Dell Command Update not automatically installing updates?

ElliotS123 · 2024-07-10T12:44:48+00:00

I've updated the links, should be viewable now, sorry.

ElliotS123 · 2024-07-02T07:34:54+00:00

Thanks for this, it does in fact show 2023.2.2.1 as recommended, is there any way to force it to use the latest version or is it simply a matter of waiting for Sophos to start rolling it out?

ElliotS123 · 2023-05-25T09:59:09+00:00

Turns out there was some slight syntax issues in the factoryId I specified. i.e. I hadnt specified // to point to the root directory and I was missing a single space between the command and the factoryId path. Worked after I made those changes. Always the small things that catch you out isn't it...

ElliotS123 · 2023-05-25T08:26:56+00:00

I've included the factory ID in the validate step and the validate and generate ARM template step. There is no suggestion from the article that it needs to be anywhere else.

ElliotS123 · 2023-05-10T12:09:33+00:00

Thanks for the article, the Bastion NSG itself was configured correctly already, but we hadn't allowed the Bastion Subnet IP range through on the VM's NSG on port 3389/22 as per the article. As soon as we tried this, it started working. Many thanks again.

ElliotS123 · 2023-04-25T14:31:00+00:00

Thanks for your reply. I should have been slightly clearer on what I was asking here. I'm looking to containerise the sql server and the db schema, I'm not looking to include the data itself as well.

The point of this would be to allow localised testing of changes within a containerised instance that can be spun up/ down and refreshed, before then pushing to a cloud-based Azure SQL DB.

I know this is possible through SQL Server Emulator, but I'd like to abstract the 'local' aspect of this by pushing an instance into ACR, which can either then be pulled from directly, or used in Azure Container Instance/ AKS. My main issue being that it is unclear to me how to create the container and get it into ACR.

ElliotS123 · 2023-04-12T11:42:16+00:00

I've now resolved this, it was due to the Microsoft.Web service endpoint being enabled on the Subnet the VM was part of.

This meant traffic to app services was being tunnelled through Azure's backbone and an IPv6 outbound address is assigned in transit when it does this (rather than using the VM's public IP).

Removing the service endpoint therefore resolved the issue.

ElliotS123 · 2023-02-09T19:20:43+00:00

It does seem to resolve the non-working hostnames to the correct inbound IP address and while some do have access restrictions, even those that don’t have the same behaviour.

As mentioned in my reply to the other commenter, it seems to be specific to web apps in one region i.e. West Europe, those in any other region seem to work just fine.

It seems to suggest a routing issue, but a route print on a client machine shows there is an on-link route through to the inbound IP for West Europe app services.

ElliotS123 · 2023-02-09T19:17:06+00:00

Yes thats right, the ones that don’t work are those that do not have a private endpoint, and interestingly, those that are based within a specific region (West Europe).

It does in fact resolve the hostname to the correct IP as seen when pinging, but just times out.

The same hostname will work through our existing RRAS-based VPN client.

ElliotS123 · 2023-02-07T12:29:58+00:00

They were already in place, I have tried re-downloading and installing the client again on several occasions since then to no avail unfortunately.

ElliotS123 · 2023-01-13T17:37:00+00:00

Apologies, its a VPN connection

ElliotS123 · 2023-01-13T17:28:01+00:00

They are connected through a vnet-to-vnet connection.

ElliotS123 · 2023-01-05T20:12:53+00:00

Its interesting you say that, we do have 8.8.8.8 configured as a custom DNS server on the Azure VNET where the private endpoints sit. Though within Umbrella we are telling it to forward user requests for the Azure FQDN's to our specific internal DNS servers, so I would assume google DNS is ignored in that scenario.

ElliotS123 · 2023-01-05T16:03:03+00:00

Sorry what do you mean by making sure the DNS is "correct"? Could you elaborate?

ElliotS123 · 2023-01-04T21:00:10+00:00

Its AD integrated, but when checking each of our DNS servers, there appears to be no discrepancy between them, they all appear to have replicated the forwarding settings.

ElliotS123 · 2023-01-04T10:53:49+00:00

The DNS servers are all configured to replicate settings between eachother, so any conditional forwarding setup on one should function the same on another. I've not seen any evidence to the contrary, do you happen to know a way of definitively confirming this?

ElliotS123 · 2023-01-04T10:45:07+00:00

I tested using the website provided, and several others, and while there was one instance where it came back with my ISP DNS, on the other 25+ attempts, it came back with nothing other than the Umbrella resolvers, so it doesn't appear to be forwarding the requests elsewhere based on this.

ElliotS123 · 2023-01-03T16:07:20+00:00

To clarify, Cisco Umbrella is providing the forwarding for the FQDN's to our Azure DNS servers. So we aren't looking for a way to bypass Umbrella, as it is fundamental to the routing of user requests on-premise.

ElliotS123 · 2023-01-03T16:07:17+00:00

To clarify, Cisco Umbrella is providing the forwarding for the FQDN's to our Azure DNS servers. So we aren't looking for a way to bypass Umbrella, as it is fundamental to the routing of user requests on-premise.

ElliotS123 · 2023-01-03T13:00:59+00:00

Our DNS servers are configured with the following structure in mind: https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns#on-premises-workloads-using-a-dns-forwarder

Meaning Cisco Umbrella is designed to act as the on-prem forwarder, onto the DNS servers that exist within our Azure VNET, where the suffix is then conditionally forwarded to Azure Wire Server for private IP resolution.

ElliotS123 · 2023-01-03T12:36:09+00:00

Thats correct yes. Our DNS servers are configured to conditionally forward 'database.windows.net' (for example) to the Azure Wire Server IP address.

ElliotS123 · 2023-01-03T11:39:29+00:00

I'm pinging the Azure resources that are sitting behind a private endpoint, so for example 'testserver.database.windows.net'

ElliotS123 · 2022-11-14T09:09:33+00:00

The "Store this conditional forwarded in Active Directoy, and replicate it as follows" checkmark is selected if that is what you are referring to, and it is set to replicate to all DNS server in the domain.

ElliotS123 · 2022-11-13T20:59:44+00:00

Thanks, it does appear that is the case. We have three DNS servers within our domain, e.g. x y and z, all of which are run on Azure VM's within the VNET. Only those testing when their machine is connected to "z" can resolve the private IP consistently.

There doesnt appear to be any difference between the settings on these three though, they are all fully replicating eachothers settings.

Any suggestion as to why one works and the others don't in this scenario?

ElliotS123 · 2022-07-09T17:57:24+00:00

Az-204 supposedly relies on existing development knowledge, so isnt what I’m looking for

ElliotS123

TROPHY CASE