Custom permission to enable diagnostic setting in Entra ID
Custom permissions doesnt works when tried to enable diagnostic settings, in Microsoft Entra ID portal. Error: "does not have authorisation to perform action 'microsoft.aadiam/diagnosticSettings/write' over scope '/providers/microsoft.aadiam/diagnostic Settings/resourcename" Selective permissions that I applied to user account. My approach is to use custom role specific permissions. Appreciate your help to knows the right permission required. Regards, Rajkumar
Run Logic app if new virtual machine is created
Hello, I'm building logic app that get triggered on resource creation event by connecting it to event grid. my goal is only to run this if new vm is created however logic app get executed on every create success event. I noticed whenever there is deletion or creation on VM the logic app get triggered. Even in the event payload there is no difference between create and delete VM. how to limit the call of logic app only if new VM is created?[Solved] Allow PIN support for Windows 10 devices
I want to allow my Windows 10 1909 (Hyper-V VM) to be able to use PIN for sign ins. I have created a non-administrator account and joined my VM during Windows installation to the AAD from the start. I also configured this for PIN policy in Windows 10 in Azure portal - Intune I created a group in Intune and put my VM device + User into that. then I assigned this profile that I created for PIN to that group. added my administrator user as the group owner. I've also read this article: https://support.microsoft.com/en-us/help/3201940/can-t-configure-a-pin-when-convenience-pin-and-hello-for-business-poli still, in my Windows 10 account settings, there is no sign of PIN. i've waited 2 hours, synced my device from AAD portal and also from Windows settings to receive the latest policies. still nothing. I'm running out of clues that why this is not working. any ideas? Thanks in advance
Allow Custom Ressource Group and DCR in New AVD Insights Configuration Workbook
The new preview version of the AVD insights configuration workbook for the AMA agent only recognizes data collection rules that are created in a resource group called "AzureMonitor-DataCollectionRules" and does not recognize any DCR that was created elsewhere. We would like to have the option to use other resource groups and DCR. Hope this can be adjusted during the preview.Former Employer Abuse
My former employer, Albert Williams, president of American Security Force Inc., keeps adding my outlook accounts, computers and mobile devices to the company's azure cloud even though I left the company more than a year ago. What can I do to remove myself from his grip? Does Microsoft have a solution against abusive employers?Enhancing Observability with Inspektor Gadget
Thorough observability is essential to a pain free cloud experience. Azure provides many general-purpose observability tools, but you may want to create custom tooling . Inspektor Gadget is an open-source framework that makes customizable data collection easy. Microsoft recently contributed new features to Inspektor Gadget that further enhance its modular framework, making it even easier to meet your specific systems inspection needs. Of course, we also made it easy for Azure Kubernetes Service (AKS) users to use.Security issue with Mac client - client is making inappropriate connections
Hello, I use Little Snitch on MacOS to monitor for inappropriate outbound connections. The new Windows app that replaces the RDP app is doing some very shady connection attempts. As soon as I launched it, Little Snitch notified me of continuous connection attempts by the new Windows client to *ALL MY SAFARI BOOKMARKS* - I kept denying connection after connection, but based on the hostnames being accessed, I could tell it was sequentially iterating through my bookmarks toolbar, trying to ping every endpoint i have saved. I have now blocked your client from any outbound connection attempts. I do not understand why a client I am using for accessing local machines is now talking to all sorts of remote domains I did not give it permission to access. Seems like a fundamental design flaw of this new version - why is it trying to connect to my safari bookmarks automatically?
