Make sure your Azure ARM VM’s are not a threat

The script below will deploy or un-deploy the Azure antimalware extension from all VM’s in a resource group. You need to ensure the anySettings and SqlSettings are correct for your world.

[cmdletbinding()]
param (
    $rgname="release4.11.0.1",
    [bool]$adding = $true
)
 
# Get-AzureVMAvailableExtension | fl -Property Publisher, ExtensionName
 
$location="north europe"
$extName="IaasAntimalware"
$extType="IaaSAntimalware"
$extPublisherName="Microsoft.Azure.Security"
 
 
$anySetting = @"
{
"AntimalwareEnabled": true, 
"RealtimeProtectionEnabled": true,
"ScheduledScanSettings": {
       "isEnabled": true,
       "day": 1,
       "time": 120,
       "scanType": "Quick"
       },
"Exclusions": {}
}
"@
 
$sqlSetting = @"
{
"AntimalwareEnabled": true, 
"RealtimeProtectionEnabled": true, 
"ScheduledScanSettings": {        
       "isEnabled": true, 
       "day": 1, 
       "time": 120, 
       "scanType": "Quick"  
       },        
       "Exclusions": {
             "Extensions": ".mdf;.ldf",
             "Paths": "D:\\;E:\\",
             "Processes": "excludedproc1.exe;excludedproc2.exe"    
             }
       }
"@
 
 
$allVersions= (Get-AzureRmVMExtensionImage -Location $location -PublisherName "$extPublisherName" -Type "$extType").Version
$versionString = $allVersions[($allVersions.count)-1].Split(".")[0] + "." + $allVersions[($allVersions.count)-1].Split(".")[1]
 
 
$vms = get-azurermvm -ResourceGroupName $rgname
 
$vms | % {
    $thisVm = $_
 
    $whichSetting="Any"
    $setting = $anySetting
 
    if($thisVm.Name -like "*-sql") {
        $setting = $sqlSetting
        $whichSetting="SQL"
    }
    if($adding) {
 
    write-host ("ADDING $whichsetting setting to " + $thisVm.Name)
 
    Set-AzureRmVMExtension `
            -ResourceGroupName $rgname `
            -VMName $thisVm.Name `
            -Name "$extName" `
            -Publisher "$extPublisherName" `
            -TypeHandlerVersion "$versionString" `
            -ExtensionType "$extType" `
            -Location "$location" `
            -SettingString "$setting"
    }
    else {
        write-host ("REMOVING FROM " + $thisVm.Name)
        Remove-AzureRmVMExtension -ResourceGroupName $rgname -VMName $thisVm.Name -Name "$extName"
    }
}

>Biztalk server R2 upgrade woes

>Just had a misserable day and a half upgrading my XP workstation from Biztalk 2006 Dev edition to Biztalk 2006 R2 Dev edition.

To cut a very long story short. Make sure your AV software is turned off before you start otherwise the installer may hang at the stage of removing temporary files.

This happened to me and a collegue repeatedly throughout the last day and a half, rollbacks, uninstalls and re installs to no avail.
In the end, had to Rollback the R2 install, uninstall biztalk altogether then reinstall biztalk then apply R2 all this with AV turned off (Sophos was the AV in question although i’m sure any AV would have had dthe same effect)

Turns out the AV software was preventing some last steps which were crucial to a successfull install.

Happy days?