Preparing for 70-533: Implementing Microsoft Azure Infrastructure Solutions

I’m not a massive fan of certifications, but I understand why people do them and the benefits which can arise from the whole process of achieving them.  I did a lot of them in the past when my career was more geared around infrastructure work rather than coding. However, I wanted to learn about Microsoft Azure and since it is such a large topic to get to grips with, decided that pursuing the 70-533: Implementing Microsoft Azure Infrastructure Solutions exam would be a good way to focus on learning an initial subset of what is available to work with in Azure.

Currently, as of 20/03/2017, there are a couple of Azure exam bundle deals available which are worth checking out. Basically, for roughly just under the cost of taking the exam on its own, you get a free resit voucher and a MeasureUp practise test thrown in as part of the bundle. I found the MeasureUp test a pretty good barometer for where I was with my learning and ended up going over all of the topics again to gain a better understanding that the practise test was highlighting was needed. These practise tests can be a bit hit and miss in my past experience, but I thought this one was a pretty good indicator of what the actual exam turned out to be like.



I used a lot of different resources to prepare for the exam, the homepage is the obvious first place to start so you are aware of which areas of Azure are being tested. has some info about how the exam changed towards the end of 2016 to be more focused on ARM rather than ASM:

Azure Infrastructure Exam (70-533) Gets ARM Refresh

Being comfortable with PowerShell and JSON is a pre-requisite before attempting any of the training I would suggest.


Once familiar with the objectives I used some online training as the largest part of my learning experience:

Implementing Microsoft Azure Infrastructure Solutions (70-533) from Pluralsight; some of it is a little out of date given the above exam changes, but still a very useful starting point

Azure Resource Manager Deep Dive from Pluralsight

I also watched a few chapters from Architecting Microsoft Azure Solutions (70-534) on Pluralsight. Even though it was for a different exam, there is still a lot of crossover and it was useful for a review of topics I had already covered.

Having then started on the MeasureUp practice test and realised more work was required I tried out the free Microsoft Azure training mentioned as part of their bundle offering above, which is free to anyone even if not signing up to one of the bundles. If you don’t have access to Pluralsight then this would be a good place to start. In my case I found it useful to revisit topics I had already learnt. This site was also good for the extra practice questions it contains.

Craig Kilborn has some useful info on his site:

70-533: Implementing Microsoft Azure Infrastructure Solutions – Prep & Exam Experience

The Microsoft site Channel 9 has a large Azure section of videos to choose from. In particular finding relevant videos in the Azure Fridays series was good as a refresher as the exam date approached, for example Azure ScaleSets  or Azure CDN.

Finally, I found it really useful to team up with a colleague who is going for the same exam and regularly review things learnt and compare notes – I learnt a lot from doing this and would suggest trying the same if you can.

Last Minute Preparation

As some last minute preparation for the exam I committed to memory as much as possible from the key facts around Azure Web Apps, Azure SQL and Azure VMs, such as in the below screenshots from the Azure portal for Web Apps. Then at the beginning of the exam, I wrote down as much as possible that I could remember on the materials provided before tackling the questions.

This is part of the reason why I don’t like certs since to me it is fairly pointless to memorise something that could easily be looked up if necessary. However, it was worth it for having a good awareness of, for instance which Web App tier would be suitable for a described application type.


You can obtain similar information from the portal for Azure SQL and Azure VMs.

and then Happy Days 🙂

powershell.exe version parameter

PowerShell v6 Alpha 17 has been released and contains an interesting change with the version parameter when applied to powershell.exe. Some discussion around it can be found here and here.

When using a Linux based shell, supplying the version parameter returns the version of the shell:

You can now do a similar thing in PowerShell Core:

Note that using $psversiontable still gives you fuller information:

This is slightly different from the pre-v6 PowerShell version on Windows where the version parameter requires an argument:

For example, you can start PowerShell version 2 from a PowerShell version 5.1 console:


There’s discussion in the Github issues about whether that particular functionality of running different PowerShell versions will be taken forward in PowerShell Core.




Create an Azure Storage Blob Container with PowerShell

My observations so far with the Azure PowerShell experience have been somewhat mixed and the example in this post will give you a flavour of that. I wanted to create a new Storage Blob Container via PowerShell, rather than through the below process in the web portal:

I looked for cmdlets which could potentially be used:

However, it returned nothing from the AzureRM module, only the Azure module. (There are currently two modules you need to use when working with Azure, some more info here and here) To say this can get confusing when you are new to the topic is an understatement, hopefully this situation is going to improve significantly ASAP.

So it looks like I need to use New-AzureStorageContainer from the original Azure module, however there do not appear to be any examples which show you how to add it into the desired place, i.e. Resource Group and Storage Account:

So far I have found two different ways to get this done:

1)Set the current Storage Account

I found a StackOverflow post with an example. You need to first of all call a cmdlet from the AzureRM module to set the current Storage Account (note line 2 is the weird response you get from running the command in line 1, i.e. just a string with the name of the current Storage Account, not an object representing it):

Now I can use New-AzureStorageContainer and it will get created in the correct place:

2) Use Storage Account Keys

Within a Storage Account are two Access keys which can be used for automation:

We only need one of the keys, but the following will retrieve both and then we pick out the first key value:

Now using one of the key values we can set the Storage Context:

Note: the above doesn’t actually seem to perform any validation on whether a Storage Account with that name exists. I initially had a typo in  the name and when using the next command generated the error: New-AzureStorageContainer : The remote name could not be resolved: ‘’

Now if we have used the correct name for an existing Storage Account we can create the Storage Container using the generated Storage Context:

Please leave a comment if I have missed an easier way to do it, I’d love to know 🙂

New-AzureRmResourceGroupDeployment : A parameter cannot be found that matches parameter name

New-AzureRmResourceGroupDeployment generates the following error:

New-AzureRmResourceGroupDeployment `
-Name $resourceDeploymentName `
-ResourceGroupName $resourceGroupName `
-TemplateFile $template `
@additionalParameters `
-Verbose -Force
New-AzureRmResourceGroupDeployment : A parameter cannot be found that matches parameter name ‘xxxxxxxxxxx’.
At line:5 char:5
+ @additionalParameters `
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [New-AzureRmResourceGroupDeployment], ParameterBindingException
+ FullyQualifiedErrorId : NamedParameterNotFound,Microsoft.Azure.Commands.ResourceManager.Cmdlets.Implementation.NewAzureResourceGroupDeploymentCmdlet

This kind of error seems fairly in tune with the experience I have had so far with the AzureRM PowerShell module, i.e. the error has seemingly nothing to do with the actual problem. While I spent a fair amount of time checking the parameter ‘xxxxxx’ in the ARM JSON file and found nothing wrong, it turned out that a syntax error elsewhere in the file was causing the problem. An error message pointing to that kind of problem would have been a lot more helpful!

Solve the syntax issue and this error goes away.

Issues with Mounting a CIFS Share on the vRO Appliance

This article on the vCOTeam site details how to mount a CIFS share on the vRO Appliance so that workflows can write files directly to a Windows File Share rather than using another process to copy the file over there.

This was straightforward to implement in a lab scenario, however within a corporate environment with more restrictions around security and networking it can potentially be more of a challenge. Specifically we encountered the following error response from a Windows Server seemingly configured correctly for Share and NTFS permssions on the folder to mount:

Status code returned 0xc0000022 NT_STATUS_ACCESS_DENIED
CIFS VFS: Send error in SessSetup = -13
CIFS VFS: cifs_mount failed w/return code = -13

This post on a Centos forum helped us track down the problem, i.e. there was at least one Group Policy restricting the use of NTLM.

“It turned out in my case to be a Group policy which was set to Send NTLMv2 responses only. Refuse LM and NTLM. I changed this to Send LM & NTLM -use NTLMv2 session security if negotiated.

Located at: Computer Configuration/Windows Settings/Security Settings/Local Policies/Security Options. The policy is called: Network Security: Lan Manager authentication level.”

In our case there were also other NTLM policies that needed to be considered, so worth checking any of these:

Also worth checking the policy: Microsoft network server: Digitally sign communications (always):

It is also possible to use different security settings within the /etc/fstab file on the vRO appliance, eventually we settled on sec=ntlmssp, however I believe the following are also possibilities: sec=ntlm, sec=ntlmv2, sec=ker5 and sec=ker5i

You may also want to consider using a credentials file rather than the username=xxx,password=xxxx in the /etc/fstab file if you want to get this past your security person 😉

PowervRA – Now available on OS X and Linux via PowerShell Core!

Back Story

For a while Craig and I have had a number of requests regarding offering OS X and Linux support to PowervRA, particularly since in case you weren’t aware PowerShell is now available on those OSs and 3rd party modules such as PowerCLI are heading towards supporting that. We first looked at offering this support for PowervRA when the first Alpha release of PowerShell Core was shipped, however we were blocked by a couple of issues, particularly this one regarding certificate checking.

However, back in December I read about how the guys who maintain PowerNSX had been able to offer PowerShell Core support and they had also been blocked by that same issue which has now been resolved. So we updated to PowerShell Core Alpha 14 and started testing again – it seemed that another blocking issue around JSON responses had also been resolved, so things were looking good.

As it turned out, there weren’t a significantly large amount of changes which actually needed to be made on our side – some changes to the Connect-vRAServer and Invoke-vRARestMethod functions to do different things depending on whether PowerShell Core is being used. The scale of community feedback to the alpha releases of PowerShell Core and the efforts of the PowerShell team at Microsoft look like they have had a great impact and covered off a lot of the issues we might have had and the feedback has been quickly taken into subsequent alpha releases.

We benefited from the fact that we have previously invested quality time in producing integration tests for PowervRA, consequently we were able to run the same tests using a PowerShell Core client and only ended up with a couple of bugs that we are currently unable to resolve (here and here) , but looks like at least one of them is scheduled to be fixed for us via a milestone of PowerShell Core beta.

So in release 2.0.0 of PowervRA we are very pleased to bring you support for PowerShell Core!


You will need:

PowerShell Core Alpha 14 + ….instructions on getting it installed for different OS flavours can be found here.

PowervRA 2.0.0 + . Get a copy of PowervRA onto the Linux  or OS X machine you want to run it from. Use the following to download it  from the PowerShell Gallery:

or manually copy the module yourself to one of the locations listed in $env:PSModulePath, for example:

In Action


Here’s PowervRA on my Macbook:

Connect to vRA

Retrieve Blueprint Details

Update a Reservation Policy

Ubuntu 16.04

Here’s PowervRA on Ubuntu 16.04:

Connect to vRA

Retrieve Business Group Details

Update a Network Profile



Craig has done some cool work to make PowervRA available via Docker. Check out his blog post for more details.

Also, many thanks to Alan Renouf for suggesting PowervRA now be made available hosted in the PowerCLI Core Docker Hub too.

Side Note

In PowervRA 2.0.0 we have also made some under the hood changes that it is worth being aware of (check the changelog for more details):

  • Module Restructure Part 1: we changed the functions from being their own individual nested modules in *.psm1 files to more simply being in *.ps1 files and made part of the module in a different way. This was a way I had historically put my modules together, but now have spent some time improving on it to a better way.
  • Module Restructure Part 2:  a number of functions had been marked in recent releases as deprecated, they have now been removed.
  • Module Restructure Part 3: we had previously started moving the functions into folders based on their API endpoint, this is now complete across all of the functions:


We believe we have covered off most issues with using PowervRA on PowerShell Core via our testing process, but if you do experience anything we have missed then please let us know here.

We are aware of one issue with running PowervRA on CentOS, which appears to be something not just relevant for us and should get fixed upstream in .Net Core.


We’re really pleased to be able to bring this support to PowervRA and much kudos to the PowerShell team and the wider community for making it both possible and relatively straightforward. We hope you find it useful given we know a significant part of our potentially user base are OS X users.

Also stay tuned because we are not stopping there. There is other planned new PowervRA functionality on the horizon ……

ConvertTo-Json – Working with the Depth Parameter

A couple of times I have got tripped up by the fact that the Depth parameter for ConvertTo-Json has a default value of 2. So for an object something like this with multiple sub-objects, you will have problems if you don’t specify a higher value for that parameter.

If we send the original object through to ConvertTo-Json with the default value for Depth, then we’ll get the following and you’ll observe that only the first two levels have been dealt with properly:

Using a Depth parameter set to level 10 we get a better result:

So mostly it is just a case of remembering that it may be required to use the Depth parameter. A default value of 2 seems a little low, but I guess there must be a reason for it. In practical terms, I got a bit lazy with this and rather than check what the exact value should be each time, I set a high value which I knew would never be reached, let’s say 200. However, some changes in PowerShell seem to have been introduced since the WMF 5.1 preview / 6.0 alpha which results in the following error:

The maximum depth allowed for serialization is 100.

So it appears that there is now a maximum value of 100 for the Depth parameter. Re-working all mentions from 200 to 100 resolved the problem.


PowerShell Brickset Module – Part 3: Working with the Inventory

In part 1 of this series, we looked at how to get started with the Brickset module. In part 2 we examined how to easily download sets of instructions. Now in part 3 I’ll show you how to use the inventory features of Brickset.

When you are logged into the Brickset website you can use the inventory features to help keep track of your collection. For example if you look at a particular set, you can mark the number of copies of that set you own, or if you don’t own it, mark it down as a set that you want:

Also at the top of the page you’ll see a summary of the number of sets owned and wanted. Each is a clickable hyperlink which will provide you with a nice view of what you own or are looking to get hold of.

Included in the PowerShell Brickset module are a set of functions for working with this functionality. First of all Get-BricksetCollectionTotals will give an overview on existing totals:

Get-BricksetSetOwned will give details on owned sets:

Get-BricksetSetWanted will give details on sets wanted:

Of course these are only useful if you have already populated your Brickset Inventory via the website. While it’s a pretty simple experience in the website to do that for individual sets, there could be a lot of clicking to do if you have a large amount of sets to upload. Step forward Set-BricksetSetOwned. In it’s simplest form, to add one set:



(Note: I don’t think the ‘xxx people own this set’ stat updates instantly whether you update your set ownership via the website or the API)

Let’s say we now want to do a bulk upload of everything we own and we have a data set of our Lego sets contained in Excel. We could take that data and fire it at Set-BricksetSetOwned to do the bulk update. Here’s an example CSV file with a small amount of data to illustrate the process:

and the following code will mark each of those sets as owned, with the number owned as the quantity:

and now our collection is starting to look a bit more respectable:


All that’s left for me to do is get a list of all of my owned sets into that CSV file and uploading to Brickset will take just a few seconds 🙂

PowerShell Brickset Module – Part 2: Downloading Instructions

In part 1 of this series, we looked at how to get started with the Brickset module. In part 2 we’ll take a look at how to easily download sets of instructions.

It may be the case that you have lost the set of instructions for a Lego set or perhaps you have got hold of a set secondhand that didn’t have the instructions to accompany it. It’s possible to do that for an individual set via the Lego website, but with this Brickset module you can do it from the comfort of your own PowerShell session, which can be particularly handy if you need to get more than just one set of instructions.

In its simplest form you can do this for a single set :

which gives you back two URLs. The first is for part 1 of the instructions, the second for part 2 – sometimes the larger sets ship with multiple instruction books.

You could of course paste these URLs into your browser to download them, but an easier way would be this:

which will produce this in your default browser, a tab for each pdf:

This is quite handy, but you’ve still probably got to save them away manually into a folder somewhere for future reference.

Let’s take this a step futher. By using the Theme parameter of Get-BricksetSet and a native PowerShell cmdlet Start-BitsTransfer we can download the sets of instructions for an entire  Lego theme into a specified folder: