Reverse engineering the “AADLoginForLinux” in order to tweak proactive user configuration


Last summer I posted about taking a look under the hood of the Azure Active Directory integration for a Linux Virtual Machine. For today, let’s take it a bit further… What if we would want to pre-provision a set of UIDs (User IDs) & GIDs (Group IDs) on a range of virtual machines for cross machine consistency. Let’s say, we would want to make use of an NFS drive and use the same UID/GID across all those boxes. Can we do that with the AAD extension? If so, how can we do it? Let’s hope we can… Otherwise it’ll become a rather short blog post.



This post is based upon my personal experience reverse engineering how this extension works. This is by no means a support statement. If you’re a technical nut (like myself) and want to know how you can tweak this at your own doing… Then this post is for you. 😉

Continue reading “Reverse engineering the “AADLoginForLinux” in order to tweak proactive user configuration”

Taking a look under the hood of the Linux VM Authentication


Today we’ll do a deep-dive into how you can log into an Azure Linux VM with Azure Active Directory (AAD). In essence, we’ll go through the following documentation flow, and then take a look how that looks under the hood.


Part one : “Creation”

The part on creating & integrating the VM is VERY straightforward…

  • Create a resource group
  • Create a Linux virtual machine
  • Add the “Azure AD login VM”-extension

And that’s it! Really, that’s it…

Continue reading “Taking a look under the hood of the Linux VM Authentication”

Using B-series for your Dev VM in Azure


Earlier this week I tweeted my excitement of using an Azure B-series machine for my Dev VM in Azure. And Jan was curious to know what type I used…

Which got a response from Sven that I would probably blog on it…


Continue reading “Using B-series for your Dev VM in Azure”

What Azure Virtual Machine size should I pick?!?


Remember the last time you went shopping for a shirt? Then you surely also recall the moment in time when you were looking to find the right shirt size for yourself…

You probably also noticed that sizes might differ a bit depending on the context. A  woman’s size vs & men’s size is totally different. There are geographical differences… and some people just like to wear cloths that have more “free space”.

So is today’s post about buying cloths? Hell no… 😉 But it’s to point out that there are analogies between finding the right shirt for you, and finding the right Azure Virtual Machine. Today we’ll delve into the aspects that will guide you a given T-shirt size in Azure ; for instance, why choose an FS1 above an A1_V2, where they both have 1 core & 2GB of memory. Though there is a price difference of 10€ per month on them.

Continue reading “What Azure Virtual Machine size should I pick?!?”

Virtual Connect : “Patch Panel” or “Active Component”?

A while ago we had an internal discussion whether or not a Virtual Connect (HP Blade Technology) is to be considered as an active component or as a patch panel.  The answer is that it is kinda like a switch. It cannot be seen as an actual switch, where it comes close to a virtual switch (like defined by VMware). More details can be found op page 25 in the document (linked below), where a nice comparison table is listed.

Source :HP Virtual Connect: Common Myths, Misperceptions, and Objections, Second Edition (Google cache / quickviewer)

#1: VC Ethernet is just another switch
Incorrect: While VC uses tried-and-true, IEEE standard, Layer 2 bridging functionality, its primary purpose is to provide many server virtualization and management features that are non-existent in traditional switches. VC may perform some functions like a traditional switch; however, VC has many additional features which clearly distinguish it from a traditional switch. …

#18: VC Ethernet doesn’t provide Layer 3 routing capabilities
Correct: Virtual Connect is not a router, therefore, Virtual Connect does not provide Layer 3 capabilities (routing).

#14: HP server blade NICs stay active even after VC Ethernet uplink failure
Incorrect: Virtual Connect provides many features for ensuring highly available network connectivity for HP server blades. One feature, SmartLink, is used to disable a server blade NIC port anytime the NIC is connected to an external network where all VC uplink(s) have failed. In other words, VC can be configured to proactively disable a server NIC port whenever the server NIC is isolated from the external network. VC’s SmartLink feature, combined with NIC Teaming on the server, allows for highly available network configuration with no single point of failure.

#3: VC Ethernet doesn’t support Spanning Tree (STP)
Correct: Much to the delight of VC users, Spanning Tree support on VC is not needed. VC provides HP server blade network connectivity just like a hypervisor provides virtual server network connectivity and neither of these technologies require Spanning Tree support. VC doesn’t have to support Spanning Tree just like hypervisor hosts don’t have to support it, yet both provide network redundancy and load balancing. Just like a hypervisor host, VC provides network redundancy and load balancing features that are modeled after NIC Teaming/bonding technology instead of switch technologies like Spanning Tree. A Spanning Tree configuration error on any single switch in the data center can negatively affect any other connected switch in the network, in addition to all servers connected to the same network. With Virtual Connect, any redundancy and load balancing configuration problems only affect a single blade enclosure1
Fundamentally, VC doesn’t require support for protocols like STP because VC presents itself to the network as a “termination endpoint”, as does a typical server or a hypervisor host. VC is not and does not present itself as a “transit device”, as does a traditional switch.

#24: VC Ethernet doesn’t support the Cisco Discovery Protocol (CDP)
Correct: VC supports Link Layer Discovery Protocol (LLDP) – the industry standard (IEEE) version of the Cisco proprietary protocol CDP. Many Cisco devices support both CDP and LLDP (for example, 14 ). The use of the IEEE standard version, LLDP, is recommended by HP to ensure customers are not locked into a proprietary protocol.

#17: VC only supports a limited number of VLANs
Correct: The supported limit is 320 VLANs per Virtual Connect Ethernet module when using Shared Uplink Sets. The VC architecture supports 1000+ VLANs per c-Class enclosure.

ESXi on a USB memory key

Check out the following guide @ :

Create an ESX 3i USB boot key

This guide will describe the basic steps to create your own VMware ESX 3i USB key.
I need to say that VMware is not supporting this way of running ESX, so be careful with this on
production environments.
When you want to use ESX 3i in production environments without the need of local hard drives,
contact your hardware manufacturer; like HP, Dell or IBM. They have supported ways to run ESX
on USB or SD cards.
• USB key of 1GB
• IZArc –
• WinImage –
• VMware ESX 3i (ISO) –

Seamless Linux applications on Windows

Seamless Options
One of the all-time-favorite articles here is “Running your dual boot windows inside Vmware Server within Ubuntu“. Yet some might like it the other way around, and a bit more seamless? Two handy options here are “VirtualBox” & “Ulteo Virtual Desktop“.

You can put Virtualbox in the same range as Vmware. They provide a performant virtualization platform. Yet one of their core features (which I still miss in Vmware, apart from Fusion) is the “seamless” mode. It means your guest OS can appear on your desktop without having to be inside a window. You can run application (say notepad) and it will appear as a single window on your desktop.
More info?

With Ulteo Virtual Desktop, you just have to run the application you need to use from the Ulteo panel and its window will show up like any other Windows application. Ulteo steps in to avoid the point where you need to maintain your virtualization platform (as with the seamless solution of Virtualbox). See it as an application that will (install and) maintain the seamless solutions for you. Check out their website (and the /. comments).