Recent Discussions
IKEv2 and Windows 10/11 drops connectivity but stays connected in Windows
I’ve seen this with 2 different customers using IKEv2 User VPNs (virtual wan) and Point to Site gateways in hub and spoke whereby using the VPN in a Always On configuration (device and user tunnel) that after a specific amount of time (56 minutes) the IKEv2 connection will drop the tunnel but stay connected in Windows. To restore the connection, you just reconnect. has anyone else had a similar experience? I’ve seen the issue with ExpressRoute and with/without Azure firewalls in the topology too.
Azure vWAN (hybrid connectivity enabled with OnPrem DC) data packet flow - inbound and outbound
Could anyone explain me the end to end to Inbound and Outbound data packet flow in Azure vWAN Hub connectivity through EC between OnPrem and Azure Cloud? Consider we've Azure FW enabled. Multiple Branches and VNET connected to the Secured Hub. I want to understand what would be the best practice to integrated with when a vWAN is in place i.e. Ingress Traffic - On-Pre data packets through GW>EC GW>Hub Router>Azure FW>NSG>VMs Egress Traffic - VMs>NSG>Azure FW>Hub Router>EC GW>OnPrem GWThe Role of a Software Architect in Modern Teams
In today’s fast-moving technology landscape, the role of a software architect is more important — and more nuanced — than ever before. Far from being just the “technical visionary,” modern software architects serve as bridge builders between technology, business goals, and people. They ensure that software systems are scalable, reliable, and aligned with the long-term vision of the organization. Let’s explore how this role has evolved and why it’s so critical in modern teams https://dellenny.com/the-role-of-a-software-architect-in-modern-teams/What Is Software Architecture? A Practical Definition
If you’ve ever worked on a software project that grew beyond a few files, you’ve likely run into a question that every developer eventually faces: How should this be structured? That’s where software architecture comes in. https://dellenny.com/what-is-software-architecture-a-practical-definition/
RHEL In-place upgrades and Azure Update Manager
Following the process in this article will cause a disconnection between the data plane and the control plane of the virtual machine (VM). Azure capabilities such as Auto guest patching, Auto OS image upgrades, Hotpatching, and Azure Update Manager won't be available. To utilize these features, it's recommended to create a new VM using your preferred operating system instead of performing an in-place upgrade. According to https://learn.microsoft.com/en-us/azure/virtual-machines/workloads/redhat/redhat-in-place-upgrade, Azure Update Manager will break if any RHEL in-place upgrades are performed due to data/control plane disconnect. As a Microsoft product, this dilemma seems to defeat the benefits of AUM if you're someone like me who uses Redhat 'pet' VMs (as opposed to 'cattle' VMs) for work, and would frankly like to centralize all operations within the lifecycle of a Linux box inside the Azure tenant (patching, upgrading, rollback, any possible automation/application deployment etc). Unfortunately it would seem that this issue is largely something outside of the Azure customer's control. So, to anyone with esoteric Azure knowledge: what gives? Why and how is there a data disconnect between the control planes? What does the process look like from a bird's eye view? Given that the issue exists in the first place I would imagine that there is some kind of developmental contradiction, otherwise a feature like this probably would have been figured out a while ago (or that it is, as I suspect, simply not high priority enough despite a solution which may already exist in development). Furthermore, for those who may have more intimate info on the matter, does any sort of discussion or planning of a solution for this issue exist? With kindness, MadDogOfShimanoUnable to Access Internet from Azure DevOps Server 2022 Self-Hosted Agent Behind Proxy
I am running Azure DevOps Server 2022 in an environment that uses a proxy to access the internet. Multiple projects depend on various Node packages. While I can successfully download these packages through a browser using the configured proxy, the issue occurs when running pipelines on a self-hosted agent. The agent installation completes successfully, but the pipeline fails during execution, seemingly due to lack of internet access. Is there a way to configure the proxy settings specifically for the self-hosted agent so that it can access the internet during pipeline runs?Unlocking Smarter Search How to Use Azure AI Search & Azure OpenAI Service Together
In the era of large language models and AI-powered experiences, simply running a keyword search isn’t enough. Users expect conversational, context-aware responses, grounded in real data. That’s where combining Azure’s search infrastructure with generative AI becomes a game-changer. By using Azure AI Search as the retrieval layer and Azure OpenAI Service as the generation layer, you can build applications that understand natural language, fetch relevant documents, and respond with rich, accurate, and contextual answers. In this blog post, we’ll walk through how to achieve that end-to-end, highlight best practices, and give you a blueprint to apply in your own environment. https://dellenny.com/unlocking-smarter-search-how-to-use-azure-ai-search-azure-openai-service-together/
Azure Policy - Configure backup on virtual machines with a given tag
I wonder if somebody could sanity check something for me with this please in case it's something I could be missing. We have this existing policy configured in a customers tenant (https://www.azadvertizer.net/azpolicyadvertizer/345fa903-145c-4fe1-8bcd-93ec2adccde8.html After creating a VM and allocating the correct tag etc. it didn't automatically have the backup policy assigned to it. With the policy assignment itself it didn't even appear as a non-compliant resource. I went through the checks to make sure it was the same region, correct tag, correct rsv and policy, which all appeared to look fine. When remediating it still wasn't pulling the resource through. When I went into the definition detail to see what could be amiss, I noticed the list of WindowServer image SKU's that were listed (image attached here https://i.stack.imgur.com/1YPpM.png. As I was sanity checking everything, I looked at the VM to see that the SKU wasn't actually in this list (2019-datacenter-smalldisk-g2). As every SKU is listed specifically it makes me think this image has just been missed off and needs adding? Rather than it getting captured by one of the SKU's listed. I can add the VM manually to the existing RSV for now but for future ref, is there a way I can raise this if my findings are indeed correct?Experience with Automanage Machine Configuration
Hi, I am experimenting with Automanage Machine Configuration and find the overall experience and documentation very poor. I am wondering if there are others who have experience with automanage and can point me towards additional documentation. I have built an example implementation which I am using as my lab setup: https://github.com/JelleBroekhuijsen/azure-automanage-example What I am experiencing is that the compliance-state reporting seems to be very inconsistent. Sometimes these sample configurations reports everything being compliant while maybe 30 minutes later the same configuration is marked as incompliant (while the VM is observably in a compliant state). Additionally, there seems to be no option to get support or report issues with the GuestConfiguration-extension (for Windows) or the GuestConfiguration PowerShell module. For instance, in my experimenting with the module I found that calling the PackageManagement DSC resource from within a configuration leads to a conflict with the embedded PackageManagement module in the windows extension. I found a workaround for this, but I have no way to report this issue.CapEx vs OpEx in Cloud Computing — Why It Matters for Businesses
Understanding the difference between CapEx (Capital Expenditure) and OpEx (Operational Expenditure) is crucial for any business moving to the cloud. These two financial models shape how organizations plan budgets, scale operations, and manage technology investments. In this article, we’ll explore what CapEx and OpEx mean, how they apply to cloud computing, and why this distinction matters for modern enterprises. https://dellenny.com/capex-vs-opex-in-cloud-computing-why-it-matters-for-businesses/Follow the Thread Distributed Tracing Patterns for Microservices in Azure
Observability Patterns: Distributed Tracing Across Microservices in Azure In today’s cloud-native world, systems are composed of dozens — sometimes hundreds — of microservices. When something goes wrong, understanding where and why it happened can feel like searching for a needle in a haystack. That’s where distributed tracing comes in — a critical observability pattern for modern architectures. https://dellenny.com/follow-the-thread-distributed-tracing-patterns-for-microservices-in-azure/
Can only remote into azure vm from DC
Hi all, I have set up a site to site connection from on prem to azure and I can remote in via the main dc on prem but not any other server or ping from any other server to the azure. Why can I only remote into the azure VM from the server that has Routing and remote access? Any ideas on how I can fix this?Main monitor for the Remote Desktop Client
Is there a way to select a "main monitor" for the the AVD session. Our users have a laptop (wherever they want it) amongst 3 standard 24" monitors. We have a few hyper-annoying users making this request and there doesn't seem to be a rhyme or reason that I could find in short order to select a main monitor.Disabling TCP Timestamps on application gateways
Hello, We use Application Gatways for a number of apps. Our 3rd party vulnerability scanner discovered the AGW exposes the uptime of the system. Is there a way to disable this on the AGW? I found this post in UserVoice from 2017 where someone asked for the same option: https://feedback.azure.com/forums/217313-networking/suggestions/32683267-need-a-function-to-disable-the-timestamp-in-tcp-op. If it's not possible, it's not possible. I haven't found documentation on it, so my guess is there's currently no way to disable it. I get this is low risk, I just need to do a little more digging until I write this one off as a known issue / accepted risk. Thank you
Configure and verify Vnet in Azure
I have created a Virtual Network next to its subnet and integrated it into three service applications and created the rule on the firewall of my SQL Azure server. Everything is in the same Azure subscription and region I need to know if it is enough to direct all the traffic between these instances through the virtual network or do I need to configure some other aspect. And how can I query the data traffic to verify that the virtual network is being used? I am using a subscription with: 1 Resource Group 1 App Service 2 App Service 1 DB 1 Resource Group 1 App Service 1 DB 1 Vnet Everything is in the same region of Az. I want all traffic between resources to be through the Vnet. And also, monitor the traffic to verify the correct operation of the Vnet. Thank you!
Creating Azure SQL VM with same name as VM
Hi, Currently we have a resource group, which contains a Virtual Machine and SQL Virtual Machine (and a few other resources). The VM and SQL VM has the same name: I want to move this resource group (and its resources) to another subscription. We tried using Resource Mover, but we couldn't as there are backups. I tried the steps in the following link: https://petri.com/copy-azure-vm-using-managed-disk-snapshots/ I was successful in moving 5 of the 6 resources to the new subscription, but was unable to move the SQL virtual machine: I tried to create a SQL virtual machine, but it says I can't create one with the same name: I found that in order to create a VM and SQL VM's with the same name, in the above image, I have to choose an image that has SQL Server and Windows. But this doesn't allow me to use the original managed disk (it only has an OS disk) and it also creates a couple of more disks, which are not in the original resource group. I was wondering if there are recommendations on how to create a SQL VM that has the same name as the VM in the same resource group and are also linked to each other. JasonMouse pointer disappearing over Word/Excel/Outlook in AVD
Hi We are seeing a strange issue on a bunch of session hosts where user over certain apps cannot see the mouse pointer in their full screen AVD sessions. Session hosts are running Windows 10 22H2 up to date (well to February B week release); user client up to date, I am not aware we had user ever report this prior to completely rebuilding a new host pool last autumn for the AppReadiness crashing issues. From what we can tell this only seem to happen with Microsoft Excel, Word and the Outlook compose window, the mouse pointer basically becomes transparent as you can't see it so it makes it hard to select text or cells accurately. Clients are mostly a mix of HP and Lenovo PCs micro PCs running Windows 10 22H2 and Windows 11 23H2 Enterprise on Intel 8th to 12th Gen CPUs and AMD Ryzen Pro CPUs with integrated graphics. Does anyone else see this or any ideas what might be causing it?Virtual WAN P2S Gateway Monitoring
We have recently setup Azure Virtual WAN and now have the P2S gateway running to see if this is a good solution for our remote access requirements. One thing I noticed is that if I look at the P2S gateway I can see how many clients are connected but if I open the metric in Monitor I am not seeing the same numbers. Has anyone seen this?
Azure Firewall query
Hi Community, Our customer has a security layer subscription which they want to route and control all other subscription traffic via. Basically, they want to remove direct VPeers between subscriptions and to configure Azure Firewalls to allow them to control and route all other subscriptions traffic. All internet traffic would then be routed down our S2S VPN to our Palo Alto’s in Greenwich for internet access (both ways). However, there may be some machines they would assign Azure Public IP’s to for inbound web server connectivity, but all other access from external clients would be routed via the Palos inbound. Questions: Which one (Azure Firewall or Azure WAN) would be best option? What are the pros and cons? Any reference would be of great help.
Events
Get ready, New York! The Microsoft Ignite 2025 NYC Community Summit is coming to the heart of Times Square — and you’re invited to be part of the energy, insights, and innovation.
Whether you're a ...
In-Person
Recent Blogs
- Azure Functions now supports ORJSON in the Python worker, giving developers an easy way to boost performance by simply adding the library to their environment. Benchmarks show that ORJSON delivers me...Oct 24, 2025
- 3 MIN READWe're thrilled to bring you the October update for the AI Toolkit for Visual Studio Code! This month marks another major milestone with version 0.24.0, introducing groundbreaking GitHub Copilot Tools...Oct 24, 2025
