What can agentic AI do for you? Richard talks to Tim Warner about his work utilizing next generation agentic AI technologies to help with sysadmin tasks. Tim talks about the early lead that Cursor AI took with AI agents capable of writing and executing scripts on your behalf - as opposed to just creating code you can cut-and-paste. Today, GitHub Copilot has caught up with Agent Mode in Copilot Edits, although still in preview, it speaks to a future where sysadmins use these tools to write better scripts for work - and get more done in less time!

Links

• Cursor AI
• OpenAI Operator
• GitHub Copilot
• Copilot Edits

Recorded February 17, 2025

Are some of your team members starting to hate PowerShell? Richard talks to Barbara Forbes about her experiences with teams frustrated by PowerShell. Barbara talks about overcomplicating PowerShell scripts—the kind the most senior folks can create but no one else can maintain. Eventually, nobody will want to touch those scripts. Then there is the question of business value—does everything need to be automated? And by how much? Often, the appropriate solution solves 80% of the cases; the other 20% are best done by hand because the cost and complexity of the last 20% are too high. Focus on the return on investment for the business, and you'll keep the love of PowerShell alive!

Links

• PowerShell
• Pester Testing
• GitHub Copilot
• Bicep

Recorded February 24, 2025

How can Security Copilot help you secure your applications? Richard talks to Ari Schorr about assessing application risk with Microsoft Security Copilot - a new feature in preview in Security Copilot that focuses on application roles and entities. Ari talks about the sheer array of resources that applications depend on, and the many security risks that exist in that space - how do you even get started on the problem? Security Copilot helps to sort through potential risks and help a sysadmin focus in on the most significant risks, especially the low-hanging fruit weak authentication and unused resources. The conversation also explores some of the future potential of a tool like this to detect supply chain attacks, find ways to strengthen and simplify applications so their attack surface is smaller. It's a great time to get familiar with these tools!

Links

• Microsoft Security Copilot
• Midnight Blizzard Attack on Microsoft
• Secure Future Initiative
• Assess Application Risk with Microsoft Security Copilot
• Microsoft Sentinel

Recorded February 18, 2025

What can GitHub Copilot do for SysAdmins in 2025? Richard talks to Jessica Deen from GitHub about her experiences using Copilot for her work. Jessica talks about Copilot being the first stop for most tasks - describing the task to Copilot helps you think through the problem, and often the tool can generate code or information to get that task done fast. Today's GitHub Copilot can handle everything from explaining existing code to writing something new, debugging a problem, or even writing documentation!

Links

• GitHub Copilot
• Changing the AI Model for Copilot Chat
• Visual Studio Code Insiders
• Azure Extensions
• GitHub Spark
• Launch Darkly

Recorded March 13, 2025

How do you write better PowerShell? Richard talks to Jeff Hicks about his latest book, Behind the PowerShell Pipeline, and his efforts to promote writing PowerShell scripts that are easy to understand, use, and maintain! Jeff talks about how making a script work is not enough anymore - you can use GitHub Copilot. The goal is to make the output as usable as possible, whether that is consistent output that is pipe-able or using color coding and column controls to make the results as actionable as possible. This is especially true as your team grows and more than one person works on scripts. Now, you'll want testing and source control, too!

Links

• PowerShell 7.5
• Behind the PowerShell Pipeline
• GitHub Copilot
• Pester
• PowerShell Summit

Recorded February 20, 2025

How are you managing your AI costs? Richard chats with Sonia Cuff about how she's been helping sysadmins understand how AI technology is billed out and how to measure them within a given application and across the organization. Sonia starts with some definitions since the term AI is so broad. It's not just about large language models! The conversation also dives into carbon footprints, and using the FinOps models to help with costing for your cloud infrastructure, whether you're using AI or not!

Links

• OpenAI Tokenizer
• Manage Cost for Azure OpenAI Service
• Sustainable Software Engineering with AKS
• Azure Carbon Optimization
• FinOps Foundation
• FinOps FOCUS
• Phoenix Project

Recorded February 19, 2025

Are you using strong certificate mapping in Active Directory? Richard Hicks returns to the show to talk about the impacts of KB5015754, issued way back in 2022, and how it turned into an enforcement event on February 11, 2025 that might have caused some serious problems for folks trying to authenticate to Active Directory. For most sites, the upgrade to strong certificates was pretty much automatic. But if you're using Intune SCEP, you needed to do some configuration - and if that was missed, there is trouble. There are workarounds for now, but come September 2025, enforcement will be mandatory and everything gets harder, so it's worth looking into it now!

Links

• KB5015754: Certificate-based Authentication Changes on Windows Domain Controllers
• Richard's Blog Post on Strong Certificate Mapping Enforcement
• Active Directory Certificate Services
• Create and Assign SCEP Certificate Profiles in Intune
• Heartbleed

Recorded February 17, 2025

What does it mean to be secure by design? Richard chats with Karinne Bessette about the scope of the problem around making more secure software. Karinne talks about the US government's Cybersecurity and Infrastructure Security Agency (CISA) push to promote more secure software products. The conversation digs into some of the more famous exploits in recent years and some of the challenges of dealing with development tools that require super-user privileges, getting security testing done promptly and responding to exploits effectively when they happen.

Links

• Women in Teams
• CISA Secure by Design
• Azure Kubernetes Service
• Microsoft Security Response Center

Recorded February 21, 2025

What is it like to take care of an Exchange Server in 2025? Richard chats with Michel de Rooij about his work with Exchange, including the many scripts he has written and published over the years to help sysadmins solve problems. Michel discusses how staying on-premises with Exchange is getting harder - the new version will be subscription-based! The conversation also digs into the new version of Outlook, the challenges of securing email, and Michel's latest book Pro Exchange Administration.

Links

• Remove DuplicateItems Script
• Unarchive Script
• Pro Exchange Administration
• Office 365 for IT Pros
• Microsoft Defender for Office 365

Recorded January 9, 2025

How do you manage your CI/CD pipeline resources? Richard chats with Eliza Tarasila about Managed DevOps Pools in Azure DevOps. Eliza tells the story of discovering that teams were using Azure DevOps internally at Microsoft but would need to build their tooling to stand up the resources for testing and deployment. Managed DevOps Pools became the standard way to specify resources like virtual machines and assign them to projects so that they would start up automatically. The resources in the pool can be custom resources in Azure or even on-premises servers! And, more importantly, you don't need to care and feed for the infrastructure used in the pipelines, Azure DevOps will do it for you.

Links

• Azure DevOps
• Create and Manage Pools
• Managed DevOps Pool Origin Story
• Azure DevOps Pricing
• Azure Spot Virtual Machines
• Managed DevOps Pools Documentation

Recorded January 6, 2025