Service Account for Azure Virtual Machine - configuration

I have an Azure VM and I want to configure MS Office applications like MS Outlook & MS Excel on it and also, chevron applications like Well Plan. To be able to do that I need a service account with MS Office license but I don't know how can I get a service account for an Azure VM. If anyone has any idea on how can I do this then please respond.
Thanks & Regards

You don’t require any service account to configure any application on azure VM.
Would suggest you to follow the below step to achieve your requirement in correct way.
Step 1 : You need to first enable AAD Login into your VM.
You can refer this MS Document to enable AAD login into your VM
ONCE configured, login with your AAD account in the VM
Step 2: Make Sure to give RBAC role (Virtual Machine Administrator Login or Virtual Machine User Login) as per your requirement for that user.
Then install office on your VM as the license is already assigned to your AAD account.
If not, you can refer this Document to assigned licences to User/Group.

Related

My org wants to setup Azure Files and connect about 100 employees to it via SMB

What pre-requisite services/subscriptions do I need to get to that point?
Right now, we have Azure AD Connect. Can that be used to authenticate users' access to the network shares of Azure Files?
I had to setup an Azure subscription first to access storage services. The azure subscription did not show pricing because it was a trial subscription. I did not know whether it would be per user subscription or not.
Azure Files supports identity-based authentication for Windows file shares over Server Message Block (SMB) using the Kerberos authentication protocol through the following three methods:
On-premises Active Directory Domain Services (AD DS)
Azure Active Directory Domain Services (Azure AD DS)
Azure Active Directory (Azure AD) Kerberos for hybrid user identities
For your use case where you want to use Azure AD Connect, you need to go with Azure AD Kerberos for Hybrid User Identities. You can find more information here- https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-azure-active-directory-enable?tabs=azure-portal
Here are details regarding a subscription in Microsoft Cloud- https://learn.microsoft.com/en-us/microsoft-365/enterprise/subscriptions-licenses-accounts-and-tenants-for-microsoft-cloud-offerings?view=o365-worldwide#subscriptions
Hope this helps. Please do let me know if you have further questions and I will be glad to assist you further. Thank you!

My VM instance is missing from the console

I have a Linux VM on Google Compute Engine that I am accessing via SSH. It works just fine, but when I go to the Cloud Console, it asks me if I want to create a new VM as if I have none. I know I'm on the right account because it shows my billing balance has gone down.enter image description here Where did my server go?
It is weird. But it is important to make a differentiation that is not obvious once you start using Google Cloud Platform. The credentials you are using to access the Platform ( your email or a service account), the projects where an entity that any resource must be attached to and the billing account that is the payment profile that can have several projects associated.
In that case you could be in a different project, that is associated to the same billing account.
To check you can the project where your machine is, in the shell
Gcloud compute instances list
Here you will see the instances in your actual project. If nothing appears, reset gcloud configuration.
gcloud init
And change the project.

NETWORK SERVICE permission for database

I am just wondering is it good idea to give NETWORK SERVICE permission for MSSQL database, can it open any security holes? Then I don't need to set any login parameters in my web app(ASP.NET MVC) config file, I go with integrated permission.
Looking at MSDN, Windows Network Service Account has minimum privileges in windows and it acts as the computer on the network.
But I personally believe that, if you are using it for personal development then it is ok to use network service to access database (if they are on same machine). You might need to configure application pool of your web app to use that service as well in order to have your web app authenticated by SQL Server.
But if it is for enterprise, then I would suggest you to create a separate domain account and use that domain account for both SQL Server and Web App. In that way you will have more better control over that account and it's permissions and less chances to find out that you have given more than required permissions to some default windows account.

Create a domain for windows server 2008

i'm trying to install vmware view connection server but is ask me that the computer does not belong to a domain.
what do i do now? this is a home server and i do have a static ip address with my isp. the aim would be to connect from outside my home network remotely.
do i need to add a dns server in windows server 2008?
Have you tried LogMeIn? The free edition works beautifully for this sort of thing, without the headaches of firewalls, DNS, and IP addresses.
Yes, you need a AD domain to install vmware view connection server.
Please refer to pre-req of view:vmware view install guide
Preparing Active Directory
View uses your existing Microsoft Active Directory infrastructure for user authentication and management. You must perform certain tasks to prepare Active Directory for use with View.

Installing Windows Server AppFabric - Unknown user name or bad password

I'm installing Windows Server AppFabric in a Windows 2008 R2 SP1 that is part of my domain. On the Configure Hosting Service, I would like to configure each AppFabric service on a separate Domain account. I've created the 3 necessary databases on a separate database server that is also part of my domain, and 3 domain users, and I've given each domain user db_owner privilege on it's respective database.
When I'm installing Windows Server AppFabric, and I try to set the monitoring configuration, and on the AppFabric Event Collection service account, I'm trying to use the domain user, but it keeps giving me Logon Failure: Unknown username or bad password, but the user and password are valid! On the same server, if I do a runas with the same domain user and password, I open any application I want.
Is there a restriction on using domain accounts for this? I've placed all 3 accounts as local admin and on AS_Administrators, to see if it helped, but it's no good.
After a LOT of troubleshooting, I found out how to configure it. Before the Windows Server AppFabric Configuration Wizard is opened, go to the Services, and configure the 3 services (AppFabricCachingService, AppFabricEventCollectionService and AppFabricWorkflowManagementService) with the domain users you want. Then, you open the Wizard, and the correct domain users will already be configured, and all you need to do is configure the database.
The post https://stackoverflow.com/questions/4733348/configuring-appfabric-with-remote-database also helped, along with the article http://msdn.microsoft.com/en-us/library/ff637739.aspx