In this episode, I sit down with Jordan Dahl, a Product Manager on the Entra Conditional Access team, to discuss the newly GA'd Conditional Access Optimization Agent. Jordan shares the origin story of the agent, explaining how customer feedback about the difficulties of managing CA policies at scale led to its creation. We delve into how this AI-powered "digital colleague" works to identify and remediate security gaps, its future roadmap including Service Now integration and phased rollouts, and how you can get started with it in your own tenant.

Subscribe with your favorite podcast player or watch on YouTube 👇

About Jordan

Jordan is a Product Manager on the Entra Conditional Access team at Microsoft. Her current focus is on the Conditional Access Optimization Agent. Previously, she was a PM for per-policy reporting in Conditional Access and for Groups within Entra.

LinkedIn - https://www.linkedin.com/in/jordan-dahl-840182127/

🔗 Related Links

* Conditional Access optimization agent in Microsoft Entra

📗 Chapters

00:00 Intro

01:31 The Origin of the CA Optimization Agent

05:08 How the Agent Works

07:40 Autonomous Policy Changes?

12:39 How to Deploy the Agent

16:12 Customizing the Agent's Behavior

23:59 Upcoming Agent Features: Phased Rollouts & ServiceNow

29:45 The Future: A "Digital Colleague"

35:08 How to Give Feedback

41:09 Getting Started: Your Action Items

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this exciting episode of Entra Chat, I dive into the world of Entra + Windows devices with the passionate and knowledgeable John Towles, a solution architect and MVP for Windows 365 and more. We unpack why Entra hybrid join is still relevant for some organizations, explore the ins and outs of Windows Autopilot, and reveal practical tips for navigating the complexities of modern device management. Plus, we share a sneak peek into the upcoming Workplace Ninjas US event and get a special announcement about the Workplace Ninjas US "Golden Clippy Awards", including the finalists for the "Entra IDol of the Year."

Subscribe with your favorite podcast player or watch on YouTube 👇

About John Towles

John Towles is a Solutions Architect at WEI, a multi-award MVP (Windows 365, Intune), President of Workplace Ninjas US, and the proprietor of Mobile-John.com. With over a decade of experience as the face of VMware's Workplace One, John has a deep and unique perspective on endpoint management and cloud migration. He is passionate about helping organizations navigate complex technical challenges with pragmatic, real-world solutions.

LinkedIn

🔗 Related Links

* Microsoft Entra Hybrid Join: Not Dead Yet! (Jon’s blog)

* Workplace Ninjas US

* Microsoft's Entra Kerberos: Bridging Legacy AD to Cloud Auth + MAM on Edge with PM Jordan Gross

📗 Chapters

00:23 Entra Hybrid Join: To Do or Not to Do?

03:13 The Great Migration from VMware to Intune

06:23 Entra Join vs. Hybrid Join Explained

12:52 The Magic of Cloud Kerberos Trust

15:53 Demystifying Windows Autopilot

25:23 Making the Case for Hybrid Join with Autopilot

30:57 Why Cloud-Native is the Future

36:16 Introducing Workplace Ninjas US

39:06 The "Golden Clippy Awards"

41:31 Announcing the Entra IDol of the Year Finalists

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this episode, I sit down with Chetan Desai, a Principal Product Manager on the Microsoft Identity Governance team. We dive deep into a side of Entra that many admins never see: the critical "first mile problem" of getting identities into your system in the first place.

We talk about the evolution from on-prem scripts and MIM to specific connectors for Workday and SuccessFactors and then to the new powerful, generic API-driven approach that can handle any HR system and the architectural decisions behind it. Chetan also gives us a masterclass on how the provisioning engine differs from the Graph API and provides advice for anyone looking to migrate from a legacy Identity Governance and Administration (IGA) solution.

Subscribe with your favorite podcast player or watch on YouTube 👇

About Chetan Desai

Chetan Desai is a Principal Product Manager at Microsoft on the Entra team. For the past seven years, he has been a core part of the Entra Identity Governance and Provisioning team. Before his time at Microsoft, Chetan spent 17 years in consulting within the identity and access management domain , bringing a wealth of real-world deployment and integration experience to his product management role.

🔗 Related Links

* Application and HR provisioning documentation

* Provisioning with SCIM

* API-driven inbound provisioning concepts

📗 Chapters

00:34 The "First Mile Problem" in Identity

04:51 From AD Sync to HR-Driven Provisioning

09:52 The Entra Provisioning Service Architecture

16:17 Hybrid vs. Cloud-Only Identity Flows

19:17 Beyond Workday: The Need for a Generic Connector

27:43 The Great Debate: CSV vs. SQL vs. API

35:34 Provisioning API vs. Graph API: What's the Difference?

43:24 The Latest Evolution: Custom Security Attributes

49:26 Advice for Migrating to Modern IGA

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this episode, I chat with the legendary Tony Redmond, a prolific writer and author of "Office 365 for IT Pros". Tony shares unfiltered insights from his career, critiques the state of technical writing and AI, and discusses the challenges with PowerShell and the future of AI agents in the Microsoft ecosystem.

Subscribe with your favorite podcast player or watch on YouTube 👇

About Tony Redmond

Tony Redmond is a well-known and prolific writer in the Microsoft 365 space. After a long career in large tech companies like Digital, Compaq, and HP, where he rose to the level of Vice President, he became an independent consultant and author in 2010. He is the lead author of the widely respected and continuously updated e-book, "Office 365 for IT Pros," and "Automating Microsoft 365 with PowerShell."

LinkedIn - https://www.linkedin.com/in/tonyredmond/

🔗 Related Links

* Office 365 for IT Pros (Book) - https://office365itpros.com

* Practical 365 - https://practical365.com

📗 Chapters

00:00 Intro

03:50 Tony's career and lessons from corporate life

09:06 The story behind the "Office 365 for IT Pros" book

21:35 Tony's rules for great technical writing

25:31 The problem with duplicate content and AI summaries

36:31 A critique of the Graph PowerShell SDK

45:15 The dangers of AI and the need for guardrails

50:57 Microsoft's mistake: Rushing tech without guardrails

55:04 The cyclical nature of technology and IT challenges

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this episode, I sit down with Erin Greenlee, the Product Manager for App Consent on Microsoft’s App Platform Team. We dive into the critical world of app consent and the upcoming Microsoft 365 secure-by-default changes. We explore the nuances of user and admin consent, the impact of the mid-July 2025, policy shift, and how admins can prepare for a more secure Entra environment.

Subscribe with your favorite podcast player or watch on YouTube 👇

About Erin Greenlee

Erin Greenlee is a Product Manager at Microsoft, specializing in the App Platform Team within the Identity and Network Access division. With a decade of experience at Microsoft, including roles in B2C and domain services, Erin now focuses on consent, authorization, and app roles, helping organizations secure their applications while enabling productivity.

LinkedIn - https://www.linkedin.com/in/eringreenlee/

🔗 Related Links

* MC1097272 - Microsoft 365 Upcoming Secure by Default Settings Changes - https://mc.merill.net/message/MC1097272

* Entra Admin Consent Workflow - https://docs.microsoft.com/en-us/entra/identity/enterprise-apps/configure-admin-consent-workflow

* Configure how users consent to applications - https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent

* Manage app consent policies - https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/manage-app-consent-policies

* Review App Consent audit logs - https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/app-perms-audit-logs

📗 Chapters

02:15 What is App Consent?

03:22 Delegated vs. Application Permissions

07:45 The User Consent Balancing Act

13:58 How Consent is Evaluated

17:33 Understanding Tenant Consent Policies

22:28 The Admin Consent Workflow

31:18 The Big Change: Microsoft's Secure-by-Default Update

41:35 How to Prepare for the Change

49:05 Advanced Delegation with Custom Policies

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this episode, we talk with an identity expert, ex-Microsoftie and Principal Domain Architect, Mark Renoden, about creating a modern Privileged Access Management (PAM) solution for on-premises Active Directory. Discover how to build a secure "Bastion Forest" architecture using Microsoft Entra. We talk about PIM for Groups, group write-back, phish-resistant credentials, Privileged Access Workstations (PAW), securing an Entra tenant from the ground up, and navigating challenges with Cloud Solution Provider (CSP) permissions.

Watch on YouTube

PS. Can I ask a favor? If you enjoyed this episode please leave a review and rating! Thank you 🙏 - Merill

About Mark

As Principal Domain Architect for Identity at Increment, Mark leads the design and delivery of secure, scalable identity architectures grounded in Microsoft Entra ID and aligned with Zero Trust principles. He specializes in helping organisations modernise their infrastructure and navigate complex identity transformations.

Previous to Increment, Mark spent over 20 years at Microsoft in support, field engineering, mission critical and customer experience roles focused on Identity across a wide spectrum of industries in Australia and New Zealand, including Finance, Healthcare, Government, Education and Retail.

LinkedIn - https://www.linkedin.com/in/markrenoden/

🔗 Related Links

* DirectoryShield | Increment - https://www.increment.inc/directoryshield

* Entra Security Recommendations - https://aka.ms/EntraSecurityRecommendations

* Securing privileged access overview - https://learn.microsoft.com/en-us/security/privileged-access-workstations/privileged-access-overview

* MIM - Bastion environment - https://learn.microsoft.com/en-us/microsoft-identity-manager/pam/planning-bastion-environment

📗 Chapters

00:46 Securing Your Entra Tenant

02:09 The Quest for a Microsoft-Only PAM Solution

04:21 What is a "Bastion Forest"?

07:50 Reimagining the Bastion Forest for the Cloud

12:53 Architecting a "Secure-by-Default" Tenant

17:41 Phish-Resistant On-Prem Admins

19:50 The Modern Privileged Access Workstation (PAW)

27:04 The Tiered Administration Model Explained

29:51 The Hidden Dangers of CSP Admin Access

34:29 How Fast is PIM for Groups?

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this very special episode, I sit down with the "Yoda of Entra" himself, Tarek Dawoud, who also happens to be my manager!

We dig deep into the fascinating and often surprising history of Microsoft's identity platforms. Tarek, who has been on the team since 2007, takes us on a journey from the revolutionary launch of Active Directory in 1999, through the creation of the cloud services that battled Google Apps, to the formation of the identity division and the eventual rebrand to Entra.

You'll hear the inside story on how our customer experience team became a "secret weapon" and, most excitingly, we'll look at what the future holds for Identity and Access Management in the new age of AI agents.

Watch on YouTube

PS. Can I ask a favor? If you enjoyed this episode please leave a review and rating! Thank you 🙏 - Merill

About Tarek Dawoud

Tarek Dawoud is a long-time veteran at Microsoft, having been with the company for over 18 years. Tarek currently leads the architecture team within the customer engineering (CXE) organization, where he helps customers deploy Entra, gathers insights for the product group, and works to solve the hardest identity problems.

LinkedIn - https://www.linkedin.com/in/tarekdawoud/

🔗 Related Links

📗 Chapters

00:00 Intro

08:58 The Beginning: The Vision of Active Directory (AD)

14:51 The Consumer Side: Microsoft Passport & The Standards Debate

18:29 A Defensive Play: How Google Apps Sparked Microsoft's Cloud Identity

27:21 The First Merger: Active Directory & Cloud Teams Unite

32:03 The Birth of Conditional Access & The Authenticator App

42:52 The Security Re-org: Identity Moves to a New Home

45:30 A New Era: Rebranding to Entra

48:52 The Future is Now: AI, Agentic Identities, and the End of PowerShell?

Podcast Apps

🎙️ Entra.Chat → https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this episode, we are joined by Maqsood Bhatti, the IAM Principal Engineer at Elkjøp Nordic, who takes us through their incredible journey of migrating from the legacy NetIQ platform to Microsoft Entra.

What's fascinating is how they accomplished this years ago, completely bypassing traditional tools like Entra Connect and adopting a "production-only" environment. Maqsood shares how they built a truly cloud-native identity solution from the ground up, leveraging custom connectors, app roles, and automating everything, including moving off the legacy platform entirely.

You’ll also hear about their advanced use of Microsoft Identity Governance, Logic Apps for custom provisioning, and a strict modern authentication policy that has shaped their identity and access management (IAM) for nearly a decade.

Watch on YouTube

PS. Can I ask a favor? If you enjoyed this episode please leave a review and rating! Thank you 🙏 - Merill

About Maqsood

Maqsood is the IAM Principal Engineer at Elkjøp Nordic, a company that was an early adopter of access automation since 2006. He has been instrumental in their journey from legacy systems like NetIQ to a modern, cloud-native Microsoft Entra infrastructure , championing innovative approaches like custom API integrations and a "prod-only" development environment.

LinkedIn - https://www.linkedin.com/in/maqsoodbhatti/

🔗 Related Links

* Elkjøp Nordic unngår IT-floker med storskala automatisering

📗 Chapters

00:00 Intro

01:10 Early Days & NetIQ Automation

03:34 The Journey to Public Cloud & Microsoft 365

08:23 Custom Connectors and Real-Time Sync

15:08 Embracing Azure, App Roles & Modern Auth

19:29 Password Sync & Skipping Entra Connect

22:57 Decommissioning NetIQ: Challenges & Motivations

27:27 Leveraging Entra ID Domain Services as a Bridge

33:28 Mastering App Roles & Guiding Developers

44:27 Migrating to Entra ID Governance & Logic Apps

52:57 The "Prod-Only" Philosophy & Cloud-Native Mindset

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

Tobias Binkert, Head of IT at We Are Era, and Yusuke Kodama, Product Manager at Microsoft (who specialises in cloud-first identity, among many other things), join us to discuss We Are Era’s successful migration from on-premises Active Directory to a fully cloud-native Microsoft Entra ID environment.

We delve into the motivations behind this significant shift with practical strategies for migrating devices using Microsoft Autopilot, modernizing applications, managing user accounts and groups in the cloud, and overcoming challenges like legacy RADIUS dependencies. Tobias shares the tangible benefits We Are Era experienced, including enhanced security, a superior user experience and increased agility for adopting new technologies.

LinkedIn

* Tobias Binkert - https://www.linkedin.com/in/tobias-binkert-83844810a/

* Yusuke Kodama - https://www.linkedin.com/in/yusukekodama85/

On a related note we ran a poll a few weeks ago asking what your Identity plans were for 2030 and beyond. Nearly 90% of you were looking to go Entra ID first with more than half planning to go full cloud native with Entra ID.

So hopefully this episode with Tobias and Yusuke will help shed some light and help you start your journey to going cloud-first/cloud-native.

Watch on YouTube

PS. Can I ask a favor? If you enjoyed this episode please leave a review and rating! Thank you 🙏 - Merill

🔗 Related Links

* Road to the cloud: Introduction

* Cloud transformation posture

* Establish a Microsoft Entra footprint

* Implement a cloud-first approach

* Transition to the cloud

📗 Chapters

00:00 Intro

03:20 The Motivation: Why Decommission On-Prem Active Directory?

06:23 Gaining Buy-In: Negotiating with Business Units

09:56 The ROI & Cost Impact: Saving 70% on Infrastructure

14:47 Device Migration: Tackling Windows Workstations with Autopilot

25:31 Server & Application Challenges: RADIUS, Printing, and More

32:06 User Accounts & Groups: The Shift to Cloud-Only Identities

44:19 Addressing Security & Availability Concerns of Full Cloud

49:43 Life After AD: Next Steps and Future Identity Initiatives

51:45 Lessons Learned & Key Advice for Your Cloud Migration

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

In this episode we chat with Sapir Federovsky, a Security Researcher at CrowdStrike, who shares her journey from military service to becoming an identity threat researcher.

She discusses her learning methods, the importance of community, and the challenges of keeping up in the fast-paced world of Azure and Entra ID security.

Sapir also delves into specific Entra ID features she focuses on, the critical role of prevention alongside detection, and her experiences as a woman in the tech industry.

LinkedIn - https://www.linkedin.com/in/sapir-federovsky-a687491b0/

Watch on YouTube

PS. Can I ask a favor? If you enjoyed this episode please leave a review and rating! Thank you 🙏 - Merill

🔗 Related Links

* Sapir's blog - https://sapirxfed.com/

* Reportly - https://github.com/sap8899/reportly

📗 Chapters

00:00 Intro

01:17 Early Career Perspectives & Learning Journey

03:25 Transitioning from Military to Civilian Tech

04:25 Learning Cloud Security & The Power of Talks/Blogs

08:19 Building a Tool for Log Analysis

12:26 A Typical Day: Continuous Learning & Community Sharing

15:08 Balancing Learning Old & New in a Fast-Evolving Field

17:38 The Power of Teaching to Master a Topic

19:37 Learning by Answering Questions

21:17 Vision: Becoming the Ultimate Defender & Community Building

23:48 Deep Dive: Graph Activity Logs in Entra ID

27:33 Focusing on Hybrid Environments & Synchronization

29:37 Experiences as a Woman in Tech

36:29 The Shift from Detection to Prevention & Hardening

39:13 The Challenge of Updating Tenant Configurations

45:57 Navigating Organizational Change Management Cycles

50:29 Final Advice: Always Say Yes & Create Opportunities

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill's socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill