Get your Azure AD Tenant ID with PowerShell

I’ve been working with Azure AD authentication and GraphAPIs a lot lately. This is a short script I wrote to get your tenant ID…

param([string]$TenantName = (Read-Host "What is your tenant name? (")) 

1$data = (New-Object System.Net.WebClient).DownloadString("$TenantName/FederationMetadata/2007-06/FederationMetadata.xml") 

$dirtyID = $data.EntityDescriptor.entityID.Replace("", "") 

$dirtyID.Replace("/", "") 

8 Azure Preview Features You Should Look At


Azure… There is plenty to keep up with, just dealing with the features that have been released. With that in mind, have you enabled the preview features? Take a minute and go to your subscription account portal and have a look…

Azure Batch

Have an application or parts of an application that does processor intensive work? Hand it off to Azure Batch. Basically it pushes your code to a designated amount of VMs and processes the task in parallel.

More Info >>

Auditing for Azure SQL Database

Exactly what it sounds like… It logs events to an Azure Storage account. What are some of these events you might ask? I’m glad you did: Accessing data, Schema changes, data changes, accounts, roles, permissions, security exceptions. For a complete reference see the Audit Log Format Reference DOCX.

More Info >>

Operational Insights

Need to monitor a lot of machines? This is what Operational Insights is good at… Install an agent. It talks to Azure Operational Insights web service running in … well Azure. There is a portal where you can create all kinds of great looking dashboards and reports.

More Info >>

PlayReady License Server

So you run a live video feed of an event, or a video on demand service and you want to secure your content. You can with PlayReady. This is a token issuing service that allows a player to decrypt your video content. You should check this out if you’re doing anything with video… all the cool kids are using it, and it’s in my wheel house. Shoot me an email if you’d like to discuss more.

More Info >>

Azure Premium Storage

Premium Storage Disk Type P10 P20 P30
Disk size 128 GB 512 GB 1024 GB (1 TB)
IOPS per disk 500 2300 5000
Throughput per disk 100 MB 150 MB 200 MB

5000 IOPS per disk!.. Shut up and take my money!!

More Info >>

Stream Analytics

Real time data analytics allows you to analyze patterns in data streams or historical data before storing the events. Think… the backend to your IoT strategy. Not a lot of companies are thinking about their IoT strategy yet… but at Microsoft we are. This is why Gartner and other think-tanks are putting so much weight on data sciences in the coming future. You have been warned.

More Info >>

Windows Azure Files

For this you’ll run some PowerShell to create a file share in an Azure Storage account. VMs can then mount these as a network shares or you can access the share using the REST API, much like blob storage. Pretty sweet feature… one I’m using right now!

More Info >>

Billing Alert Service

If you’re the account administrator for your subscription, you can set an alert when you spend “X” amount of dollars. Not quite a billing API, but I configured a few alerts to let me know when I’ve spent different amounts of money.

More Info >>

Azure Web Sites DaaS–Diagnostics as a Service



DaaS for Azure Web Sites is a great tool when “bad things happen to a good site”! It allows you to collect a plethora of different logs and parses them into an easily digestible format. The idea is to enable you to get to root cause without turning to the forums or Microsoft support. I’m running a WordPress site that, knock on digital wood, is pretty rock solid. Even so, I’m going to use this site to play around.

Until the recent announcement, the collection and parsing of PHP logs wasn’t an option, but now DaaS will collect PHP specific files along with Event Logs, Memory Dumps and HTTP Logs. First you will need to enable Web Server Logging to the File System. With that down just browse over to https://<YourSiteName> and you’ll get a page like this…



All you need to do is click Diagnose Now and your off to the races. Oh, and you can also schedule an analysis if you’d like…

Once that is complete you can download your logs at: https://<YourSiteName>

Windows Azure SDK for .Net Management API (Preview)


Up until recently, we’ve had to use the REST API to work with Management objects in Windows Azure. This is great as all the overhead is stripped away, and anything can access it. However a .Net developer has a little extra work around generating the URLs, Authentication, and making requests. The new Management API included in the .Net SDK is a welcome enhancement.  It’s still in preview, and sometimes doesn’t work as expected… Here’s a little code to get you started.

Via Nuget: Install-Package Microsoft.WindowsAzure.Management.Libraries -IncludePrerelease

Ref: Windows Azure Management Libraries

AutoHotkey Where Have You Been All My Life?


Maybe I’m just late to the party, but this tool is just awesome! Install it! Run it, and say yes to let it create the default script. AutoHotKey has it’s own “language” and I use that term loosely. Here are a couple of helpful thing to note that should get you started. The semicolon is a comment:

; Basic modifier symbols:
; # Windows key
; ! Alt key
; ^ Control key
; + Shift key

This above command will launch the default browser and navigate to Bing when you press: ctrl + alt + shift + b. I don’t think that some of these long hotkeys seem that useful and frankly I will not remember them. There are however times, when, say I’m having to modify text by pressing down, over, over, over, backspace, backspace rinse and repeat. You know what I’m talking about… This is where AutoHotkey comes to the rescue. To do just that you would:


You can even loop and other constructs… just awesome! Go forth and do.

Windows Azure and the Sochi Olympics

In April we, Microsoft, announced we’re teaming up with NBC Sports to deliver digital media using Windows Azure Media Services. I’ve had the pleasure of working on the team at Microsoft that’s making this happen. As you can imagine this has been a very demanding, but exciting project to be apart of. I’ve had many opportunities to learn about Windows Azure and media in general. I hope over the coming weeks to share some of my experiences…

Wednesday I’ll be flying out to Las Vegas to work with the team to insure our users have a great experience…

Windows Azure, Remote PowerShell and the Case of the Unknown Certificate Authority


Recently the folks over on the Azure team released a bunch of improvements to Azure. One of them caught my eye. They’ve provided us a way to enable PowerShell remoting when provisioning a machine. As someone who tries to automate all things I was extremely happy to see this. Gone are the days or creating images with startup scripts set, but there is a problem…

After you provision a machine with the above check box checked. You’ll probably try something like this…


And then you’ll see the following exception:

Enter-PSSession : Connecting to remote server failed with the following error message : The server certificate on the destination computer
( has the following errors:
The SSL certificate is signed by an unknown certificate authority. For more information, see the about_Remote_Troubleshooting Help topic.
At line:11 char:1
+ Enter-PSSession -ComputerName -Port 5074 -Credential $cre …
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : InvalidArgument: ( [Enter-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : CreateRemoteRunspaceFailed

Let’s take a step back and look at what I’m talking about. When you enable this feature, PSRemoting is configured for SSL and uses a self signed certificate. This certificate needs to be added to your root certificate store so that you can access the machine. Let’s do this…


This script creates a ServicePoint to get the certificate. Then adds it to your trusted store. Now your free to “Enter-PSSesion” or “Invoke-Command” all you’d like!

How To: Setup Windows Azure PowerShell

A lot of the demos, lab environments, and test I do are in Azure. I try to script everything so that it’s repeatable and I don’t turn into a monkey clicking next. What fun is that? With that said I’ve put together how I setup my environment for communicating with Azure via PowerShell.

First things first you’ll need Microsoft Web Platform Installer. Once this is installed go ahead and open it. You should see a screen that looks like this:


Click add next to Windows Azure PowerShell and click install.


You should see the Prerequisites screen, click I Accept.


This should start the install. Once it’s complete the module for Azure PowerShell should be installed. It also installed some of the Azure SDK libraries, but this is only part of the story. Now that we have the Azure module installed we need to configure it to talk with our Azure Subscription (by the way you should have one for this to work!). Here again this is something I do a little too often, so I keep a script around that handles everything.

Let me explain what’s going on here. First we import the module you just installed. This will need to be done each time you open PowerShell unless you use the Azure PowerShell shell. [*Hint: Put it in your profile.]  Next we have a couple of options. If you don’t have a certifiate you’ll need to create one. This is where the “makecert” command comes in. Once you’ve created it you’ll need to add this to you subscription. You can do this by uploading the CER file by browsing to “Settings” in the management portal. If you already have a cert you can just import it into your certificate store using the “import-pfxcertificate” cmdlet. Once the certificate is in your store you need to save it to a variable for use later. Go to the Azure portal and get your Subscription ID. Set “MySubId” to that value. The subscription name can be anything really. Your storage account name is also in the Azure portal. Go to storage an you will see one or more accounts depending on how you’re setup. Grab the name of the one you want and use it as the value of “myStorageSubscription” variable. The last two commands are where the magic happens… “Set-AzureSubscription” creates the subscription on your machine. The “Select-AzureSubscription” makes it active. You can have multiple subscriptions!

Now just run “get-azurevm” and you should see a list of VMs you have running.