Category Archives: Azure

Onboarding Linux Client (DEEPIN) to Microsoft Azure Threat protection ATP using ubuntu repository

Installing Microsoft Azure Threat Protection (ATP) on Linux Devices

While playing with ATP on some windows devices, I was in the mood of trying the new Deepin 20 desktop flavor which is a famous Chinese Linux OS based system.

Microsoft doesn’t indicate anywhere that installation of ATP on a Linux client is possible but Linux server is mentioned in the official ATP installation documents.

How to Install?

After I installed the Deepin OS, I was really impressed by the new beautiful Linux design so I plan to use it and have it secure with ATP.



  1. Configure the Linux software repository for Ubuntu and Debian
  2. Application Installation
  3. Download the onboarding Package
  4. Client Config

1-Configure the Linux software repository for Ubuntu and Debian

You will need to install the required libraries, install Gpg, apt-transport-https and update repository metadata using the following commands one by one.

  • sudo apt-get install curl


  • sudo apt-get install libplist-utils



  • sudo mv ./microsoft.list /etc/apt/sources.list.d/microsoft-ubuntu.list
  • sudo apt-get install gpg




After successfully installing all the libraries, I will go ahead and install the application

2- Application Installation

From the Linux client Terminal using sudo power user run the following script

sudo apt-get install mdatp


Once finished, You can go back to the ATP portal and download the Linux Onboarding package on the linux server/client you want to onboard

3- Download the onboarding Package

Since I am doing a single deployment not bulk, then I will go to the Microsoft Defender Security Center’s setting page and download the Linux package from the device management section.


The steps for the onboarding is already mentioned on that page so after you download the script you’ll know exactly what to do next.

The file is 9kb python in size


Copy the file to your Linux Desktop


4- Client Config

From the terminal type in chmod a+x and hit enter

Note: python must be installed on this linux dervice.

Then type python /


This will run pretty quick and will assign your Linux server/client with your Organization ID.

To see the Organization ID type:

mdatp –health orgId


Few minutes later you’ll be able to see the installation completion and the status through this command

Check if WDATP is functioning as expected

mdatp –health healthy


Check if WDATP agent is enabled

mdatp –health realTimeProtectionEnabled


Let’s check on our ATP portal and see if the machine is showing there.

Note: It might take 5-15 mins to update the definitions of WDATP when onboarding.


Running a detection Test:

curl -o ~/Downloads/


In few seconds the file has disappeared


Checking for threats

mdatp –threat –list –pretty


Let’s see this on the ATP Portal



This is just a test malware not a real one therefore it wont harm your machine at all.

Hope this helps you with your deployments


Deepin 20 Beta version

Azure RDWEB page is blank when accessing it with authorized users

Blank page on RDWeb for users

When you have finished deploying Azure WVD machines and added those machines in the correct hosts you might fall into this error by a chance and not easily be able to understand or see it.


During the creation of Host Pools and AppGroups you might want to create your own fancy Host pool names and app group names, This is something normal but not when you want to use Azure WVD.

What Happens?

When you create an app group name other than the ones already existing (Desktop Application Group) you have to make sure that you would type this group name into the ARM Template since while deploying the VMs and typing the template would choose the default Application Group Name.


Error 1

The connection to the remote PC was lost. This might be because of a network connection problem. If this keeps happening, ask your admin or tech support for help.



Error 2

User is assigned to the wrong Application Group

add-RdsAppGroupUser : The specified UserPrincipalName is already assigned to a RemoteApp AppGroup in the specified HostPool.

ActivityId: feb39a7b-b74f-49d3-a100-1fc22ec66454

Powershell commands to diagnose the failure:

Get-RdsDiagnosticActivities -ActivityId feb39a7b-b74f-49d3-a100-1fc22ec66454

At line:4 char:1

+ add-RdsAppGroupUser -TenantName cagriandMoh10ly -HostPoolName WVD-Hos …

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo : FromStdErr: (Microsoft.RDInf…RdsAppGroupUser:AddRdsAppGroupUser) [Add-RdsAppGroupUser], RdsPowerShellException

+ FullyQualifiedErrorId : UpnAlreadyHasRemoteAppAssignment,Microsoft.RDInfra.RDPowershell.AppGroupUser.AddRdsAppGroupUser



Remove the user from the other application group and add him to the one where you have your RdsSessionHost that you would like your users to access.

Connect to Azure-AD first and run the following command, Make sure you specify the AppGroupName that you want to remove your users from and the AD Group that’s relevant to those users.

foreach($UPN in (Get-AzureADGroupMember -ObjectId ((Get-AzureADGroup | Where-Object DisplayName -Like “WVDUsers”).ObjectId)).UserPrincipalName)


Write-Output $UPN

Remove-RdsAppGroupUser -TenantName cagriandMoh10ly -HostPoolName WVD-Host-Pool01 -AppGroupName “Desktop App Group” -UserPrincipalName $UPN



Add the Users again and see what happens

foreach($UPN in (Get-AzureADGroupMember -ObjectId ((Get-AzureADGroup | Where-Object DisplayName -Like “WVDUsers”).ObjectId)).UserPrincipalName)


Write-Output $UPN

Add-RdsAppGroupUser -TenantName cagriandMoh10ly -HostPoolName WVD-Host-Pool01 -AppGroupName “Desktop Application Group” -UserPrincipalName $UPN



Refresh the RDWEB Page and see if you can access your host



The same desktop came back since we are using FSLogix profile container


Reset Azure VM Admin password with Domain Controller installed

Active Directory Admin Password

We had a security lab on Azure with 12 machines, It included 2 DCs and 10 other machines of different OS and had RDP closed on all the machines except one machine to use.

The Password was set for something simple however it seems that someone has changed it and no one was able to access the domain controller anymore nor any of the machines.

I had another user created for backup but it seems that user was also changed.

The usual method of resetting Azure VM is going through portal or PowerShell

Resetting Via Azure Portal

When you try to reset the password from Azure Virtual machine itself. If the VM has Domain Controller it will fail to reset the password with the following error:

Failed to reset RDP configuration

VM has reported a failure when processing extension ‘enablevmaccess’. Error message: “VMAccess Extension does not support Domain Controller.” More information on troubleshooting is available at


Through PowerShell

To reset a password, we first need to define the VM we’re working with. To do this, we can use the Get-AzureRmVm cmdlet. I’ll go ahead and assign variables to both the VM name and the resource group since we’ll need to reference those later, as well.

$resourceGroupName = 'YOURRGHERE'
$vm = Get-AzureRmVm -Name $vmName -ResourceGroupName $resourceGroupName

Next, we’ll need some way to pass the username and password into the script. A great way to do that is through the Get-Credential cmdlet.

$credential = Get-Credential

Once the credential is saved, we can then execute the command to actually make the password change using the variables we set earlier. Notice we had to use the GetNetworkCredential() method on the pscredential object. This method will not work if the credential is retrieved from another computer or from another user account. This shouldn’t be a problem, though, since you’re likely to execute this in a single script.

$extensionParams = @{
    'VMName' = $vmName
    'Username' = $Credential.UserName
    'Password' = $Credential.GetNetworkCredential().Password
    'ResourceGroupName' = $resourceGroupName
    'Name' = 'AdminPasswordReset'
    'Location' = $vm.Location

$result = Set-AzureRmVMAccessExtension @extensionParams

Once this completed (hopefully successfully), the VM will need to be rebooted. We can do that by using the Restart-AzureRmVm cmdlet.

$vm | Restart-AzureRmVM

While this PowerShell script might work with a normal VM, It will not work with a DC and would result in the same error as in the portal.


The solution is to write a script which would run through the CustomScriptExtension that you can deploy from the Azure Portal on the intended VM that has the Domain Controller Deployed on it.

Once you get the script ready to change the administrator Password you can upload the script and deploy it.

Let’s get the script ready and demonstrate these steps one by one.

– On my Computer I will write a tiny script that will say

Net User domainadmin Adm!nPassw0rd1


– Save the file on your desktop for later use. Go to Azure Portal, Virtual Machines and select your Domain Controller.

– Go to Extensions.

– Click on Add


– Select Custom script Extension


– Click Create

– Browse the PowerShell script on your Desktop.

– Select Storage Account

– Select an existing container or create new one

– Upload the file to the container







Once deployed, it’ll take few mins to reset the password and you don’t have to restart the server.

Through PowerShell


After this I was able to access the machine again using the new password in the script.


Deploy Azure Linux and Windows servers in 10 mins via cli

This is a step by step guide about deploying Linux or Windows servers on Azure via CLI.

Why Cli?

Some people prefer using Linux rather than PowerShell and it seems sometimes easier and faster to learn esp if you’re not GUI type of person.

Installation Options

If you’re working on Windows and would like to use CLI, you’ll have two options to install CLI

Option 1

Run Azure CLI installation directly from your Powershell (PowerShell needs to run from a privileged account)

Invoke-WebRequest -Uri -OutFile .\AzureCLI.msi; Start-Process msiexec.exe -Wait -ArgumentList ‘/I AzureCLI.msi /quiet’

As soon as you run this command, it’ll take about 5 mins or less depending on the connection you have.


Option 2

Download the MSI file directly from MS’s link and install it on your Computer.

Connect to Azure CLI from PowerShell

Run PowerShell or CMD and type the following command to connect

Az Login then hit enter

As soon as you type this, a web page will be launched asking you for your Azure Account credentials so open the session for your Cli window.

The moment you verified your account, PowerShell will list your azure plans that you have / had before.


If you’re going to use Linux (Ubuntu, Debian) flavor then you’d have to following the following instructions

Manual install instructions

If you don’t want to run a script as superuser or the all-in-one script fails, follow these steps to install the Azure CLI.

  1. Get packages needed for the install process:


    sudo apt-get update
    sudo apt-get install ca-certificates curl apt-transport-https lsb-release gnupg
  2. Download and install the Microsoft signing key:


    curl -sL |
        gpg --dearmor |
        sudo tee /etc/apt/trusted.gpg.d/microsoft.asc.gpg > /dev/null
  3. Add the Azure CLI software repository:


    AZ_REPO=$(lsb_release -cs)
    echo "deb [arch=amd64] $AZ_REPO main" |
        sudo tee /etc/apt/sources.list.d/azure-cli.list
  4. Update repository information and install the




    sudo apt-get update
    sudo apt-get install azure-cli

Run the Azure CLI with the


command. To sign in, use the az login command.

  1. Run the



    Azure CLI

    Try It

    az login

    If the CLI can open your default browser, it will do so and load an Azure sign-in page.

    Otherwise, open a browser page at and enter the authorization code displayed in your terminal.

  2. Sign in with your account credentials in the browser.

To learn more about different authentication methods, see Sign in with Azure CLI.

Deploying Linux (CentOS):

Creating a Resource Group for Azure Container Instances (ACI)

We will start first by creating a Resource Group for our Machine, calling it a AzureLinuxServersGroup to easily identify that this group contains our Linux Servers

az group create –name AzureLinuxServersGroup –location westeurope


Next we will be creating a container to contain the Linux OS on the resource group which we have just created

First, How we know which Image to use and if that will be proper for our deployment?

To answer that, we will use the following command which will view the available latest edition Linux OS with different flavors.

I would like to use CentOS since its identical to RedHat and used by majority of Enterprises.

To list the Images, Enter the following command

az vm image list –output table


Notice there are many columns, The one which we are going to use in terminal command line is the UrnAlias. It’s important to remember this.

az vm create \

–resource-group AzureLinuxServersGroup \

–name AzureCentOSWP \

–image CentOS \

–admin-username Moh10lyUser \



Since we are using Bash, It’s a case sensitive and it complained about user having capital letters. So we’ll go ahead and use small letters


After running the command with small letters, it’s telling us where we can find the keys in order for us to reach and get them to use later to login to this newly created machine.

SSH key files ‘/home/moh10ly/.ssh/id_rsa’ and ‘/home/moh10ly/.ssh/’ have been generated under ~/.ssh to allow SSH access to the VM. If using machines without permanent storage, back up your keys to a safe location.

The deployment of the machine takes about 3 mins, and it’ll be created with the default minimum resources. Let’s view


Our machine is ready to be accessed now


In order for you to get the SSH Keys, you’ll have to have a bit of knowledge

I am going to go the location mentioned previously after creating a machine and copy the keys from the bash screen into a file. Save the file and Import it into SSH client which I will be using (Bitvise in my case).

From the bash screen goto cd /

Cd /home/user/.ssh/

Cat id_rsa hit enter and copy the key and save it into notepad.

Cat and copy/save into a notepad as the public key.


After loading both keys, I was able to successfully login to the Server




Get a list of Azure VMS

az vm image list


Let’s List and deploy a WordPress on CentOS

To view the list of available CentOS images, we’ll use the following cli command

az vm image list -f CentOS –all

The image needs to be grabbed from dockerhub URL


az container create –resource-group mohazbackupgroup –name mohcontainer –os-type Linux –image cognosys:wordpress-with-centos-77-free:wordpress-with-centos-77-free:1.2019.1008 –dns-name-label azmohlinux –ports 22

Create Windows Server core with IIS

az container create –resource-group mohazbackupgroup –name mohcontainer –os-type windows –image –dns-name-label azmohlinux –ports 22ws/servercore/iis:nanoserver –dns-name-label azmohiis –ports 80


Here we go I got a machine ready (took about 5 mins)


To delete the container, you can write the following

az container delete –resource-group mohazbackupgroup –name mohcontainer



Stay tuned for more articles about Azure.

How to Bulk Delete Exchange Online Distribution and Office 365 groups

Part of Office 365 security auditing is to ensure that all users and groups in your organization are created for a purpose of which you’re aware of and can control these users, groups.

After auditing groups on Office 365 Exchange CP, I noticed that it’s not possible to bulk or multi delete groups from CP and it has to be done one by one or go through the better and more professional way of using PowerShell.

Create CSV for groups to be deleted:

In order for you to delete multiple groups at once you’ll need to first create file with the groups that needs to be deleted. Download the CSV from Groups tab in Exchange Admin Center as in the below screenshot.


Once you download the file you can create a new column where you’ll highlight the once to be deleted and export the csv after filtering the once to be deleted.


Connect to Office 365:

Once you’ve got the file ready, You only need to connect to Office 365, You might want to make sure you have an App Password created with the privileged account if your MFA is enabled to delete/create groups or users.

To create an app password you must login to your account and follow these steps

After logging in to Exchange Online ( Office 365 ) you will be able to bulk delete groups using the following script

# This script deletes selected groups imported from csv file “Groups-to-delete.csv”
# CSV file contains the following
# Group1(ADEO),Distribution list,,yes
# Make sure you use an APP Password to authenticate Exchange Online
$cres = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $cres -Authentication Basic -AllowRedirection
Import-PSSession $Session
$groups = Import-Csv “C:\Users\groups-to-delete.csv”
foreach ($group in $groups)
$GroupID = $Group.Email
$State = $group.STATUS
If (Get-DistributionGroup -Identity $GroupID){
Write-Host $DN exists and will be deleted -ForegroundColor Green
Remove-DistributionGroup -Identity $GroupID -Confirm } else
Write-Host $DN “Group doesn’t exist”


Delete Office 365 Type Groups:

In the case you have Office 365 type groups, Those groups are not considered Exchange groups and they don’t reside in Exchange server but Azure AD and they must be deleted from there. Assuming I want to delete some Office 365 groups that has name (Kaizala) in their display name.

First let’s connect to Azure AD, which will allow you to see the Office 365 groups and be able to delete them.

Connecting to Azure AD


Let’s get the Kaizala groups and see if the powershell command will show us the result positively.

Get-AzureADMSGroup | Where-Object {$_.displayname -like “*kaiza*”}


Let’s delete these groups using this cmdlet

Get-AzureADMSGroup | Where-Object {$_.displayname -like “*kaiza*”} | Remove-AzureADMSGroup



After deleting, now we can see that Kaizala groups are all deleted.

NOTE: Microsoft will keep those groups for a day if you mistakenly have deleted them you’ll be able to recover them from ECP.

If not, They will remain in the Recycle bin for 30 days before permanently getting deleted.

Hope this article helped you.

Connect-MsolService fails with Exception of type was thrown

If you are working on Windows 10 and try to connect to Microsoft Online PowerShell you might get exposed to couple of failures and errors.

The first error that would appear is the following:


Connect-msolservice : Exception of type ‘Microsoft.Online.Administration.Automation.MicrosoftOnlineException’ was
thrown PS C:\WINDOWS\system32> $msolcred = get-credential

Cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
PS C:\WINDOWS\system32> connect-msolservice -credential $msolcred
connect-msolservice : Exception of type ‘Microsoft.Online.Administration.Automation.MicrosoftOnlineException’ was
At line:1 char:1
+ connect-msolservice -credential $msolcred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : OperationStopped: (:) [Connect-MsolService], MicrosoftOnlineException
     + FullyQualifiedErrorId : 0x800434D4,Microsoft.Online.Administration.Automation.ConnectMsolService

The first thing that came to mind was the MFA that Microsoft has forced during this month. So I created an app password and tried it but that didn’t work neither and I got the following error


PS C:\WINDOWS\system32> $msolcred = get-credential

cmdlet Get-Credential at command pipeline position 1
Supply values for the following parameters:
PS C:\WINDOWS\system32> connect-msolservice -credential $msolcred
connect-msolservice : The user name or password is incorrect. Verify your user name, and then type your password again.
At line:1 char:1
+ connect-msolservice -credential $msolcred
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     + CategoryInfo          : OperationStopped: (:) [Connect-MsolService], MicrosoftOnlineException
     + FullyQualifiedErrorId : 0x80048821,Microsoft.Online.Administration.Automation.ConnectMsolService

I checked the following links on google to see if I am up to date

Apparently the only thing not mentioned is how to update the MSOnline module on your computer, Microsoft requires Latest module of MSOnline 1.1 in order for you to connect.

Get-Module MSOnline


Solution 1:

In order for you to get this to work, You need to update the module manually using Powershell with Administrative Privileges.

First Find the module and make sure it reads the latest version which is supposed to be different than the one installed on your PC.

Find-Module -name MSOnline


Trying to Install MSOnline using the following CMDLet resulted in a warning that I am using version 1.0 and need to use –force parameter.

Install-Module -Name MSOnline


Solution 2:

Instead, I used the following cmdlet to force installation of version but also ended up with an error stating the following:

Find-Module -name msonline |Install-Module –Force


PackageManagement\Install-Package : The following commands are already available on this system:’Add-MsolAdministrative

Solution 3:

The parameter which resolves the issue is the –AllowClobber, AllowClobber Overrides warning messages about conflicts with existing commands. Overwrites existing commands that have the same name as commands being installed according to MS’s article.

Find-Module -name msonline |Install-Module -Force –AllowClobber

You should now close Powershell and relaunch it as administrator and the moment you type Connect-MsolService you should get a window asking for your credentials.




Symptoms: You may notice that when you try to run the Sync command DirectorySyncClientCmd it doesn’t do anything and just closes right away.

If you open your Event viewer you may notice that you are getting the following event


Failed while Purging Run History
Invalid namespace
at System.Management.ManagementException.ThrowWithExtendedInfo(ManagementStatus errorCode)
at System.Management.ManagementScope.InitializeGuts(Object o)
at System.Management.ManagementScope.Initialize()
at System.Management.ManagementObjectSearcher.Initialize()
at System.Management.ManagementObjectSearcher.Get()
at Microsoft.Azure.ActiveDirectory.Synchronization.DirectorySyncClientCmd.Program.PurgeRunHistory(TimeSpan purgeInterval)
at Microsoft.Azure.ActiveDirectory.Synchronization.Framework.ActionExecutor.Execute(Action action, String description)
at Microsoft.Azure.ActiveDirectory.Synchronization.DirectorySyncClientCmd.Program.Main(String[] args)


This happens when the WMI object had unregistered itself which might be caused by another tool installed or uninstalled at the time when the problem started to occur.


To resolve the issue, you ‘ll have to run few command lines… each are explained below

mofcomp “D:\Program Files\Microsoft Azure AD Sync\Bin\mmswmi.mof”

As it shows in the command screenshot below the ‘mofcomp’ parses the MMS (FIM) wmi file and goes through the process of adding the classes  to the WMI repository.


regsvr32 /s “D:\Program Files\Microsoft Azure AD Sync\Bin\mmswmi.dll”

Registers the WMI mmswmi.dll file to the server.


net stop winmgmt /y


net start winmgmt
net start “IP Helper”
net start “User Access Logging Service”
net start “Microsoft Azure AD Sync”


D:\Program Files\Microsoft Azure AD Sync\Bin\DirectorySyncClientCmd.exe”







Download VM (VHD) from Azure and uploading it to Google cloud and get it working..

In order to Download an Azure Virtual machine and make it possible to upload it and get it to work on Google cloud, I am going to export a working virtual machine with Ubuntu 15.4 server version on it with WordPress installed and functioning.

First I’ll have to have Azure PowerShell installed on my Windows PC before starting, If you don’t have it you can download it from the following link below.

1: Download the VHD from Azure.

First i’ll install Azure model from the following link

Launch the azure PowerShell as an administrator use the following cmdlet which will launch an Internet page that will direct you to login to your azure subscription to download a setting file.



The page will look like this and should automatically download the file to your Download folder…


Then when the file is downloaded, Navigate to the download folder and import the subscription using the following cmdlet

Import-AzurePublishSettingsFile ‘.\Visual Studio Premium with MSDN-10-9-2015-credentials.publishsettings’

Now I will get my Virtual machine’s storage blob link from the Azure portal, I’ll press on the arrow next to the VM’s name


I’ll click on Dashboard


Then scroll down to Disks


I’ll hover the mouse over the VHD link and copy it



Here’s my machine’s link

In a script like this I’ll add it as a source

$sourceVHD = “

Then configure the destination which is going to be a path to my F root disk

$destinationVHD = “F:\ubuntu-downloaded.vhd”

Next I’ll start downloading with the following command

Save-AzureVhd -Source $sourceVHD -LocalFilePath $destinationVHD


Here the download has already started



2: Convert AZURE VM from VHD to RAW

Once the file downloading is finished, I’ll have to install VirtualBox from the following Link (it works on Windows 10 as well) and it’s needed as it has conversion tool.

I’ll install Oracle Virtual Box to the default installation path.


Next I’ll download the following tool VBOXHDTOOLS from the following link and install it.. (It uses UI instead of command line for the conversion)


Now to convert the machine from VHD To the extension that fits to Google cloud (RAW) I’ll have to run the VBOXHDBOX tool as an administrator

The tool comes normally in Spanish language, so I’ll transfer it to English

Click on Archivo – Confuracion – > Idioma -> English


Now I will choose the source VHD that I want to convert and the destination file and the type “RAW”


Once you click Clone, the conversion will start but will take some time depending on the size of the VM and the speed of your Disk (SATA or SSD)


When the conversion has finished and the RAW file is ready, we’ll have to do the following steps which is also documented In the below Google Link on how to import a virtualbox image


3: Import a VirtualBox image

From <>

STEP:1 I’ll have to Download, install, and authenticate the Google Cloud SDK:

Since I am running a Windows machine then I won’t be able to use some commands in the document by google like Curl and Tar ..etc so I’ll have to download the Google cloud SDK from the following link and install it first…


I’ll install python as well which is required for the Gcloud SDK


Once the installation is finished I’ll let it run the Google SDK shell



Second Step : Authenticate

I’ll login and authenticate my Google cloud account (trial account)

The moment you enter this command (gcloud auth login) in Google cloud SDK shell the browser will launch google chrome and ask for authentication from your google account.

So i will go ahead and type the following to authenticate, as soon as you press enter the default browser will launch and redirect your page to google authentication to setup your gcloud trial and get your authentication approval. 

> gcloud auth login



I’ll let it authenticate and continue


As you can see below we have been authenticated now and next we’ll be choosing the project (Like subscription in Azure).


Once authenticated, I’ll choose the project in my google cloud account which I want to export the VM to.

Third step : Selecting a Project 

I have 3 projects created there but I’ll chose one of them only (moh10ly)

I’ll have to use the following CMD to choose the project

gcloud config set project PROJECT

If you don’t know your Project name or you don’t have a project, you can do so from the google cloud console


I’ll set the project now

> gcloud config set project as moh10ly


Fourth Step: Creating a storage Bucket

Now I’ll need to create a new storage bucket (storage account) where I will upload the VM to

To create new Google cloud Bucket (Storage) called moh10lybucket I’ll use the following cmd

> Gsutil mb gs://moh10lybucket


You can see if the bucket was created by navigating to your project’s Storage -> Cloud Storage -> Browser window


Now I’ll have to compress the RAW Virtual machine to TAR extension which is a must since Google doesn’t accept any other format and in order for it to be uploaded to Google Cloud Bucket that I have created.

Since TAR is a linux based tool then I will download and install CYGWIN tool to compress the machine according to the google’s documentation

To download Cygwin and install it on Windows use this link (This works also on Windows 10)


After downloading and installing the tool, I will have to copy the disk.raw to a location where I can easily access it in Cygwin to compress it

$ tar -Sczf vbox-image.tar.gz disk.raw


When you install Cygwin, it gives you the option to choose the installation path which is by default C:\ root directory, however I have chosen a different path for this program which is F:\ root in my case


So in order to access the Disk.raw file I’ll copy the file to F:\cygwin64\home

Once the file is copied there, you can launch Cygwin as an administrator and you can view the directory by typing (LS) command and enter

$ LS  (the LS should be small letters)


If the file is not there, then you must look in the newly created folder which is typically your Window’s User profile name and copy the file again there too.

Once the file is copied and you have access to it via the Terminal then you can start and compress the file to TAR as in the below screenshots.

The command is tar -Sczf vbox-image.tar.gz disk.raw


When the compressing has finished, you will be able to see that the file is there and has its size decreased to 605 MB


Now since the file is ready to be uploaded, I will launch the Google SDK terminal and navigate to the path where the file is located (Or simply copy it to an easier location e.g. C:\) and upload the file to google cloud bucket using the following command line

> Gsutil cp vbox-image.tar.gz gs://moh10lybucket

What the command does is it actually copies the file with the command CP to the cloud storage which is gs://moh10lybucket (Make sure your google sdk terminal is already authenticated to your google cloud account).


Below the file started to upload … it took around 15 minutes for the upload to finish


Now I’ll have to import the file into the images store in order for it to be used from the google cloud bucket

Importing the fıle after uploading

I’ll use the following command

> Gcloud compute images create vbox-ubuntu –source-uri gs://moh10lybucket/vbox-image.tar.gz


Check in google images in google cloud if the image is imported and it is .. First image imported as in the below snapshot


Now I will deploy it as a VM and see if it works!

It did get imported and it works, You can access the ip below to see if my website is active or not!


Hope this was helpful.

Add multiple endpoints port range to an Azure Virtual Machine

If you ever needed to add multiple ports or range of ports endpoints to a particular Virtual machine on Azure. you might have a difficulty doing this since it’s not allowed by design and that will require time to do this manually for range of ports. that’s where this article comes handy.


To achieve this first you will need to connect to your Azure subscription on Azure powershell. Azure PowerShell.

Run Azure powershell as an administrator and type the following cmdlet to get your subscription info





This will open a page and ask you to sign in to your Azure user account and download a file called Visual Studio Premium with MSDN-DATE-credentials.publishsettings




In the powershell you will have to navigate to where the file is located. And import the settings that have just been downloaded in that file


Import-azurepublishSettingsFile `.Visual Studio FileLocation`




You can check for your account and Subscription, using Get-azureaccount script



Now I have setup a ubuntu Machine on Azure that hosts Openfire Chat server which requires 10000-10005 port range for the media service. On Azure Web interface the port range option is not yet supported. The only available option is through powershell which will open the required port range for us.


To do so I’ll use the following cmdlet highlighting the required information to enter


To create endpoints for ports 10000-10005:


$vm = Get-AzureVM -ServiceName moh10ly -Name ubunut-mohammed ; 10000..10005 | ForEach { $VM | Add-AzureEndpoint -Name TestEndpoint$_ -Protocol TCP -LocalPort $_ -PublicPort $_} ; $vm | Update-AzureVM


To Acquire your service name, you can simply login to Azure portal and check out All Items and see the cloud service name .. Just like the below screenshot




To Check your Vmname simply navigate to Virtual machines tab and on the right side you can see the name.. I have copied it as well in the command.




Once you edited the cmdlet with your information you can enter it in the Powershell and enter


It should return something like this.




Once finished you can check Azure end point portal for the new ports configuration




Here we go .. Ports are created in Azure




To remove the endpoints for ports 10000-10005:


$vm = Get-AzureVM -ServiceName moh10ly -Name ubunut-mohammed ; 10000..10005 | ForEach { $VM | Remove-AzureEndpoint -Name TestEndpoint$_} ; $vm | Update-AzureVM