The future of updating Windows is here! Richard talks to Aria Hanson about Windows Autopatch, the consolidation of Microsoft's various update mechanisms to keep your managed Windows devices current. Aria discusses the deprecation of Windows Server Update Services (WSUS) and the move to always-on cloud updates. The conversation turns to the various techniques for quickly rolling out updates to machines while still allowing the process to stop if there are problems, whether you first update IT wor...
Nov 05, 2025•32 min•Ep. 1009
How can the new AI tools help DBAs? Richard chats with Grant Fritchey about his experiences using various types of LLMs to help with his work as a DBA. Grant discusses having an LLM open as a side window to pass questions by, such as ideas for tuning, query optimization, scripts, and so on. Not all LLMs are the same - it's worth experimenting with different tools! The conversation delves into the long-term picture of AI supporting the DBA role, enabling more work to be accomplished in less time....
Oct 29, 2025•39 min•Ep. 1008
How do you become a cybersecurity expert? While at Cybersecurity Intersection in Orlando, Richard chatted with Paula Januszkiewicz about her career in cybersecurity. Paula talks about insatiable curiosity to understand how things work the way they do - why an exploit happens and following the twists and turns that lead to root cause and permanent solutions. The conversation delves into the balance between education and experience, the types of work available in cybersecurity, and pursuing your p...
Oct 22, 2025•38 min•Ep. 1007
It's time to retire NTLM - but how? Richard chats with Steve Syfuhs about the need and challenge of retiring an ubiquitous authentication protocol first used in the 1990s. While guidance to move away from NTLM has been available since 2010, it has only become feasible in the past couple of years, and Microsoft is now providing tooling to make the transition easier. Steve discusses enabling auditing of NTLM usage - recent improvements will allow you to view which services rely on NTLM. Sometimes,...
Oct 15, 2025•54 min•Ep. 1006
How do you manage for failure? While at KCDC, Richard chatted with Amy Norris about building a culture that supports dealing with failure in a healthy way. Amy focuses on clear communication - about expectations, positive feedback, negative feedback, and more! The challenge is creating a safe place for people to ask questions and talk clearly about what they see happening in the environment. We can only get better when we can see the problems folks are having - it takes time, patience, and lots ...
Oct 08, 2025•31 min•Ep. 1005
How do you know if one of your accounts has been part of a security breach? Richard chats with Troy Hunt about HaveIBeenPwned, a free service that allows individuals to receive notifications when their accounts appear in a security breach. Troy discusses other services available alongside HaveIBeenPwned for sysadmins, including password checking, identifying accounts associated with a specific domain, and more. When considering the cost of managing a customer with an exploited account, being abl...
Oct 01, 2025•41 min•Ep. 1004
You're down - is it your servers, or someone else's? While at the Kansas City Developers Conference, Richard sits down with Mandi Walls from Pager Duty about her experiences dealing with incidents involving vendor services. It might be your cloud provider, or some other SaaS element of a pipeline, or even an open-source library dependency in an important internal application that can cause a problem. What are the next steps? Mandi talks about having a software and services bill of materials so t...
Sep 24, 2025•32 min•Ep. 1003
The days of the one-year SSL certificate are coming to an end - are you ready? Richard chats with Todd Gardner about the upcoming requirement from the Certification Authority Browser Forum to limit SSL certs to 200 days starting March 2026 - and they keep getting shorter until by 2029, certificates will last no longer than 47 days! If you haven't already automated certificate renewal, it's time to start moving in that direction. Todd talks about CertKit as a new approach to automating certificat...
Sep 17, 2025•35 min•Ep. 1002
How do you get your organization trained up to use AI tools? Richard talks to Stephanie Donahue about her work implementing AI tools at Avanade and with Avanade's customers. Stephanie discusses how many workers are bringing their own AI tools, such as ChatGPT, to work and the risks that represent to the organization. Having an approved set of tools helps people work in the right direction, but they will still need some education. The challenge lies in the rapidly shifting landscape and the lack ...
Sep 10, 2025•41 min•Ep. 1001
Episode 1000! Richard Campbell invites Paul Thurrott to join him to celebrate the milestone episode and answer questions from listeners. From the creation of the podcast to the role of Windows in the modern world, the impact of ARM, Cloud, and many other technologies - all addressed in this super-sized episode. And yes, artificial intelligence is part of the conversation—and will be part of the workflows that sysadmins utilize on a day-to-day basis. Thanks to all the folks who sent in questions ...
Sep 03, 2025•1 hr 14 min•Ep. 1000
What are common mistakes folks are making with their Azure tenant(s)? While at the Kansas City Developers Conference, Richard chatted with Scott Sauber to run down his top ten list of issues he checks on for all his customers using Azure. From tenant ownership to naming conventions, policies, identities, and cost controls - there are a lot of things you can do to make your Azure experience more reliable, cost-effective, and efficient. Check out the links for more details on each of the potential...
Aug 27, 2025•34 min•Ep. 999
How do you secure your organization's data to let AI technologies work safely? Richard chats with Martina Grom about her experiences helping sysadmins responsibly bring the power of Microsoft M365 Copilot into their organizations. Martina discusses setting up security and monitoring with tools like Microsoft Purview, enabling visibility into where copilots are working and who is using them. Once the measuring tools are in place, you can begin to establish limitations for the AI without compromis...
Aug 20, 2025•39 min•Ep. 998
Are you tapping the power of Microsoft Graph? Richard chats with Tony Redmond about his work teaching people to leverage Microsoft Graph and all the insights it can provide about their organization. Tony views Graph as one of the key skills a sysadmin needs to manage an M365 tenant, alongside Exchange Online, SharePoint, and Teams. Throw in some Entra ID skills with Graph and you're ready to take on the rest - and there's a lot! Tony is also responsible for the excellent Office 365 for IT Pros b...
Aug 13, 2025•41 min•Ep. 997
What can the financial services sector teach us about adopting Copilot in our organizations? Richard chats with Christina Wheeler about her work at Microsoft, where she helps companies leverage large language model technologies. Christina discusses data security, which is crucial in the financial services industry due to its numerous regulations. The data security mindset of using tools like Purview and Data Loss Prevention helps to carve out data sets that can be used with Copilot. The conversa...
Aug 06, 2025•36 min•Ep. 996
How do you get from ClickOps to DevOps? While at Build, Richard chatted with Steven Bucher about using Copilot in Azure to help build PowerShell scripts with Azure CLI to get you moving down the path of repeatable deployment. Steven talks about interacting with Copilot in Azure through the Portal, Azure CLI, and PowerShell. Using tools like GitHub Copilot in Visual Studio Code can help you start making Infrastructure as Code in Bicep or Terraform to move you along the path of automating reliable...
Jul 30, 2025•33 min•Ep. 995
How do you bring AI agents to your organization? Richard chats with April Dunnam about her experiences with Copilot Studio, Microsoft's tool for building various agents for your organization. April discusses the multiple approaches available today for utilizing generative AI and the benefits of leveraging template-driven and low-code solutions to capitalize on the latest features in agentic AI. The conversation also delves into the relationship between M365 Copilot and Copilot Studio for creatin...
Jul 23, 2025•36 min•Ep. 994
What's happening with Fabric in 2025? While at Build, Richard chatted with Arun Ulag about the fantastic progress Fabric has made in the past year. Arun discusses expanding the product line beyond analytics to include real-time intelligence and hosting primary data workloads. The goal is to make it incredibly easy to get your organization's "data estate in order"... not just for security and analytics, but also for your upcoming AI-related workloads. Arun also discusses the power of conversation...
Jul 16, 2025•34 min•Ep. 993
How does a PowerApp become a fully-fledged software application? Richard chats with Luise Freese about her experience of taking a PowerApp built by an individual through the "onboarding process" of becoming a complete software application, including requirements, tests, deployment pipeline, security, user training, and more. It's easy to create a prototype of an application with PowerApps, but once you move beyond the basics, there's a significant amount of work that's essential to the long-term...
Jul 09, 2025•39 min•Ep. 992
How has Azure been innovating lately? While at Build Richard chatted with Azure CTO Mark Russinovich about some of the latest innovations in Azure, including some of the new hardware available. Mark talks about working with hardware manufacturers to build servers optimized to the workloads the largest Azure customers need. The conversation also explores the new innovations in AI and how Azure is being optimized to serve those workloads - and be shaped by them! Mark also talks about how material ...
Jul 02, 2025•30 min•Ep. 991
How do you get more from GitHub in your work routine? Richard chats with April Yoho about how sysadmins can take advantage of more GitHub features to make better quality scripts and more! April discusses the capabilities of GitHub Copilot to assist administrators in comprehending the intricacies of source management, including branching and merging. The conversation also delves into extracting more from Copilot itself, including custom instructions and the new agentic mode. Now you can use Copil...
Jun 25, 2025•33 min•Ep. 990
Here comes SQL Server 2025! While at Build, Richard chatted with Bob Ward about releasing a preview version of SQL Server 2025. Bob discusses SQL Server 2025 as an AI-ready enterprise database with numerous capabilities specifically tailored to your organization's AI needs, including a new vector data type. This includes making REST API calls to Azure OpenAI, Ollama, or OpenAI. This is also the version of SQL Server designed to integrate with Microsoft Fabric through mirroring. There are many mo...
Jun 18, 2025•26 min•Ep. 989
How can modern telemetry solutions help you? While at NDC in Melbourne, Richard chatted with Liz Fong-Jones of Honeycomb about her approach to educating leadership on creating great telemetry solutions for organizations. Liz discusses the importance of being able to answer questions about reliability issues without causing problems, as opposed to relying on a dashboard for every measurement taken of the system. The conversation also delves into the culture of building reliability, where people a...
Jun 11, 2025•32 min•Ep. 988
Why would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying...
Jun 04, 2025•50 min•Ep. 987
How do you talk to security? While at NDC Melbourne, Richard chatted with Sarah Young about her approaches to helping folks work with the security team. Often seen as an impediment to business, Sarah talks about what motivates security teams, how to use language to help them understand that you are taking security seriously, and how to get more things done! Ultimately, the DevOps mantra of providing value to the customer still works - working with people to improve the processes that lead to sec...
May 28, 2025•36 min•Ep. 986
What's new in PowerShell 7.5? Richard talks to Jason Helmick about the latest version of PowerShell. Jason talks about 7.5 being a version with plenty of community contributions and what that means for everyone. He also discusses 7.6, which will be released as a long-term support version of PowerShell synchronized with .NET 10. Then, on to Desired State Configuration 3.0.0, which makes DSC work effectively across platforms, with or without PowerShell itself! 7.5 is a great version - are you up t...
May 21, 2025•37 min•Ep. 985
Active Directory is 25 years old - are you still managing it like it's 1999? Richard talks to Liz Tesch about her excellent blog post on the subject and the challenge many sysadmins have with Active Directory today. Liz talks about how WAN bandwidth was a concern in the early 2000s, so we organized Active Directory into Organizational Units to minimize the amount of AD traffic over the WAN - today, that is irrelevant. The challenge today is ensuring AD is not a vector for blackhats to attack the...
May 14, 2025•35 min•Ep. 984
How do you make a career in cybersecurity? Richard talks to Yuri Diogenes about his work in cybersecurity, including his book on building a career in cybersecurity. Yuri talks about the inquisitive mindset that works well in cybersecurity - wanting to understand why things happen and get to the root cause. The conversation also explores the value of experimentation and practical experience as well as certifications and training - they all have value. However, it is also recognized that cybersecu...
May 07, 2025•36 min•Ep. 983
So what does modern work look like today? Richard talks to Karoliina Kettukari about her new role as the Head of Modern Work for a financial services company in Finland, and what modern work has evolved. Karoliina talks about how the pandemic accelerated modern work, such as being able to work anywhere and collaborating with whomever you need to. Post-pandemic, there is a push for more work from the office, but remote work is still essential - and now artificial intelligence is changing the land...
Apr 30, 2025•35 min•Ep. 982
What can agentic AI do for you? Richard talks to Tim Warner about his work utilizing next generation agentic AI technologies to help with sysadmin tasks. Tim talks about the early lead that Cursor AI took with AI agents capable of writing and executing scripts on your behalf - as opposed to just creating code you can cut-and-paste. Today, GitHub Copilot has caught up with Agent Mode in Copilot Edits, although still in preview, it speaks to a future where sysadmins use these tools to write better...
Apr 23, 2025•35 min•Ep. 981
Are some of your team members starting to hate PowerShell? Richard talks to Barbara Forbes about her experiences with teams frustrated by PowerShell. Barbara talks about overcomplicating PowerShell scripts—the kind the most senior folks can create but no one else can maintain. Eventually, nobody will want to touch those scripts. Then there is the question of business value—does everything need to be automated? And by how much? Often, the appropriate solution solves 80% of the cases; the other 20...
Apr 16, 2025•37 min•Ep. 980
