Very quick video ensuring awareness of the ability to apply specific conditional access policies to M365 and Security Copilots! Can also integrate with Purview insider risk, phishing resistant authentication and more!

https://youtu.be/kdkwbI4R4Sc

00:00 - Introduction
00:24 - Service principals required
01:11 - Creating CA policy for copilot
03:01 - Copilot runs as the user
03:30 - Close

Hi,

I am upgrading a server from 2012 in azure, it has successfully installed but I am having an issue accepting the licence terms as I'm unable to rdp/bastion onto the server in it's current state.

Can anybody offer any advice how to get past this?

I have been tasked to get some on-prem VMs to use an Azure DNS as its DNS Server. I have all the networks connected with VPNs / Virtual network gateways. Has anyone done this?

I want to create new revisions for Azure Container Apps based on new images. Now, some of these images will have database migrations, i.e. breaking changes, some won't. For the ones which won't I will just copy the revision with the updated image - fine. But what about the ones for which I do not want rolling updates?

I can deactivate the previous/current revision, but when I then copy it again, it seems that both will be activated (also suddenly all my other previous inactive revisions appear to be gone)? I could scale it to zero I guess, but that seems rather hacky. Is there a straightforward way, am I missing something?

RDP Connection with IOS App cannot be established

Hi, we have configured a RDS Farm with external Gateway and Azure MFA (NPS extension). Since MFA we cannot establish the connection with IOS RDP App. We accept the MFA Push notification. After that the RDP Client wants to Connect to the Server, but then it Throws an error that the Session cannot be established. We alfeady tested: NTLM, different devices, different networks, firewall etc. Do you have any idea?

I was trying to take advantage of the ability of tying my power bi workspace to an azure log analytics workspace to get some audting related information. Mainly I wanted to be able to query this table here: https://learn.microsoft.com/en-us/azure/azure-monitor/reference/tables/powerbireportusageworkspace

After setting up the connection to my log workspace I am not seeing any tables at all. I am new to using azure log analytics so if i missed something obvious i apologize

I have setup an Azure AI Search connector in copilot studio. However copilot quote me the whole response object from my database.

How to map the fields properly ? I know that I can map the response text to the right column but I also want quotes and url of the original file

https://preview.redd.it/8n075aa30u4e1.png?width=1480&format=png&auto=webp&s=b4444f25508cd2acff6dcffdb1f4c8b738b289bc

I need to map id, uri, content, name/path and vector fields

https://preview.redd.it/ilva7pkb0u4e1.png?width=533&format=png&auto=webp&s=bffe2b1e7fd70446b488bf9daf6dfb42e3ee9c61

Hi everyone,

I’m currently facing an issue with updating my Linux machines with ARM64 architecture using Azure Update Manager. The updates don’t seem to be applying correctly, and I can’t pinpoint the root cause.

Has anyone encountered a similar problem or have any advice on how to resolve this? Any tips or guidance would be greatly appreciated!

Thanks in advance for your help!

https://preview.redd.it/xyvh40nstt4e1.png?width=673&format=png&auto=webp&s=b6fc02b55dfd44a7f16514d18e8df4bce5715a66

Hi All

We've noticed over the last 24 hours that we are unable to copy files from local machine and paste them through to our AVD hosts. However, copy and pasting text between local machine and AVD hosts WORKS fine.

Redirection is already enabled within the AVD pool configuration.

AVD hosts are running Win 11 Enterprise Multi-Session

Any thoughts?

I'm using Azure Data Factory and have a question about Triggers. Specifically a blob storage trigger.

I would like a pipeline to trigger when a file that matches "mystuff..xls" appears in the container. "" is a regex. My files will be named like "mystuff2024-1122.xls", "mystuff2024-1125.xls", "mystuff2024-1130.xls" etc.

1. Does the "ends with" box support regex?
2. If not, how would I check to see if a valid file is in the blob container?

Thank you.

Hi everyone. I have an issue where even when I change the DTU limit for my database the DTU use never exceeds 50%. The database is in Standard S4 pricing tier and doesn't have an elastic pool set up.

For a 200DTU limit set the max usage is ~80DTUs. This is an issue since it becomes a huge bottleneck in the system I manage.

I'm new to Azure Data Factory. We are using Microsoft products where I work. I may be going about this all wrong.

Task: Read a spreadsheet and pull out a key field from a column. Look up that number in database1. If that number is not found look it up in datatbase2. If the number is still not found log an error. If the number is found I need to get other data from the database and write it out to another Excel file.

At first I thought this was doable in a pipeline, maybe getting a data flow involved. But I have been stuck for a few weeks on this. Any tutorial I find is too simple and does not do what I would like, so I'm unable to adapt it. Other tutorials are out of date and Azure DF no longer has the options on the screen that the tutorial has.

So, should I use a notebook to read an Excel file? A notebook uses Python right?

Thank you.

p.s. I know nothing about notebooks but I think they use Python, which is well-supported by Microsoft.

Hi

What file explorers do you use if users need access to blob storages? *with access through Entra, not Access Key.

Azure Storage Explorer is good for Admins but not user friendly.

I use Azure Data Factory online (not MS Fabric). I'm still a beginner to Azure, though I know how to make storage accounts and my data factory I struggle with doing what I need to in a pipeline. I can do this in Python but I'm not allowed to use Python or any tool that uses Python.

I'm looking for a tutorial to read through a spreadsheet, get a key field, like tracking number from the spreadsheet, and look up that tracking number in database1. If the tracking number is not found in database1 it should attempt to find it in database2. If it is still not found it should log an error.

The problem is I've found a tutorial about a pipeline Foreach but none about doing what I need. The tutorials I have found are far too simple and don't teach me anything.

The MS forum has been lacking answers for the past 3 weeks and I seem to get an answer from some type of user that is really an AI and the answers are out of date, options they describe are no longer in Azure, or just plain don't work.

Could there be other active forums out there to get help? I only have the internet to help me.

Thank you!

I have setup an app in my Entra workspace, just wondering if there are API permissions for accessing my organisation usage for various copilot apps? The data I want to retrieve is the prompt logs, app usage details, which user using which app and search history, etc.

Any help??

Hi everyone! I’m currently on dead end and can’t find why our policy in one of our Azure APIM instance keeps on changing.

I’ve already checked the following:

1. Azure APIM Activity logs — can’t find anything relevant here regarding the changes. Or am i missing anything here? Lol
2. Azure DevOps — we’ve checked if there are automation that runs but we found none.

What are the other services that we need to check or logs for us to trace who is making the changes?

Thank you!!!!!!

I have a administrative unit with users and groups. I have a Service principal that invites guests and assigns them to said groups. Can I use that service principal to delete users only in that administrative unit? I can’t make it work unless I add a api permission that grants for the whole tenant.

I’ve been a Junior Cloud Engineer for 12 months and I’m really enjoying it, however I wonder if I’m not doing enough work. I came from a medical background before retraining, so I have nothing to compare it to.

What’s a typical day for other juniors and do you feel like you’re learning/doing enough?

Hello

We almost certainly have disks that are provisioned at a size that's not the maximum for the tier we're being charged for. Does anyone know of a report/script/workbook that will highlight those disks? We may as well have the maximum free disk space possible for what we're being charged.

cheers

Hi, we have configured a RDS Farm with external Gateway and Azure MFA (NPS extension). Since MFA we cannot establish the connection with IOS RDP App. We accept the MFA Push notification. After that the RDP Client wants to Connect to the Server, but then it Throws an error that the Session cannot be established. We alfeady tested: NTLM, different devices, different networks, firewall etc. Do you have any idea?

Resource capacity planning predicts the gap between future project demand and workforce capacity to identify the shortfall or excesses of resources. Based on the analysis, one can develop a resource capacity plan to bridge the gap proactively for successful project delivery while ensuring every resource is utilized optimally.

What is Resource Capacity Planning? A Comprehensive Guide

Hi team (Apologies if this is the wrong subreddit),

We currently have 1 AD Forest, let's call this Domain1, with a fully functional Azure AD Connect Sync set up towards Microsoft 365 / Azure

Now recently we have obtained another company, with their own functional On-Premise enviroment.
They have a AD Forest, let's call this Domain2, that we would like to synchronise with our current Domain1.
Migration is not something that is in the books, as the companies would like to stay apart

Some users of Domain1 are present in Domain2.

Now, Microsoft offers the following construction: "Multiple Forests, Single Microsoft Entra tenant".
I have checked how this would be set up in our current situation, and i'm thinking the following:

• Connect Domain2 into Domain1 with an Trust Relationship, and sync through Domain1's Server.

What would be the main things to look out for? The only thing i'm guessing is double UPN's, which is unlikely due to the fact that we're using different domains.
The other thing would be something with ProxyAddresses, but i'm not fully sure since i've never set it up in this way.

Could somebody give me some pointers?
Thanks and appreciated!

I created an Azure function in eastus:

az functionapp create --resource-group MY_AZURE_RESOURCE_GROUP --consumption-plan-location eastus --runtime node --name MY_AZURE_FUNCTION --storage-account MY_STORAGE_ACCOUNT

func azure functionapp publish MY_AZURE_FUNCTION  

The above commands worked and the function was successfully uploaded. I replicated this exact same procedure but I only changed the value of MY_AZURE_FUNCTION and eastus to southcentralus. All of a sudden, the function won't upload. I didn't get any errors, I noticed that the upload size was way smaller than the eastus function, even though the code was essentially the same. Is there some kind of restriction on Azure functions in southcentralus? These are my logs from Function App > MY_AZURE_FUNCTION > Monitoring > Log stream:

Connected!
TIMESTAMP_HERE   [Verbose]   Initiating background SyncTriggers operation
TIMESTAMP_HERE   [Information]   Loading functions metadata
TIMESTAMP_HERE   [Information]   Reading functions metadata (Custom)
TIMESTAMP_HERE   [Information]   0 functions found (Custom)
TIMESTAMP_HERE   [Information]   0 functions loaded
TIMESTAMP_HERE   [Information]   Loading functions metadata
TIMESTAMP_HERE   [Information]   Reading functions metadata (Custom)
TIMESTAMP_HERE   [Information]   0 functions found (Custom)
TIMESTAMP_HERE   [Information]   0 functions loaded
TIMESTAMP_HERE   [Verbose]   AuthenticationScheme: ArmToken was not authenticated.
TIMESTAMP_HERE   [Verbose]   AuthenticationScheme: WebJobsAuthLevel was not authenticated.
TIMESTAMP_HERE   [Verbose]   Successfully validated the token.
TIMESTAMP_HERE   [Verbose]   AuthenticationScheme: Bearer was successfully authenticated.
TIMESTAMP_HERE   [Verbose]   Authorization was successful.
TIMESTAMP_HERE   [Verbose]   Authorization was successful.
TIMESTAMP_HERE   [Information]   Loading functions metadata
TIMESTAMP_HERE   [Information]   Reading functions metadata (Custom)
TIMESTAMP_HERE   [Information]   0 functions found (Custom)
TIMESTAMP_HERE   [Information]   0 functions loaded
TIMESTAMP_HERE   [Information]   Loading functions metadata
TIMESTAMP_HERE   [Information]   Reading functions metadata (Custom)
TIMESTAMP_HERE   [Information]   0 functions found (Custom)
TIMESTAMP_HERE   [Information]   0 functions loaded  

See, no errors, but 0 functions are loaded.

Does anyone experience this or where can I reach out to? I've been trying for 2 days now.

https://preview.redd.it/vfw6qt93wq4e1.png?width=860&format=png&auto=webp&s=2906d052de3d82fcd04328594ee12aeeed7ede97

So we have a highly regulated workload a d all traffic has to stay in network ...is it true that eventgrid then cannot be used since it doesn't interface with private interfaces ?

If I create a multi tenant app homed in Tenant A. And then I grant admin consent to that app in Tenant B (effectively getting the SPN created in Tenant B): can I then use a secret/cert managed in Tenant A’s app reg to request tokens to access resources in Tenant B? Or does the admin consent + SPN only grant Enterprise App SSO for User Delegation?

Hi, I am preparing for SC-200 exam i am studying from CBT Nuggets,Plural Sight and ITproTV courses but i don’t feel confident that i am prepared for exam i also l did Github labs for SC-200 any suggestions would be appreciated how to best prepare for the exam this cert will be my first Microsoft cert so I don’t have experience with Microsoft testing

Feel free to DM or directly reply. I’m keen to know what do you charge per course or its per hour?

I’m getting engaged with a new TSP and want to give them genuine rates for fundamental certs (AZ-900 etc) and then for advanced certs.

Hey all,

Not really a big issue but wanted to run it by the community.

When we invite external users as guest users so that they can access one of our SharePoint site, they get the invite email and when they accept it, it takes them to https://account.activedirectory.windowsazure.com and they just get a spinning circle.

Granted, they can just close it out and they it still registers them but it is generating calls from users.

Just says "Apps" and a spinning circle as if it is trying to load apps. However, these are guest accounts with no apps to load.

Is there a way around this or am I overthinking this?

TIA