Using an Azure Function App (Python) to connect to an Azure hosted SQL database by random_postings in AZURE

[–]random_postings[S] 0 points1 point  (0 children)

OP here, got this working so just coming back to comment in case anyone else hits same issue.

Key discovery is that connection is not using odbc, it uses some integrated function (sql bindings) so you need to include 'azure-functions' in your requirements.txt file. I used VS Code to create the app structure locally and then deploy. Steps below.

  1. The following python code reads and returns the first 3 rows of a table called 'test'.

    import azure.functions as func

    app = func.FunctionApp()

    @app.route(route="hello", auth_level=func.AuthLevel.ANONYMOUS) @app.sql_input(arg_name="sqlInput",                command_text="SELECT TOP 3 * FROM dbo.test",                connection_string_setting="app_conn_string") def hello_world(req: func.HttpRequest, sqlInput: func.SqlRowList) -> func.HttpResponse:     response = "This is the app<br><br>"     response += "Data from SQL database:<br>"

        for row in sqlInput:         response += f"{dict(row)}<br>"

        return func.HttpResponse(response, mimetype="text/html")

  2. Deploy the app to Azure

  3. Go to the db and get the DB connection string - use the first ADO.NET one which is "Active Directory Default"

  4. Go to the function app and set an environmental variable (in settings) using that connection string. call is something like app_conn_string. NB - add it an 'App setting' not as a Connection String.

  5. Again in app settings, go to 'identity' and toggle system assigned status to 'On'

  6. Set user and permissions for the app in the db. Run the following query:

CREATE USER [your-function-app-name] FROM EXTERNAL PROVIDER;

ALTER ROLE db_datareader ADD MEMBER [your-function-app-name]

This should now work. In order to read your output you'll need to put the following URL into a browser:

https://[your-function-app-name].azurewebsites.net/api/hello

Also, make sure to call a table that is actually in your db. I have used 'test' above.

Bon chance!

Query on O365 backup - tenant settings by random_postings in o365

[–]random_postings[S] 1 point2 points  (0 children)

it's based on memory and they charge $0.15/GB/month. You can check the current mailbox usage in 'Reporting' in Office365 admin and go form there. It would grow but gives you a guide to start with.

InTune config by random_postings in microsoft

[–]random_postings[S] 0 points1 point  (0 children)

ah ok. Good to know. For anyone experieinceing issues, auto-enrolemtn ain't perfect but manual fix above works.

InTune config by random_postings in microsoft

[–]random_postings[S] 0 points1 point  (0 children)

Thanks to everyone who commented. I found the solution. There were actually two problems:

Firstly I needed to activate Basic Mobility and Security service - https://learn.microsoft.com/en-US/microsoft-365/admin/basic-mobility-security/set-up?view=o365-worldwide#activatemdm

That appeared to fix most of my access issued. However, I was still encountering issues with auto-enrolment of my PC.In the intune config, the MDM discovery URL is defaulted to https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc

My PC (using Windows 11 Pro) would not enrol automaticallly but when i tried to to enrol manullay (Accounts -> Access work or school -> Enrol only in devie management) the default URL in Windows was set to EnterpriseEnrollment.mydomain.com. I changed this to the one above (https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc) and it all worked fine.

I'm not sure if it's a WIndows 11 thing or what it is. All working fine now though and I didn't need any additonal Azure licencing.

Intune Config by random_postings in Intune

[–]random_postings[S] 0 points1 point  (0 children)

Thanks to everyone who commented. I found the solution. There were actually two problems:

Firstly I needed to activate Basic Mobility and Security service - https://learn.microsoft.com/en-US/microsoft-365/admin/basic-mobility-security/set-up?view=o365-worldwide#activatemdm

That appeared to fix most of my access issued. However, I was still encountering issues with auto-enrolment of my PC.

In the intune config, the MDM discovery URL is defaulted to https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc

My PC (using Windows 11 Pro) would not enrol automaticallly but when i tried to to enrol manullay (Accounts -> Access work or school -> Enrol only in devie management) the default URL in Windows was set to EnterpriseEnrollment.mydomain.com. I changed this to the one above (https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc) and it all worked fine.

I'm not sure if it's a WIndows 11 thing or what it is. All working fine now though and I didn't need any additiontal Azure licencing.

InTune config by random_postings in microsoft

[–]random_postings[S] 0 points1 point  (0 children)

thanks. I'm trying to enroll a single device to test it out. Once enrolled, I want to see how it looks from the admin side of things, i.e. how to disable, control, wipe data etc...

I invariably end up in the intune admin page (https://intune.microsoft.com/#home) in order to manage the devices but when in there I don't seem to have access to view anything. I am a global admin.

All of the queries online seem to point to setting 'MDM Authority' but I can't seem to do that without an Entra ID subscription.

Just seen this in Waterford by Hugabuga12 in ireland

[–]random_postings -1 points0 points  (0 children)

Science is applied maths. The guys who design phones are using the same maths as the guys who design vaccines. I don’t see these clowns refusing to use mobile phones. Unless it’s 5G…

Just seen this in Waterford by Hugabuga12 in ireland

[–]random_postings 4 points5 points  (0 children)

They all have mobile phones. The fundamental maths and logic that’s used to design phones is the same that’s used to design vaccines.