Recent Discussions
Anomalies IDs for Windows 10 IoT Enterprise LTSC 2021 for medical devices
Good day everyone, I am working in the medical device industry and we use Windows 10 IoT Enterprise LTSC 2021 as the operating system for our devices. To comply with medical device regulations, we need access to a comprehensive and tracked list of anomalies (bugs) with specific IDs for this version of the operating system. I have been unable to find this documentation on Microsoft's official website, but it is essential for: Completing software risk analysis Documenting known vulnerabilities as required by regulations (MDR, FDA, etc.) Maintaining the traceability required for certification processes We have regular licenses for the operating system and I would like to know: Is this documentation available for Windows 10 IoT Enterprise LTSC 2021 license holders? Is there a specific channel (OEM Partner Program, Commercial Support, or other) through which we can access this information? Is there a dedicated process for medical device manufacturers to obtain this documentation? Any guidance on how to proceed would be greatly appreciated. Thank you in advance for your support!Disable Windows Update in Windows 10 IoT Enterprise
I'm trying to disable the Windows Update service to stop it from running and downloading updates while our device is connected to the Internet. Our device is only connected on occasion and remains offline most of the time. I have tried multiple registry settings for the update service and related services, but as soon as it sees a connection they start back up. I found some group policy settings to stop update from automatically downloading and installing them. Is that the only way to keep updates from happening? Thanks, JoshZigbee Dongle vs. Dedicated Gateway for Azure IoT: An Architecture Choice
Hello Azure IoT Community, I'm deep into the architecture phase of a large-scale smart building project, using Azure IoT Hub as our central command. We're incorporating numerous Zigbee-based sensors and actuators for energy and environment monitoring. A critical debate has emerged: should we rely on a centralized Zigbee USB dongle, or deploy distributed, dedicated Zigbee gateways like the OWON SEG-X5? This decision impacts system resilience, cloud integration efficiency, and long-term operational stability. The Core Trade-off: Simplicity vs. Resilience Option A: The Centralized Dongle Approach This model uses a USB dongle connected to a gateway server, which becomes the sole coordinator for the Zigbee network before relaying data to IoT Hub. The Appeal: Low initial cost and simplicity for prototyping. The Scalability Risk: This creates a Single Point of Failure (SPOF). If the host server needs maintenance or encounters an issue, the entire Zigbee network—and all dependent automations—go offline. For a commercial building, this is a critical operational risk. Option B: The Distributed Gateway Architecture This model employs dedicated, standalone Zigbee gateways (e.g., https://www.owon-smart.com/zigbee-gateway-zigbeeethernetble-seg-x5-product/) deployed across different zones or floors. Each forms its own robust mesh and connects directly to Azure IoT Hub. The Resilience Gain: Faults are isolated. One gateway’s maintenance affects only its zone. The Edge Intelligence Advantage: Modern gateways can process data and execute rules locally. For instance, a gateway can directly process inputs from a Zigbee Door/Window Sensor (DWS 312) and a Multi-Sensor (PIR 323) to trigger a local light switch, all without a round-trip to the cloud. This aligns perfectly with the Azure IoT Edge paradigm, ensuring responsiveness and offline operation. Streamlined Cloud Integration: Gateways like the SEG-X5 come with integrated MQTT API support, allowing them to send structured data directly to IoT Hub, simplifying device management and message routing in the cloud. A Practical Insight from an ODM Case Study Our experience as an IoT ODM manufacturer has shown this shift in practice. In a project akin to the Hotel Room Management case in our portfolio, the initial design using a central server with dongles presented reliability concerns. The final solution utilized distributed OWON SEG-X5 Zigbee Gateways in each hotel wing. These gateways managed all in-room devices—from Smart Sockets (WSP 406 series) and Light Switches (SLC series) to Thermostats (PCT 504)—locally. They used their MQTT API to send consolidated occupancy and energy data to the building's cloud platform (integrated with IoT Hub). The result was a system where guest room automation remained functional despite network fluctuations, and maintenance could be performed per wing without building-wide impact. Conclusion and Discussion For proof-of-concepts, dongles are sufficient. For production-grade, scalable deployments where uptime is critical, dedicated gateways provide the necessary architectural foundation. I'm keen to hear from the community: In your Azure IoT solutions, how have you integrated non-IP protocol devices like Zigbee? What strategies do you employ to balance edge processing with cloud analytics? For those using gateway architectures, how do you handle device provisioning and security at scale? If you're interested in the technical specifics of how Zigbee gateways interface with cloud platforms, including API structures and network design considerations, we've elaborated on these topics in a technical overview on our site: [https://www.owon-smart.com/news/zigbee-dongles-vs-gateways-how-to-choose-the-right-network-coordinator/ ]. Looking forward to a fruitful discussion.
Can Admins Access IoT Edge Container Code Despite ACR Encryption?
If I deploy my Python application as an IoT Edge container, and the container is pulled from Azure Container Registry (which says all images are encrypted at rest), can someone with administrator access on the machine access the container and see my code?
Module identity fetch issue
I have registered an edge device[gateway] to Azure IoTHub using x509 self signed certificate. The device got registered fine and modules [edgeAgent,edgeHub] got deployed along with some custom edge modules- with deployment status 200, device and modules status reporting. The modules are running on the edge device but the modules keep restarting as they couldnt authenticate. edge Device registration is through x509 self signed certificate, with below properties in config.toml # Manual provisioning with x.509 certificates [provisioning] source = "manual" iothub_hostname = "REQUIRED_IOTHUB_HOSTNAME" device_id = "REQUIRED_DEVICE_ID_PROVISIONED_IN_IOTHUB" [provisioning.authentication] method = "x509" identity_cert = "REQUIRED_URI_OR_POINTER_TO_DEVICE_IDENTITY_CERTIFICATE" identity_pk = "REQUIRED_URI_TO_DEVICE_IDENTITY_PRIVATE_KEY" Logs from edgeHub: [INF] - Unable to authenticate client <deviceid>/<custom_edge_module> with cached service identity <deviceid>/<custom_edge_module> (Found: False). Resyncing service identity... <4> 2025-09-19 00:29:56.415 +00:00 [WRN] - Error while refreshing the service identity: <deviceid>/<custom_edge_module> OnBehalfOf: <deviceid> System.Collections.Generic.KeyNotFoundException: The given key '<deviceid>/<custom_edge_module>' was not present in the dictionary. at Microsoft.Azure.Devices.Edge.Hub.Core.DeviceScopeIdentitiesCache.RefreshServiceIdentityInternal(String refreshTarget, String onBehalfOfDevice, Boolean invokeServiceIdentitiesUpdated) in /mnt/vss/_work/1/s/edge-hub/core/src/Microsoft.Azure.Devices.Edge.Hub.Core/DeviceScopeIdentitiesCache.cs:line 187 device twin status: "deviceScope": "ms-azure-iot-edge://<devicescope>", "modelId": "", "status": "enabled", "statusUpdateTime": "0001-01-01T00:00:00.0000000Z", "lastActivityTime": "2025-09-19T00:47:10.0840495Z", "connectionState": "Connected", "cloudToDeviceMessageCount": 0, "authenticationType": "selfSigned", "x509Thumbprint": { "PrimaryThumbprint": "<thumbprint>" } Module identity twin of edgeHub: "modelId": "", "status": "enabled", "statusUpdateTime": "0001-01-01T00:00:00.0000000Z", "lastActivityTime": "2025-09-19T00:42:23.4967322Z", "connectionState": "Connected", "cloudToDeviceMessageCount": 0, "authenticationType": "sas", "x509Thumbprint": {} module identity twin of edgeAgent and other modules: "modelId": "", "status": "enabled", "statusUpdateTime": "0001-01-01T00:00:00.0000000Z", "lastActivityTime": "2025-09-19T00:54:15.6085296Z", "connectionState": "Disconnected", "cloudToDeviceMessageCount": 0, "authenticationType": "sas", "x509Thumbprint": {} The modules couldnt communicate to hub as they couldnt authenticate, where as the same modules works fine when the edge device is registered via shared access signature and send telemetry to iot hub. Please let me know where could the issue be for modules not able to communicate with iotHubNetx Duo Question - NX_TCP_SOCKET and BSD fd_sets Functionality
Hi, I hope this is the correct place to ask this question. I'm looking at porting an existing application across to Duo, this app uses WEBSOCKETS/TLS/TCP within a BSD socket and makes use of the BSD fd_sets mechanism to detect receive data, ability to send data and loss of connection, sending multiple messages over a single socket. Using the Duo API's I need to use the NX_TCP_SOCKET based APIs, to gain WEBSOCKETS/TLS functionality but so far, I haven't spotted a bsd_fd_set equivalent mechanism for this socket type. Is there a similar feature available? The examples I've found don't persist a socket across multiple messages so don't need that feature. Any help/information on this appreciated. Many Thanks WayneConnecting PLC to Azure IoT Hub
We have a client with an Automation Direct Productivity 3000 PLC. Looks like it has an MQTT client configuration that may allow us to connect directly to Azure IoT Hub, but we are struggling. We're waiting for the client to get a vendor resource to assist. Meanwhile. we're trying to figure out if that will work directly, or if we need something like IoT Edge to act as a protocol translator. Unsure if the device is able to utilize TLS 1.2 or not. The config screen looks like this (please ignore current settings): Do we need to use something like IoT Edge to convert the MQTT to use TLS? Any other advice for getting this up and running? Thank you, -PeterAll Azure IoT Central Applications completly broken
Dear community, I have big trouble regarding all Azure IoT Applications, which haven't been properly rendering since a couple of hours. Every link is broken and no data is shown as seen the screenshot below. We already tested different browser different tentants different computers No difference. Can anyone point out the reason for that or experiences similar issues right now? Best, Andy
Sensor to AZURE IoT Hub to ADLS to Power BI
Discovery & Resolution ? By creating this workflow, I found the following: Device sensor firmware published data once every 30 seconds. AZURE IoT Hub routed this data to ADL BLOB as JSON once every 2 minutes. Power BI Power Query failed to interpret JSON files. "extra characters at end of JSON input". The PBI PQ error occurred because each BLOB file contained four individual JSON expressions - one for each device sensor publication. This can be resolved by reformatting each JSON file as a single document by bracketing all four expressions as one […] and adding a comma to the end of the first three. It works, but it's sloppy. I did it manually. A simpler resolution is to synchronize timing of device sensor publications with IoT Hub routing to ADL BLOB so that each file contains only a single JSON expression. In other words, by publishing and routing to ADL at the same frequency - only one publication / JSON expression is contained per file. This avoids the PBI PQ failure, but I have doubts about its scalability. Do any of you have a better suggestion? Is it possible to configure the IoT Hub to wrap multiple JSON expressions as a single JSON document for routing to ADLS?Edge Module Authentication
Hi Folks, I've made my first IoT Edge Module (container), its just based off: FROM ubuntu:oracular For now, but it seems to start up and run correctly. I've pushed the container into ACR and added it to my manifest which pushed it down to my edge gateway and its up and running. So far so good. Now, I want my application in that container to publish events to the edgeHub, and subscribe to properties set in IoT Central. I followed some of the guides, but have had no luck. Firstly - not much love for a rust application, but aside from that, I've resorted to jumping into the container and trying to use the mosquitto clients likes so: $ docker exec -ti <module_id> bash # mosquitto_sub -d \ -V mqttv311 \ -h edgeHub \ -p 8883 \ -i "${IOTEDGE_DEVICEID}/${IOTEDGE_MODULEID}" \ -u "${IOTEDGE_IOTHUBHOSTNAME}/${IOTEDGE_DEVICEID}/${IOTEDGE_MODULEID}/?api-version=2018-06-30" \ -P "${SAS_TOKEN}" \ -t "devices/${IOTEDGE_DEVICEID}/modules/${IOTEDGE_MODULEID}/messages/events" \ --cafile /etc/ssl/certs/IoTHubRootCA.pem \ -q 1 Client <device_id>/<module_id> sending CONNECT OpenSSL Error[0]: error:0A000086:SSL routines::certificate verify failed Error: Protocol error I just cant get it to validate the certs in the edgeHub. If I look at the edgeHub container it shows: $ docker logs -f edgeHub <4> 2025-06-30 06:52:23.276 +00:00 [WRN] - "TLS handshake failed., System.AggregateException: One or more errors occurred. (Authentication failed, see inner exception.)\n ---> System.Security.Authentication.AuthenticationException: Authentication failed, see inner exception.\n ---> Interop+OpenSsl+SslException: SSL Handshake failed with OpenSSL error - SSL_ERROR_SSL.\n ---> Interop+Crypto+OpenSslCryptographicException: error:0A000418:SSL routines::tlsv1 alert unknown ca\n --- End of inner exception stack trace ---\n at Interop.OpenSsl.DoSslHandshake(SafeSslHandle context, ReadOnlySpan`1 input, Byte[]& sendBuf, Int32& sendCount)\n at System.Net.Security.SslStreamPal.HandshakeInternal(SafeDeleteSslContext& context, ReadOnlySpan`1 inputBuffer, Byte[]& outputBuffer, SslAuthenticationOptions sslAuthenticationOptions)\n --- End of inner exception stack trace ---\n at System.Net.Security.SslStream.ForceAuthenticationAsync[TIOAdapter](Boolean receiveFirst, Byte[] reAuthenticationData, CancellationToken cancellationToken)\n --- End of inner exception stack trace ---, 0af563ac" That error suggests the edgeHub does not like the CA in my module ? I'm looking for any references to get the right CA's setup so that my translation app can publish events to the edgeHub container.Anomalies IDs for Windows 10 IoT Enterprise LTSC 2021 for medical devices
I am working in the medical device industry and we use Windows 10 IoT Enterprise LTSC 2021 as the operating system for our devices. To comply with medical device regulations, we need access to a comprehensive and tracked list of anomalies (bugs) with specific IDs for this version of the operating system. I have been unable to find this documentation on Microsoft's official website, but it is essential for: Completing software risk analysis Documenting known vulnerabilities as required by regulations (MDR, FDA, etc.) Maintaining the traceability required for certification processes We have regular licenses for the operating system and I would like to know: Is this documentation available for Windows 10 IoT Enterprise LTSC 2021 license holders? Is there a specific channel (OEM Partner Program, Commercial Support, or other) through which we can access this information? Is there a dedicated process for medical device manufacturers to obtain this documentation? Any guidance on how to proceed would be greatly appreciated. Thank you in advance for your support!
Need help with updating disconnected devices
hey, I am new to azure and IOT and I need help with knowing how to do this. The scenario is that: I have a set of Linux devices that can't be connected to the internet ever, these devices should be connected to another device (will have internet) which will act as parent to all these disconnected devices. The challenge is to update these child devices using Azure IOT, the updates will be deployed in the hub, and it has to passed to child devices via parent device and automatically needs to be installed in the child devices. The parent might not require this update or might. How will I do this? also I can't use any scripting mechanisms. Now when I surfed a bit through azure documentation, I found out that I can use device update for this, What I found was: 1) setup every device in IOT hub 2)set the device with internet as parent and others a child 3)set up MCC module in parent 4)Connect the devices physically (Lan or Wi-Fi) 5)Roll out updates Now I don't know whether this is true or not, it's just my understanding. I am having few doubts: 1)do we also add the child devices (disconnected devices in IOT hub), if yes what if we have 1000 devices? (I'm asking about scalability) 2)How do I actually physically connect the parent and child devices, do I just plug in Lan/Wi-Fi, or do I have to do anything else? 3)How to add MCC Module? 4)how does this actually works? is it feasible?Designing and developing for Unified Namespaces
I apologize if I am posting in the incorrect community. I would like to know if anyone has developed a Unified Namespace architecture and solution within Azure for IIOT without using third-party middleware such as ignition, high-byte, or HiveMQ. I am currently looking to use Azure IOT and ADF and Dynamics 365 as the ERP and MES.
IOT Central data export destination on waiting
Hello. I have successfully created a demo sensor in iot central and now I would like to connect it to my service bus queue. I went to data export tab and create a new destination using the connection strings of my queue, it seemed ok but the destination is on "waiting" state since 10 hours. Is it normal? Can I check anything? Thanks GianpaoloRouting on IOT Edge
Hi, I have a problem that I have been dealing with for quite some time. Trying to put a "where" in a routing for AZIOT edge hub. have tested this which works. FROM /messages/* WHERE $connectionModuleId = 'noded' INTO BrokeredEndpoint("/modules/testjob/inputs/edgehub") . But what I want to do is a "where" against appProperties. I have tried every conceivable "syntax" for this?? Inserts an example message. { "message": { "systemProperties": { "contentType": "application/json", "contentEncoding": "UTF-8", "iothub-message-source": "deviceMessages", "iothub-enqueuedtime": "2017-05-08T18:55:31.8514657Z" }, "appProperties": { "processingPath": "{cold | warm | hot}", "verbose": "{true, false}", "severity": 1-5, "testDevice": "{true | false}" }, "body": "{\"Weather\":{\"Temperature\":50}}" } } Thanks for any help I can get. Can't find any documentation for this?Enable ipv6 for azure-iot-edge user-defined network
We have a Raspberry Pi that we use as an edge device. One of our modules needs to communicate over IPv6 in the local network. Since the module is automatically connected to the "azure-iot-edge" network in Docker, I'd like a method to easily enable IPv6 on this network. To achieve this, I tried following the steps described in the https://github.com/Azure/iotedge/blob/main/doc/IPv6Configuration.md. For me, this worked only for the default bridge network but not for the "azure-iot-edge" network. I also checked the https://github.com/Azure/iotedge/blob/1.5.16/doc/networking.md and attempted to configure the network using the mentioned /etc/aziot/edged/config.yaml file. However, this file did not exist initially, and when I manually added it, it seemed to be completely ignored. The only way I have been able to get IPv6 to work for the "azure-iot-edge" network so far is by completely removing it and manually recreating it with IPv6 enabled. This also required me to manually disconnect and later reconnect all modules. This does not feel like the correct way to achieve this. I would assume there should be a way to configure this either from the module definition in the IoT Hub or by adding some configuration on the device.
IoT Edge certificate renewal
Hi all, We are currently implementing an IoT Edge on a lot of Devices which will be at remote locations. We have cleared out that IoT Edge can use up to 3 certificates: Certificate to perform the TLS communication with IoT Hub Device certificates for internal use with modules, leave devices, etc. DPS (Optional is you use certificates) We are currently looking for a solution for point 1 and 2. 1. We understand that this can be solved with keeping IoT Edge up-to-date, but how do perform this is these devices are Remote and we have a lot of them? I know this will not happen that often that this certificate will expire but still it can, so we want to be prepared. 2. Device certificates should also be renewed from time to time. How can you also orchestrated form IoT Hub? We currently where thinking of building a module, but when the device comes online again after some time and in the main time, the certificate has expired, than the module is not able to talk to IoT Hub. Or do you just install a device certificate a installation which will have an expiration date longer then the expected device lifetime? Thanks for the help and insights on this topic. Kr, Steven
Recent Blogs
- As organizations scale Industrial AI, the challenge shifts from technology selection to deciding who should lead which part of the journey -- and when. Which partners should establish secure connecti...Jan 27, 2026
- Azure Sphere OS version 25.12 is now available for evaluation in the Retail Eval feed. Whilst this release encompasses no customer-facing changes, it represents significant under-the-hood build syste...Dec 11, 2025
