partners.

Virtual Network Recap

Software defined private network in Azure. You carve out your own IP space/subnets. Can punch holes through Azure firewall for public presence. VPN connects to the virtual network via an edge subnet.

In-Region VNet to VNet

You want security between tiers or services so you put them in different virtual networks. In the same region, there are no data transfer costs. You can punch holes through firewalls to let services communicate.

Cross-region VNet to VNet

Need local presences across the glob but with interconnectivity. For HA/DR also. Can communicate securely using private IP addresses.

Multi-site VNet Connectivity

Up to 10 on-prem sites can connect into a single VNet in Azure. They may be geographically dispersed.

VPN Partners

Watchguard, OpenSwan, Cisco, Fortinet, Brocade, Sonicawall, Checkpoint, Juniper, F5, Allie Telesis, and Windows Server 2012 R2.


Other techs go via public internet so you have dependencies on many ISPs between you and Microsoft. Lots of chokepoints. It might be secure (IPsec), but you cannot build SLA on this. ExpressNetwork brings Azure VNets into your WAN. Now you connect to Azure via a private, SLA controlled WAN connection managed by your ISP, subject to your contract with them.

Enterprise Workloads

All services are made available, and not just VNets. VPN is limited to VPN. You also have controlled and predictable latency. This means there are lots more workloads that you can do over ExpressRoute:

  • Storage/backup/recovery
  • Dev/test lab
  • BI/big data
  • Media
  • Hybrid apps
  • Productivity apps

SharePoint has generated lots of interest as a service over ExpressRoute from customers.

Two Flavours

  • Depoy “on prem” at a colo facility such as provided by Equinox. You can route via colo facility to Azure. Probably requires lots of work for you and additional h/w.
  • Use an Azure ExpressRoute partner as your WAN provider. Then your sites connect direct to Azure. Almost a light switch. Probably no additional h/w.


Equinix, TelecityGroup, BT, AT&T, Level3, Verizon, SingTel

BT important for UK/Ireland. Telecity are important for Europe. If you are not with any of these, “talk to us” according to the speaker, and “we will figure it out”.

ExpressRoute Tiers

Unlimited inbound data transfer. You get some outbound data for free and above that there is a charge.

  • 200 Mbps + 3 TB Month free
  • 500 Mbps and 7.5 TB/month free
  • 1 Gbps + 15 TB/month free
  • 10 Gbps and 250 TB free/month

Customer Connectivity

If you do VPN then you can only access compute that runs in VNets. If you do ExpressRoute then you can access anything. And of course, if you punch holes in firewalls, then you can make services available publicly.

Common misconception: stuff you place in Azure is public. No: it’s only public if you make it that way. Your Azure services can be completely private if you want.

Customer Sign Up Experience

Talk to MSFT and ask for partners in a location. You get a key. Pass that on to the service provider. They query Microsoft and then they create a cross connection between you and Azure. You then set up BGP routes between you and Azure. And then you are connected.

In the case of a WAN provider, the routing is done for you.


He creates an ExpressRoute connection via the web ONLY using MSFT WAN and AT&T. The whole process is basically orchestrated. Should take no more than 5 minutes to complete after walking through the wizards.

He VPNs into Microsoft and can ping and Azure VM over the new WAN connection.

Another ping demo: between 1-2 MS latency between a MSFT office in California and a SharePoint farm in Azure over ExpressRoute (think he said US East region).

Fails over the SharePoint SQL database (guest OS install) from one region to another – takes about 3-4 seconds.

We now get Jon Ormond of MS IT to talk about how they are using ExpressRoute.


LOTS of internal little apps that they have no interest in rewriting as PaaS apps. They use IaaS to run those VMs in Azure – doing that lift & shift now. Need a robust network connection. This is why they use ExpressRoute. They want to end up with 95% of VMs in “the cloud” both private (WAP) and public (Azure).

He does a demo using PowerShell to create the connection. Can also do this using REST API.

Jai Desai, a TSP takes over to talk StorSimple. I tune out here … a StorSimple talk.


Speaker: Damian Flynn, MVP

OpenSource options

  • Eucalyptus.
  • Apache CloudStack: open sourced by Citrix.
  • Open Nebula: Poor support for hypervisors. Not there for Hyper-V.
  • OpenStack: Youngest of the four.

Then we have the Microsoft Cloud OS.

A handful of the room are running open source cloud, managing Hyper-V. Windows Azure Pack and SMA are the front end to VMM/SPF.

OpenStack clearly dominates the forum chatter.

Cloud OS Basic Deployment

Management network for WAP, SysCtr stamp, Network resources (NVGRE g/w) on Control Plane and External networks, and Compute on Control Plane and External networks.

Tip: download Damian’s deck from the Channel 9 site in a few days.

Architecture of OpenStack

Portal manages network, compute, image and blob. Identity drives all of those. Block storage also added.

The names of the components are … random codenames, e.g. Horizon, Heat, Trove, etc. See Damian’s deck. Same 3  networks are used, but the stack is simpler.


  • WAP: only supports Hyper-V. vSphere and XenServer are supported by SysCtr.
  • OpenStack: Hyper-V, vSphere, XenServer/XenCloud, KVM, QEMU, UML

Hyper-V gets “a fair amount of love” from OpenStack. Microsoft Cambridge UK are writing support for OpenStack.


  • VMM will manage the storage fabric elements. Based on industry standards like SMI-S and MSFT-owned stuff like SMB 3.0/Storage Spaces.
  • OpenStack: Swift does BLOB/file-based storage. Cinder does block based storage. Relies on a lot of work by the storage vendors.


  • SCVMM: Store images here. Tag those images using POSH.
  • Openstack uses Glance: Uses a workflow. Unlike what is in SCVMM. Glance needs to do a lot of prep work –before- deploying a VM. Cloud OS uses Hyper-V KVPs for a lot of that work on running VM during deployment phase.


  • Cloud OS: WAP authentication sites. Authenticate against local DB, .net (build your own stuff), or using ADFS (potentially any authentication system via federation).
  • OpenStack: Keystone. Everything must talk to Keystone to authorise actions. Keystone does better role-based access control – what a user can do within their tenancy.

User Experience

  • Cloud OS: WAP Admin and Tenant portals.
  • OpenStack: Horizon. Single portal doing some admin and tenant roles.

Damian says “God damn this is complicated” regarding OpenStack administration. A nightmare to figure out where you start and what to do.

Italian company called Cloud Based IT that make a product to make OpenStack work. They configure Windows with all that jazz you need. And it’s way out date.

Damian reckons RedHat would have been a better choice for his lab. Went with Ubuntu. Installing: easy. Configuring: not so easy.


  • OpenStack: Public. Modules built within the stack.
  • Cloud OS: Microsoft do not talk futures publicly. MSFT focusing on bringing in partners to expand the eco system. SDK allows you/others to build add-ons.


  • MSFT engineering supporting 3rd party platforms.
  • Openstack is “free” – requires LOTS of engineering to customise and deploy

Cloud OS

  • One platform
  • Built on proven & documented System Center
  • Familiar and fully supported tech

Requires an incredible amount of work with HUGE hidden costs. Don’t let “free” fool you or your boss.


Today I took part in one of the qualification heats of Speaker Idol – think X Factor or American/Pop Idol where you have 5 minutes to audition with a presentation, some judges comment, and you either get through to the final or not. There were 3 heats (Monday to Wednesday), each heat winner goes through, and one wildcard goes through to the final. The overall winner wins a speaker slot at TechEd North America next year.

I competed with a … different presentation.

The funny bit is that I knew that Mark Minasi (a friend) is one of the judges. I didn’t win but I got great comments. I was nervous … but I got the wildcard slot for the final tomorrow (Thursday). I was told to do a tech talk tomorrow – that will keep me occupied tonight. Tomorrow at 12:30 CET (18:30 Irish/UK time) will be be there presenting.

Technorati Tags:

Speakers: Eamon O’Reilly (System Center automation) & Beth Cooper (same team)

What System Center has done has been extended into Azure. Both in preview. About half of the room are familiar with Orchestrator, the basis of what we will see this morning.

Pretty full room – pretty small room unfortunately.


  • Optimize and extend existing investments: Based on POSH. Integrates existing systems.
  • Deliver flexible and reliable services: quicker. Reuse.
  • Lower costs and improve predictability: reduce manual errors.


Same as SMA: runbooks, jobs, and assets.

Appears under Automation in the Azure portal.


All runbook management/authoring/testing can be done in the Azure portal. Has a HA engine. Also has suspend/resume/checkpoint features of SMA. All based on POSH workflows so if you have a cmdlet, you can do it.


Free in preview. Pricing based on 3 points:

  • Job run time: time from start to complete. 500 minutes on free plan. $20/month (standard plan) gives you 10,000 minutes
  • Number of runbooks: 20 for free in free.
  • Integration module size: 5 MB on free plan.

You can register for the preview on the Azure preview site. This week is the time to do it. Preview is limited to East USA region.


Create a new automation account. Sample runbooks to be found on script centre. Tags are present to search/filter runbooks, like in SMA. Also has draft (what you are editing) and published runbook status. So you can have a published runbook and edit a new version.

Almost everyone in the room is using PowerShell. IT pros in Ireland are 5 years behind the USA, at least, and this is not a question of scale.

You can manually start a runbook or schedule on. Example: shut down idle VMs at end of workday and power them up at start of workday – save the runtime cost of VMs in Azure.

Automation Accounts

  • Organise automation by group of individual contributor
  • Accounts live in different regions.
  • Create up to 30 accounts

Automation Dashboard

  • For analysis and troubleshooting operations
  • Access problem jobs to get up and running quickly – focus on them instead of the lots of others that are OK


  • Author: Create workflow runnbooks. Call existing runbooks in library
  • Manage & browse and insert assets in runbooks: Modules & activities, credentials, variables, connections, schedules
  • Test: Run and see results within authoring window.
  • Troubleshoot issues
  • Publish: Edit draft before publishing

Manage Runbooks & Jobs

  • Dashboard view: view jobs over time. Find jobs that need attention
  • Runbooks view: Filtering of jobs based on status and date. ID authoring state (new, in edit, published). Filter by tags to find runbooks.
  • Jobs view: Histor of jobs per runbook. Who last updated/when. Input parameters and output. Drill into each job to view streams generated to help troubleshooting. Stop/suspend/resume job.


  • Connections: Information to connect to a particular system. System specific settings.
  • Update to new versions of integration modules
  • Credentials
  • Variables
  • Schedules

Central set of resources that can be used by all runbooks, like in SMA.



Has application insights enabled. If there’s an error on his site, The runbook triggers an action when an alert is created. A response is triggered whenever an alert is detected. All done using inline runbooks. Note: the alert detection method he used was to search for an alert email in GMail via an RSS feed.

Another demo.


They’re using SharePoint to store and change control their runbook scripts. A runbook is monitoring the status of scripts in the SharePoint document library (list item), using a custom SharePoint module. This uses a connection asset. They see a script go into a “ready to test” status in SP and that triggers a child runbook. It appears that the action is that the runbook is updated in Azure and moved to “production” status in SharePoint – they don’t really explain but that’s not really the point anyway. The demo was connections to external resources.

Typical Scenarios

Azure automation is more than just about Azure resources. Posh offers huge extensibility via modules.

  • Monitoring & remediation: Alert on a VM. Monitor for new services to ensure management. Notify subscription owners of underutilized VMs that are wasting money.
  • Change control and provisioning: Deploy a VM, and enable monitoring. Deploy a new service and configure endpoints for alerts. Deploy from GIT and automate tests and swap to production if passes. Monitor SharePoint online for approval to update a service and do that once approved.
  • Patch/Update/Backup orchestration: Use traffic manager to patch IaaS VMs without downtime to services. Enable regeneration of storage account keys while avoiding downtime. SQL backup on a schedule. Backup and restore IaaS VMs.

Leave remote management of Azure VMs enabled and Azure Automation can reach into those VMs’ guest OSs.

Anything you do twice: Automate it.

Takes time to create automation, but the more you do it the quicker you do it. And the time you invest up front will save you time in the long term.


Speakers: Damian Flynn, MVP and Marc Van Eijk, MVP.

Confusing topic for many. The guys are very experienced in the real world so a good session to take notes from and share.

Environment Preparation

  • Rack the servers and configure the BMC card.
  • Build an OS image and add it to the library.
  • Configure DNS aliases for BMCs, set up certs (if required), and set up VMM Run As profiles, e.g. join a domain, log into BMC, etc.

Infrastructure Services

  • Set up WDS for SCVMM
  • You need a DHCP scope for your bare metal hosts for the deployment phase. The hosts will get static IPs after deployment.
  • Prep SCVMM – Import WDS, add OS image to the library (and refresh), add a Run As account for the domain join, and add a Run As account for the BMC.

The deployment

  • Configure the networking stack in SCVMM
  • Do a deep discovery to get hardware of the host
  • Deploy the VHD as boot-from-VHD on the host, install drivers, join domain, configure networking, enable Hyper-V,  etc.


Concepts of the network in SCVMM

  • Logical network: A role
  • Network site: Part of logical network
  • Subnet/VLAN ID: A subnet that’s a part of a site
  • IP Pool: A pool of IPs for a subnet

A VM Network is an abstraction of a logical network. Required to connect NICs to a logical network.

Demo of Logical Network

Marc asks who has used VMM. Almost everyone. Who has done bare metal deployment: Very few. Who was successful first time: one brave person puts his hand up (I mock him – seeing as he is a friend).

Marc does:

  1. Create a host group.
  2. Creates a logical network called management. He sets VLAN-basd independent networks. There will be converged networks that are split up based on VLANs.
  3. Creates a network site called host that is set to be available on the host group. He sets a VLAN on 0 for PXE boot, and sets the IP subnet.
  4. Additional network site for Live Migration with a different VLAN
  5. Then he adds a third site for cluster communications with a VLAN. So one logical network with 3 network sites.
  6. Creates IP pools for each network site. Use to assign static IPs during deployment. Configures gateway and DNS settings for the management network.

Note that there is no need to do anything special to enable NVGRE. No subnets, logical networks, or anything else. A check box was left checked to allow NVGRE to be used when creating the logical network.

  1. Creates a new logical network called Cloud Network. This is what would appear in WAP when a customer creates a virtual network – so choose a suitable name.
  2. Checks “allow new VM networks ….” to use NVGRE.
  3. Creates a site with a VLAN and associates with the host group.
  4. Now he creates an IP pool for that site/logical network. The number of IPs in the pool will limit the number of VMs. No DNS or gateway settings.

So now we have two logical networks: Management and Cloud Network. The Cloud Network appears to be used for the PA Space.

  1. A third logical network called tenant VLANs
  2. Network site: Names the site after the VLAN ID.
  3. Adds more network sites, named based on the VLAN IDs.
  4. Adds IP pools.


These VLANs appear to be used for tenants.

  1. Creates VM network for host/management.
  2. Creates VM network for cluster.
  3. Creates VM network for live migration.
  4. Creates a VM network for tenant A and another for tenant B

Back to presentation.

Network Design

Note that for VMM to create a team, you need to create a logical switch. BAD! Needless creation of virtual switches and limits things like RDMA. Complet convergence also not good for some storage, e.g. RDMA or iSCSI storage. Might do some convergence and non-converge your storage networks.

Benefit of logical switch

Repeatable consistency.

Note: also required for NVGRE, unless you want to go to PowerShell hell.

The design they are deploying:



  1. Create an uplink port profile to define a NIC team. This one is created for HNV/Tenants. Selects the Cloud Network and the tenant VLAN network sites. Also makes sure the enable NVGRE check box is left enabled.
  2. Creates an uplink port profile for the mangagement network. Now adds the cluster, host, and live migration network sites.

What he’s done: configure the above two network teams from the diagram and defined which networks will pass through the respective teams.

  1. Creates a logical switch for management. Selects the management uplink port profile and selects the teaming option. Even if you have just one NIC, you can add a NIC later and join it to the team. Now to define the convergence by adding virtual ports. A step in this is to define port classification – this does QoS. Select Host Management and match with management network – repeat for the reset of management networks.
  2. Creates a logical switch for tenants. And also teams with the tenant HNV uplink port profile. Adds three adapters (port profile classifications) for QoS – low, medium, and high (out of the box – weights of 1, 3, and 5).


  1. Next up: create a physical computer profile. Choose a host profile. Select the virtual hard disk from the library that will be the host OS. Now the fun bit – network configuration in Hardware Configuration.
  2. Tip: Expand this dialog using the control in the bottom right corner.
  3. It starts with a single physical NIC with the management role. Add 4 more physical NICs.
  4. First and second added to the logical switch of management.
  5. Configure 3rd and 4th to the tenant logical switch.
  6. Edit the original physical NIC and select “Create a Virtual Network Adapter as the management NIC”. Set the transient physical newtork adapter as NIC 1. Apply a classification – host management. Set the IP Pool as Host.
  7. Add 2 virtual NICs. Connect 2st to logical switch management. Set to Live Migration. Connect the 3rd to the mangement logical switch and configure for cluster.
  8. Can also do some other stuff like filtering drivers from the library for precise PNP.
  9. Continue the wizard – set domain join and runas account. Set the local admin password, the company info and product key. An answer file can be added to customize the OS more, and you can run tasks with GUIRUNONCE.
  10. You can skip the default VM storage path for clustered hosts – VMM will control this in other ways later.

Deployment Demo

  1. Kicks off the wizard from the host group. Provision the new machine.
  2. Select a host group that has a valid host profile. Select the host profile.
  3. Kick off the deep discovery. The host reboots into WinPE to allow VMM to audit the host h/w. With CDN enabled, you can pre-bind NICs to logical switches/teams. Without it, you’ll need to know which NIC is plugged into which switch port, then you can bind NICs to right logical switches. The server schedules a shutdown after the audit.
  4. In VMM you can finish the host configuration: naming of the host. Binding of NICs to logical switches if you don’t have CDN in the host. If you’re quick, the server will not shutdown and the setup will kick off.


Converging things like SMB 3.0 or Live Migration through a logical/virtual switch disables RSS so you limit 10 GbE bandwidth to 3.5 Gbps or thereabouts. Can create multiple management OS vNICs for SMB multichannel, where VMQ dedicates a queue/core to each vNIC.

My approach: I do not converge my SMB/cluster/storage rNICs. They are not teamed, so they are basic logical networks. No need then for logical switch.


Neil Person PFE is the presenter.

What is PowerShell Workflow?

Introduced with Posh 3.0. Common syntax  but different execution. Uses Windows Workflow Foundation (WF). Used by SMA.

Windows Azure Pack (WAP)

A collection of on-premise Azure tech. Gives you a true cloud: multi-tenant and self-service, with presentation of broad network access and reusable resources provided by Hyper-V and SCVMM. Add-ons provide the measurement billing.

What is SMA?

A process automation tool built on WF that has native integration into WAP. A component of System Center Orchestrator. The files to install it are on the SCORH media. A unit of automation is called a runbook. They are built using POSH workflows in SMA, rather than GUI in SCORCH.

HA and scalable infrastructure.


WAP provides a GUI to SMA. You can admin the SMA system and edit SMA runbooks in WAP. You do not need WAP to run SMA, but SMA provides a console to manage it. Once you integrate SMA into WAP, you can use SMA runbooks for WAP activities, e.g. creation of a VM triggers a runbook for post-deployment configuration.

WAP is not a service provided by tenants. It is a service used by the cloud admins to automate work. Might benefit the users/tenants.

Authoring, admin and execution

Can edit in WAP Portal or PowerShell ISE. Tags are used to categorize runbooks – Folders are not used. Runbooks can transition through states: draft, published, or in-edit. There are several ways to execute runbooks – Posh module, a web service. A job is an instance of an executed runbook.

SMA Architecture

3 components:

  • Posh module
  • Web service – the centre of SMA – authenticating users, accepting requests, etc. Deploying this creates an SMA database.
  • Runbook workers.

Requests made, maybe via Posh module or via HTTP to the web service. The request is placed in the SMA database. Results might be sent to the web service. Runbook workers pick up jobs from the database and send job state information back to the database – if using state persistence functionality.

Install and Post-Install

Deploy the SMA components. Deploy multiple runbook workers for HA. Deploy WAP if you want that integration and console. Configure the WAP integration.

Automation in WAP is where you work with SMA. You need to register the SMA endpoint to integrate SMA with WAP. Any runbooks that you’ve created will appear.

SMA also appears under VM Clouds as Automation tab in WAP. This requires a second integration. You can use “an existing endpoint” from the previous step.

There are PKI requirements that have not been covered. Also some admin rights stuff.

There are a bunch of sample runbooks that you’ll see when you install it.


Runbooks are tagged for sorting or filtering. Runbooks can have more than one tag. Gives a multiple result possibility that folders cannot offer. Useful for nested runbooks where a runbook is reused for several greater tasks.

Managing a runbook

Created via the New menu is used in WAP. Drill into the runbook to see more. Use Configure to tag the runbook and enable logging. Authoring is where you can build the runbook from within the WAP GUI. There are draft and published tabs. SMA will put in a script block (snippet) for the workflow in draft to get you started. The code that you add is PowerShell. He uses Get-ADUser as a simple “hello world” demo to dump data on the output stream (write-output).

The test button gives you immediate feedback on code syntax. Publish the code, and then you can run the runbook. A job is created. It goes from queued to starting as a worker picks up the job from the database.

He copies the code into ISE. He runs it in ISE to test the code. It’s just a POSH workflow. Now he has code from the SMA module. His code runs get-smarunbook to query all the runbooks. Then Import-SMARunbook to import a PowerShell script to create a new runbook. Publish-SMARunbook will publish the runbook, readying it for execution. A new job is createed by running Start-SMARunbook. Get-SMAJob queries the status of the job. The output stream is showsn with Get-SMAJobOutput. And finally he deletes the runbook with Remove-SMARunbook.

Note he has a variable for the web service endpoint that is used as a parameter in each of the above cmdlets.


A collection of globally available settings we can use in any runbook. A connection asset is used to conenct to an external service. More than just username/password/server name. In ConfigMgr, the site code might be there. Might have a place for a certificate. Similar to what you see in SCORCH. A variable is used to share data across multiple runbooks. Credentials can use PSCredential or certificate to embed ID in a script securely. A schedule allows you to automate the scheduling of runbooks.


We can checkpoint a runbook. This is a save state action. Not like Hyper-V. For example, a script is creating a user and configuring it. If the script is interrupted after creating the user, a resumed execution will continue from the last checkpoint, therefore not trying to create the same user a second time.


Don’t go nuts with them. They have a performance impact. Be judicious, e.g  after a critical action or after doing something that cannot be repeated.

A runbook can be suspended – pause and resume. Let the runbook do stuff, let someone inspect the work, and then resume execution to finish the runbook.

Nesting Runbooks

Don’t create a massive runbook. Use nested smaller runbooks. This encourages code resuse and higher quality runbooks that are more heavily tested.

A parent runbook orchestrates the execution of child runbooks. We can start a runbook inline by referencing the name of the child runbook and passing it any required parameters. They appear as one job. All of the output is rolled up into that one job thanks to your inline execution. Synchronous execution.

Start-SMARunbook is a second way to start child runbooks. The child runbook gets its own job. Output is specific to that job. Asynchronous execution.

Inline Script

Some code that you have lying around might not work. They can be encapsulated in an inline script. The workflow creates a POSH session to run that encapsulated script. Any returned data goes into the workflow. Checkpointing and suspending won’t work inside inline script, but can be done before or after the inline script.

$variable = inlinescript {




Parent runbook is taking in parameters that will need to be provided when starting a job. This parent will kick of children to create a user, populate groups, move the user to an OU, and send and email to a  manager.

Get-AutomationPS<something> is used to pull inforation from SMA assets into POSH variables so that they become usable in the runbook code.

EmulatdAutomationActivites module allows you to run the runbook locally on a PC as if it was in SMA.

He calls the child runbooks simply by using the names of the published runbooks in the script as if they were cmdlets.

He publishes the scripts, and filters the tags in WAP. He goes into Assets and clicks Add Setting to add the required assets for the parent runbook. He starts the parent runbook. The parent’s required parameters are supplied via a pop up screen. A single job is created because inline runbook execution is used. The job runs – it creates a user, configures it, and sends an email to the manager.

Post-VM Deployment Servicing Demo

In VM Clouds we see that the VM Create action is tied to a runbook. Run this action will trigger this runbook. He wants to rename the guest OS computer name from the WAP-default random name to match the VM name in Hyper-V.

The scipt goes into a loop until the VM is up and running. He does this using Suspend-Workflow.

That’s all folks. SMA as a concept is pretty simple, as is SCORCH. The magic is in the code that you write. Learn PowerShell.


I am live blogging this session. Press F5 to get the latest updates.

Bob Combs and Greg Cusanza are the speakers. Each are PMs in the Windows Server data centre networking team.

Bob starts with a summary of 2012 R2 features.

The scenarios that they’ve engineering for:

  • Deliver continuously available services
  • Improve network performance
  • Advanced software defined networking
  • Networking the hybrid cloud
  • Simplify data centre networking

The extensible virtual switch is the policy edge of Hyper-V. Lots of built in features such as Port ACLs, but third party’s extend the functionality of the virtual switch too, including 5nine.

Those port ACLs were upgraded to Extended ACLs with stateful inspection in WS2012R2. The key thing here is that ACLs now can include port numbers, not just IP addresses. This takes advantage of cool design of vNIC and switch port in Hyper-V. The rules travel with a VM when it migrates. That’s because the switch port is an attribute of the vNIC, not of the vSwitch. Policies apply to ports so policies move with VMs.

A few people in the room know what RSS is. About 90% of the room are using NIC teaming. About half of the room have heard of Hyper-V Network Virtualization.

Greg takes over. Greg shows a photo of his data center. It’s a switch with 5 tower PCs. Each PC has 2 NICs. 2 hosts, with virtual switch on the 2 NIC team. Host1 runs AD, WAP and SPF VMs. Host 2 runs VMM and SQL VMs, and some tenant VMs. One storage host, running iSCSI target and SOFS VMs. 2 VMs set up as a Hyper-V cluster for the HNV gateway cluster. There is one physical network.

Note that the gateway template assumes that you are using SOFS storage.

The host networking detail: Uses vNICs for management, cluster, and LM. Note that if you use RDMA then you need additional rNICs for that. He’s used multiple vNICs for the storage (non RDMA) for SMB Multichannel. And then he has a vNIC for Hyper-V Replica.

VMM uses logical networking to deploy consistent networking across hosts. Needed for HNV.  Uplink port profile creates the team. Virtual switch settings create the virtual switch. Virtual adapters are created from port profiles. If a host “drifts” this will be flagged in VMM and you can remediate it.

Remember to set a default port on you logical switch. That’s what VMs will connect to by default.

Then lots of demo. No notes taken here.

The HNV gateway templates are available through the Web Platform Installer. The 2-NIC template is normally used for private cloud. The 3-NIC template us normally used for public cloud. Note, you should edit the gateway properties to edit the network settings, admin username/password, product key, etc. During template you should edit the VM/computer names of the VMs and their host placement. They are not HA VMs. Guest clustering is set up within the guest OS. This is because guest clustering service HA is faster to failover than VM failover (service migration is faster than guest OS boot up – quite logical and consistent with cloud service design where HA is done at the service layer instead of fabric layer).


James Well, Julia White, Mark Russinovich, and Brad Anderson are here for the keynote press conference, hosted by Joey Snow.

Key thing to take away: cloud can add value to everything you do – Brad Anderson. Enterprise mobility: integration across enterprise and Office 365. Cloud will manage Office on devices of all types, be that program, policy, or data. Azure Remote App will allow you to remote apps from the cloud to Windows, IOS, or Android.

Mark R: Talks about ExpressRoute for hybrid cloud. Azure Files brings consistency to hybrid cloud. Already  available in private cloud.  File sharing as a service (PaaS) in Azure so VMs can access shared files. Azure Site Recovery brings failover to the cloud for on-premise. Greatly reduces cost of DR & compliance. Manage anti-malware can deploy MSFT endpoint protection easily. Store logs in blobs. Symantec and Trend Micro have partnered with same portal and powershell. Trend Micro also allow encryption like BitLocker, with the key’s stored on your own site.

James Well: .Net stuff on cloud scale applications.

Julia: How do I secure data? New security and privacy stuff. Content categorization and security for data loss prevention. Files can be encrypted in OneDrive and SharePoint. New series of videos and blogs on the Office 365 Trust Center.

Brad: IT pros have concerns about their impact in the company. What has happend 6-2 months after adopting cloud? Their ability to contribute to the company has increased. MSFT has to help the world understand. Once a company embraces an element of cloud, the company and IT pros want to adopt more. These are “on ramps”.

Question: “Windows Server will fulfil the roles in your data center – 6 years ago. Has that changed to Azure?”. Brad – Azure is Windows Server. You deliver the best platform for your organization using a combination of on-premise and cloud. Do anything you need based on Windows Server and Azure. Mark – clarifies that it is Server and System Center. Brad – Azure is based on Hyper-V.

Question: Will Azure Site Recovery Manager require System Center? Brad – yes, it requires SCVMM.

NOTE – they lost the SME market.

Question: 3 differences between Azure RemoteApp and others. 75-80% of “VDI” is actually app remoting (session host) and not actually VDI. Reasons: costs. To build this for scale of users, you need lots of infrastructure. MSFT has that already, so you can use it with elastic demand/costs, without spending CAPEX.


Welcome to Houston where the keynote hall is full and they’re filling the overflow rooms for the Brad Anderson-led keynote at TechEd North America 2014. I am here with Petri IT Knowledgebase, sitting in the press section at the front of the hall.

I  live blogged as the event went on. Don’t expect much if anything in the way of Windows or System Center news. This will be a cloud year, where new features come out every 6 or so weeks, thanks to a cloud development cycle. I also do not expect Satya Nadella here.

Speaking of which; Nadella courted devs at a number of events in recent months, including Build. What will Microsoft do this week to convince influential IT pros that Azure won’t steal their jobs and that they are still important to Microsoft (they don’t feel that way lately)?

Right now a classical/electrical band called Flash Drive is playing pop muzak.

After a few songs they get a good reception. Now the 2 minute long teched countdown show kicks off with Joey Snow and Rick Claus.

Brad Anderson comes out sans-Aston Martin. He professes love for the new reign of Satya Nadella. As expected, Brad talks about devices and data of previously unimaginable growth. Cloud will be core to everything we do to manage devices (ever connected world) to derive insights from that data. There are no more devices than people on the planet.

On comes a video with some dude in black and white. It’s a new world, with low contrast film. It’s devices-devices-devices. No monkey boy dancing. Airy fairy stuff about storing data in trees. Yes; trees. I guess these guys are from MSFT Research.

Brad wants to talk about IT Pros. “IT pros are literally at the centre of cloud first and device first clouds”. “No longer think of public cloud as seperate; it is integral to your data center from this point forward”.

Three capabilities required when you consider a cloud. Choosing a cloud vendor wisely is critical for your future:

  • Hyper-V scale: able to grow fast than you. Only 3 companies operate at this scale. This scale drives innovation in infrastructure.
  • Enterprise capabilities and enterprise grade cloud. Financially backed SLA.
  • Hybrid: Works with on premise, partner hosted cloud, and public cloud all integrated. Only MSFT does this.

Right now, only MSFT meets all three requirements.

How could we change our industry if we had unlimited computing power. Here comes Respawn’s Titanfall, an Azure-powered online-only game. It had over 100,000 VMs on day 1, powered up around the world, with clients connected to the closest data centre. No worry about location or performance. They have solid and even compute capacity. They scale up and down as required to meet customer demand. They power lots of game functionality on the server, which they could not do on a console. 150 employees company has hundreds of thousands of VMs around the world.

16 regions. A new core is deployed every 5 seconds. 2 billion authentications a day being done by Azure Active Directory. They take this functionality and trickle it down to hosting partners (WAP, Hyper-V, and System Center). Windows Server Hyper-V is the common foundation across private, hosted, and public cloud. No lock in. Flexible expansion, shrink, and mobility.

IaaS new features:

  • Cloud app discovery Preview. This looks VERY cool.
  • Compute intensive VMs – more RAM and more VMs, with RDMA Infiniband at 40 Gbps.
  • Virtual networking enhancements
  • ExpressRoute is GA for MPLS networking. 2 circuits for every connecting for fault tolerance. Note that Telecity is now a partner.
  • Azure Files Preview: SMB 3.0 sharing of files for VMs.

Software-defined storage (Storage Spaces) is used by Azure.

On to SQL 2014. In memory gives 30x increase without re-writing application, just by adding RAM to existing h/w.

Azure Redis Cache is in preview. API AManagement Preview is in preview too.

Out comes Josh Twist to talk about API Management. Wellmark is an American insurance company and Azure customer. He talks about this feature without explaining what it is. I’m lost.

Back to Brad with more announcements:

  • Anti-malware is being added to Azure. Microsoft Endpoint protection. Partnering with Symantec and Trend Micro.
  • Encrypted storage for Office 365.
  • Azure Site Recovery: Hyper-V Replica to Azure. review in June. This is BIG. Use HRM for orchestration.

Here comes Matt McSpirit to talk about the latter. Azure Site Recovery can be your secondary site if you don’t have one. Can manage replication between sites and to Azure. Centralized management of the replica VMs. VMs can be encrypted while at rest.

Site recovery makes networking easy. Can map networks between primary and secondary site. Map on-premise networks with Azure virtual networks.

A recovery plan orchestrates failover, test, planned, or unplanned. It will cleanly shut down VMs and replicate final changes in the event of a planned failover ( a flood is coming).  You can inject manual tasks into the orchestration.

We move on to identity, another MSFT USP. SaaS is powered by identity. For example, Office 365. Discover how many they are using with Cloud App Discovery. Often some 250 unmanaged SaaS apps in a company. IT has no control. IT needs to take control and manage identity and security.

Office on the 3 mobile OSs will be brought under management. Protection of files: Azure Rights Management Services (ARMS). Part of the EMS bundle for EA customers. The protection travels with the files: only the right people can access the files, even with accidental leakage.

Azure RemoteApp is Mohoro. It’s a RDS session host system designed to run in Azure. You upload LOB apps into Azure and users access them from cross-platform devices. AWS desktop as a service is a square wheel compared to Azure RemoteApp.

Demo: User signs into SaaS app using AD ID via ID federation into Azure AD.  80% of employees admit using non-approved SaaS apps. Cloud App Discovery tool allows admins to discover what apps are being used and how. Now IT can bring these apps under company control. Azure AD has 1300 templates for SaaS single-sign on.

Azure Remote App preview is GA today – note it is not live yet in the Europe regions. Publish apps over the highly performing RemoteFX protocol to devices of different OSs – Windows, iOS, Mac OS X, and Android. A little nod to Citrix.

Now on to the dev audience. I sleep.

I wake up. Now Brad is talking about users. Sadly, people have lost interest in the dev content and are leaving.

“Work like a network”.

Humans can achieve if we focus. There is a flood of information that distracts. Need to move from information to action. Information is locked within boundaries inside organizations. BI stuff now. Yawn.

Demo on BI with old content from Barcelona promo video.

Back to Brad to talk about Office. Ugh, sounds like more BI.

Julia White to talk cloud productivity with Intune and Office 365. Basic demo of doc sharing in OneDrive for Business. Tell Me in Word Online is shown to help find how to do formatting. Can share from OneDrive for Business into Yammer. Yammer: IT managed social experience.

Back to Brad. More people leaving the hall. Not nearly as bad as Elop in 2009 (that was BAD) but a section of the audience has lost interest. This will be a talking point IMO.

Back to summarise. MSFT believes in cloud and getting us to embrace it.


Another community event is coming on June 19th and 20th in Citywest in Dublin. This time, with TechCamp 2014, we’re switching to a more “here’s how to do it” style of presentation. Based on feedback, we’ll have 1 track per day, over 2 days. Day 1 (June 19th) will focus on Hybrid Cloud, mixing Windows Server, System Center, and Microsoft Azure content into one track. On day 2 (June 20th) the focus switches over to the public cloud, and products like Office 365 and Windows Intune.

Most of the speakers are MVPs sharing their knowledge and experience with these technologies, with keynotes by local Microsoft product-line managers.

You can choose to register for either or both days.

Please retweet, post on Facebook, LinkedIn, share with workmates, customers, etc.



Another quiet 24 hours ahead of TechEd:


Here’s the news for the last 24 hours. I suspect things will remain quiet until the keynote at TechEd. Even then, I’d expect news to be limited to cloud services.


The following dodgy looking people will be attending TechEd North America 2014 in Houston next week. They will be attending sessions, wandering the halls, and there’s even a speaker in the bunch. Your mission, should you choose to accept it, is to take a “selfie” photograph with ALL FIVE of the below Hyper-V amigos, all of whom are Microsoft MVPs. Take each of the 5 photos and put them together in one image (easy to do in MS Paint) and then tweet me (@joe_elway) with the image.

Tip: the funnier, the better. The use of alcohol won’t hurt.

The best entry will win a copy of Windows Server 2012 Hyper-V Installation And Configuration Guide.



  • You cannot be a Microsoft MVP.
  • Photos must be taken between Monday 12th 2014 and Thursday 15h 2014.
  • You must have taken “selfie” photos with all 5 of the above Hyper-V amigos.
  • Both you and the Hyper-V amigo must be in each photo.
  • A member of the Hyper-V product group/team cannot win – that would be too easy! But funny entries are still welcome :)

May the looniest entrant win!

Please retweet this, post on facebook, post on any social media, and reblog – you have my permission to reuse the content of this post in the context of this game.

Technorati Tags: ,,

I am taking a break from ironing and packing (and sometimes repeating the ironing phase) to share my thoughts on attending TechEd. I’ve been to a number of TechEd conferences over the years, mainly in Europe. Last year I decided to attend TechEd North America which was held in New Orleans, because of the larger scale of the event. I wanted to hear and see more, and network more than was possible in Europe. I’m preparing for TechEd North America 2014, which is being held in Houston next week. Here are my suggestions to having a good TechEd.


TechEd North America 2014 is running in Houston on May 12th to 15th

Use the Schedule Builder

There are lots of tracks and sessions to attend at TechEd, including community-based “birds of a feather”, formal breakout sessions, and hands-on labs. With so much to see, you need to plan, and the schedule builder enables that. You won’t be able to see every desired session in person, but never fear because you can download sessions afterwards.

Be aware that the schedule is subject to change. Sometimes sessions are dropped because of an issue with a speaker. There are times when sessions prove to be extremely popular and they are rescheduled for additional time slots. I have seen flyers handed out with updated schedules. The best way to keep up with events is to follow TechEd North America on Twitter (@TechEd_NA) or on Facebook.

If you’re attending one of the popular sessions, like those of a Mark Minasi or a Mark Russinovich, then get there early. Those rooms fill up quickly and you’ll regret missing and educational and entertaining presentation.

Take Notes – Lots of Notes

Your best friend at TechEd is a laptop or convertible tablet with a great battery. I have a Samsung ATIV Windows tablet that can go all day. I charge it overnight and I can note take on it without getting stressed about finding the all-too-rare free charging station. It docks into a keyboard, giving me a laptop experience, and there’s a stylus that allows me to sketch out diagrams.

You should plan on using OneNote when attending TechEd. I maintain a single notebook for technical events. I open up a tab for each event, and have a page for each day/session. Some companies will choose to send several people to a big event like TechEd. It makes no sense for them to all attend the same sessions; instead, attend different events and share notebooks. This will allow for knowledge sharing, not just between the attendees, but also with those who are back in the office.

I am attending as a member of the media with the Petri IT Knowledgebase, so I will also be taking photographs. I should use my Nokia Lumia 1020 for that, but often I want to quickly embed a photo into a document. The quickest way of doing that, without relying on conference Wi-Fi networks, is to use a compact camera that has an SD card. If your computer has an SD reader then you can quickly copy the photos without dealing with cables.

Meet the Experts

One of the big benefits of TechEd is that you can meet with product experts. You will never get an opportunity like this for the rest of the year; your local Microsoft subsidiary staff are typically not that well informed and this is the best time ask those difficult questions, make feature change requests, and work out problems on a whiteboard.

Each speaker will also be scheduled to staff product booths at one more times throughout the week. They might announce their schedule at the end of their session. Maybe you have a follow up question to ask them? This is the perfect chance to get an answer.


A lot of experts never get the chance to talk at TechEd, but they attend to learn about other content or to discover new solutions. Maybe you read their blog? Possibly you’ve bought their book? There’s a chance they can help you with something. Or more likely, you never even have heard of this person … yet. Get out of your shell and talk to the person beside you in the breakout room before the presentation. Talk to your neighbors during a meal. This is a great chance to learn something new and to make new contacts and friends.

Wear Comfortable Shoes

TechEd New Orleans was a marathon. The venue was a gigantic long hallway and it could take half an hour to get from one location to another. The venue in Houston looks very similar. Be prepared to clock up some miles.

There’s more to the Exhibition Hall than Swag

One of my reasons to attend TechEd is to tour the sponsors’ booths. Yes, they are there to get your contact details and try to sell you something. But many times I have found solutions to problems at these booths. Take the time to wander about. If you don’t know of a company, then look them up. You never know what you might find.

You’ll also find a few other things in the exhibition hall. Sometimes there are special events, competitions, and even some places to sit back and relax. This is where I will spend my time during those slots when there are no sessions on.

Leave Some Room in your Suitcase

OK, you are going to collect swag. Maybe those t-shirts are for the office or for painting your apartment, but you will collect some. You might even find a pop-up Microsoft store selling devices at discount rates. Those of us travelling from outside of the USA will be tempted by lower US prices to visit a local electronics superstore. There is a high probability that you will return home with more than you left with, so leave some space.

I will be live blogging on here as usual, and posting articles on Petri from the event.


Between a bank holiday and some travel, I’ve been unable to post, but I’ve saved up the headlines from those days:


I recently presented in the MicroWarehouse and Microsoft Ireland road show to Irish Microsoft partners on the topic of the Cloud OS, comprised of Azure, Windows Server 2012 R2, Hyper-V, and System Center 2012 R2. You can find the slide deck below.



The big news yesterday was the general release of the new patch for IE on XP. Personally, I think this is a stupid mistake by Microsoft, and it will lead to some laggards to reason that Microsoft has reversed course on the end of support. Microsoft can comment all they want; most people never read blogs, press, or attend events. The mistake has been made, and it was one of the dumbest releases since Bob.


Happy May Day, comrades! I was tied up with events the last couple of mornings so here is two days worth of news. Note the new beta for System Center Advisor. The security functionality looks very interesting!

Get Adobe Flash player