Pleased to renew my Microsoft 365 Expert Certification

I’ve been Microsoft Certified for a long time, over 25 years and I’m used to going round certain certification cycles several times. With recent developments in IT my certification has been rotating around Microsoft cloud. Despite years of SharePoint my first introduction to cloud was via Microsoft Azure and with the first round of that I earned an MCSE : Cloud Platform and Infrastructure back in 2018.

When I joined my current employer in 2018 they were keen for me to demonstrate my skills across Microsoft cloud (at the time – before PowerPlatform grew like it did) and I followed with MCSE : Productivity Solutions Expert in 2018. (At the time there was an annual renewal process that stamped the year so I followed in 2019).

Fast forward to this year and I just completed the two exams to “renew” my cloud certification and gained Microsoft 365 Certified: Enterprise Administrator Expert. I put this off for a while as my comfort zone is more on the Microsoft Azure side of things but it is handy to know how the so-called “Modern Desktop” side of things works!

https://www.credly.com/badges/b804db41-a19e-4146-96c9-060c5e75f24e/public_url

Upgrading the omsagent on Linux

We have really good license coverage in the Innovations Team that I am part of and recently we had Microsoft 365 Defender reporting high exposure on two linux servers. In our case these were two syslog forwarders that we use to give Sentinel visibility of our FortiGate virtual appliances. We use the latter to offer services to IaaS workloads hosted in Azure.

Looking at the device specific recommendations it told us “Update Microsoft omsagent for Linux”. My immediate reaction was to log on to each server and run the only command I know:

sudo yum update

This was fine on one server, the other had run out of space. To cut a long story short, I found that a couple of Azure VM Extensions had failed to install and in complaint were filling the boot disk with logs. I removed the offending extensions and this got space back.

Unfortunately the update made no difference. I’ll clarify what my goal was here; to get the security recommendation in Microsoft 365 Defender to go away. This is a process that can take some days depending on the update cycle between the enrolled Linux Machine and the process that generates the security recommendations. Short story – updating the server did not remove the recommendation to Update Microsoft omsagent for Linux.

So I went hunting for more specific instructions and found information on the Log Analytics agent (aha, so that is what omsagent is!) documentation page on upgrading the Linux agent. This directed me to run the following command (per documentation on 29th March 2022):

sudo sh ./omsagent-*.universal.x64.sh --upgrade

I tried this on both servers, in one case it could not find the script, in the other it appeared to run fine but exited with status 0 (I didn’t know if this was good or bad). It turned out that the script location was different on the two servers and I found the script in a different place. It ran in a similar fashion with a big long list out output and status 0 (still none the wiser).

I checked in again and Microsoft 365 Defender still recommended that we Update Microsoft omsagent for Linux.

So I had a think, and got rid of some of my Linux related caution (I’m not a confident Linux admin) and found myself at the home / source of the agent in GitHub. By this time I had a few tabs open in Edge and I did some command modification to get some context. I ran the following:

rpm -qa | grep omsagent

And the output of this suggested returned omsagent-1.13.35-0.x86_64 which I took to mean I was looking at a server with v1.13.35 whereas at the time of writing, GitHub had a latest release of v1.14.9 . So running the command above had not upgraded to the latest version. So I had assumed incorrectly, my hypothesis then became that I need to run the latest version in upgrade mode, rather than that an older version would automatically update itself to the latest.

So working through the readme on the omsagent for Linux GitHub page I copied the URL for the latest OMS Agent for Linux (64-bit) and ran this with the wget command to download the script i.e.

wget https://github.com/microsoft/OMS-Agent-for-Linux/releases/download/OMSAgent_v1.14.9-0/omsagent-1.14.9-0.universal.x64.sh

Then I ran the new version that I had just downloaded with the upgrade switch thus:

sudo sh omsagent-1.14.9-0.universal.x64.sh --upgrade

This produced an even longer output with lots of messages. When I checked Microsoft 365 Defender that recommendation had been removed for the two syslog servers in question. Job Done!

Epilogue

What I also found out is that the upgrade scenarios for the Log Analytics Agent are interesting and there is interaction with extensions etc. Azure Virtual Machine Extensions also have a short list of very specific events that trigger an upgrade (if the setting is available and set) and that this list is quite small and fairly rare (e.g. sku changes). The choices now available for vulnerability scanning get better each day, in my case following through on those recommendations for Linux can be tricky!

Fun with PowerShell, Azure Automation and Microsoft Teams

I’m currently working on a solution at work which is ultimately a contribution to our process of trying to keep on top of our proof of concept environments usage of networking and in particular ip address ranges. We have a rolling set of Azure Virtual Networks that vary in size from a class C to the occasional class A when we have a silly scale HPC or Kubernetes CNI requirement for a gazillion addresses in a big subnet.

The solution is coming together in very small building blocks and this post is to provide me (and you interwebs folks) with a reference to the filter syntax for List all teams in Microsoft Teams using Microsoft Graph.

Although the automation method shouldn’t really matter for what is effectively a big REST API, you know how it is when you have to translate syntax and fiddle around with quotation marks and things. Anyway, to cut a long story short the rough PowerShell script for List all teams in Microsoft Teams in PowerShell is:

# PowerShell to list all teams in your tenant
# Assumes you have set up your certificate authentication
$appId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$tenantId = "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
$cert = Get-AutomationCertificate -Name 'AzureAutomationCertificate'

# Magic we are doing needs beta apis for the filter to work
Select-MgProfile -Name "beta"

# Authenticate to MS Graph
Connect-MgGraph -ClientID $appId -TenantId $tenantId -Certificate $cert

# Get list of Teams i.e. Groups with the special resource provisioning options set
$teams = Get-MgGroup -Filter "resourceProvisioningOptions/Any(x:x eq 'Team')"
$teamscount = @($teams).Count
Write-Verbose "The number of teams is $teamscount" -Verbose

# Close Connection to MS Graph
Disconnect-MgGraph

A few caveats and notes

  • This isn’t a full working example, in my case I’m using Azure Automation Runbooks and they are very very particular about their outputs and object handling. I’m still working on my translation.
  • It assumes you have done the work to create a self-signed certificate, create the app registration, uploaded the certificate to the app registration *and* set it up in your automation account. (I might do a meta post on this as I found one blog post that had the wrong parameters for the cert generation and generated a cert file of format cer with a pfx extension…)
  • This is being written for an Azure Automation Account in PowerShell, remember to add the relevant modules that are needed. I was adding individual modules as I found them first but you will probably be quicker just using Microsoft.Graph – you will find it in the gallery. Otherwise for the above you will need Microsoft.Graph.Authentication, and Microsoft.Graph.Groups.
  • If your tenant is anything like ours then you will always get 100 as the count of teams, due to the way that the apis manage their output length.
  • The script doesn’t do anything useful but I thought it might help to see the filter syntax

References, Source Material and Inspiration

How life goes in circles

That a significant pointer would be found in a response on GitHub by Darrel Miller is quite fascinating. I met Darrel on the expo floor at Microsoft Ignite in Orlando in 2018 and only really because I was after some “Swag” and had to get a card stamped by various Product Managers and Architects on the Microsoft 365 stand. At the time I was up to my neck in Azure and trying my best to get away from SharePoint (and Microsoft 365) and my discussions with the people on those stands were all to try and get me to talk to Graph and get back in to SharePoint Development with the new SPFx thing.

So it’s taken me about 2 and a half years, but I’m finally getting there. Thankyou Darrel – check him out on twitter etc!

Passed AZ-400 Designing and Implementing Microsoft DevOps Solutions

I’m delighted to say that I passed AZ-400 Designing and Implementing Microsoft DevOps Solutions on Monday November 23rd 2020. After MS-500 this was “fun” if such a thing can be said about a Microsoft Exam.

To prepare I did things quite informally in that I didn’t spend any money on courses or test exams but spent the time to do every learning path from the list on the syllabus page and the additional learning paths from the featured training for AZ-400 on the Microsoft Partner training page.

My method is to create a OneNote section for each exam I target and then I create lists of links to training along with an estimate of how long the training says it will take. The handy thing about the learning paths and profile page is that it counts down as you complete sections, meaning that it feels like you are making progress. When I feel I am on the home stretch I book the exam with however long I feel like I need. With this exam I’ve had the benefit this year of supporting an iOS mobile application development project on the Microsoft Platform which really helped me to understand the build and distribution aspects of that.

I make sure that I do every exercise I can and it was excellent to see how good GitHub is – I’m quite old and have worked with Microsoft technologies since Visual SourceSafe and before the Microsoft acquisition of GitHub. The training that the latter offers is really really good for a free to use resource.

Other than that my take on the exam is that it is a wide ranging topic so the exam is basically DevOps where one part of the solution is a Microsoft product. This means it pivots – you won’t necessarily be using a “Microsoft” build solution like Azure DevOps or GitHub to build your solution if you are developing in Visual Studio and so on.

I enjoyed the training for this exam as it is heavy on automation but also straight forward to follow along with the setup I have. I’m fortunate to have an Visual Studio subscription allocated to me as part of working for a Microsoft Partner and the tooling and Azure Subscription that come with this was essential in completing a number of the exercises on Microsoft Learn as you follow along in VS Code, GitHub, Azure DevOps and Azure in building solutions.

Certification Badge for Microsoft Certified DevOps Engineer Expert
Microsoft Certified DevOps Engineer Expert

I’m up to date with my other Azure Exams so I also achieved an Expert Certification with this pass which is a nice feeling!

Speed up your DNS in the UK – really ?

Being male I’m probably obsessed with fiddling when I could probably spend my time doing something productive. One obsession is tuning (I spent more than the value of my first car on “performance parts”) which I’ve slowly cured over the years and now refuse to modify my cars.

Funnily enough one thing that has made a real difference to my internet performance now that I have broadband is to ignore the popular opinion on websites and actually benchmark my home dns performance and then stick to it.

In my case I’m fortunate to have a decent router that has a caching dns service (rather than simple pass through) and I’ve set this to query the fastest dns server I can get to on my connection. All connections on my LAN point to the dns server on my router by getting the settings through DHCP.

Rather than blindly pointing to Google or Cloudflare, please benchmark your performance by using a DNS performance tool. As I’m very old I like to use GRC’s DNS Benchmark. Yes I’m a Windows user so I probably excluded a bunch of readers but for the rest of us it is a simple .exe and creates an INI file (remember those?) when you create a custom resolvers list.

If you are like me and don’t live in the US then run the program (this is what apps used to be called) and create a custom resolver list, then run a benchmark and adjust your network.

Read and weep – in my case Cloudflare takes ten times as long to resolve an cached dns lookup as my router and Google thirty times as long. Unfortunately the cliche is that the fastest dns is that provided by the vendor of my connection. Your mileage may vary, which is why you should test.

Now to deal with the challenge of dns settings when you have failover between two ISPs!

Passed Exam AZ-500: Microsoft Azure Security Technologies

I’m very happy to share that I passed Microsoft Exam AZ-500: Microsoft Azure Security Technologies yesterday.

Azure Security Engineer Associate Badge

Although I expected a decent result, I had the usual trepidation before the exam and woke up really early on the day. This started building up naturally as the date approached, but in the days leading up to the exam I noticed that the length of the exam was the longest I have seen at 210 minutes. (Part of my preparation methods is to put an appointment in my diary for the exam and location – I’ll write this up as part of my exam prep post one day!). The length got me thinking about labs and things and confirmed when I got the announcement at the beginning of the sitting that it included 1 lab.

A “lab” is a practical test of your skills on a particular subject and although it’s getting on for a year or so that Microsoft Azure exams have included labs, so far I’ve not had any and I was a bit nervous.

I progressed through the various sections steadily and I kept an eye on the clock. I’d read a few horror stories of candidate’s time keeping going awry and them running out of time. As it was I didn’t get too bogged down and proceeding at my usual pace. The curve of dread was quite amusing (in hindsight) and peaked about a third of the way in to the exam as I got a bit stressed at what I didn’t know. Then as I progressed through the questions it settled down as I encountered elements that I was confident in.

The practical test came at the end and I had over 2 hours left and actually began to enjoy that part. I’ll admit that I just used the portal to complete my activities but was reassured that the direction giving acknowledged that certain parts would take time to complete and that I could progress with the tasks as needed while it waited. I’m fortunate that my “day job” has a lot of hands-on work and I’m logged in to an azure subscription almost every day (after elevating my permissions through privileged identity management!). I applied the same deliberate pace and double checked each setting and user. If I was to build a test system against a live portal then I could imagine the type of process that I would interrogate the Azure Resource Model to check that configuration had been carried out correctly. This is just the same as naming conventions and azure policy checking so at each pivotal point I paused and made sure that I was reading things correctly – just like following a technical design. In a real life situation I would also use scripting as a confirmation step but took a pragmatic approach with the tools I had.

I was ambivalent at the end and it doesn’t do to be overconfident, and the lab introduced another twist at the end. I clicked the Finish Exam button and the response came back almost immediately:

‘Thank you for taking this Microsoft Certification exam. Your test results will be available once scoring is complete. You may exit the exam now without affecting the scoring process by clicking the “End” button. Your score report will be available online in your Microsoft Learning dashboard at www.microsoft.com/learning/dashboard

Talk about an anti-climax and it even sent it to the printer (the chap at the test centre asked if I really wanted to keep it!). So I was a little high and dry and while in limbo decided to get the bus back to the office while I waited and then I collected my stuff from the locker and fired up my work phone for the colleague support network on Microsoft Teams!

Anyway to wind forward I was about 10 minutes in to my bus journey when the congratulatory email came through on my phone and I was able to see my score report. Although it doesn’t really matter, the score was a good 100 points over the pass mark which I’m happy about as it’s content I should know in my day job.

My thoughts on the exam – here’s a summary without any NDA busting:

  • Like the admin exam the exam outline calls out the Azure services that will be included and these will be in the exam. Inevitably this is not everything that the extensive platform provides and this is a relief!
  • The exam has good coverage of the built in protection in Virtual Networks and Azure AD. Unlike the real world where you might have federation or Network Virtual Appliances in the mix, this exam rightly focuses on the “out of box” provision.
  • Time management is crucial in giving yourself space to address the lab. That said my first lab was a really good experience – it was actually the easiest part of the whole exam to understand and answer as it covered things I do almost every day. The flip side was that it took me as long to do the single lab I had as it did to answer the other sections.

And finally, as well as building on the other hands-on work (and exams) the preparation material I used for this exam was:

  • Featured training for exam AZ-500 – as a certification that counts towards a Microsoft Partner Competency, it is called out by Microsoft.
  • Skylines Academy AZ-500 Course – Nick Colyer’s course on udemy has a good step by step coverage of most of the content. As ever remember to follow along in your own portal. I bought it months ago during one of the regular sales on the platform.
  • Skylines Academy AZ-500 Practice Questions – this came through as I was in my latter stages of preparation. About 60 odd questions and a good way to poke me out of exam fatigue. Not a huge number but again so cheap that it was a no brainer to further my learning.
  • Pixel Robots bunch of links for AZ-500 – this saved a bunch of time looking for references but compared to some of Richard’s other blog posts is a little out of date at the time of writing.

Of course you should spend lots of time in the Azure Documentation as this is an awesome reference and gets lots of feedback through GitHub. I also found a pluralsight path for AZ-500 but at a total of 42 Hours when I looked there was no time I would be able to cover it all in the time I wanted to spend.

Azure DevTest Lab Artifact Secure Channel Error

As part of my work in Azure Architecture and Operations we make extensive use of Azure DevTest Labs as they are a useful way to facilitate end user compute for advanced users like Developers and Data Scientists.

In that we tend to use the Azure Data Science Virtual Machine as it includes a whole bunch of tools that cover 90% of our end-user needs and it is very easy to provide secure access with a self-service element and maintain control while managing the demand on our small team.

Recently I was preparing a lighter machine based on a Windows 2016 image with just the tools we required for 6 months of Python related development. Many of the sample artifacts make use of Chocolately which is really handy for deploying applications as there is a great library of packages.

I developed and tested the Artifact set last week but when it went to initial UAT it failed with “ERROR: Exception calling “DownloadString” with “1” argument(s): “The request was aborted: Could not create SSL/TLS secure channel.”.

I traced this to the Ensure-Chocolatey function and specifically the line that downloads and runs install.ps1 . Hunting around the internet let me do a discussion about TLS versions and that the webclient defaults to TLS 1.0. I wasn’t able to confirm this in the environment I had but I was able to check SSL on the chocolatey target using ssl labs i.e. https://www.ssllabs.com/ssltest/analyze.html?d=chocolatey.org

This indicated that the server the machine was connecting to was only accepting TLS 1.2 and above. I forced the script to use this using [Net.ServicePointManager]::SecurityProtocol¬†=¬†“tls12” above the webclient call and this fixed the issue for the time being.

Update 04/02/2020

In examining the pull request 613 related to this in azure devtest labs I discovered that Chocolatey previewed the change in their blog post Removing Support For Old TLS Versions On The Chocolatey Website.

My year in Microsoft exams 2019

I completed my last Microsoft exam of 2019 a week ago with a successful attempt at MS-900. With December approaching and a two week vacation approaching I’m taking a little rest before diving in to preparation for my next exam. I have AZ-500 booked for the earliest opportunity at a local test centre which turned out to be February.

A year is a long time and with a couple of significant personal events in 2019 I’d forgotten how much I’d achieved.

Azure Architecture AZ-30x exams

I began the year with Exam AZ-300: Microsoft Azure Architect Technologies as my second iteration of Azure Architecture exams (having done 70-534: Architecting Microsoft Azure Solutions in my first iteration). That was followed just over a month later with Exam AZ-301: Exam AZ-301: Microsoft Azure Architect Design.

I’ll be honest and say I don’t remember a huge amount about the exams (a family bereavement in April being the probable reason) but historically I’ve enjoyed them as they really make you think about how to use Azure technology.

Passing these two exams obtained Microsoft Certified: Azure Solutions Architect Expert.

Managing SharePoint 2016 Server

I started the year with hopes to get another year for my MCSE Productivity but personal events somewhat got in the way and I struggled with this one, mainly due to it being outside of my current core working set and because the real world needed attention at the time.

I’ve got a post dedicated to this one but needless to say, my repeated attempts reduced my run rate somewhat.

Everything is an experience and I really benefit from an understanding employer who doesn’t add to the pressure I put on myself. The last time I had a challenge like this was with 70-532: Developing Microsoft Azure Solutions which was my last exam nemesis!

The low run rate meant that I missed a mini goal of grabbing the transition exam for the new MS pieces but to be honest I just had to let it go. Sometimes the pace of the transition exams doesn’t allow enough time between personal life and exam centre availability.

Passing this exam refreshed for 2019 my Microsoft Certified Solutions Expert: Productivity.

Microsoft Cloud Fundamentals

So I found myself in November and with life settling down I decided to hit two of the fundamentals exams as my employer had an initiative to get everyone through AZ-900: Microsoft Azure Fundamentals and was paying a one-off bonus for this and the other cloud fundamentals exam MS-900: Microsoft 365 Fundamentals.

The first gave me a bit of a jolt as I didn’t sail it like I thought I would, so I worked harder and got a bit more of a respectable pass in the latter. (See – technically a pass is a pass but I still measure based on score!?)

Passing these exams got me certifications for Azure Fundamentals and Microsoft 365 Fundamentals.

2019 my exam year

  • Number of exams passed in 2019 : 5.
  • Number of exams sat in 2019 : 7.
  • Certifications Gained / Refreshed in 2019 : 4.

Passed AZ-900

I’m happy to say that I’ve passed AZ-900 as part of my employer’s initiative to have everyone go through the Azure Fundamentals exam. This is a recognition that cloud is a core part of their business.

My thoughts? I perhaps underestimated the exam and although I passed well I didn’t ace it. I’ve scored more in other “harder” exams so I’d recommend what I try to tell myself – look through the actual product being tested (Azure Portal Features) and if you want to score more you’ll have to remember some of the detail of features and charging structures. I think the classic learning tips of What? How? When? for each exam objective will serve you well.

I’m beginning to realise that all of the exams are treated seriously and a pass (even for fundamentals) actually means something. Respect to my non technical colleagues and a little nudge to myself to treat things seriously!

I passed Microsoft Exam 70-339 Managing Microsoft SharePoint Server 2016

I’m really happy to say that I (finally) passed 70-339 Managing Microsoft SharePoint Server 2016 on Friday after a couple of failed attempts. This was my 32nd exam pass and my first time pass percentage is quite high, mainly as I tend to be very careful about booking exams when I think I am well and ready for an exam. So what was different this time ?

1. I didn’t respect the exam

I think a run of first time passes on exams made me a little complacent and I relied too much on the good results I got with the official practice exam. I should have remembered how hard I found the breadth of the previous generation of SharePoint exams and though about the implications of a single exam for the whole product (there used to be two administrative exams for each version of SharePoint). I probably came short and should have thought harder about the implications of elements in the exam outline.

Having the product in front of you to try things out is also a proper lesson well remembered.

2. Study and exams don’t exist in a bubble

When I failed first time I took the standard approach and booked for a couple of weeks after, on the basis that my fail mark was just short of the required pass mark. Then some family stuff came up which meant that I didn’t get a lot of sleep the night before the exam and had a lot on my mind. This happens and there isn’t a lot that can be done; life is unpredictable and it’s important to work to live rather than get things the wrong way around. Reflecting on this made me think about my attitude during preparation and what techniques and methods might help with all of the aspects of my life.

3. Sit exams when you know stuff

This inelegant heading refers to my experience that sitting exams on subjects that directly relate to your day job is so much easier than others. I’ve not been working daily with SharePoint 2016 since my last job and I think that even that was focused on a narrow band of deployment. Both this exam and 70-532 Azure development were tough and that was because I didn’t have the day to day depth in a subject area like I have with Azure Architecture and Administration. Stretch targets are good but they need the work.

4. Sit exams when they are current

What I mean by this is that there is a natural curve to an exam lifetime. Some Microsoft exam areas are particularly current like the Azure Administration and Architecture exams and apart from tweaks to the platform will be active and up to date. I think the perfect set of circumstances is a year or so after an exam goes live in a technology that is in wide use. Contrast this to 70-339 which has been available since mid 2016 and relates to a product which has undergone a fundamental change in delivery – most users of SharePoint will now use the online product.

The other thing (excuse) is that the online documentation has shifted to the next iteration of the product and a whole bunch of historical items have got harder to find. To be blunt with myself I think this highlights that you need to have hands-on access to the product for proper study and in not doing this I set myself up (see point 1). That said, the exam outline still has the objective “configure connections to Access Control Service” which at the time of writing has been retired for almost a year!

5. Back off and regroup

Like my car driving test (I love driving!) sometimes I have to work hard to achieve something and sticking at it is a test of personality. Unfortunately due to what must be a bit of a personality defect it can take a couple of fails for me to realise that I have to buckle down and examine my strategy. In the case of 70-339 I waited a month or two after my second fail to have a think, see how things were going and take a bit more time out. In something I think is like a classic retry pattern I introduced a delay. Of course in development the delay would be a bit more regular in nature but hopefully you get my point.

In summary

I’m now going to pick off the two Microsoft cloud fundamentals exams for a bit of light relief and in support of my employer’s plan to have everyone in the company certified in AZ-900 and I’m also planning to do the next generation of the expert certification in Microsoft 365.

As it was the SharePoint pass gave me the 2019 badge for my MCSE in Cloud Productivity – perhaps this was my last 70-XXX exam!