Azure Table Storage

In the previous part, we established an on-premises identity foundation. The on-premises setup consists of a virtual network with Windows and Linux VMs joined to an on-premises Active Directory domain hosted on two domain controllers. In this part, we will create a VPN Gateway in Azure and a StrongSwan IPsec gateway on-premises and establish the Site-to-Site VPN tunnel — the foundation of our hybrid lab. Implementing a Site-to-Site (S2S) tunnel is simple — so rather than walking through the steps procedurally, I want to focus on what each component is actually doing. ...

In the previous parts, we created a primary and secondary domain controller and tested the domain join from Windows client VM. In this part, we will domain-join a Linux VM to the domain controllers we created. The main purpose is to introduce a non-Windows system into the domain to test Kerberos authentication against Active Directory. We will — Provision a new Linux VM Assign the DC IP Install Linux Kerberos client tool Join the domain Validation ...

Previously, we created a domain controller (DC), joined a test virtual machine to the newly created domain and verified the authentication of a test user from client VM. In this part, we will build redundancy into our environment by introducing a second domain controller. Active Directory (AD) is designed for multi-master replication, meaning multiple domain controllers hold a copy of the directory database. Adding a second DC provides: High Availability — authentication continues if one DC fails Load Distribution — clients can authenticate against different DCs Replication Redundancy — AD database changes replicate automatically In this part, we will: ...

In the first part, we laid the foundation for the hybrid cloud environment. Now we have a virtual network with VM running Windows Server 2022 Evaluation. In this part, we will focus on adding the Identity plane to the hybrid cloud environment by introducing a domain controller and creating an Active Directory structure. We will create a client VM, domain join it and make sure a domain user is able to login ...

Introduction In this series, I will take you through building an on-premises / Azure hybrid environment, with the on-premises network running entirely on a single machine. We will set up an on-premises Active Directory forest, create OUs and users, deploy domain controllers, join Windows and Linux VMs to the domain, and establish hybrid connectivity to Azure using an S2S VPN tunnel. I want to clarify right at the outset that on-premises identity is not a mandatory starting point for a hybrid cloud environment. But I have chosen to build it from the ground up starting with the identity plane (on-premises Active Directory) . ...

Symptom Symptom Calling Azure Table Storage REST API returns: 403 Server failed to authenticate the request. Make sure the value of Authorization header is formed correctly including the signature. Even though Authorization header looks valid Root Cause The request is missing x-ms-version header Azure Storage requires this header to determine the API version used for request validation. Without it, the service may reject the request with a misleading authentication error. ...