In this Ask the Admin, I’ll show you how to get advice on tuning and securing Active Directory, SQL, or SharePoint running on Azure virtual machines.
Managing your own infrastructure in the cloud presents challenges that not all system administrators are ready to face. But last year, Microsoft released an optimization tool that provides advice on how to back up, secure, and optimize performance for servers running in the cloud.
While such tools cannot replace experienced consultants, the Virtual Machine Optimization Assessment Tool gives a surprisingly in-depth assessment of how to configure systems to avoid common issues and should give cloud newcomers a sense of assurance that they’re following best practices.
The report generated by the tool contains useful advice on how to secure and protect Active Directory, SQL or SharePoint. The recommendations are based on real-world experience gained by Microsoft engineers when dealing with customer issues, and the report is divided into six key focus areas:
In this article, I’m going to focus on using the optimization tool to get advice on Active Directory. Note that when using the tool to collect and analyze information about Active Directory, it needs to be run with a user account that has read access to the target domain.
The Virtual Machine Optimization Assessment Tool can be downloaded from the Microsoft Azure website and can be installed on Windows 7 and later, and Windows Server 2008 R2 and later server operating systems. The only other requirement is the .NET Framework 4.0. Once you’ve met the prerequisites, run the installer on the domain controller (DC) you want to assess, and make sure that Launch Microsoft Azure Virtual Machine Optimization Assessment is checked, and click Close to start the tool.
The tool should have started when the installed completed, but if not, you can start it by running ExpressClient.exe in C:\Program Files (x86)\Microsoft Azure Virtual Machine Optimization Assessment.
Once you’ve provided answers to all the questions, you’ll be taken to the Collect & Analyze tab where you’ll have to wait while the tool gathers data about Active Directory, and compiles the information, along with your answers to the previous questions, into a customized report.
Each recommendation is given a percentage weighting. For example, if a DR issue is weighted at 10%, addressing the problem will improve your ability to recovery from a disaster by 10%.