What can GitHub Copilot do for SysAdmins in 2025? Richard talks to Jessica Deen from GitHub about her experiences using Copilot for her work. Jessica talks about Copilot being the first stop for most tasks - describing the task to Copilot helps you think through the problem, and often the tool can generate code or information to get that task done fast. Today's GitHub Copilot can handle everything from explaining existing code to writing something new, debugging a problem, or even writing documentation!

Links

• GitHub Copilot
• Changing the AI Model for Copilot Chat
• Visual Studio Code Insiders
• Azure Extensions
• GitHub Spark
• Launch Darkly

Recorded March 13, 2025

How do you write better PowerShell? Richard talks to Jeff Hicks about his latest book, Behind the PowerShell Pipeline, and his efforts to promote writing PowerShell scripts that are easy to understand, use, and maintain! Jeff talks about how making a script work is not enough anymore - you can use GitHub Copilot. The goal is to make the output as usable as possible, whether that is consistent output that is pipe-able or using color coding and column controls to make the results as actionable as possible. This is especially true as your team grows and more than one person works on scripts. Now, you'll want testing and source control, too!

Links

• PowerShell 7.5
• Behind the PowerShell Pipeline
• GitHub Copilot
• Pester
• PowerShell Summit

Recorded February 20, 2025

How are you managing your AI costs? Richard chats with Sonia Cuff about how she's been helping sysadmins understand how AI technology is billed out and how to measure them within a given application and across the organization. Sonia starts with some definitions since the term AI is so broad. It's not just about large language models! The conversation also dives into carbon footprints, and using the FinOps models to help with costing for your cloud infrastructure, whether you're using AI or not!

Links

• OpenAI Tokenizer
• Manage Cost for Azure OpenAI Service
• Sustainable Software Engineering with AKS
• Azure Carbon Optimization
• FinOps Foundation
• FinOps FOCUS
• Phoenix Project

Recorded February 19, 2025

Are you using strong certificate mapping in Active Directory? Richard Hicks returns to the show to talk about the impacts of KB5015754, issued way back in 2022, and how it turned into an enforcement event on February 11, 2025 that might have caused some serious problems for folks trying to authenticate to Active Directory. For most sites, the upgrade to strong certificates was pretty much automatic. But if you're using Intune SCEP, you needed to do some configuration - and if that was missed, there is trouble. There are workarounds for now, but come September 2025, enforcement will be mandatory and everything gets harder, so it's worth looking into it now!

Links

• KB5015754: Certificate-based Authentication Changes on Windows Domain Controllers
• Richard's Blog Post on Strong Certificate Mapping Enforcement
• Active Directory Certificate Services
• Create and Assign SCEP Certificate Profiles in Intune
• Heartbleed

Recorded February 17, 2025

What does it mean to be secure by design? Richard chats with Karinne Bessette about the scope of the problem around making more secure software. Karinne talks about the US government's Cybersecurity and Infrastructure Security Agency (CISA) push to promote more secure software products. The conversation digs into some of the more famous exploits in recent years and some of the challenges of dealing with development tools that require super-user privileges, getting security testing done promptly and responding to exploits effectively when they happen.

Links

• Women in Teams
• CISA Secure by Design
• Azure Kubernetes Service
• Microsoft Security Response Center

Recorded February 21, 2025

What is it like to take care of an Exchange Server in 2025? Richard chats with Michel de Rooij about his work with Exchange, including the many scripts he has written and published over the years to help sysadmins solve problems. Michel discusses how staying on-premises with Exchange is getting harder - the new version will be subscription-based! The conversation also digs into the new version of Outlook, the challenges of securing email, and Michel's latest book Pro Exchange Administration.

Links

• Remove DuplicateItems Script
• Unarchive Script
• Pro Exchange Administration
• Office 365 for IT Pros
• Microsoft Defender for Office 365

Recorded January 9, 2025

How do you manage your CI/CD pipeline resources? Richard chats with Eliza Tarasila about Managed DevOps Pools in Azure DevOps. Eliza tells the story of discovering that teams were using Azure DevOps internally at Microsoft but would need to build their tooling to stand up the resources for testing and deployment. Managed DevOps Pools became the standard way to specify resources like virtual machines and assign them to projects so that they would start up automatically. The resources in the pool can be custom resources in Azure or even on-premises servers! And, more importantly, you don't need to care and feed for the infrastructure used in the pipelines, Azure DevOps will do it for you.

Links

• Azure DevOps
• Create and Manage Pools
• Managed DevOps Pool Origin Story
• Azure DevOps Pricing
• Azure Spot Virtual Machines
• Managed DevOps Pools Documentation

Recorded January 6, 2025

Ready to upgrade to Windows Server 2025? Richard talks to Robert Smit about his experiences doing an upgrade—with a few important dos and don'ts! Robert talks about dusting off your Active Directory setup and ensuring you're at the Server 2016 functional level. The conversation also dives into the new-build-versus-upgrade options, taking advantage of SMB over QUIC and SMB Compression, and much more!

Links

• Windows Server 2025
• Upgrading to Windows Server 2025
• Azure Arc
• Windows Admin Center
• SMB Compression
• Windows Tools
• Remote Server Administration Tools
• Configuration Manager
• Azure Arc-enabled System Center Virtual Machine Manager
• Live Migration with Workgroup Cluster

Recorded January 7, 2025

How can Entra ID Protection help keep your organization resist security breaches? Richard talks to Corissa Koopmans about thinking beyond authentication and authorization and into conditional access - knowing what is normal and abnormal behavior for your users. Corissa recommends looking at the Entra ID Protection Dashboard - whether you have configured anything or not - to see what potential risks you have today. Whether it's logins from places where you have no workers or some "impossible travel" or weird browser connections, ID Protection detects and identifies those events. When combined with conditional access, Defender for Cloud, or even Microsoft Intune - you get a "better together" effect that makes it easier to know when something bad is happening!

Links

• Microsoft Entra ID Protection
• Azure Active Directory Conditional Access
• Entra ID Protection Dashboard
• Log Analytics Agent
• Microsoft Intune
• Microsoft Defender for Cloud
• Microsoft Sentinel

Recorded December 10, 2024

Do you Kusto? Richard talks to Mark Morowczynski about his new book, The Definitive Guide to KQL, and the power of Kusto to look across your Azure tenant and understand operational and security issues. Mark talks about being able to query across all log sets, telemetry, the M365 graph, and more - to help understand issues. The book provides example queries you could run today, including knowing the first and last time a user logged on and what devices they used. There are examples of calculating baseline behavior for an account so that you can see when unusual activity starts. There are a ton of excellent queries for operational excellence and cybersecurity - get started today! And for RunAs listeners, you can use code KUSTO to get 30% off the book!

Links

• Threat Intelligence Blog
• Phishing-Resistant Passwordless Authentication
• Kusto Query Language
• Microsoft Sentinel
• Microsoft Security Copilot
• KQL Guide on GitHub

Recorded December 19, 2024