Recent Discussions
Update-MgUser : Cannot convert the literal '0' to the expected type 'Edm.String'.
Dear I use the Graph API from a Power Shell script. I replaced all Azure Ad command let code in my scripts with Graph API code. I need to set the Company attribute in Azure. Users that do not have a value for company need to have "00000". Whatever I try, I always get the same error: $Organizationid =”00000” $MgUser = Get-MgUser -Filter "mail eq '$EmailAddress'" $body = @{CompanyName = $Organizationid } | ConvertTo-Json -Depth 1 Update-MgUser -UserId $MgUser.Id -BodyParameter $body Update-MgUser : Cannot convert the literal '0' to the expected type 'Edm.String'. $Organizationid =”00000” $MgUser = Get-MgUser -Filter "mail eq '$EmailAddress'" Update-MgUser -UserId $MgUser.Id - CompanyName $Organizationid Update-MgUser : Cannot convert the literal '0' to the expected type 'Edm.String'. [STRING]$Organizationid =”00000” $MgUser = Get-MgUser -Filter "mail eq '$EmailAddress'" Update-MgUser -UserId $MgUser.Id - CompanyName $Organizationid Update-MgUser : Cannot convert the literal '0' to the expected type 'Edm.String'. [STRING]$Organizationid =”00000” $MgUser = Get-MgUser -Filter "mail eq '$EmailAddress'" Update-MgUser -UserId $MgUser.Id - CompanyName $($Organizationid) Update-MgUser : Cannot convert the literal '0' to the expected type 'Edm.String'. Anyone an idea how to solve this? Thanks for the feedback Regards Peter
Special Characters not accepted in Azure Pipeline variable
Hi, I'm trying to set password in pipeline variable and use that variable for encoding it in base64 format before uploading to key vault. But when i try to set password with special characters like $,",', \ etc. its not accepting. FYI I'm trying to implement this via bash script task in Azure DevOps pipeline. Value provided in pipeline variable: test$123*'>"pl Any help would be really appreciated. Regards Bhuvanesh.S
Azur Devops - Connection with customer/partner
Hi all, I'm fairly new to Azure Devops and we are looking into the possibilities to connect Devops with one of our customers Devops environment so we can align boards, pipelines, etc. which we will need to share for a large common project. I have been reading some documentation to get into Devops but I did not find any information on this subject yet. Is it possible to link two Devops environments and then configure common boards, pipelines, etc. for topics which need to be shared with our customer, next to "private" topics for internal work ? If so, can someone point me in the direction of documentation which explains the options and requirements and processes for integration with a third party ? Thank you in advance. Phil
Azure Devops External Users can't access project after being added
We have a private free repo that we have added external contractors to. They show up as guest in our Entra tenant and have accepted the invite. However, upon trying to reach the DevOps organisation, they get the following error. You don't have access to this Your sign-in was successful but you don't have permission to access this resource. Error Code: 53003 Request Id: 4a68d5ad-a410-4477-8588-0057f58e2a00 Correlation Id: f8469115-08b5-4238-849f-50010672613d Timestamp: 2024-10-28T03:31:47.557Z App name: Azure DevOps App id: 499b84ac-1321-427f-aa17-267ca6975798 Device identifier: Not available Device platform: Windows 10 Device state: Unregistered They are added as Visual Studio Subscribers to the organisation and are B2B users in the Entra Tenant. Everyone from within our company that have been added to the DevOps organisation can access the repo as expected. External access is also toggled on in the DevOps org. Is there anything I perhaps have missed?
Event Subscriptions to Webhooks
been trying to get event items in azure over to webhooks for immediate action...ie teams, slack, etc...but MS is requiring validation of the URL per recent security best practices... I did a test via the webhook.site and was able to view the callback URL and did a invoke-restmethod to confirm, and azure green lit the URL, but teams/slack/others dont handle that or display that data so one can confirm... anyone gotten around this? feel its something stupid I am missingWindows 365 - AVD speed improvement
Good evening, I’ve heard that there are significant speed improvements with Windows 365 and version 24H2, and that these enhancements are expected to also impact AVD. However, I haven’t been able to find any specific updates on this. Does anyone have more information or details on this new development? Thanks in advance!Best Practices for Designing a Hub-and-Spoke Architecture in Azure
The Hub-and-Spoke architecture is a common networking model in Microsoft Azure, designed to improve security, manageability, and scalability for enterprises and cloud workloads. By centralizing network resources in a hub and connecting multiple spoke virtual networks (VNets), organizations can enforce governance while enabling controlled communication across workloads. However, designing an optimal Hub-and-Spoke architecture requires careful planning to ensure security, performance, and cost efficiency. This post will explore the best practices to help you build a robust and scalable architecture in Azure. 1. Understanding the Hub-and-Spoke Model In this architecture: The Hub serves as the central point for connectivity, hosting shared services like firewalls, VPN/ExpressRoute gateways, and identity services. The Spokes are individual VNets that connect to the hub, typically representing isolated workloads, applications, or business units. Peering is used to establish communication between the hub and spokes, with the option to enable or restrict direct spoke-to-spoke communication. Key Benefit: Centralized management of network traffic, security, and hybrid connectivity. 2. Designing an Effective Hub The hub is the backbone of your architecture, so it must be designed with scalability and security in mind: ✅ Use Azure Virtual WAN if you need a global-scale Hub-and-Spoke deployment with automated routing and traffic management. ✅ Leverage Azure Firewall for centralized security and to enforce traffic control between spokes. ✅ Implement Network Security Groups (NSGs) to restrict inbound/outbound traffic and define granular security policies. ✅ Optimize traffic flow with Route Tables (UDRs) to avoid asymmetric routing and performance bottlenecks. ✅ Ensure high availability by deploying redundant VPN or ExpressRoute gateways in active-active mode. Tip: Avoid placing unnecessary workloads in the hub to prevent performance degradation. 3. Managing Spoke Communication and Isolation Each spoke VNet should be logically and securely isolated while allowing required communication paths. ✅ Limit direct spoke-to-spoke communication by routing traffic through the hub unless specific business requirements demand otherwise. ✅ Use Private Endpoints to securely access PaaS services without exposing them to the public internet. ✅ Enforce Zero Trust principles by using Azure Private Link and restricting access to critical workloads. Tip: Avoid transitive peering unless absolutely necessary; use the hub to manage inter-spoke traffic. 4. Performance and Cost Optimization An efficient Hub-and-Spoke design ensures minimal latency and optimized costs. ✅ Use Accelerated Networking on VMs to enhance throughput and reduce network latency. ✅ Implement Azure Route Server to dynamically manage routes between the hub and spokes. ✅ Monitor network traffic with Azure Monitor and Traffic Analytics to detect bottlenecks and optimize network flow. ✅ Optimize ExpressRoute or VPN usage by choosing the right SKU based on bandwidth and redundancy needs. Tip: Reduce unnecessary traffic through NSG rules and route tables to avoid extra processing costs. 5. Governance and Automation To maintain consistency and reduce human errors, use automation and governance best practices: ✅ Deploy infrastructure as code (IaC) using ARM templates, Bicep, or Terraform for reproducible deployments. ✅ Enforce security policies with Azure Policy to ensure compliance with networking standards. ✅ Use Role-Based Access Control (RBAC) to define strict access levels for managing network resources. ✅ Monitor and log network activity using Azure Sentinel and Azure Monitor to detect anomalies. Tip: Automate network provisioning using Azure DevOps or GitHub Actions for efficiency and consistency. Final Thoughts A well-designed Hub-and-Spoke architecture in Azure provides centralized security, simplified management, and scalable connectivity. However, to maximize its benefits, it's essential to carefully plan network security, routing, and cost optimization while leveraging Azure’s built-in automation and monitoring tools. 🔹 What challenges have you faced when implementing a Hub-and-Spoke model in Azure? 🔹 What best practices have worked well for your organization? Let’s discuss in the comments! 🚀Unable to connect to Remote Desktop
I have tried: resubscribing refreshing the feed resetting user data uninstalling and reinstalling I work internally here and don't know who to contact as helpdesk told me to do the following listed above and uninstalling/reinstalling worked then but not now. [Window Title] Remote Desktop [Content] An error occurred while accessing this resource. Retry the connection or contact your system administrator. [^] Hide details [OK] [Footer] For more tips on how to resolve the issue, refer to the Troubleshooting Guide [Expanded Information] Error code: 0x3000047 Extended error code: 0x0 Timestamp (UTC): 2025-03-27T19:55:51.133Z Activity ID: 88ada66b-e18e-4aec-b4bd-98f477330000Virtual Desktop Log In
I have an issue with the virtual desktop connection. When I tried to log in it didn't prompt for the credentials. It presents a time-out issue and prompts the following message after a few minutes of loading. Your connection failed Your session was disconnected. If this keeps happening ask your admin or tech support for help. Error Code: 0x3000064 Launch count: 2 Timestamp: 2025-03-26T16:16:53.070Z
Free Azure / Intune For Testing
My organization utilizes Azure and Intune for device management. Testing features requires several layers of red tape. In most situations, I'm not even sure that the feature I want to test will even solve the problem I am facing. Until I get all the necessary approvals, business justification, etc. etc. I can't even try the solution. This is a waste of resources. I would like for a completely separate Azure & Intune instance to be available for enterprise customer's technical employees. This would help us understand the offerings, kick the tires and be able to confidently advocate for Microsoft services. Free or 'pay-as-you-go' is just not sufficient. I think it would be obvious from a Microsoft perspective that these dev instances are not being used for production use. I'm talking under 10 or under Entra-Joined devices. In Intune, perhaps something like 10 or under Apps. There can be several limitations on dev instances.DATACON coming to Seattle
Join DATACON as part of TechCon365 coming to Seattle, June 23-27, 2025. Hear from Microsoft Product teams and Microsoft MVP's and community contributors in keynotes, sessions and ask the experts. Over 80 sessions dedicated to all things data. Register today at Microsoft Data Conference - DATACON: Microsoft Azure SQL Databases, SQL Server, Microsoft Fabric and Microsoft Power BI Conference
Habilitar la colaboración B2B de Azure AD / Enable Azure AD B2B collaboration
Buenos días. Se está configurando una Colaboración Multitenant con varios Tenant. Se ha detectado que las Rooms sólo aparecen a los usuaurios las de su propio Tenant y no la de todos. Y necesitamos que aparezcan todas las Rooms de todos los Tenants para todos los usuarios de los diferentes Tenants. Actualmente se ha configurado Multitenant Collaboration en el portal Microsoft 365 admin center y las configuraciones Cross-Tenant Synchronization que se encuentra dentro del portal de Microsoft Entra Admin center. Nos ha comentado un Moderador de la comunidad de Microsoft que para que los Rooms aparezcan en todos los inquilinos es necesario habilitar B2B de Azure, ¿nos podéis ayudar por favor? Gracias. Un saludo. ------------------------------------------------------------------------------------------------------------------- Good morning. Multitenant Collaboration is being set up with multiple Tenants. It has been detected that the Rooms only appear to users those of their own Tenant and not that of all of them. And we need all the Rooms of all the Tenants to appear for all the users of the different Tenants. Multitenant Collaboration has currently been configured in the Microsoft 365 admin center portal and Cross-Tenant Synchronization configurations in the Microsoft Entra Admin center portal. A Microsoft Community Moderator told us for Rooms to appear in all tenants it is necessary to enable Azure B2B, can you please help us with that? Thank you. Best regards.Az Virtual Network Manager Multi-Region Hub-Spoke Topology
I'm evaluating Network Manager for a customer with a fairly default topology scenario being multi-region hub-spoke with inter-region meshed hubs. However, I find the existing documentation unclear and the product not intuitive enough on how to achieve this. There is a matching graphic on this following learn article, but the accompanying text above rather mentions the global mesh option to connect spokes in different regions, not hubs... https://learn.microsoft.com/en-us/azure/architecture/networking/architecture/hub-spoke#automation-with-azure-virtual-network-manager My configuration approach so far is: Network groups containing all VNets of a region Hub & spoke connectivity configuration applied with group and selecting matching regional hub VNet Network group of hub VNets Mesh connectivity configuration with global mesh enabled applied to group However, when I look at the visualization, there seems to be no connection among the hubs. Is this the right way or did I miss/misinterpret something?
Entra External Identities - Sign In with LinkedIn using OpenID Connect error
Hi there, I would like to add LinkedIn as an identity provider in my Entra External Identities tenant. We have proceeded according to the following instructions (Sign In with LinkedIn using OpenID Connect - LinkedIn | Microsoft Learn) and used the LinkedIn Well-Known Config Endpoint (https://www.linkedin.com/oauth/.well-known/openid-configuration). When saving the configuration I get the following error message in the EntraId portal: Custom OIDC well-known endpoint validation error: Error when deserializing response Required property 'token_endpoint_auth_methods_supported' not found in JSON. Path '', line 12, position 1. In the JSON provided by the LinkedIn Well-Known Config Endpoint the field 'token_endpoint_auth_methods_supported' is missing. However, according to the OpenId Connect specification, the field is optional. Currently I cannot add LinkedIn as an identity provider via OIDC in EntraID. Has anyone here already solved a similar problem? Thanks!Teams Optimization Crashes Windows App on macOS (AVD)
Summary: When using the Windows App for macOS (from App Store) to connect to Azure Virtual Desktop, enabling Teams Media Optimization causes the app to crash when joining or receiving a Teams call. Started about 3 weeks ago. Environment: App: Windows App for macOS App Version: 11.1.4 (Build 2557) - (I have also experienced this on 11.0.4 on another MBP M1 Max laptop I have.) macOS: 15.3.2 (Seqouia) Mac: MacBookPro18,1 (Apple Silicon) AVD Host: Windows 11, Teams (new client), Media Optimization enabled Crash Log: *** -[__NSArrayM objectAtIndexedSubscript:]: index 0 beyond bounds for empty array Type: NSRangeException Signal: SIGABRT Stack trace points to redirection plugin initialization Happens onlywhen Teams optimization is enabled Console Errors (macOS): BASIX_DCT(WARN): Not firing OnClosed on an object already closed. Stateful object was destructed while in state Opened(19) VirtualChannelEntryEx failed MSCOMVC plugin failed to load Repro Steps: Use a Mac with Continuity Camera or External webcam (in my case, Logitech Brio) Launch Windows App for macOS Connect to AVD session with Teams optimization enabled Initiate or receive a Teams call App crashes with SIGABRT Workarounds: ❌ Disabling UDP and device redirection has no effect. ⚠️ Disabling Teams Optimization prevents the crash. Far from ideal because now my audio and video quality are degraded when using teams on AVD (and my organization requires "camera on" for meetings 🔍 Relevant Log Snippets from macOS Console & Windows App (Teams Optimization Crash) ✅ Camera Enumeration Warning system_profiler SPCameraDataType Model ID: UVC Camera VendorID_1086 ProductID_39501 Model ID: FaceTime HD Camera Model ID: iPhone14,2 Continuity Camera detected alongside External Webcam and internal FaceTime camera. ⚠️ macOS Console Log BASIX_DCT(WARN): Not firing OnClosed on an object 0x11798e400 which is already closed. Happens right before crash — indicates plugin channel was torn down unexpectedly. 💥 Objective-C Crash Report exceptionReason : { "name":"NSRangeException", "type":"objc-exception", "composed_message":"*** -[__NSArrayM objectAtIndexedSubscript:]: index 0 beyond bounds for empty array", "class":"NSException" } Plugin crashes when accessing a camera/mic array that was unexpectedly empty. 🔗 Windows App RDC Log (DynVC Activity + Plugin Crash) DynVC.cpp(686): InvokeCallback() ...Sending up 6650 bytes VirtualChannelEntryEx failed Failed to load MSCOMVC plugin, maybe not enabled Stateful object 0x1218b4018 was destructed while in state Opened(19) AV redirection plugin begins initializing, then fails midstream. Memory cleanup errors confirm improper plugin teardown. 📉 Diagnostic Upload Failures FlushTracesInternal() is called before BeginUpload(). we don't have a claims token yet and thus can't generate sass token. cancelling flush Shows why Microsoft likely isn’t receiving telemetry unless the user manually reports. These logs help pinpoint the crash to Teams AV plugin failure in the Windows App on macOS, triggered by improper handling of macOS camera/mic devices (especially Continuity Camera or UVC) when Teams Optimization is enabled.Announcing the winners of the March Innovation Challenge Hackathon
Our fourth Innovation Challenge was our largest yet, with over 300 participants and over 70 projects! We offer this program to give developers the opportunity to get real world experience building AI solutions for use cases from Azure customers. To engage groups who are underrepresented in technology, we sponsor a range of outstanding organizations. Thank you to BITE-CON, Código Facilito, DIO, GenSpark, Hands in Unison, Microsoft Software and Systems Academy (MSSA), Propel2Excel, TechBridge, and Women in Cloud for helping to upskill the Azure community! Our objective for all participants is to facilitate the opening of new career opportunities by showcasing highly sought-after skills and demonstrating the ability to collaborate effectively within a team to deliver a functional proof of concept within a tight timeframe. The challenges we presented ranged from a focus on social impact to business planning to improving the ways we interact with AI. Across each topic, we saw things we hadn’t seen before: new approaches and new ideas with great potential. AI for supported employment job coaches: Supported employment is a service to help people with disabilities or other barriers to employment maintain jobs in the community. The professional job coaches who work in this field provide personalized assistance in assessment, job matching, training, support, and advocacy. Resources and support for job coaches is limited and the role is broad, requiring proficiency with bureaucratic, administrative tasks, delivering personalized training, addressing issues as they arise, routine inquiries and motivational support. How can AI help these coaches be more productive? ROI calculator for transformation success: When businesses need to adapt, change often comes with substantial risks, and 70% of transformation projects fail. How can we disrupt that statistic by using AI to enable leaders to make smarter decisions? Auto Correct and Prompt Validation Before AI Execution: How do you help users by flagging harmful or sensitive language in their prompts and suggesting safe and ethical alternatives? At same time, can you enhance the clarity and precision of prompts to improve AI output quality? Every team that worked on a project has a lot to be proud of. The judges had to work hard to choose the prize winners. Congratulations! First place $10,000 Interstellar Jobs Search a database of jobs posted by inclusive, accessible employers & receive personalized, AI-generated recommendations that highlight potential strengths and challenges based on individual characteristics. Second place $5,000 Connection.ai By leveraging automation, data analysis, and personalized support, our platform enhances recruiters' efficiency while promoting a fair, accessible, and inclusive hiring process. WorkAble AI addresses the critical challenge faced by supported employment programs: limited resources for job coaches who must simultaneously manage documentation, deliver personalized training, solve emerging problems, and provide motivational support to participants. Third place $2,500 Prompt Symphony Tuning prompts to elevate AI into a precision instrument Bridge Relationship memory for supported employment OpenBizROI AI business analysis and ROI forecasting platform designed to help organizations assess the feasibility and success of transformation projects. By leveraging machine learning, document processing, and predictive analytics, the platform analyzes financial data, business strategies, and market conditions to deliver ROI predictions with over 92% accuracy. Our next Innovation Challenge hackathon is happening in June. Start working on your Azure skills now to get ready!Clarification on EA Subscription Limits and Account Creation Process
I hope this message finds you well. I have a few questions regarding the Azure EA (Enterprise Agreement) subscription and the process for creating new EA accounts. I would greatly appreciate your help on the following points: Process for Creating New EA Accounts: What is the process for creating additional EA accounts once the subscription limit is reached? Are there any specific steps or approvals required? There is no official document on how to do it. Billing Account Consideration: When creating a new EA account, is it necessary to set up a new billing account, or can the new EA account be created under the same billing account that is currently being used for existing EA accounts? Thank you for your time and support. Best regards,Prepare now for Remote Desktop client for Windows end of support
On March 27, 2026, the Remote Desktop client standalone installer (MSI) for Windows will reach end of support. Before that date, IT administrators may need to migrate their users to Windows App so they can continue connecting to their remote resources via Azure Virtual Desktop, Windows 365, and Microsoft Dev Box. Remote Desktop client will continue to receive security updates until end of support, after which it will no longer be available for download. To learn more about how to prepare for end of support on March 27, 2026, please read aka.ms/RemoteDesktopClient.
Events
Robust security is crucial at every stage of your cloud and AI journey. Take a closer look at the importance of embedding security from the initial consideration of Azure to the ongoing management of...
Online
With security threats evolving across every layer, it is critical to have a cloud platform that is designed to safeguard your data and applications from the inside out. Join this session to explore t...
Online
Recent Blogs
- Introduction AI Engineers often face challenges that require creative solutions. One such challenge is managing the consumption of tokens when using large language models. For example, you may obse...Apr 01, 2025
- La versión 1.98 de Visual Studio Code ya está disponible y llega con una serie de novedades que llevarán tu experiencia de desarrollo al siguiente nivel. Entre los principales destaques se encuentran...Apr 01, 2025
