Licensing mode for the Remote Desktop Session Host is not configured

Had a situation recently when building a 2012 R2 RDS farm that the message

“Licensing mode for the Remote Desktop Session Host is not configured

kept appearing, even though the licensing server was activated etc. and the server was configured to use it.

Thankfully, this site had the answer

$obj = gwmi -namespace “Root/CIMV2/TerminalServices” Win32_TerminalServiceSetting
$obj. SetSpecifiedLicenseServerList(“licserver.domain.local”)

HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\Licensing Core\LicensingMode
Change the DWORD to 2 for Per Device or 4 for Per User


Update 6/09/2016

An employee mentioned to me that setting the license server and licensing mode via group policy also seems to get around this bug

Computer Policy\Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host


Windows 10 refresh tool

While this has no relevance for enterprise admins, it could be very useful when “friends” (the type that think anyone in “IT” should be able to fix their toaster…. as it runs on “that electricity stuff”) ask for help with their recent purchase of bloatware riddled new PC….. the reply can always be “have you got a fresh install of win 10 on it?”

Tim Sweeneys opinion on the future of the windows store

I think he is spot on.

Games for windows live was a disaster, UWP is un-configurable.

Currently, in my opinion, the reason why people use the windows platform is that it is (or maybe was is more accurate) flexible, partly natively and partly because of the huge array of software and hacks out there to get things done, in the way users want to get them done.

We all know that MS wants the apple “closed” model for recurring revenue…. but that means everyone that wants a flexible platform may have to start looking elsewhere.

Scripting Office 365 licensing with disabled services

Have had a few clients request scripts to automatically set assign licenses to users in Office 365 – Generally pretty simple. Recently I had a client ask to disable a particular service within a license – again, not all that difficult – unless you want to actually check if a license/service is already configured and not make any changes. Took a little while to work out, so figured I’d share it with those interested!


Just to set a license for a user is a pretty simple process – all you need is the license ‘SkuId’ value. To get a list of the ones available in your tenant, run: Get-MsolAccountSku. You’ll get a list of the available license SkuId’s and how many are active/consumed. In this article we’ll use an example SkuId of “Contoso:STANDARDWOFFPACK_IW_STUDENT”. Once you have the SkuId, all you need to run to assign the license is:

Set-MsolUser -UserPrincipalName -UsageLocation AU

Set-MsolUserLicense -UserPrincipalName -AddLicenses “Contoso:STANDARDWOFFPACK_IW_STUDENT”


Note: in order to assign a license, you also need to first assign a usage location to the user. If that’s already assigned, you can skip that line.


What if you didn’t want to have all the applications available for the user? For example, the above license includes Yammer Education. In this case, we need to create a ‘License Options’ object first.

$LicenseOption = New-MsolLicenseOptions -AccountSkuId “Contoso:STANDARDWOFFPACK_IW_STUDENT” -DisabledPlans YAMMER_EDU

Set-MsolUserLicense -UserPrincipalName –LicenseOptions $LicenseOption


So where did we get the “YAMMER_EDU” from? You can list the available services for a license by running:

(Get-MsolAccountSku | where {$_.AccountSkuId -eq ‘Contoso:STANDARDWOFFPACK_IW_STUDENT’}).ServiceStatus


What if we wanted to disable multiple services in the License Option? The “-DisabledPlans” option accepts a comma-separated list. For example:

$LicenseOption = New-MsolLicenseOptions -AccountSkuId “Contoso:STANDARDWOFFPACK_IW_STUDENT” -DisabledPlans YAMMER_EDU, SWAY


Ok, so now we know how to get the available licenses and related services – as well as how to assign the license to the user. What if we wanted to check if a license is assigned to a user first? Personally, I’m not a huge fan of just re-stamping settings each time you run a script – so I thought I’d look into it. The easiest method I’ve found is to try bind to the license, then check if it’s $null or not:

$User = Get-MsolUser -UserPrincipalName

$License = $User.Licenses | Where{$_.AccountSkuId -ieq “Contoso:STANDARDWOFFPACK_IW_STUDENT”}

If ($License) {Write-Host “Found License”} else { Write-Host “Didn’t Find License”}


From there we can do whatever we want – if the license is found and that’s all you care about, you can skip – otherwise you can use the other commands to set the license.

So what if we also want to make sure YAMMER_EDU is disabled as well? That’s a little trickier. First we need to bind to the license like we did above, then we need to check the status of the relevant ‘ServicePlan’.

$User = Get-MsolUser -UserPrincipalName

$License = $User.Licenses | Where{$_.AccountSkuId -ieq “Contoso:STANDARDWOFFPACK_IW_STUDENT”}



If($License.ServiceStatus | Where{$_.ServicePlan.ServiceName -ieq “YAMMER_EDU” -and $_.ProvisioningStatus -ine “Disabled”})


Write-Host “YAMMER_EDU isn’t disabled”




At this point it’s probably a good idea to talk about the structure of these objects – you may not need to know it, but for anyone trying to modify these commands it might be helpful.

  • A ‘User’ object contains an attribute ‘Licenses’. This attribute is an array – as a user can have multiple licenses assigned.
  • A ‘License’ object contains two attributes relevant to this script; ‘AccountSkuID’ and ‘ServiceStatus’
    • AccountSkuId is the attribute that matches up with the AccountSkuId we’re using above
    • ServiceStatus is another array – it contains an array of objects representing the individual services available in that license – and their status.
  • The two attributes attached to a ‘ServiceStatus’ object that we care about are:
    • ServicePlan.ServiceName – this is the name to match the service above (eg: YAMMER_EDU)
    • ProvisioningStatus – this can be a bunch of values, but mostly ‘Success’, ‘Disabled’ or ‘PendingInput’. I’d assume there’s also ‘Provisioning’, but I’ve never seen it.


With this in mind, we can put together a script like the following – it reads the UPN and AccountSkuID from a CSV file, though you could use whatever source you like and update the script accordingly.


As with the previous scripts, you need the following:


You’ll also need to update the 6 variables at the top of the script (paths, etc).



#Input File

$File = “D:\_Temp\ExchangeOnline\Source.csv”


#Log Variables

$LogFile = “D:\_Temp\ExchangeOnline\SetLicenses_$((Get-Date).ToString(“yyyyMMdd”)).log”

$AuditFile = “D:\_Temp\ExchangeOnline\SetLicenses_Audit.log”



$AdminUser = “

$PasswordFile = “D:\_Temp\ExchangeOnline\EO_Password.txt”

$KeyFile = “D:\_Temp\ExchangeOnline\EO_AES.key”


Write-Output “$(Get-Date -format ‘G’) ========Script Started========” | Tee-Object $LogFile -Append


#Build the credentials object

Write-Output “$(Get-Date -format ‘G’) Creating credentials object” | Tee-Object $LogFile -Append

$key = Get-Content $KeyFile

$SecurePassword = Get-Content $PasswordFile | ConvertTo-SecureString -Key $key

$Creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $AdminUser, $SecurePassword


#Import the MSOnline Module

IMport-Module MSOnline


#Connect to MSOnline

Write-Output “$(Get-Date -format ‘G’) Connecting to MSOnline” | Tee-Object $LogFile -Append

Connect-MsolService -Credential $Creds


#Grab the CSV contents

$CSV = Import-CSV $File

#Go through each entry

Foreach($Line in $CSV)


$samAccountName = $line.samAccountName

$UPN = $Line.UPN

$SKUID = $Line.license


Write-Output “$(Get-Date -format ‘G’) Processing User $UPN” | Tee-Object $LogFile -Append


#Make sure the user exists in MSOnline

If(Get-MsolUser -UserPrincipalName $UPN)


#Found in MSOnline. Put the user account into a variable

Write-Output “$(Get-Date -format ‘G’) – Located in MSOnline” | Tee-Object $LogFile -Append

$User = Get-MsolUser -UserPrincipalName $UPN

#Check the UsageLocation

If($User.UsageLocation -ine “AU”)


Write-Output “$(Get-Date -format ‘G’) – Location not set to AU. Updating…” | Tee-Object $LogFile -Append

#Update it

Set-MsolUser -UserPrincipalName $User.UserPrincipalName -UsageLocation AU

Write-Output “$(Get-Date -format ‘G’) $UPN Location set to AU” | Out-File $AuditFile -Append



#Check if the license is attached to the user

$SetLicense = $false

Write-Output “$(Get-Date -format ‘G’) – Checking for License: $SKUID” | Tee-Object $LogFile -Append

$License = $User.Licenses | Where{$_.AccountSkuId -ieq $SKUID}



#License is attached. Check to make sure that any services to be disabled are actually disabled

Write-Output “$(Get-Date -format ‘G’) – License already attached. Checking if required services are disabled” | Tee-Object $LogFile -Append

If($License.ServiceStatus | Where{$_.ServicePlan.ServiceName -ieq “YAMMER_EDU” -and $_.ProvisioningStatus -ine “Disabled”})


Write-Output “$(Get-Date -format ‘G’) – YAMMER_EDU not disabled.” | Tee-Object $LogFile -Append

$SetLicense = $True



If($SetLicense){Write-Output “$(Get-Date -format ‘G’) – One or more services not disabled. License requires updating.” | Tee-Object $LogFile -Append}




#License is not attached.

Write-Output “$(Get-Date -format ‘G’) – License is not attached. Will be attached.” | Tee-Object $LogFile -Append

$SetLicense = $True





#License is not attached or not configured correctly. Build up the license with required options

$LicenseOption = New-MsolLicenseOptions -AccountSkuId $SKUID -DisabledPlans YAMMER_EDU

#Set the License

Write-Output “$(Get-Date -format ‘G’) – Setting/Updating license” | Tee-Object $LogFile -Append

Set-MsolUserLicense -UserPrincipalName $User.UserPrincipalName –LicenseOptions $LicenseOption

Write-Output “$(Get-Date -format ‘G’) $UPN License set/updated for SkuId: $SKUID” | Out-File $AuditFile -Append




Write-Output “$(Get-Date -format ‘G’) – No changes to license required” | Tee-Object $LogFile -Append



# Clear loop variables for the next run

$samAccountName = $Null

$UPN = $Null

$SKUID = $Null

$User = $Null

$License = $Null

$SetLicense = $Null

$LicenseOption = $Null




Write-Output “$(Get-Date -format ‘G’) – Error: User not found in MSOnline” | Tee-Object $LogFile -Append





Write-Output “$(Get-Date -format ‘G’) ========Script Complete========” | Tee-Object $LogFile -Append

Exchange 2013/216 receive connector selection process

On a recent gig, the local tech wanted some more detail on the receive connector selection process… I explained the whole “most defined” IP set wins (i.e. will be selected over, but was unable to find any TechNet articles to back that up.

Fortunately, this guys nails it, with a good explanation and examples…

good work Mark Gossa.


Microsoft culture change to non-sales focused ?

I’ll believe it when I see it. For an organisation that is so incredibly entrenched in the culture of selling first and not bothering if the product actually meets customer needs or not – and even worse, very skilled in repositioning the problem as the solution, its a massive claim and would be a massive change.


SCCM 2012+ – Bug when building query using values selector for Software files – File modified date

This is a fairly uncommon thing…. but, its still there.

When using SCCM, sometimes its necessary to use software inventory and the “Software Files” class – to determine the versions of software that is in your environment.

Normally, we would use Software Files – File Name and Software Files – File Version and that would be enough.

We have one client, who has some software developed by a particularly shitty vendor, who releases different software versions with the same version number, so we needed to look for the exe, the version, but also the Software Files – File Modified Date.

When selecting the file modified date, like most reasonable people, you would select the “values” button and select the correct entry – or based your entry on that format… unfortunately, in this case, the entry values shown in the below dialogue box, are not the same as the ones in the database.

The values box in SCCM


The view data in SQL


Notice the different values


If I select a value, or use the format from the values box, I get a collection with 0 members, as nothing matches that criteria


If, however, I enter the value in the correct format from the database, we are all good



Anyhoo – I realise this is an unusual situation…. most developers realise that incrementing version numbers is a good thing. Still, there’s an small chance this might help someone out there.

Automating Mailbox Regional Settings in Exchange Online

When you migrate (or create) a mailbox in Exchange Online, the first time a user goes to open their mailbox they are prompted to select their Timezone and Language. I recently had a client ask for a more automated method of pre-populating these values, so thought I’d have a look into it.


Of course, there’s no global way to define these settings for users before they get a mailbox, so the settings have to be set once the mailbox has been migrated – this really only leaves the option of a custom powershell script – either something you run after each migration (or creation), or on a periodic schedule.


First, to the settings themselves. As it turns out, you can use the same commands that you’d use in on premise Exchange: Get-MailboxRegionalConfiguration and Set-MailboxRegionalConfiguration – which also means this script could be adapted to be used on premise as well. The two settings we’re concerned with here are “Language” and “TimeZone”. Since the client we’re dealing with here is solely based in Australia, we’re going to be setting all users to a language of “en-AU”. For the TimeZone, Microsoft provide a list of valid values here:


Except that they’re missing two Australian time zones. The actual valid values for Australia are:

  • AUS Central Standard Time – Darwin
  • Cen. Australia Standard Time – Adelaide
  • AUS Eastern Standard Time – Canberra, Melbourne, Sydney
  • E. Australia Standard Time – Brisbane
  • Tasmania Standard Time – Hobart


So with that in mind, we can use the following commands:

Set-MailboxRegionalConfiguration -Language en-AU

Set-MailboxRegionalConfiguration -TimeZone “AUS Eastern Standard Time”


Since we’re talking about a national business with users in different time zones, the time zone value is going to need to change for each user. In order to automate this, we’ll need some source information available that indicates in which state the user is located – ideally, you’re going to be using the ‘Office’ field in the user’s AD account – though obviously you could use any available attribute. The reason I recommend ‘Office’ (or ‘physicalDeliveryOfficeName’) is because it’s synchronised to Office 365 with the user account (and becomes ‘Office’).


Note: You don’t actually need the value in Office 365 – if you’re running the script on premise, you can query your AD directly and ignore the attributes in 365. When I wrote the script I opted to solely use data that was in Office 365 – primarily because I was developing the script remotely and didn’t have direct access to their AD – so if you want to use your local AD instead of values in 365, you’ll need to modify the script!


For this client, the ‘Office’ value for each user is prefixed with the state (ie: SA, NSW, QLD, WA) – so it was relatively simple to use a ‘Switch’ function in Powershell (similar to a ‘Case’ statement in vbscript).


In order to use the script, you need the following:


You’ll also need to update the 5 variables at the top of the script (paths, etc), as well as the Time Zones (and criteria) in the Switch statement.


#Log Variables

$LogFile = “D:\Scripts\ExchangeOnline\RegionalConfig_$((Get-Date).ToString(“yyyyMMdd”)).log”

$AuditFile = “D:\Scripts\ExchangeOnline\RegionalConfigAudit.log”



$AdminUser = “

$PasswordFile = “D:\Scripts\ExchangeOnline\EO_Password.txt”

$KeyFile = “D:\Scripts\ExchangeOnline\EO_AES.key”


Write-Output “$(Get-Date -format ‘G’) ========Script Started========” | Tee-Object $LogFile -Append


#Build the credentials object

Write-Output “$(Get-Date -format ‘G’) Creating credentials object” | Tee-Object $LogFile -Append

$key = Get-Content $KeyFile

$SecurePassword = Get-Content $PasswordFile | ConvertTo-SecureString -Key $key

$Creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $AdminUser, $SecurePassword


#Import the MSOnline Module

IMport-Module MSOnline


#Connect to MSOnline.

Write-Output “$(Get-Date -format ‘G’) Connecting to MSOnline” | Tee-Object $LogFile -Append

Connect-MsolService -Credential $Creds


#Connect to Exchange Online

Write-Output “$(Get-Date -format ‘G’) Connecting to Exchange Online” | Tee-Object $LogFile -Append

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri `

-Credential $Creds -Authentication Basic -AllowRedirection

Import-PSSession $Session


#Grab a list of User Mailboxes from Exchange Online. Only modify synchronised ones.

Write-Output “$(Get-Date -format ‘G’) Getting User Mailbox List” | Tee-Object $LogFile -Append

$UserMailboxes = Get-Mailbox -Filter {RecipientTypeDetails -eq ‘UserMailbox’ -and IsDirSynced -eq $true} –Resultsize Unlimited


#Keep a count for the summary at the end

$TotalCount = 0

$UpdatedCount = 0

$ErrorCount = 0


#Go through each mailbox

Foreach($Mailbox in $UserMailboxes)


$Updated = $false



#Grab the UPN

$UPN = $Mailbox.UserPrincipalName

Write-Output “$(Get-Date -format ‘G’) Processing Mailbox $UPN” | Tee-Object $LogFile -Append


#Grab the regional Config

$RegionConfig = Get-MailboxRegionalConfiguration $UPN

#From this we need ‘TimeZone’ and ‘Language’.

#Language should be en-AU

#Valid Timezones are:

# AUS Central Standard Time ‘Darwin

# Cen. Australia Standard Time ‘Adelaide

# AUS Eastern Standard Time ‘Canberra, Melbourne, Sydney

# E. Australia Standard Time ‘Brisbane

# Tasmania Standard Time ‘Hobart


#First, do the language – only change if required

If($RegionConfig.Language -ine “en-AU”)


Write-Output “$(Get-Date -format ‘G’) – Updating Language to en-AU” | Tee-Object $LogFile -Append

Set-MailboxRegionalConfiguration -Identity $UPN -Language en-AU

$Updated = $True

#Write to the audit log file

Write-Output “$(Get-Date -format ‘G’) $UPN Language changed to en-AU” | Out-File $AuditFile -Append



#Next, do the Region

#Grab the Office attribute from the MSOnline Object

$MSOlUser = Get-MsolUser -UserPrincipalName $UPN

$Office = $MSOlUser.Office


#The office attribute will begin with either WA, SA, NSW or QLD

Switch -Wildcard ($Office)


“WA*” {$Timezone = “W. Australia Standard Time”}

“SA*” {$Timezone = “Cen. Australia Standard Time”}

“NSW*” {$Timezone = “AUS Eastern Standard Time”}

“QLD*” {$Timezone = “E. Australia Standard Time”}

default {$Timezone = $Null}



If($Timezone -ne $Null)


#Check if the timezone matches

If($RegionConfig.TimeZone -ine $Timezone)


Write-Output “$(Get-Date -format ‘G’) – Updating TimeZone to $TimeZone” | Tee-Object $LogFile -Append

Set-MailboxRegionalConfiguration -Identity $UPN -TimeZone $TimeZone

$Updated = $True

#Write to the audit log file

Write-Output “$(Get-Date -format ‘G’) $UPN TimeZone changed to $TimeZone” | Out-File $AuditFile -Append





Write-Output “$(Get-Date -format ‘G’) – Error: Invalid Timezone/Office value” | Tee-Object $LogFile -Append




If($Updated) {$UpdatedCount++}


#Clear out the variables for the next run

$UPN = $Null

$RegionConfig = $Null

$MSOlUser = $Null

$Office = $Null

$Timezone = $Null




#Write the summary to the log file

Write-Output “$(Get-Date -format ‘G’) ========Summary=======” | Tee-Object $LogFile -Append

Write-Output “$(Get-Date -format ‘G’) Accounts Checked: $TotalCount ” | Tee-Object $LogFile -Append

Write-Output “$(Get-Date -format ‘G’) Accounts Updated: $UpdatedCount ” | Tee-Object $LogFile -Append

Write-Output “$(Get-Date -format ‘G’) Accounts with invalid Office values: $ErrorCount ” | Tee-Object $LogFile -Append


#Remove any remote powershell sessions

Get-PSSession | Remove-PSSession

Using Azure RM Site to Site VPN with a Dynamic IP

By guest writer: Leon Zippel


In the interests of saving a bit of money, I decided to switch my ADSL service from an expensive business connection to a cheap residential connection. In Australia this also means switching from a static IP address to a dynamic IP address. With most web-based services now able to be proxied via Microsoft’s Web Application Proxy (and other services using unique ports), it seemed like everything would be fine with a combination of a Dynamic DNS service and port forwarding. I only run a development environment at home, so if I could save some money without any real impact, all the better!


After I made the switch, I realised that I’d forgotten about my site-to-site VPN between my development environment and Azure Resource Manager (AzureRM). For those familiar with AzureRM and Site to Site VPN, you’ll know that your on premise IP address is configured in a “Local Network Gateway” object. I thought perhaps that you could enter a DNS entry in the IP address field – no such luck.


So I had a look around online to see if anyone else had some easy solution I could poach. While I could find a solution for Azure Classic, the objects are completely different in AzureRM (and the powershell commands are different) – so while it gave me a direction, I couldn’t use the solution as-is. So I had a look at the available AzureRM powershell cmdlets – primarily ‘Get-AzureRmLocalNetworkGateway’ and ‘Set-AzureRmLocalNetworkGateway’.


The problem I came across was that ‘Set’ command really only accepts two parameters – a LocalNetworkGateway object, and AddressPrefix (for your local address spaces). No option to change the Gateway IP. The documentation didn’t give any additional information either.


Based on previous experience with powershell, I had assumed that the LocalNetworkGateway input object would need to refer to an existing object. As a last resort, I decided to try modify it before setting anyway – and it worked! So essentially we can do something like:


$LNG = Get-AzureRmLocalNetworkGateway -ResourceName <LocalNetworkGatewayName> -ResourceGroupName <ResourceGroupName>

$LNG.GatewayIpAddress = <DynamicIP>

Set-AzureRmLocalNetworkGateway -LocalNetworkGateway $LNG -AddressPrefix @('','')


Obviously this is a fair way from an automated solution that can be run on a schedule! In order to put it into a workable solution, the following overall steps need to be taken:


  1. Configure a dynamic DNS service (such as – this will need to be automatically updated via your router or client software
  2. On the server that will be running the scheduled task, install the Azure Powershell Cmdlets (as per
  3. Create an administrative account in Azure AD that has administrative access on the subscription (they must be listed in the Azure Classic portal under Settings > Administrators).
    1. It’s important to note that when using the ‘Login-AzureRM –Credentials’ command that the credentials used must be an ‘organisational account’ – you can’t use a Microsoft Live account (even if it’s a subscription administrator).
  4. Use some method of saving credentials for use in Powershell. I prefer to use a key-based encryption so it’s transportable between computers – a guide on doing this can be found here:
  5. Update the following values in the following script:
    1. DynDNS: the external DNS entry that resolves to your dynamic IP
    2. SubscriptionName: the name of your Azure subscription. This can be retrieved using Get-AzureRMSubscription
    3. User: the organisational administrative account
    4. PasswordFile: the file containing the encrypted password
    5. KeyFile: the file containing the encryption key (obviously you want to keep this safe – as it can be used to reverse engineer the password!)
    6. Address Prefixes on line 42.
  6. When running the script via Task Schedule, ensure you also specify the ‘Start In’ directory – otherwise you need to hard code paths in the script.
#Dynamic DNS Entry for your dynamic IP
$DynDNS = ""
#Azure subscription name
$SubscriptionName = "Visual Studio Premium with MSDN"

#UPN of a user account with administrative access to the subscription
$User = ""
#Password file
$PasswordFile = ".\AzurePassword.txt"
#Key file to decrypt the password
$KeyFile = ".\AzureAES.key"

Write-Host "Building Credentials"
#Grab the contents of the key
$key = Get-Content $KeyFile
$SecurePassword = Get-Content $PasswordFile | ConvertTo-SecureString -Key $key
#Build the credential object
$Creds = New-Object -TypeName System.Management.Automation.PSCredential -ArgumentList $User, $SecurePassword

#Get the Current Dynamic IP
[string]$DynIP = ([System.Net.DNS]::GetHostAddresses($DynDNS)).IPAddressToString
Write-Host "Current Dynamic IP:" $DynIP

#Log into the Azure Tenant
Login-AzureRmAccount -Credential $Creds
#Select the subscription
Select-AzureRmSubscription -SubscriptionName $SubscriptionName
#Grab the current LocalNetworkGateway
$LNG = Get-AzureRmLocalNetworkGateway -ResourceName Local_Network_Gateway -ResourceGroupName RG_AU_SE
#Output the IP to view
Write-Host "Current LocalNetworkGateway IP:" $LNG.GatewayIPAddress
Write-Host "Current Dynamic IP:" $DynIP

#Determine if we need to change it
If($DynIP -ne $LNG.GatewayIpAddress)
    Write-Host "Dynamic IP is different to LocalNetworkGateway IP - Updating..."
    #Update the IP in the LNG Object
    $LNG.GatewayIpAddress =$DynIP
    #Update the LNG Object in Azure. AddressPrefix is required.
    Set-AzureRmLocalNetworkGateway -LocalNetworkGateway $LNG -AddressPrefix @('','')
    Write-Host "No changes required"