Recent Discussions
Need advice on the architecture of a setup
I need a bit of a sanity check on something as I have been reading through documentation and not entirely sure if this is possible. We have a Microsoft Azure/365 tenant and all of our identities are currently Cloud-only. We recently decommissioned the last of our domain controllers, which used to be hosted in Azure. There is now a requirement to provide a small AVD environment, 5 users to pilot initially, with the ability to be able to scale up if this is successful. We want to be able to use FSLogix to store user profiles. We want to avoid going back to having a DC in Azure if possible, so considered using Entra ID Domain Services instead. I have since: Deployed an instance of Entra DS - Standard SKU Configured Synchronisation and filtered its scope to a specific Security Group containing only a test account initially. Reset the password on the test account as a pre-requisite for PW Hash Sync. Created a pooled Host Pool, added a single SH (W11 24H2 Multisession) and joined it to Entra ID. Created a Premium storage account, provisioned a share, configured identity-based access with Microsoft Entra Domain Services, added the relevant IAM roles to the storage account using the relevant security group. Created a Private Endpoint and DNS zone for access to the storage account. Configured Entra ID SSO using Microsoft Graph explorer, added the correct RDP property. I got to a point where I can happily sign in to the Session host using either Web or Windows Client, haven't even started configuring FSLogix at this stage. Wanted to make sure I could access the storage account first, so browse to the UNC path e.g. storageaccountname.file.core.windows.net and get prompted for credentials. When I manually enter credentials (and these are the exact same as I'm using to sign in to the Session Host, e.g. email address removed for privacy reasons / password) I get the expected access, but obviously don't want to be entering these manually. So I guess my question is: is SSO to a storage account configured to authenticate with Entra DS possible from an Entra ID Joined VM possible, or would I be better off joining the VM to Entra DS instead? I think I'm either missing a simple step or designing this in a way that won't work. Any help would be greatly appreciated.Anyone managing Azure budgets? Would love to hear how you're doing it
Hi everyone - I’m a founder working on a tool to help engineering and infra teams plan and monitor Azure cloud costs more effectively (especially when it comes to budgeting and forecasting). I’m not selling anything - just trying to understand how teams currently handle: Planning Azure spend across teams or projects Staying within budget or tracking drift over time Forecasting costs based on changing usage If you're involved in this (or have strong opinions about what Azure does well/poorly here), I’d love to hear your thoughts. Even a few sentences would be super helpful. You can DM me here or just drop a quick comment. Happy to share what I’ve learned from others too. Thanks!
Azure pipeline MSBuild occur error
Azure pipelin - MSBuild occur : error MSB4236 => Error MSB4236: The SDK 'Microsoft.NET.Sdk' specified could not be found. Hello everyone Can anyone suggest any solutions for that. // Background // * MSBuild - MAUI SDK 8.0, Xamarin binding project - task: JavaToolInstaller@0 inputs: versionSpec: '11' jdkArchitectureOption: 'x64' jdkSourceOption: 'PreInstalled' - task: UseDotNet@2 displayName: .NET Version inputs: packageType: 'sdk' version: '8.x' includePreviewVersions: true - task: Bash@3 displayName: Install MAUI - task: MSBuild@1 inputs: solution: '**/*.csproj' msbuildVersion: 'latest'
not equal condition does not work in azure pipeline template
I have a condition to run a task in azure job template conditionally if value of parameter is not null, however the task runs even if value of parameter is null. parameters: - name: 'new_tag_value' default: '' type: string - task: Bash@3 displayName: 'Update Image tag in helm chart' inputs: targetType: filePath filePath: '${{ parameters.bash_script_path_image_tag_update }}' arguments: '${{ parameters.new_tag_value }} ${{ parameters.svc_value_File }}' condition: and(succeeded(), ne('${{ parameters.new_tag_value }}', ''))
Activate text entry box not accepting text
I have been experiencing this issue for a few weeks now and assumed it was just me. But I asked several co-workers and they are all experiencing the same issue. When attempting to active a PIM role in Azure, the text entry box for adding the reason you're activating the role will flash and change the outline to blue, indicating it is now ready to accept text entry. However, it will not allow typing in text. If you click inside the box several times, you might be offered the option to auto-fill a previously used entry (but not always). In order to actually type in the reason, I have to first click on "Roles" in the activation window, then click "Activate" again to get back to the text box. It will then accept text entry and allow completion of role assignment. It's not a huge problem, but it adds steps and time to role assignment, which isn't ideal since roles are usually being grabbed to take care of an apparent emergency. (I have a great short video showing exactly what I'm talking about, but the media insertion option would not allow adding it here.)Installing azure local os on a laptop
I don't know if it is possible but I would like to try installing azure local on a laptop that has a two terabyte SSD drive. it is an LG Gram laptop. the reason I would install it on the laptop is the laptop was damaged while being transported by an ambulance to hospital the laptop did they lowered the the gurney and the laptop was underneath and so the laptop was crushed into the shape of a 8th moon. if it is possible what I'd like to do is install the azure local os and then from the azure portal provision a Windows 11 operating system initially for testing purposes. if I can be successful at that then I would try installing Azure Local On one of several servers I have in my home that have multiple network cards I also have a bank of 56 public IP addresses So I think I have everything necessary but I'd like to start with the laptop any tips would be appreciated i've searched high and low maybe I'm just not good at searching but hoping somebody out there take a minute to tell me I'm parking up the wrong tree or maybe you can provide me with a link to a good article or just tell me what I need to do. In the end maybe I can use the laptop and it's drive for restoring data for insights or some or maybe have one BM running on it Anything I can do to use the on premise Hardware that I have would help from a cost standpoint. I am limited in what I can do as far as neurologically because of a spinal cord injury but that's not a crutch it's just an FYI. I'm pretty sure one of you is way smarter than me and way more experienced than I So thanks In advance we're taking the time to point me in whatever direction I need have a good afternoon
Azure Support Case Feedback
Hello, Just posting this thing here after couple email exchanges with the Azure Support Team. So basically 2 issues I encountered via Azure Support (on Azure Portal) is like after getting an initial reply from the support team, I couldn't make any follow-up reply (i.e., unable to re-open the ticket). The second issue is the ticket blocks my access. According to the Azure Support Team, they indicated that the issue is transferred internally to another team under Microsoft so it's technically not part of Azure Support anymore and basically a limitation is that if the ticket is transferred to another team, the ticket could cause the issues mentioned above. Hence, I would like to provide this as feedback and potentially seek to submit this as a feature request to lift this limitation. Thanks
Windows App, pasting files hangs OS
Hi all, We’re experiencing an intermittent but frustrating issue when using the Windows App to connect to our Azure Virtual Desktop environment. Issue: When users attempt to copy and paste certain files from their local machine to the remote session, the operating system on the remote side hangs. The mouse still moves, and the clock continues to tick, but: -Start menu becomes unresponsive -Taskbar icons stop registering clicks -Desktop icons are frozen -No error messages appear This occurs sporadically and seems to affect files of varying sizes and types — 100KB up to 20MB. What we've tried: -Updating the Windows App to the latest version -Verifying clipboard redirection is enabled -Using MSTSC, and the Remote Desktop Store App. These work but don't support Session Pools, Remote -Apps, or SSO. -Using RemoteDesktop_1.2.6228.0 (MSI Install) Has the same issue as Windows App Environment: -Remote app hosted in Azure Virtual Desktop (AVD) -Users connecting from Windows 10/11 clients -Windows App version: 2.0.419.0, 2.0.420.0, and 2.0.500.0 All ideas welcome - is a major disruption to our business processes.
Resoure Graph Explorer
I’m looking to retrieve a list of Azure resources that were created within the last 24 hours. However, it appears that Azure does not consistently expose the timeCreated property across all resource types, which makes direct filtering challenging. Request for Clarification/Support: Could you please confirm if there’s a reliable way to filter resources based on their creation time — for example, resources created in the last N days or within the last 6 hours? If timeCreated is not uniformly available, what’s the recommended approach (e.g., using Resource Graph, Activity Logs, or any other reliable method) to achieve this?
Comparision on Azure Cloud Sync and Traditional Entra connect Sync.
Introduction In the evolving landscape of identity management, organizations face a critical decision when integrating their on-premises Active Directory (AD) with Microsoft Entra ID (formerly Azure AD). Two primary tools are available for this synchronization: Traditional Entra Connect Sync (formerly Azure AD Connect) Azure Cloud Sync While both serve the same fundamental purpose, bridging on-prem AD with cloud identity, they differ significantly in architecture, capabilities, and ideal use cases. Architecture & Setup Entra Connect Sync is a heavyweight solution. It installs a full synchronization engine on a Windows Server, often backed by SQL Server. This setup gives administrators deep control over sync rules, attribute flows, and filtering. Azure Cloud Sync, on the other hand, is lightweight. It uses a cloud-managed agent installed on-premises, removing the need for SQL Server or complex infrastructure. The agent communicates with Microsoft Entra ID, and most configurations are handled in the cloud portal. For organizations with complex hybrid setups (e.g., Exchange hybrid, device management), is Cloud Sync too limited?Drive digital transformation of your business with Microsoft Azure
Technology has been transforming business ever since the invention of the wheel. But in recent years, the business landscape has changed fundamentally due to the unique convergence of three things: Increasing volumes of data, particularly driven by the digitization of “things” and advances in data analytics used to draw actionable insight from that data The rise of cloud computing, which places limitless computing and storage power into the hands of organizations of all sizes, increasing the pace of innovation and competition The explosion and ubiquity of mobile computing The convergence of these factors has shifted both what customers expect, because of access to unprecedented amounts of information, and what companies must deliver to meet those expectations. Check out the attached white paper to learn more!RDS HTML5 WebClient - WebSocket issues on reconnection
Hi Everyone - Currently have an RD farm deployed to roughly 1000 users utilising azure app proxy and RD Web HTML5 client. This seems to work ok besides some issues with random disconnections. This wouldn't be much of an issue if a user was disconnected and it reconnected, but I am experiencing an issue and this has been an issue since rollout. The webclient will attempt to reconnect 10 times and fail, the user then has to click the reconnect button for their session to come back. The error in the troubleshooting logs provided by the user show: 2025-06-16T18:32:25.631Z Connection(ERR): The connection generated an internal exception with disconnect code=ConnectionBroken(8), extended code=<null>, reason=WebSocket closed with code: 1006 reason: Thrown in thread 1440032 at: websockettransport.cpp(335) Call Stack: at invoke_iiiiii at https://redacted/RDWeb/WebClient/static/librdp/librdphtml.5e634d6d7f9728ab68c3.wasm:wasm-function[11989]:0x3cf63f at invoke_vii at https://redacted/RDWeb/WebClient/static/librdp/librdphtml.5e634d6d7f9728ab68c3.wasm:wasm-function[1067]:0x4fede Any help would be amazing, I'm at a dead end with this.
Creation of an AKS Hybrid Cluster is not working from Azure Portal
The creation of an AKS hybrid networks for Azure is failing with the error below. The resource operation completed with terminal provisioning state 'Failed'.\",\"details\":[{\"message\":\"Warning: rpc error: code = Unknown desc = rpc error: code = Unknown desc = VMMS only supports using an existing 'Default Switch' ICS network (invalid network name: 😞 Invalid Input Any assistance please?Azure Arc enabled Servers unable to assess Updates
Starting yesterday, several of my Arc-enabled Win 2019 and 2022 Servers are unable to assess Windows Updates anymore. Error: "Assessment failed due to this reason: Not able to complete assessment within specified time." Is there anything I can do to reinstall "WindowsPatchExtension" as it won't automatically install itself after removing it from the Extensions? (It's not available for manual install, at least not via "Install extension" GUI)WVD and Zscaler App
Has anyone had an issue running Zscaler with WVD? Or has anyone been succesful? At the moment, Zscaler is totally killing our WVD pilot. We run the app version of Zscaler that runs on the client and it seems to be unhappy with some of the WVD components and how they talk to Azure. We are working with Zscaler support, but so far no luck. So I'm wondering if anyone else has experienced issues with Zscaler and WVD.Single-Sign On
After troubleshooting an issue for a customer, we determined that the prerequisites for enabling SSO at the AVD host pool level is not strictly enforced when a user goes to execute the SSO workflow from MSRDC or the Windows App. Meaning, that if an administrator does not enable the -IsRemoteDesktopEnabled flag on the Service Principals "Microsoft Remote Desktop" and "Windows Cloud Login" respectively. Setup: Deploy Entra ID Joined session hosts to a host pool and enable the "Microsoft Entra single sign-on" RDP property to "Connections will use Microsoft Entra authentication to provide single sign-on" or update the RDP connection string with 'enablerdsaadauth:i:1'. Result: User will not receive the 'Windows Security' dialog box to access the session host with their Entra ID credentials. Caveat: Be aware that to sign in with Entra ID credentials, minimally, the host pool RDP settings must contain 'targetisaddjoined:i:1'. Microsoft states this is going away and blending into 'enablerdsaadauth:i:1', which also enables SSO. It seems a bit odd of a move in my opinion and having two separate RDP properties makes sense if a company does not want SSO. But it is in alignment with Microsoft's push for passwordless authentication. For the Microsoft AVD team, why does this behavior exist and is it on the roadmap to be fixed if it's a known gap?Can't access http context user claims in Azure Function
Background: Create an Azure Function (.NET Core & C#) that will be consumed in a SPO App. We created an Entra App Registration for the Azure Function and added App Roles for this App Registration where the App Role is using “Users/Group”, but not “Application”. Issue: In the SPO App (deployed in SPO Page), we can see the user claim and App Registration’s - App Role in the context of the user that’s hitting the SPO Page (thru Authorization header), however, in the Azure Function code the req.HttpContext.User.Claims object is empty. So what is required or missing from a configuration perspective either in the Azure Function or App Registration to make this work?Has anyone here integrated JIRA with Azure DevOps
We are currently using Azure Pipelines for our deployment process and Azure Boards to track issues and tickets. However, our company recently decided to move the ticketing system to JIRA, and I have been tasked with integrating JIRA with Azure DevOps. If you have done something similar, I will appreciate any guidance, best practices, or things to watch out for.
Recent Blogs
- Azure Firewall Premium has included protections against Lumma Stealer since 2022, with over 2,700 intrusion detection and prevention (IDPS) signatures specifically designed to identify and block ...Jun 20, 2025
- We’re excited to announce the Public Preview of Organizational Templates in Azure Logic Apps— empowering teams to author, share, and reuse automation patterns across their organization. With this r...Jun 20, 2025
