Tag: Azure AI Fundamentals AI-900 Exam Preparation

I am developing a containerized application that needs to run on demand. I created a Container Apps Job (and the services needed around it), and I can run my container. It fails, which was to be expected. Is there a way to get the console log directly? I know I can see the log entries in the log analytics workspace, but since debugging is enabled there are a lot of entries and it's pretty hard to read. ​ Any way to get the console output of a job that's more readable? submitted by /u/Own_Product6117 [link] [comments]

I'm wondering if I'm completely turning mad or if somebody else had that experience. I understand a lot of people have bad pearsons experience, where they had policy violations for dumb reasons and it revoked their exam. I thought that was happened to me, but nooooooo. The reason is my stupid alarm rang on my phone, which is bad, and I stood up which is dumb (but my phone was away as requested). Proctor warned to not leave the screen, and I started to interact with another proctor to apologize and see if I should even continue the exam at this point. Well not only did I get revoked but ... banned for 1 year to take any microsoft certification ??? This one I didn't see before on the forums. I'm currently on hold waiting for the supervisor of the supervisor (he is checking with his supervisor...). Am I the only one or is that common ? submitted by /u/VoyantInternational [link] [comments]

I'm deploying my project, which uses Next.js 14.1.0, to production on Azure Static Web Apps. I'm using the paid version without any restrictions. However, the server response time of the project is very long, and I frequently encounter 'backend call failure' errors every day. There have been similar issues on Azure GitHub Issues for a long time, but I haven't found any official statement or solution yet. Everything works fine in other environments, but I encounter this error on Azure Static Web Apps. If it's important, the package.json screenshot is as follows. ​ https://preview.redd.it/7syse17bnmwc1.png?width=821&format=png&auto=webp&s=950b386b7c860ac050e5fdb32d0f7090fadac5c2 ​ submitted by /u/cprecius [link] [comments]

Blazor web app .net 8 (Server, not web assembly.) No matter what identifier i user in the azure portal app settings, AzureAd_ClientID or AzureAd:ClientId, It will not find the app setting when deployed unless its a flat value. builder.Configuration.GetValue<string>("AzureAd:ClientID") builder.Configuration.GetValue<string>("AzureAd_ClientID") What am i missing, because i feel like i've exhausted all google searches related to the topic 🙁 submitted by /u/Kegelz [link] [comments]

Have an AFS configured and mapped to a Windows VM in Azure. I have SMB elevated contributor in IAM on the storage account, and I have a number of users in a security group that has SMB contributor. Those IAM role assignments appear to be inherited by the fileshare itself within the storage account. Myself and those users can access the mapped AFS with no issues. The problem is when I try to adjust NTFS permissions on any sub-folders or files in the mapped AFS, I get that failed to enumerate error, can't figure out why. Should I have mapped this AFS via the storage key, and not with my elevated contributor account? It's manually mapped per user, using their own AD creds. submitted by /u/johnnydotexe [link] [comments]

Hello, I manage a significant AD estate (4 x 2012 R2 DCs), over 1000 servers, several thousand users and several thousand client devices. We have enterprise grade infrastructure such as SCCM, Hybrid Exchange servers, internal AD Certificate Services and a ton of legacy debt going all the way back to NT 4 🙁 !! I've been challenged to explore the feasibility of replacing on premise AD and moving it to the cloud just so we can get rid of our data centre. The most viable option I can see is place a virtual DC in Azure (assuming I can get a 2012 R2 VM created in Azure). Entra ID domain services don't look feasible for a complete replacement of on prem AD because: No ability to extend AD schema for apps like SCCM. No support for domain trusts (we have a legacy trust with a 2003 domain). No support for AD Certificate Services. No support for domain admin or enterprise admins. Questionable compatibility with legacy systems (NT4, 2000, 2003, 2008). The main benefit of Entra ID domain services as I see it, is that we could have native cloud applications authenticate directly in Entra with Kerberos or NTLM. Is my assessment valid? Thanks submitted by /u/Thin-West-2136 [link] [comments]

I have been tasked with moving our entire infrastructure over to MS 365. We already use a lot of the 365 services but we want to replace our aging on-prem server and migrate all functionality over to 365. Background: We are a fairly small shop. 1 on-prem Windows Server DC that mainly acts as a file and print server and we use also use AD/DNS/DHCP/GPO. 25 on site users with 30 field engineers. Currently setup as Hybrid Azure. Field engineers don't access the on-prem network at all and are already 100% in Azure. My plan is to: Migrate all devices over to Intune and move the users fully into Azure instead of keeping the hybrid setup we already have Replace GPO policies with Intune configuration policies Printers will be added via Universal Print or PrinterLogic. Files will be moved to SharePoint. (Bulk of files will be hosted in AWS as part of a new business management system we are having developed). My question is: Do I need an Azure server or can Azure/Intune handle everything? I cannot think of a single reason to purchase a server in Azure. submitted by /u/typiclaalex1 [link] [comments]

We have a hub and spoke architecture with a medium amount of spokes connected to it. We already have a VPN gateway in use for P2S VPN located in the hub. we want to replace our current application used to establish S2S VPN with the Azure VPN. Additionally there is the requirement to pass all ingress and egress traffic related to the Site should be passed through the firewall. Now i thought about 3 different options to implement this: Use the existing VPN in the hub and add S2S Connection with proper routing through the firewall. This is possible in general but its possible to bypass the firewall without even noticing it. Routing seems to be pretty complicated to me as we would have to deploy a route for each spoke to the VPN gateway to force the traffic through the firewall as all spoke address spaces are known to the vpn by the peering. Also this is running quickly into the limiation of the 400 Routes per Route Table. Also the deployment of the routes seems to be a bit tricky as we would either write a policy ( im not sure if this is even supported) foreach spoke provisioned or deploy a route before / after the spoke has been provisioned vnet Use SNAT on Firewall / VPN Looks reasonable but we would like to keep the information of the origin of certain traffic without the need to map it via the VPN logs to the original ip. For that reason i dont like the approach. This also needs more conception but didnt digged more into it as I already dont like that the traffic source gets "hidden" Place the VPN in a dedicated spoke. Seems to me the reasonable approach as this traffic can be easily forced through the firewall by using simply a default route on the VPN route table and handle the route to the S2S/P2S VPN via the firewall route table. So some questions related to this and summarize it: What approach would you use for this ? Are there even other options ? Whats the reason in the default hub and spoke architecture provided by microsoft the VPN is placed in the hub itself ? Is it a bad practices to use one VPN for both P2S and S2S VPN ? What may the reasons for that ? submitted by /u/Crip_mllnr [link] [comments]

Hi, The following issue occures when applying Phishing Resistant MFA Conditional Access on all Cloud Apps. The user opens Teams on Android Mobile Phone that has Passkey on it. Teams does not allow user to select any passkey, only Certificate pr Physical Smartcard. If the user opens a web browser then they can pick Passkey, but for Teams apps its a no go as the prompt does not include an option and will never allow a Passkey to be selected. submitted by /u/BarbieAction [link] [comments]

This is the only thread where you should post news about becoming certified. For everyone else, join us in celebrating the recent certifications!!! submitted by /u/AutoModerator [link] [comments]

Hi there! I have a quick question about the AZ-900 exam and im finding SO MANY conflicting answers to how much you need to study and how hard the exam actually is. I have gone through all the microsoft learn material and can get above 90% consistently in the practice assessments. Would that be enough or do you guys reccomend studying more via youtube and such? 🙂 submitted by /u/mikkelmr135 [link] [comments]

Hi all, Recently I started at a new job and I've been requested to roll out company wide MFA. The request was to exclude trusted locations from the policy. I know this isn't the Zero Trust way but I've gotta do it. However, we want to roll out MFA with a grace period for people to opt-in during the grace period. But about half of our users work in-office wich will be registred as a trusted location. This will be excluded, but the one thing I'm not completely statisfied with the fact that when excluded from the MFA due to trusted location users do not get the prompt to register their authenticator. Is there a way to force people to register their account with MFA regardless if they are excluded or not? ​ submitted by /u/Suited043 [link] [comments]

Are the vouchers from the AI Skills Challenge distributed yet? Anyone received it already? submitted by /u/Aggravating-Video316 [link] [comments]

Hi all, Recently I try to manage local administrators with using an inTune policies to replace local administrators. We add the builtin administrator account and a SID Goup from AzureAD. Honestly is working well, but... with all Azure / inTune Sync... just a pain to "wait" right ? I would know if someone already use this method, and if you know : How many time it take ? How I can "foce" this syncing Thanks mates ! submitted by /u/Freddo_aka_5ilv4 [link] [comments]

Hi, I got a admin consent request on an application that I would like a second opinion on. It requires a LOT of permissions, and the user who requested it wants it to deploy some SharePoint templates. When googling it looks like a OpenSource-project that Microsoft refers to (but do not manage). Any takes on this? AppID: 31359c7f-bd7e-475c-86db-fdb8c937548e Permissions: ​ https://preview.redd.it/je0sik021lwc1.png?width=328&format=png&auto=webp&s=68db8a8a42587e88ede9a3202fcb2f9da39dc5fd submitted by /u/dkarlq [link] [comments]

Hello Azure Community, Where i can find high quality PL300 contents and sample questions with high quality? 3 weeks preparing! submitted by /u/sebastiandang [link] [comments]

submitted by /u/rijoskill [link] [comments]

I'm looking to create a DR solution to protect some on prem file shares we have at 3 different locations. All 3 locations have one file server on site and specific to just the site. My goal is to get the users up and running with their files in the share if the server goes down. I have a storage account setup and have 3 file shares inside that. I plan on naming the file shares to the name of the specific site. For one of them I plan on testing out with, I have file sync setup with a sync group. I'm at the point of installing the file sync agent on the on prem server and testing out a sync to the Azure storage with it. My initial thought is to setup a Windows server in Azure with a disk big enough to handle the on prem file share size, and then sync up between the Azure Windows server and the on prem one. Then if on prem goes down, change group policy and send them to the server in Azure. My question is if this is the best way to do this or not. I think this should work fine, but is creating a new server in Azure for each site going overboard? Is there a better way to get them to their synced file share like direct to the storage or such? Less servers to manage is always a good thing if possible. My end goal in the future though is to have them just live and go to the Azure file share. This could be a bit down the road though. Thanks much Edit: I should add that I am very new to Azure so far and our on prem file share uses NTFS permissions and security groups to access certain folders and files on the share. submitted by /u/superuseradmin1 [link] [comments]

I have an isolated vnet that has a Bastion host in it to access a recovery test Domain Controller. Unfortunately, I can't seem to actually connect to it. The Bastion subnet doesn't have an NSG and the VM subnet has a rule allowing RDP for the Bastion subnet. Any ideas on what is wrong? submitted by /u/_benwa [link] [comments]

-SOLVED- Hi, so I am having some issues with getting my azure function to safely and securely withdraw a key or secret from my vault. At the moment I am just trying to figure out what type of auth_level I need and how to manage secure connections. Do I need to set up some sort certificate to approve the hand shake? I incorrectly assumed that all the authentication would be done with in azure when I set up the IAM giving the function read write access to the vault. I have been reading a lot of documentation and asking chatGPT but Alas here I am. Please let me know what kind of information I need to send in order to help gain a decent answer. submitted by /u/dot_equals [link] [comments]