Welcome to episode 347 of the Microsoft Cloud IT Pro podcast recorded live on August 9th, 2023. This is a show about Microsoft 365 and Azure from the perspective of it pros and end users where we discuss a topic or recent news and how it relates to you. Today we have another guest on the show as we sit down with Merrill Fernando, a principal product manager, and a Microsoft Cat team to discuss the tools and content Merrill is building to support Microsoft Enterra customers.
We also may discuss the Azure ad rename a little bit as well. So let's get into the discussion. Here we are, Scott, once again. Once again, not on a Friday. Once again on a Sunday, Wednesday, Wednesday evening for some of us. Not Wednesday evening for all of us though. Yes. Well we have a guest here. So Scott, we mentioned Meryl, I can't remember, we first talked about Meryl an episode or two ago when we started talking about intra Meryl. You're super active on social media.
You've created a bunch of tools, but you're also a principal product manager in the Microsoft CAT team with a focus on the Microsoft graph for identity, which ties into what was formerly known as Azure ID now is known as Enterra id. Anything else you wanna include in there about you? Like some people may not even know what even is a Microsoft CAT team. So do you wanna tell us a little bit about you intro to give us a little bit of your background and what you actually do at Microsoft?
Absolutely, Ben. So I'm part of the Microsoft intra team. We fall under the security division now. We used to be part of the Azure world before and now we've, they've moved all of the security products under like one leader under Charlie Bell who came over from Amazon. So there's this big focus on everything security, and I'm part of the intra Microsoft intra team. I need to remember, remind myself that it needs to be Microsoft enterra. I'm not supposed to say just enter intro on its own
as part of the Microsoft Enterra team. My role is, we are part of the engineering team, but we work with customers. So my, I lean towards working with customers and we are sort of regional based. My entire team is spread, spread out across the world. I'm in Melbourne, Australia, and I work with some of the very large customers who are deploying Microsoft Andra and helping them make the best of what they already have.
And one of the key part of my role is to make sure that the feedback from these large customers, it's taken into the product. And even early on when the product is being built, we have folks coming, the PMs coming and talking to our customers, getting their feedback even before they've written a spec. Right.
So that sort of, that continuous feedback loop is there. We, so this is with the larger customers, we do this, but we also have a forum called Microsoft Intra Advisors where we have bunch of people from MVPs, everyone else involved, and that's a different forum where we get feedback from that space as well. Got it. Very cool. I think I actually just joined Enterra Advisors a few weeks ago. I looped myself in there. Now, whether I have time to participate much or not,
we'll see. Just ask Scott. I I have a problem saying, no. Ben likes to install betas, so if you have access to a beta, anything , you can go ahead and and put it out there. And, and I think Ben also like much to, you know, the shock of all of us likes to just click buttons and gets hands-on with things. So sometimes I've seen him do those things like, oh, I'm just gonna deploy this conditional access policy and see what happens,
right? I've been a fan for a while. Like I, I kind of watch from the sides. I'm, I'm always interested in kind of content creators, you know, like having a podcast, doing YouTube, all those kinds of things.
I'm interested in how other folks approach it and one of the things that I've been a fan of with lots of the things that I've seen, and I'm gonna say you like, there might be a team behind it, but I, but I've seen you putting out a lot of things like cmd ms like Ben and I spent a whole episode on that thing once just talking about like, Hey,
this is great. You can go here, here's a resource for you by the way. Like, it's all just D n ss based, go ahead and click this, remember this one u r l. And as stuff changes on the backend, like we talk the whole transition from Azure Active directory to Microsoft, enter, id, it's all just kind of kind of like work for you, right? It's, it, it's, it's all magical and it's goodness.
And I think one of the things that I really like about the content that you put out, especially on social media, like I love the tooling, but with social media, like you've been doing these little cards lately and they're super just actionable. People can learn new things. Like you, you had one, I was trolling your, your Mastodon account earlier today. It was one about being able to do dynamic groups with new, higher new new employee dates, hire dates out of 18. I was like,
I didn't know that was there. Like I didn't even know it was added. Like when did that get added? It's really great the, the work that you do. So I imagine most of that gets borne out of working directly with some of the large customers like you mentioned and being kind of closely aligned to product and, and that entire stakeholder feedback loop. Yes. Yeah. So one of my day jobs, like the bulk of my time is spent learning upon new things, things that haven't been published yet.
is still engineering is building it, and we, uh, we are going through the specs, but what, and we do like various learn docs and that we, when we publish, there's heaps of, uh, content that we produce. But what I noticed is yes, I, I introduced them to my customers. N D a, they have the N D A and you know, I, they know heads up like even before anything comes up on public preview about those features, but for everyone outside, it's just a lot of information for them that's coming at them from
different sources, right? New features, the cloud is always moving. So I wanted to be able to like help people just get things in a few seconds. Like that's my goal with everything that I post. Um, sort of make it easy to consume, at least you can just file it away at the back of your mind. And that's the thing that I didn't notice most people doing. And that's been my sort of way into the social media and I just stumbled across it. Like I was like, Hey, this is a cool thing, .
And I just posted it and people sort of seemed to like it and it sort of just kept on going from there. And I just do it outside of my, my actual day job. But it's related in a way because I'm already in that whole feedback loop cycle. And this just helps me, you know, reach out to people who might never, I might never get to work with and share that information.
Very cool. I'm curious, that's the whole content creation, but I look at all the stuff you've done and we're gonna start talking through some of these too. Meryl, I'm convinced that you must not sleep with not only the amount of social media you do, but the amount of tools that you've put out.
We talked about the cmd.ms for that central portal, uh, but that like just scratches the surface of some of the stuff that you've done to kind of help the community, help end users, help people like myself managing all of this stuff in enterra. I have a list of them here, but do you have a favorite one or one of these that you've put out that you especially like or especially proud of that is kind of your favorite of everything you've done or one that you really enjoy talking
about? So. The one that I put in the least effort and one that I like a lot is obviously c md.ms, right? Like, it just came to me and almost every tool I've built is basically for me, like I , I had this thing where, hey, I, this is frustrating for me. I need to, I need a different thing. And so that's what gets me motivated to build uh, stuff and coming from a dev, like we all from dev from SharePoint and all those days we just built all these different things to help help us out all the time.
And we had to build a lot of that in the SharePoint world, , right?
various apps and toolkit. So that's one of my reason, like to solve my own problem and I was like always opening up pages to my customers and in a hurry I need to get to conditional access page and show something and I was in the middle of presenting and I have to click on multiple things, uh, or they'll ask, you know, how do I go to change these M F A methods and I just need to click, or sometimes the menus have moved and I don't know how to get there.
So that's the reason I thought, hey, this should be, should be easier. And uh, just over the weekend I just took me a day or two to like really come up with a working version of that and uh, the domain was like, hey, this domain is available. So that just made it, uh, a lot more easy and the, my domain renewal is coming up.
So it's almost like one year since um, I introduced that and each one of the most visited sites, like I get, uh, at least like five k uh, sort of, uh, visits a day on, on that seems that I. Miss. I can see how that's handy. Again, kinda like Scott said, keeping track of all the admin centers and the URLs and where they're and where
they're going is confusing. Another one that you came up with recently, and I have used this one a fair amount, is with the whole shift from Azure AD to Enterra and or to Microsoft Enterra. I don't work for Microsoft so I can probably say just enterra, but I will try to remain correct here is this Microsoft Enterra mind map.
And I have struggled with this myself is after using Azure AD for like 8, 9, 10 years, I know where everything is and now I go over to enterra and things aren't always in the same spot that they used to be or under the same sub menus. It just all looks different. So you created this Microsoft Enterra mind map and I'm wondering is this kind of the same type of thing you started using enterra and you're like, I don't know where anything is anymore and it's a map for you.
This is another one of those that I have found very helpful as of late. Yes, that's exactly the thing. So when I was first told about this role, I was like, this the role that I'm in right now, I was like, watch so much in Azure 80, like it's just an 80, you log in and there's users and group, like why do you need a like whole team and you need someone?
But once I joined the team, it became so obvious there's like so much that's happening, so many new features and like for my posts, I'm sure people would see, right? Like it's almost, I started this RA newsletter and I thought I might not have content, but there's always new stuff coming out every single week.
The whole idea that, and it's, it's growing, right? It used to be I J A D. Now the family of products related to that is growing as well and that's one of the reasons behind coming up with that name intra because we initially started out with the permissions management, we acquired Cloud NOx, then we have ID governance, we have what used to be B two C before as well. So it's more than just a directory service now. And even and some of the folks that I speak to stakeholders, they're like,
this is only working with Azure. Like why, why would I have my A W SS sign in hooked up to Azure? Right? So that sort of confused and so it, it, that's one of the biggest reasons I believe that we wanted to create one single brand under intra and say it's not just Azure, not just Microsoft, the the suite of products that we're building and with the newest offering we announced with uh, the network access, the Microsoft's SS s e solution, you can use it without any of uh,
Azure or M 3 6 5 being involved in, in those flows. So that's the reason. And if we had kept Azure AD the same, it would've been very confusing where everything else was Microsoft enterra and then you had just Azure AD being different. So it just aligned it,
uh, with that. Got. It. So that was one, and I know this question kind of came up in Discord even before we started talking to you today and it's been a slew of discussions on social media, so we don't need to spend a lot of time on it, but a lot of people are like, it used to be Azure ad, it's been Azure ad for, I don't know the exact time, but it's in that eight to 10 year timeframe. And I was one of 'em where I'm like, why didn't we just rename this eight years ago when it first came out?
And there was all that confusion around Azure AD versus waiting till now. But it sounds like a big part of that was, I mean, eight or 10 years ago there wasn't all of this other functionality and as exactly, yeah, kind of the ID platform, the security platform has grown. There was just that need to kinda wrap it all up under a single brand. There was. No conditional access. Like there was no even, there was no M f A , everything like those were all acquired.
Even today you can see the last remains of the M F A you, if you go to the legacy M F A portal, you can see it's the, the very old school view. So you can still see that where you set up some of the system, the M F A settings. So, um, that's still there and we, we are purging some of that. But so when, when Azure AD first launched, none of that was there.
Like there was no conditional access. So everything it's been building up, but in people's mind there were a lot of folks who are just thinking of it as just a directory service for Microsoft 3 6 5 or directory service for Azure and
it's a whole lot more than that. And this, the mind map for me was a way to show that it is a lot more like I, I started the mind map even before in was announced a bit Azure 80, because even when it was Azure 80, there was so much involved and as an admin you wouldn't even know there were things, there were certain features unless you sort of looked at it from a, like you took a step back and you couldn't really see that in the docs or when
you go to the portal because you had to drill down a few stay steps to go and see some of those unique parts of the portal. I always forget about that, like just as things grow up, you know, you made the comment earlier like why would an a w s customer not recognize that they could use ENTRA ideas and any, uh, as an identity provider it's like 50 50. It's probably not so much that they didn't recognize they couldn't do it, it's that it didn't have the feature at the time that they needed. Right?
Like I used to work a lot back in my SharePoint on-prem days with customers doing I D F SS deployments and we weren't doing a D F S for the sake of A D F ss. We were doing a D F SS because we had an alternative provisioning system for user identities and then it was tied into FIM or MIM and you know, we had all these needs around custom claims and customizing SAML tokens and pushing things through a real pipeline and they're like,
just stuff wasn't there. And then today you go look at enter id and it's like, oh wait, I can actually manipulate claims and do custom attributes and all these kinds of things and maybe I can tie them in with M F A and if I tie them in with M F A and conditional access, like what does that add up to and what does that thing mean for me? Well we're, you know, even things like branding , like I always forget to like, to the degree to which like branding is important for customers and it's like,
oh yeah, yeah, you, you can go do all that stuff, have have fun. There's, there's a whole lot here for you to look at. Go figure out your licensing first if you can figure it out and then come back and functionality will just manifest magically. Yeah. And you mentioned branding. That's something I'm tinkering with, something that I'm planning on adding to ID power toys. There's a lot you can do in branding. It's not very apparent.
There's lots of features being added on the ID login page that you can customize. So I'm intrigued you're gonna build like the lookbook for ID branding and bring that up. And then I gotta push back a little bit 'cause you said you build these tools for yourself. So you have another power toy called the Conditional Access Documenter and it documents your conditional access policies inside of PowerPoint. Why did you need that for yourself? Because.
I was with a customer and they were having issues with conditional access, right? Like they're saying I'm going to introduce this policy and making this change. Why is it not working? But conditional access is a, is a join of all the other policies that you have. So if your user is in scope for multiple policies,
then you need to understand what all the other policies are. So I am, as a consultant, you can, who was looking into their policy, I couldn't just look at that one policy and tell him this is the way to do it. I needed to know what he had in in all of the other policies.
And the problem with the blade view is you need to click and even just looking at one policy, you click between different things you need to remember, okay, he had that selected, then you click on the grant section, the other blade goes off, you are looking into something else. So you just remembering what's in one policy takes a lot of cognitive effort. So I wanted, hey, wouldn't it be nice if I could just look at this whole policy in one view?
And then, so we all always had sort of j ss o n exports of it, which is good, but it was like long string, right? And you couldn't really make much sense of it once it goes into like two pages. And that's, that's why then I thought, hey, I can do this. It actually started as I wanted to build a way to see all of the policies in one view. That became bit hard.
That's my vision to say I want to combine view of all the policies or at least, you know, if it's M f a, I want to combine all the MFAs and see how they interact when I use science in. But that became too hard to implement. So I just did a basic version for now, which is just each policy at a time and it's fairly easy PowerPoint to just page up and page down and you can quickly flick between them. It's, uh, so that was very exciting for me to like see it come to life and
build it as I go. Gotcha. Now it, it's a, I was playing around with that one just in a test tenant to see, I was like, oh, this is really cool. I could've used this once or twice, like back in the days when I was a consultant and helping folks out. Like, like in that mindset of like, yeah, absolutely, like let's sit down and do a, a kind of wrap or review of your environment and, and see what's happening.
So it it's, it's just another one of those things that's just kind of hanging out there and you go like, oh yeah , let me pick that up and click some buttons and see what happens. It just takes a little bit of permissions in the graph and and making sure that you can pull all that stuff back out. Absolutely. I would agree. Do you feel overwhelmed by trying to manage your Office 365 environment? Are you facing unexpected issues that disrupt your company's productivity?
Intelligent is here to help much like you take your car to the mechanic that has specialized knowledge on how to best keep your car running Intelligent helps you with your Microsoft Cloud environment because that's their expertise. Intelligent keeps up with the latest updates on the Microsoft Cloud to help keep your business running smoothly and ahead of the curve.
Whether you are a small organization with just a few users up to an organization of several thousand employees, they want to partner with you to implement and administer your Microsoft Cloud technology, visit them at intelligent.com/podcast. That's I N T E L L I G I N k.com/podcast for more information or to schedule a 30 minute call to get started with them today. Remember intelligent focuses on the Microsoft cloud so you can focus on your business.
I've struggled a lot with conditional access policies more from like you said Merrill to try to figure out what's going on when you go into a tenant and there's 10, 15, 20 different conditional access policies and you run even the what if tool that at least tells you what applied and what didn't apply. But it doesn't always clearly document out, okay, how is this one configured to cause it to apply? So being able to just have 'em all laid out in front of you like that is really
helpful. Or even customers, customers still like documentation too, right? They still like to know what got created in my tenant, how is it configured? So if I ever need to go recreate anything I can. So, uh, being able to just quickly spit that out like that I have a lot of other services that I would like to see something similar for Meryl, if you have some more free time , uh, I can start providing you a list of other things to document within that
Microsoft 365 suite . Yeah. It being visual I like I'm a visual person and it's sort of like it helps people in this world where everything is like moving so fast, right? Like you just want to quickly understand things and uh, like having a visual really helps. You've. Gone that extra click stop. I'm usually happy if I can just figure out how to like parse the j ss o n response from the, you know, random rest. A p I like oh, oh okay,
I made it this far. Good. I've got a C S V. Let's stop here. true. Yeah, so I have another one you've created. We're just going through the list of Meryl's awesome tools here. I somehow missed this one and everything you have created and this one isn't necessarily as graphical. This one spits out a bunch of JSON files, but this is your Azure ad exporter that it's a PowerShell module you built that like goes through your entire, well you're gonna have to change the name of this Merril.
It can't be the Azure ad exporter anymore. , it needs to be the Microsoft Entra exporter. Uh, but it essentially exports your entire configuration of Azure AD or Microsoft entra ID and Azure AD B two C into these JSON files. Yeah, so this came, this was one of my very first hackathons. So a lot of these, some of these toolings were all came from hackathons that I worked with with
other colleagues. So we came up with this idea of hey, like by like just a way to have an export of things so you can maybe have an audit history. Like we know everything goes to the audit log but it's a diff bit difficult to pass. Like who changed which conditional access at which time or who flipped this setting in my tenant. So, um, we thought of like why not just have a J output export it, keep pushing it into Git and then you get a nice history of what setting changed
in that process. So that's was the, the idea behind that. And a few of my colleagues we got together and built this during that hackathon and uh, yeah it, it's been uh, used quite a lot. I need to update it a little bit with some of the newer stuff that we've added but yeah, it's one of, I just checked yesterday, it's one of the my most starred repositories on, on GitHub. So people are really liking that. Yeah. And this exports, I mean this exports a lot of information just looking through
your documentation here. Exports looks like users, groups, external identities, roles, admin units, applications, bunch of stuff from identity governance, from application proxy, all the licensing domain names, company branding. Like this isn't just like export my users in licenses. This crawls through your conditional access policies. I saw those down in here. Yeah, it exports all of those. This exports a lot of information out of Azure, we'll call it Azure ID for now. Yeah.
It takes a long time to run like, because I work with large tenants who have like massive number of uh, users. So it does takes, it takes a long time. Like it can take a day sometimes to run with those larger tenants. So by default we don't do users. So if you just run it, we basically take just a config because that's what is more valuable, right?
Like your conditional access policy or authorization policy and various settings and uh, we export that as the default, but you can opt in to do a full export if you want to. And while I have this, I should call out this M 365 D A C, which is an awesome tool which does a lot more, I didn't know about it when I built the I J D exporter, but I still think that they serve slightly different purposes. Like my intent here was to have it in Git.
So you have sort of like a Git repository or a history of uh, the changes that happened in your tenant and uh, we give instructions on how you can set up your Azure DevOps to commit. You set up a bill pipeline so it runs daily and just keeps committing your, the history of your tenant.
Got it. So that was kind of some of the purpose of this was not necessarily that one-time export but to run a daily or weekly, however often you wanted to run it and be able to essentially do like a comparison of those Jason files and see what changed day to day, week to week, whatever, when conditional access started acting up and you could see who changed what settings and a policy. Yeah. Because I used to work for an organization before I moved to Microsoft and half
the time you were like, who did this change? Or like when did this happen? Did somebody turn this on today? And you can get them from the audit logs but you need to go and search for and you know, know which event. So this either like an easier way to say, hey, this has not changed for the last month. So it's definitely not something any one of us did. Right? That question, Hey, this doesn't. It's universal truth. Okay, who changed what And everybody says it wasn't me, I didn't touch it. .
Yeah. Like the shaggy song . Didn't come from my machine. Yeah, something that's absolutely true. all over the place. Can you build one of those for the Azure audit log? Like that'd be great. Like just the the activity log, you know like, like the built-in one that's in Aon, like just, just gimme like that export for 93 days. J S O N I'd be all set. Isn't. That called log analytics Scott?
Yeah, but I don't wanna pay for log analytics. , let's be honest, like J S O N files and a free get repo way more economical than anything else that we've talked, you know, I'd hazard to guess you could even run the Azure ED exporter, which will be renamed at some point to the entry ID exporter as the Microsoft and in a, in a, in a free Azure Microsoft DevOps project. , yes. Oh sorry I I dropped the Microsoft I'm, I'm not even good at the branding thing. .
Oh man. So what else? You've got a couple other ones here. Graph X-ray, this is another one of your tools. Meryl go from the Azure portal actions to Microsoft Graph PowerShell in seconds. This one has the beta A moniker on it. You have it labeled as a beta. What is this Graph X-ray one. This is another one that I don't think I have used or run across before. This is more for people in the Microsoft 3, 6 5 space and I guess in like a lot of the Intune folks like it.
So we usually go do something in the portal, right? Like you create a dynamic group and you set the select the settings, the filters and you hit save. Now you're like okay I need to deploy for production, I need to deploy, write a script that creates that group. I need to create multiple versions of it. Like what's the partial command to do that?
And usually you'll need to go search for creating a group then figure out how do you pass those parameters and then write the actual script, test it out. So this is sort of like a recorder where you turn it on in uh, it's just a Chrome extension. It looks at all the traffic that goes us. Or usually people just do dev tools because the portal is using graph APIs to do the changes.
So this just takes it those a p I calls REST API calls and converts them to graph using the same A P i that's used to create generate the documentation. So we like if you go to the graph docs, you have tabs for each language. So we only write the rest version of it and then we, it generates the, the devs a p i generates the different languages. So this basically gives you the code in c a partial instead of a static question.
It gives you the graph calls for your language in based on what you're doing in the portal. Now support for that differs based on the portal because not all of the Azure portals use graph A P I. They use some use first party APIs but something like Intune is a hundred percent graph A P I. So anything you do on Intune, you can just get the script to that in in a matter of seconds. You can get the power shell script for the actions that you do. Got it.
What about Microsoft entra does this work in the Microsoft enter portal? It does work in it. It basically works in any portal that has that is calling you to graph a P I. So even if you're building teams and you open teams in the browser and you have an add-on that's calling graph, this extension will take and it just shows it in a nicely formatted view. Like you can always use dev tools but this shows in a nicely formatted view and
it also gives you your language of choice. Hey I want to see it in JavaScript. So it gives you all the JavaScript calls. This might end Ben, our never ending debates about update MG user and the ridiculous number of parameters that are available on that commandlet. Like it could make your life ever so slightly easier. I still have my pet peeve about the parameter that doesn't work and it needs another commandlet. I can't remember which one that is right now. That was update MG user extension.
Not to be confused with update MG user or one of the other, I remember these things for you. I'm like a walking catalog of commandlets that no. It wasn't the user extension, it was update MG user. I'm gonna go find it. You have to come up with a question for Meryl so I can go ask him about this. I put it in the chat for you. You can let me know about that and I can like that's part of my, what I do with those APIs.
It's interesting, like I always, I spend a lot of time with Azure customers being in Azure storage and we're always like, uh, you know you have those moments with customers where they go like, oh the portal does this, how do I do it? I'm like, oh it's the same rest APIs that you would use as a customer. Like all these tools are just expression generators. So typically the and 99.999% of the cases that I can think of for the Azure portal,
all those APIs are publicly accessible. Or you go to create a resource in Azure, you click next, next, next create, it generates an ARM template. Great. The portal is simply an arm template expression generator. Like have fun, make your life a little bit easier. You know, use these kind of tools to your advantage like they're there.
Like you're not meant to click next, next, next for your entire life, but at some point you know, you you can move beyond that and use these as an accelerator to get you there. And in our org in the Microsoft enterra we are a p I first. So every feature, the a p I is built first and then only the UI comes along. So like you can't release, basically a team cannot release a feature if the A P I doesn't exist. We're the same way on our side.
Like I can't manifest a feature in storage until it's in our resource provider. Okay, Meryl, I found it. I have my question. Question update. Dash mg user has a parameter of dash manager that doesn't work and you have to use set MG user manager by ref and then pass it in the manager. Yes. Pass it in like the body parameter with all the O data information for the manager and nobody seems to know why the dash manager parameter there is on update MG user. I can definitely look look into that .
That's my question. Not to put you on the spot or anything, but that was my, that was my question I ran into the other day. I was just waiting for Marilyn to like slowly duck down outta the frame like, oh I'm not here anymore. . Yeah. There are lots of these paper cuts like this because the rest a p I doesn't
translate well to the PowerShell way of doing things. And we are trying to, we have this layer that's converting the commands into post and patch and, and all of that and it's not always what a partial person expects right there. So , that's one of some of the friction that we have and we are looking at ways to address that because yeah, it, it's not ideal. If you want some hints ditch auto rest and start actually writing the stuff from scratch , it's really the only way around it.
I think it's a contentious thing all over the place. Like you great, you've got an a p i, it's got a swagger definition. It spits out one side. Like, so the way to scale those things is certainly like auto rests, auto doc generation, like all the goodness that comes from it. But it does present that level of friction. And then, then, then you go back like, I I feel your pain we're, we're always doing this on our side too. Like hey, uh, that thing needs to be changed.
Different, right? So our customers, like there are PowerShell folks, but now with N I D uh, with all the network stack, there'll be a lot of C L I folks who will be coming in wanting to create conditional access policies and so they won't use PowerShell. So our catch is now like, okay, we build this, then we build c l I, like if we'd hand build these things, it's just going to take a lot of effort.
And that was one of the problems with Azure partial, it was handwritten, but it was always trailing behind the APIs then like customers go like that's the a p i why can't you, why doesn't it work in PowerShell? Because they're always playing catch up and, and the rate of change is massive, right? So and doing it for that then doing it for Python for different c l i, it's that scale of things that um, I mean it's a hard problem. Like if you easy somebody would've solved it already.
It's tough. Like you have to pick and choose your, your battles for sure. I know I'm sensitive to it 'cause I know the size of the teams that build these tooling, build this tooling and you know, somebody on the outside might think like, oh my gosh, there's gotta be what like 50 60 devs on Azure AD PowerShell and you're like, eh, like drop that number down. Oh, what? It's only 10. I was like, eh, probably drop that number down a little bit more.
Like I know how many do like our management plane tooling and it's not a lot. I mean I even know like I I manage our SDKs for storage. It's like we don't actually have that many devs at the end of the day that that can make the world go round. So we really do like try and rationalize and, and pick and choose our battles and move them through. And I, I encourage customers a lot to explore the APIs.
Like you've been given a set of tooling and the reality is like if you're not spending time managing servers, like great, you don't have to maintain A D F SS anymore. How much time were you spending maintaining certs and doing updates and like take those hours a month and spend them consuming APIs and potentially building your own, not bespoke tooling, but your own tooling that follows the specs that have, that have been outlined and can keep you moving forward.
And I think there's just a friction there. Like you said with like PowerShell folks, they see like, oh, invoke, you know, web request or you know, invoke this rest a p and they go, oh, that feels icky. It's like, I get it, but that's, it's. Like developer. Stuff. That's, that's reality. It's, it's, it's, it's where you gotta be. I didn't. Come from the SharePoint dev world, I came from the IT pro world. I don't like calling rest APIs, . .
And so to solve one of that is why I created these graph samples where the community could contribute and um, we can sort of, I dunno if that thing is correct, but yeah, say k ms slash graph sample. So where anyone can contribute scripts they've already written because if you figured out for example, the manage thing, you share it, then the next person doesn't need to go through that pain. So that's what we're doing right now. It's in,
we are trying to move it into the Microsoft report. So, uh, those contributions can be used by the docs team. They can take those and put it in the docs itself because the real world examples are lot more valuable, right? So we are working on that.
So that's for me, like I saw this problem and I thought, hey, like let's, for the power of the community is a lot that can be leveraged and I love what the, like the p and p team and for those folks to do and yeah, like we, we should be able to use that to improve everything, right? Like and not the folks at Microsoft don't know all of the different scenarios and use cases and this is where you can help yourself and others. I might have to come up with some stuff to send you for this Merrill.
I probably have a few scripts in my repository Awesome. That I can add, but I'm keeping this handy too. This is another nice tool to have around. I'm used to going to, who is it? The Office 365 IT Pro folks like Tony Redmond, uh, you know, and some of the repos that that they maintain and have going. So I wasn't aware of this one. Another one to add to the list. Yeah. So. I made it really easy where you just hit new discussion and just,
you can copy and paste stuff. Doesn't matter what like how it is, just paste it and that's it. So removing that barrier because you do PRS and stuff, people like, ah, that's, I don't even know gi like some of, a lot of the admins, it's new to them, right? So this is just, uh, I wanted to keep, make it as simple as possible to contribute. Yeah. I could talk all about that. Again, coming from the IT admin side of things, Jason and GitHub and REST APIs and all of that.
But I know we were supposed to go up until about three minutes ago, so we're running short on time and I don't know if anybody has meetings to go to for Merrill or Ben or kids to go to for Scott. But one last thing, you also have a new weekly dose of Microsoft enterra, a newsletter that's out here for maybe those listeners that wanna keep up on enterra, what's going on? You put in here the latest news, blog posts, videos, all kinds of stuff that you send this out weekly.
I believe I'm subscribed to it. I get it. Look through it every week. So this is a nice newsletter, entra News if you want to go there and sign up. Anything else, Meryl, anything else you wanna tell people where they can get ahold of you? We can put social links to find you two in the show notes, but anything else you wanted to cover before we wrap up here today?
The Introduc News, if anyone wants to sign up, because social media is always like, depending on the feed, , depending on what algorithm decides you, people might, might not see things and uh, you might miss a few things, right? So that's, uh, why I created this and I was a huge fan. I'm a huge fan of the Hacker News, uh, newsletter,
which is just a bunch of links. I I don't, I just want it to be as concise as possible and that's what I, that's the approach I've taken without writing out a lot of text. I just keep it short and have links and bigger part of what I want to do this is there's so much good content, the community with MVPs that everyone else have been creating.
And uh, I feel like that needs to be highlighted a lot more because they really, they are the people who have done it and they can bring in like views that will really help the other admins because in, in our Microsoft docs we talk about feature and uh, when you see the post on the MVPs, they talk about, you know, the work that the issues they face, which a lot of admins would face as well.
So sort of that real life experience helps. And the, there's been so much the community has been, I, I didn't really think there would be so much every week, but we do have lots happening on this site. So I would just say subscribe to the news that that'll give you everything and I try to put in even my posts in that newsletter so you have it in your inbox and you can just again, scan it in a few minutes. If you like something you can click on it or just keep it in your inbox and
search for it later. It'll come up, uh, when you need it. Awesome. Well thanks a lot Meryl. It was fun to have you on the show, dive through some of these tools. Talk a little bit about, uh, your background, where they, where you kind of came from as you were creating these and their uses. And thanks for all the work you've put into these tools too to help all of us consultants, admins, all of us dealing with Microsoft Enterra out as we do our
day jobs. So you have a lot of valuable info in here. Awesome. I'm like super excited I could join you. It's uh, been a lot of fun. , I didn't even know any, anytime. You wanna come back, you know, find us. and I'm late for my next meeting so they'll waiting for me. We'll let you get to it. Such, such is the way of life. It's how we end every one of these episodes. Gotta drop for the next meeting. Yes. . Well thank you all. Alright, perfect. We'll talk to again soon. Thank.
You. If you enjoyed the podcast, go leave us a five star rating in iTunes. It helps to get the word out so more it pros can learn about Office 365 and Azure. If you have any questions you want us to address on the show or feedback about the show, feel free to reach out via our website, Twitter, or Facebook. Thanks again for listening and have a great day.