I'm trying to migrate my SQL Server 2008 database to Azure, but I can't find the FQDN to connect from SQL Server Management Studio. I've been searching for two days and found nothing. On the web interface (https://manage.windowsazure.com/), google, and all other place. Everyone just assumes that the reader know where the FQDN is.
I've tried servername.database.windows.net, the "Manage URL" link from Azure web interface which both fails. Database firewall has been set to allow my current IP address. Where can I get the FQDN to connect to the sql database?
I need this because I'm doing a database-first development with ASP.Net MVC3 as opposed to code-first. It would really helpful if there's a tutorial on deploying that too (because I only found tutorials for code-first development).
Thanks before.
You do have correct SQL Database FQDN name as shown above and your connectivity problem is not related with FQDN name so you would need to troubleshoot the connectivity issues first.
The following article provides a wide verity of steps to troubleshoot the problems:
http://social.technet.microsoft.com/wiki/contents/articles/1719.windows-azure-sql-database-connectivity-troubleshooting-guide.aspx
Related
This is more one for curiosity and learning.
I currently have an Azure VM (Windows 2016 and SQL 2017) which I just use for R&D. The RDP port is enabled - no big deal as there is nothing top secret.
But just to learn more about Azure I wanted to create a VPN so I can connect via that. Googling, has left me a tad confused as how to go about this gateways, gateway subnet etc etc. I'm not sure if the articles I am reading are the right ones as whatever I try doesn't appear to work.
Does anyone know of any links that might help me start from scratch with VPN settings to connect?
You can try to set up a VPN type of P2S, you can make a Self-signed root certificate for free. And the steps are also simple. And you can follow the document Configure a Point-to-Site connection to a VNet using native Azure certificate authentication: Azure portal. I'm glad if this can help you.
I found these series of Microsoft training guides to be super helpful. (you can find them via the azure portal on the overview page of a virtual network resource)
https://learn.microsoft.com/en-us/learn/modules/introduction-to-azure-virtual-networks/
https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/hybrid-networking/hub-spoke?tabs=portal
https://learn.microsoft.com/en-us/learn/modules/design-implement-network-monitoring/
https://learn.microsoft.com/en-us/learn/modules/design-implement-network-security-monitoring/
https://learn.microsoft.com/en-us/learn/modules/integrate-vnets-with-vnet-peering/
https://learn.microsoft.com/en-us/learn/modules/design-a-hybrid-network-architecture/
I wish to connect an active directory controller which is hosted on an Azuer VPS to a domain I have purchased (which uses CloudFlare), how can I go about doing so?
I am aware of the security risks imposed by exposing an AD instance to the public.
I have poked around to try and find details about what ports should be exposed and records that should be created but couldn't find any.
Edit: I found a page containing a list of the required records and managed to configure it correctly - I will now add an answer.
DNS is now properly configured for the AD instance to be exposed to the web.
I followed the records available here and now it's for all to see!
I have an Azure Website and it is required to consume an elastic search service that's running on a VM.
Although I need to be able to lock the access to elastic search down so only the Azure Website can access it, I can't seem to work out how to do this using the endpoint configuration on the VM.
Am I looking in the wrong place?
Thanks
Carl
You will need to setup a Hybrid Connection between your Web Site and the VM:
Hybrid Connections create a safe tunnel between your Web Site and a VM for example. The screenshot shows the integration between a Web Site and the corporate network, but this also works for VMs running in Azure.
The only requirement is that you install the Hybrid Connection Manager on your VM. More information:
http://azure.microsoft.com/en-us/documentation/articles/integration-hybrid-connection-overview/
I'm new to Azure and have set up an Asure web site which will connect to a SOLR instance on an Azure VM. The web site cannot communicate with SOLR (port 8080) unless I create an endpoint. In order to create an endpoint I need to provide an internal and external port, however I do not want to allow external/remote access to SOLR, other than from the web site itself. Can anyone tell me how I should allow the web site to communicate with my VM, without making the VM publicly accessible?
Thank you,
JP
As #hhaggan stated, you cannot create a virtual network connection, or secure an endpoint, from Web Sites to a Virtual Machine. One option to consider is the use of SSL+certificate to secure the endpoint.
If you instead deploy your web application to a web role (in a cloud service) or a virtual machine, you can then take advantage of a brand new feature called Endpoint ACL. In essence, you can whitelist / blacklist a set of IP address ranges that may access your SOLR external endpoint. You can read about ACL'd endpoints, and how to configure them, here.
Now: You might be asking yourself why this doesn't work with Web Sites. That's because Web Sites runs on a server farm, and sites don't get unique IP addresses (unlike Cloud Services).
if you are talking about Windows Azure Websites, I am not sure if this can be done but if you are talking about Web roles in Windows Azure Cloud service, here is something that I hope it can be beneficial.
Connect ASP.NET application to SQL Server in Windows Azure via Virtual Network http://msdn.microsoft.com/en-us/library/windowsazure/jj823135.aspx
you might also would like to have a look on this http://www.windowsazure.com/en-us/services/virtual-network/ I don't think you will need it but I am just sharing it with you, it is for WIndows Azure Virtual Network.
let me know if this solved your problems or if you need anything else.
We are looking to replace our normal Win2008 R2 IIS server with a Azure Cloud based solution. Our Current use scenario is something like this:
Server A
Hosts 7 Websites.
All Websites are Managed and Maintained with Visual Studio 2010. They are Web Projects, not Web Services. Each of the Sites has unique domain names. www.comanyA.com, www.companyB.com Intranet.companyB.com, etc. There are three sites that are SSL enabled and have Verisign Certificates.
The Sites consist of many asp, aspx and image files. We also create file content on demand (Excel Exports) that users can then click to download. We also make a Connection to a SQL Server for Back-end Data. We would need a Secure Connection to a SQL Azure DB and or an On-Premiss SQL Database (depending on when we move our SQL to SQL Azure).
I Would also need the same Security Permissions setup so all the users have the same permissions that they do for the Existing IIS Server. So I'd like Active Directly Integration.
I'd really rather not have a VM Image that is just running in the cloud. I don't want to have to maintain the OS level of stuff, (Updates, etc)
Is this something that Azure Compute can do for me?
Thanks!
This is not actually a single question. The only real question here that I see is
"Is this something that Azure Compute can do for me?"
And answer is - depends :) To very high degree, Azure compute might and will help you!
To solve challenge #1 (Multiple Websites / no ssl) - the easieast. Check this and that blog posts.
Challenge #2 (Connecting to SQL Azure / On-Premise SQL Server) - second easiest. SQL Azure still supports only SQL Server Authentication and it requires encrypted connection. As for connecting to On-Premise SQL Server, you can use Windows Azure Connect (and here). You can even domain-join your compute instances in the cloud.
Challenge #3 (Active Directory integration) - part of it described in Challenge #2 - domain join your roles! But you could also review the Windows Azure Access Control Service and its ADFS integration.
Challenge #4 (Multiple SSL Enabled sites behind same endpoint). Well, this is the trickiest! In Windows Azure everything lives behind a load balancer. So, you could generally define only one standard HTTPS (on port 443) endpoint. And that's it. Although, you could now have separate SSL certificate for each different SSL enabled site, this is not possible in Windows Azure. For this to work in Windows Azure, you need a Subject Alternative Name certificate (here, here and here are just some examples).
Hope that this helps!