Zu Gast beim Decompose.io Podcast mit Azure Policy

English Below

Letzte Woche hatte ich das Vergnügen zu Gast beim Decompose.io Podcast von Tillmann Eitelberg zu sein. Im Podcast haben wir über das Thema Azure Policy gesprochen und wir haben über vielfältige Themen gesprochen. Es war ein lockeres Gespräch mit viel fachsimpeln und unseren Eindrücken zu aktuellen Community Tätigkeiten.

Im Podcast haben wir unter anderem folgende Schwerpunkte thematisiert:

  • Einsatzmöglichkeiten von Azure Policy
  • Einsatzebenen (Governance, Security, etc.)
  • Best Practices und Grenzen
  • Verbindung zu Microsoft Defender for Cloud
  • und viel mehr

Hört gerne rein und hinterlasst gerne Feedback oder kommt mit Fragen auf uns zu.

Viel Spaß beim anhören.

English below

Continue reading Zu Gast beim Decompose.io Podcast mit Azure Policy

Migrate Ubiquiti Unifi Security Gateway (USG) to Unifi Dream Machine Pro (UDM Pro)

Some of my customers using Ubiquiti components in there networks, because of the great price and performance ratio and the easy administration. On of my customers the Unifi Security Gateway had a defect shortly before christmas. We decided to renew the both components (Unifi Security Gateway and Unifi Cloud Key Gen 2 Plus) with the Unifi Dream Machine Pro. On my research for the best upgrade process I do not found a good article how is the best way to migrate the Ubiquiti environment from the USG to a UDM Pro. In this article I will explain this in a short way, because with the actual release of the UniFi OS, the upgrade process is smooth and simple.


The preparation is not necessary, but I will recommend to do this for easy device management, when something go wrong.

  • upgrade all devices to the latest available firmware
  • Note all ssh logins for your existing Unifi devices
  • take a backup on a secure place (e.g. OneDrive)

Preparing the Unifi Cloud Key

Go to your Unifi Network Portal (Client or Unifi Cloud Key based) and upgrade the USG and all devices to the latest available firmware.

After the update process is successfully completed download a backup from your Cloud Key. Did you use a Cloud Key Gen 2 with Camera Protection also update it to the latest available version and download the configuration file for the protect software.

Install the UDM Pro

Firstly install the UDM Pro into your existing network. Use the UDM Pro WAN Port and connect it with the existing network and connect a notebook with the UDM over one of the existing switch ports. This helps to bring the UDM Pro online and does not affect the existing network, when you use the WAN Port. Open a browser from your notebook and go to The UDM Pro setup website will be open and you can go trough the easy steps to setup and connect the UDM Pro with an existing Ubquiti account.

After you finished the setup process update the hole software

  • Unifi OS of UDM Pro
  • Network Application
  • Protect Application

to the latest available update (in my case 6.5.55)

Preparing the Unifi Cloud Key

On the Unifi Cloud Key Gen 2 it also necessary to update to the latest available update (in my case 6.5.55). After the firmware are up to date, take a backup from the Network and Protect application.

Replace the USG with the UDM

Disconnect the WAN Port, connect through one of the switch ports and access the UDM Pro admin site and configure the UDM Pro with the same IP as of the USG. Save the configuration and shutdown the UDM Pro in the admin portal.

Disconnect the USG and the Cloud Key (when exist) from the network and replace it with the UDM Pro and start the UDM Pro.

The UDM Pro will be available shortly under the same IP as the USG and you can enter the UDM Pro admin site. Login and go firstly to the Network application and import the backup file. After the import is successfully completed the UDM Pro will reboot. After the reboot the migration of the network part is complete and all devices are up and connected to the new UDM Pro.

Do the same for the Protect application, when you had available Unifi camera devices. After the import of the backup file is completed, the cameras are now report directly to the UDM Pro.

Reinstall Azure Backup Windows Workload to fix UserErrorSQL NoSysadminMembership for SQL Server in Azure VM

In the last couple of days I try to optimize some Azure environments from security and cost perspective. One customer has a SQL Server Express installed inside an Azure VM. The backup was configured for the hole VM, but there is no need to backup the Datadisk which contains the SQL databases. In this article I will explain how you can reinstall the Azure Backup Windows Workload extension to fix the issue when the service account will not listed on the Azure SQL Server VM. This fix the issue only did you not find the service account in the SQL Server management studio. To add the account in the right way, please refer to the article from Wim Matthysen.

Continue reading Reinstall Azure Backup Windows Workload to fix UserErrorSQL NoSysadminMembership for SQL Server in Azure VM

Recap of 2021 and Looking forward to 2022

2021 is over and it was a challenging and interesting year from many perspectives. I think the most important thing in these times is health and consideration for the community. Looking back to 2021, I was a speaker at many virtual events and that was quite interesting because of the different organization and audience. What I miss most is feedback and discussing different solutions with the event attendees. This was a little bit sad, because the virtual events feel more like a YouTube streaming and less a in-person event. So when I look in direction of spring, I hope we can get back more to in-person event.

Looking forward to 2022

I’am really looking forwad to 2022. We planning some great Azure Bonn Meetups and will start in January with Esther Barthel and Transitioning Ops to the Cloud and in February we will welcome David O Brien.

The 3rd Cloud Identity Summit is also on our List and we hope we can start this event first time as a Hybrid conference – so stay tuned and follow our Twitter account for latest updates.

Finally, I have a few tasks on my list. I will update my sessions to focus more on governance, security and cloud reviews because I see many growing cloud environments with little review iterations, yet there are some services that can help clean up your cloud environments and get them in good shape.

I will also expand my activities on Youtube, where I will conduct more frequent AMA sessions on various Azure topics. You can find there a AMA Session about Azure VM Best Practice for the Festive Techcalendar where I discuss different best pratice with Eric Berg, Marcel Meurer and the audience for the Festive Tech Calendar.

I am also looking forward to a adesso meeting in Frankfurt where we will share the important Azure topics for 2022. When you interested in meet me live and discuss the interesting topics for 2022 please join our (german) event “Wolkenreicher Start in den Frühling” on 09/03/2022.

And you will recognize me better now that I have a small logo for my activities 🙂

I would like to take this opportunity to thank some great community heroes for the past year and your support: Melanie Eible, Thomas Naunheim, René de la Motte, Eric Berg and Marcel Meurer

Finally I noted the upcoming #community events, that I aware of it on my event page. Upcoming Conferences and Open CFPs | Gregor Reimling

Recap of 2021

Continue reading Recap of 2021 and Looking forward to 2022

Starting my new journey at adesso SE

Welcome adesso SE

On November 01 I will start my new role as Managing Consultant at adesso SE in the LOB Microsoft. I am very exited about this opportunity and hope that with my broad Azure background I can develop new solutions and contribute to strengthening the cloud capabilities. adesso has grown a lot in the last few years and I am excited to see what new challenges will come my way.

Continue reading Starting my new journey at adesso SE

Microsoft release Azure AD Connect V2 with tons of new features and remove support for WS 2012 R2 or Older

Update 18/08/2021

Added some details about v. which fixes a security issue.

Microsoft released a major update of Azure AD Connect. This major release brings a lots of new features and requirements for the local infrastructure. In this article I will cover the latest information and how you can upgrade to the new release.

The new version 2 of Azure AD Connect was released on 20/07/2021 and bring the product to the version the lastet release of version 1 was Microsoft found a security issue in and and updated the Azure AD Connect v2 to

Microsoft released also an update for AAD Connect v1 and brings it to This is for customers who running an older version of Windows Server who can not upgrade to WS 2016 and fixes an security issue in

Continue reading Microsoft release Azure AD Connect V2 with tons of new features and remove support for WS 2012 R2 or Older


Summer is here and I hope many enjoy the time on vacation. In this article I would like to give a little preview on which community events you can find me in the 2nd half of 2021.

GeekSprech Podcast

I had the pleasure of visiting Eric Berg and Weimar on the 3rd weekend in July. We had a great time and talked a lot about the community, new projects and more. On Sunday, Eric and I had the idea to record a new GeekSpeak episode with the news about the Microsoft Inspire 2021. We had a lot of fun recording it and hope you do too. The podcast is in German.

German AVD UserGroup – Azure Files

Patrick Köhler and Marcel Meurer are the founder of the German Azure Virtual Desktop User Group. The host a monthly meetup with different topics around AVD. Both invited me to speak about Azure Files and is this the perfect profile store solution. I am really looking forward to the event and hope that I can give you a good overview about the different file store solutions in Azure.

Cloud Identity Summit 2021

In 2020 based on the initial idea of my best buddy Thomas Naunheim we started as Azure Bonn Team the Cloud Identity Summit 2020. The speaker lineup was awesome and the feedback was so great that we decided to repeat this in 2021. This year the Cloud Identity Summit will another virtual conference and take place at 30/09/2021. We hope you attend our 2nd edition. The agenda and the speaker will announce in August 2021.

CloudInspires Podcast

Thomas and I founded in June our own CloudInspires.me Podcast. Do not miss the latest two episodes (in German). We have so many great speaker on our timeline – stay tuned 🙂

AVD TechFest Fall 2021

I am very happy to speak for a 2nd time at the well organized AVD Techfest. This a free online conference with all topics related to Azure Virtual Desktop. There are so many sessions on the agenda, it’s worth taking a look if you work in the AVD space. I’ll be giving a session on Azure Files as an AVD profile storage solution, and diving into the different ways you can use the Azure Files solution for AVD. This means that I will introduce Azure Files and Azure NetApp Files and show in which scenarios some of these options are the better solution.

IT Tage Konferenz

One of the last conferences this year is the German IT Tage Konferenz in December. This is a really big conference running about 4 days with a wide range of topics. I had a pleasure to hold a session about Azure VM Best Practices.

I will add additional events, when I know about.

Azure Bastion supports SCALABILITY for SSH/RDP Connections with the new Standard SKU

Update 1 on 01/12/2021 :

Microsoft has changed the #AzureBastion minimum subnet size from /27 to /26. Installed #Azure Bastion are unaffected, but new deployments require the new subnet size. Please remember this. https://docs.microsoft.com/en-us/azure/bastion/bastion-faq#subnet

Azure Bastion is a fully managed PaaS service to secure access Azure VMs via SSH/RDP without the need for Internet connectivity on the selected VMs. Azure Bastion was released as part of the Microsoft Ignite 2019. As part of the ongoing Microsoft Inspire 2021, Microsoft has launched a new SKU for Azure Bastion called Standard.

Difference between Basic and Standard SKU

When you create an Azure Bastion instance Microsoft creates in the backend an optimized Azure VM that runs all the processes they are needed for Azure Bastion. This Azure VM is called a Instance and had some limitations. In general when you deploy the Azure Bastion Basic SKU Microsoft deploys two instances which supports 20-24 concurrent sessions which means each instance support 10-12 sessions.

The Standard SKU allows you to specify the number of instances called as host scalling.

Please note that when using an Azure Bastion Standard SKU, the AzureBastionSubnet size should be increased to a subnet size of approximately /26 or larger.

Azure BastionBasicStandard
Instances2 Defaultup to 50
Max. supported concurrent sessions20-24up to 500
Supported configurationAzure Portal, Powershell, CLIOnly Azure Portal

Deploy an Azure Bastion Standard SKU

Only the Azure Portal allows to deploy an Azure Bastion Standard SKU with the host scalling feature, because the feature is in public preview.

Continue reading Azure Bastion supports SCALABILITY for SSH/RDP Connections with the new Standard SKU

Microsoft MVP for Azure 2021-2022

The first of July starts with the new fiscal year for Microsoft and with some important informations for many people around the globe. This date marks the Renewal date for awarded Microsoft MVPs.

I am very honored and grateful to be recognized as an MVP in the Microsoft Azure category for the third year in a row. This makes me happy about many different reasons:

Continue reading Microsoft MVP for Azure 2021-2022

Public & Hybrid Cloud