Recent Discussions
Issues with FSLogix Profiles
Hey guys we have a AVD environment with Windows 11 23h2 Multiuser session host's in a pooled Hostpool configured. The users are connecting via ThinClients with IgelOS and the AVD Client to the AVD Desktop. We have hybrid joined session host's which worked just fine till the 12th of December. We discovered that from different locations where the users are connected the have some issues with the FSLogix Profiles. It seems that the client lost connection to the session host when using short path with udp. then the users are trying to reconnect and get a temporary profile. There was no change currently. We were able to solve the issue with just create new session host with Hydra and remove the old ones. But the issue is getting back of course. In the logs in Azure I see the error: ShortpathTransportNetworkDrop The session host lost connection to the client because of an unexpected network error in the Shortpath transport. Check your network quality and configurations, then try again. Does anybody have similar issues or know what could cause that? I checked with our Network Team and they don't see any issues on their side. Many thanks for any feedback Best regards, MarcPassword expired for Hybrid Users
Hey guys we have a AVD environment configured with hybrid users working on windows 11 23h2 multiuser session host's in a pooled session host. As access devices we use either Thinclients with IgelOS and the AVD Client or Windows 11 Notebooks with the Windows App installed on it. The users passwords are expire every 3 months. I see in the Azure Log Analytics Log some errors with expired passwords. We have Password Writeback enabled on the Entra ID Connect Server. Is there a way to present the user let's say 14 days ahead that the password is going to expire soon? Many thanks for your feedback Best regards, MarcWhy Microsoft Azure Certification Matters for Cloud Careers
In today’s rapidly growing IT landscape, cloud computing is a critical skill for most organizations. Microsoft Azure certifications are designed to equip professionals with the knowledge and expertise required to thrive in this domain. By pursuing Microsoft Azure Certifications, you gain hands-on skills with various cloud-based services and demonstrate your abilities to potential employers, making you stand out in the competitive job market. Whether you are a beginner exploring the fundamentals or an experienced professional seeking career growth, Azure certifications can open doors to better job opportunities and help you advance in your current role. These certifications are recognized worldwide and are a solid step toward staying relevant in the ever-evolving cloud computing industry.
OneDrive Sync Issue
Hello, We have set up AVD in our Azure environment. Most applications work well. However, we've been experiencing a OneDrive sync issue for a long time. From time to time, users cannot sign in to OneDrive. It keeps spinning the sign in the window. Sometimes, it gets stuck at the sync level. We tried to get Microsoft support to fix this issue, but we could not figure out the exact problem. Please let me know if you have experienced this and how you fixed the issue.
Understanding Data Ingestion for Log Analytics and Sentinel Workspace
I'm trying to understand how data ingestion works for both Log Analytics and Microsoft Sentinel. Every time we notice a spike in data ingestion costs for Log Analytics, we see a similar increase in Sentinel costs as well. It seems like data is being ingested into both workspaces, potentially doubling the ingestion and driving up our costs. Can someone explain if this is expected behavior, or if there's a way to optimize and avoid duplicate data ingestion between Log Analytics and Sentinel?Azure AI for an API Platform
We are managing an API Platform in our company. We collect metrics in ELK (deployed on premise) and We have a Confluence WIKI page with our public documentation. We would like to have a Chatbot that can be trained by structured (JSON, CSV) Metrics (Prometheus) stored in ELK and by trained by the unstructured content in our WIKI page. The Chatbot should be able to answer questions like: (Source: WIKI page) - How can I publish an API with mTLS enabled - How can I authorize a client certificate for my API - How can I specify the RPS for my API - and so on and so forth (Source: ELK) - Plot the request of the API "XX" for the last month - Can you predict the API calls trend of the next month for the API "XXX" - Give me a list of the client IP that accessed the API "YYY" yesterday - and so on and so forth In the future We may want the chat bot to be able to do some basic automatic actions like (contacting our self-service API): - Allow this client certificate to access this API - Change the RPS for the API ZZZ to 10 rps/s - and so on and so forth - What Azure AI Services would you recommend to start looking into? Which AI models? Which Azure resource? - How can we train and feed the model from ELK? do we have to export the data from ELK daily and store it in an Azure Storage account or we can instruct the specific Azure AI Service to connect to our ELK endpoint (or a proxy API) to fetch the data? Thank you
Implementing Azure ADConnect in a live environment
I have been tasked with implementing Azure ADConnect for my company. We currently have 2 locally virtualized domain controllers and are already utilizing Office365 for mail. What would be the easiest way to implement ADConnect while having the least amount of downtime/user interruptions.Troubleshooting Azure Function App Proxy with Private Blob Container Access for Static Web App
Recently, I shared a problem I’m facing in my testing environment with a friend. I’ve decided to bring this issue to an open forum discussion to gather additional insights. I hope you can help me figure out what might be missing in my configuration. **Context:** I’m trying to replicate a solution in my test environment but encountering difficulties in a specific scenario. **Scenario:** I have a Function App acting as a proxy for a Static Web App hosted in a Blob Container. This Blob Container is set to private access, meaning public access is disabled. **The Problem:** The goal is for my Function App to authorize users and direct them correctly to the Static Web App. However, it’s not working as expected. **What I’ve tried so far:** 1. Configured Managed Identity for the Function App and granted the necessary permissions to the Blob Container. 2. Properly set up authentication and created the App Registration, which works flawlessly. 3. Verified that the proxy functions correctly when the Blob Container’s public access is enabled. **Current behavior:** - When public access to the Blob Container is enabled, everything works fine. - When public access is disabled, even with the proxy configured, access fails, and an error message "resource not found" is returned. **My questions are:** 1. Do I need to configure something additional in the proxy definition file? 2. Is there a specific setting, like a private endpoint or something similar, that I should implement to resolve this issue? **Additional considerations:** I haven’t configured a private endpoint yet, but I’m considering whether this would be the most appropriate solution for my case. My initial expectation was that granting the necessary permissions to the Function App via Managed Identity would solve the issue, but it hasn’t. I appreciate any guidance or suggestions you can provide!
Symantec software Disabling Recovery Mode during installations
Security team have been often receiving alert that during the installation of Symantec Encryption Desktop, Windows is using bcdedit.exec to modify the boot configuration, where its disabling windows default system recovery. It might be an expected behavior to ensure no one can bypass the encryption at boot time and It could be a Defense Mechanism. As we're receiving lots of alerts on this, we want to get to the root cause and ensure this is an expected behavior. That way we can have it documented and fine tune our detection. Does any one know if it it would interact with system boot configuration and any mention of bcdedit tasks being used during installation. Command Line: "cmd.exe" /c schtasks.exe /Create /RU %USERNAME% /SC DAILY /TN runBCDEDIT /RL HIGHEST /TR "bcdedit.exe /set recoveryenabled No " & schtasks.exe /run /TN runBCDEDIT & schtasks.exe /Delete /TN runBCDEDIT /F & schtasks.exe /Delete /TN "runBCDEDIT" /FHas anyone integrated VISA Threat Intelligence with Sentinel or any SIEM.
I'm looking to integrate threat intelligence from VISA into Microsoft Sentinel directly and automate the ingestion process. Anyone in the community integrated VISA's threat intelligence platform with their SIEM solution? Thanks in advance!!
ShortpathTransportNetworkDrop (68)
We have a Server 2016 Host Pool which gets flooded with errors in the Insights Portal: "ShortpathTransportNetworkDrop (68)The session host lost connection to the client because of an unexpected network error in the Shortpath transport. Check your network quality and configurations, then try again" Guidance on Shortpath over Public networks has been followed and have excluded the higher UDP range from Firewall inspection but still getting these errors. We not using TURN but we are using STUN. As TURN is still in Preview. Trying to get user feedback but doesnt seem to match up to the errors. Anyone else got this? We disabled UDP and put the traffic over TCP and users reported latency. Network team cannot see an issue from the users locations or within the Azure space. A FortiGate is being used as a NAT gateway in Azure. Does anyone else get these errors? I am suspecting these errors are actually normal for a deployment when using Shortpath as TCP obviously uses Resets and gives better information to what is happening, where as UDP it doesn't.App using node-fetch as agent
A few days ago, I was looking into a user's sign in logs. I noticed an application called Augmentation Loop with the user agent as node-fetch/1.0 (+https://github.com/bitinn/node-fetch). Looking into the Augmentation Loop, it is part of apps included in Conditional Access Office 365 app suite. (https://learn.microsoft.com/en-us/entra/identity/conditional-access/reference-office-365-application-contents) According to this site (https://petri.com/microsoft-revamps-outlook-one-outlook-vision/), it is a way of coordinating all the various types of data and services consumed by Outlook. From what I can see, Augmentation Loop sign ins are always in between Microsoft Office sign ins: I tried referencing the app ID (4354e225-50c9-4423-9ece-2d5afd904870) to the Azure app ID list (https://learn.microsoft.com/en-us/microsoft-365-app-certification/azure/azure-apps), however, it is not there. I also tried searching through Azure admin all applications and it is also not there. Google search doesn't also return anything. May someone please explain what application or service is using the node-fetch agent?Azure support team not responding to support request
I am posting here because I have not received a response to my support request despite my plan stating that I should hear back within 8 hours. It has now gone a day beyond that limit, and I am still waiting for assistance with this urgent matter. This issue is critical for my operations, and the delay is unacceptable. The ticket/reference number for my original support request was 2410100040000309. And I have created a brand new service request with ID 2412160040010160. I need this addressed immediately.Accidentially changed my admin user to a guest user ... and cannot access azure anymore
Hi, I did something stupid and now cannot access my azure anymore: 1. I wanted to integrate the MS TEams into my Google account 2. To do this, I had to create an account via Azure - i was told on different platforms 3. But since it's the same email address (***@gmail.com) - I couldn't invite myself as an internal user, (I already was one!) so ... I turned myself into a guest user and wanted to invite me again. Obviously, this did not work - and now I can not access azure anymore - Can someone help me how to restore my account? Here the error messages i got: { "sessionId": "448959718eec490b89d366bb329cecec", "errors": [ { "errorMessage": "interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'b677c290-cf4b-4a8e-a60e-91ba650a4abe'(AzurePortal Console App) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: c5672f20-06a6-421d-91d3-33ec930b3e00 Correlation ID: 304caf2a-0555-4935-bdb2-7724571ffebe Timestamp: 2024-10-15 10:35:32Z", "clientId": "b677c290-cf4b-4a8e-a60e-91ba650a4abe", "scopes": [ "https://management.core.windows.net//.default" ] }, { "errorMessage": "interaction_required: AADSTS16000: User account '{EUII Hidden}' from identity provider 'live.com' does not exist in tenant 'Microsoft Services' and cannot access the application 'b677c290-cf4b-4a8e-a60e-91ba650a4abe'(AzurePortal Console App) in that tenant. The account needs to be added as an external user in the tenant first. Sign out and sign in again with a different Azure Active Directory user account. Trace ID: a889d113-15ce-4c6d-9b36-f62228521f00 Correlation ID: 0625b216-085c-40df-9547-e233841dac35 Timestamp: 2024-10-15 10:35:32Z", "clientId": "b677c290-cf4b-4a8e-a60e-91ba650a4abe", "scopes": [ "https://management.core.windows.net//.default" ] } ] }azure board what is the max page size limit for get project level iteration api
i am using classificationnodes iteration api what if the number of project level iterations exceeds this limit how can we retrieve the next set of iterations using pagination? can we use filter as search iterations by name ? can we user top and skip for this api? please explain the use of parameter and any example if possible.Azure Policy require multiple tags with values
I have a policy that requires specific tag with specific values (json below), but I want to require more tags within the same policy also with specific value and not sure how to do it... Is there a way to add more tags with specific values to the same policy? For example, I want to require two tags: environment with prod/non-prod and department with Infra/Finance Is it possible? Thank you! { "properties": { "displayName": "Require tag environment and its values on resources ", "policyType": "Custom", "mode": "Indexed", "description": "Enforces a required tag environment and its value. Does not apply to resource groups.", "metadata": { "category": "Tags", "createdBy": "" "createdOn": "" "updatedBy": "" "updatedOn": "" }, "version": "1.0.0", "parameters": { "tagName": { "type": "String", "metadata": { "displayName": "Tag Name1", "description": "Name of the tag, such as 'environment'" }, "allowedValues": [ "environment" ] }, "tagValue": { "type": "Array", "metadata": { "displayName": "Tag Value1", "description": "Value of the tag, such as 'production'" }, "allowedValues": [ "prod", "non-prod" ] } }, "policyRule": { "if": { "not": { "field": "[concat('tags[', parameters('tagName'), ']')]", "in": "[parameters('tagValue')]" } }, "then": { "effect": "deny" } }, "versions": [ "1.0.0" ] }, } }Powershell Script to remove all Blobs from Storage account
With large number of Blobs in Storage Account, the manual cleanup from the Portal is more complicated and time consuming, as it's per set of 10'000. This script is simple and and can be executed in background to clean all items from a defined Blob Container. You have to specify the Storage Account connection string and the blob container name. [string]$myConnectionString = "DefaultEndpointsProtocol=https;AccountName=YourStorageAccountName;AccountKey=YourKeyFromStorageAccountConnectionString;EndpointSuffix=core.windows.net" [string]$ContainerName = "YourBlobContainerName" [int]$blobCountAfter = 0 [int]$blobCountBefore = 0 $context = New-AzStorageContext -ConnectionString $myConnectionString $blobCountBefore = (Get-AzStorageBlob -Container $ContainerName -Context $context).Count Write-Host "Total number of blobs in the container Before deletion: $blobCount" -ForegroundColor Yellow Get-AzStorageBlob -Container $ContainerName -Context $context | ForEach-Object { $_ | Remove-AzureStorageBlob # or: Remove-AzureStorageBlob -ICloudBlob $_.ICloudBlob -Context $ctx } $blobCountAfter = (Get-AzStorageBlob -Container $ContainerName -Context $context).Count Write-Host "Total number of blobs in the container After deletion : $blobCount" -ForegroundColor Green It was used for large blob storage container with more than 5 millions of blob items. Sources: https://learn.microsoft.com/en-us/powershell/module/az.storage/new-azstoragecontext?view=azps-13.0.0#examples https://learn.microsoft.com/en-us/answers/questions/1637785/what-is-the-easiest-way-to-find-the-total-number-o https://stackoverflow.com/questions/57119087/powershell-remove-all-blobs-in-a-container Fab
Sign in to Azure DevOps
The https://dev.azure.comURL redirects to the landing page for the Azure DevOps product. I used to promote this as an URL to use to login to the product. Since this year the page is missing the "Already have an account? Sing in to Azure DevOps" link. As far as I can see there is no way to login to Azure DevOps trough this interface now. There is the usual "sing in" in the top right, which will redirect you to the azure portal (or at least for me it does). How are we supposed to login to Azure DevOps? Old login:
Recent Blogs
- 13 MIN READRAGHack 2024: Recordings and Slides Now Available! 🚀 This year’s RAGHack brought together developers, engineers, and advocates from around the globe with over 30 live streams in multiple languages...Dec 20, 2024
- Many applications offer chat with automated capabilities but lack the depth to fully understand and address user needs. What if a chat app could not only connect people but also improve conversations...Dec 20, 2024
