Are you using strong certificate mapping in Active Directory? Richard Hicks returns to the show to talk about the impacts of KB5015754, issued way back in 2022, and how it turned into an enforcement event on February 11, 2025 that might have caused some serious problems for folks trying to authenticate to Active Directory. For most sites, the upgrade to strong certificates was pretty much automatic. But if you're using Intune SCEP, you needed to do some configuration - and if that was missed, th...
Mar 12, 2025•40 min•Ep 975•Transcript available on Metacast What does it mean to be secure by design? Richard chats with Karinne Bessette about the scope of the problem around making more secure software. Karinne talks about the US government's Cybersecurity and Infrastructure Security Agency (CISA) push to promote more secure software products. The conversation digs into some of the more famous exploits in recent years and some of the challenges of dealing with development tools that require super-user privileges, getting security testing done promptly ...
Mar 05, 2025•40 min•Ep 974•Transcript available on Metacast What is it like to take care of an Exchange Server in 2025? Richard chats with Michel de Rooij about his work with Exchange, including the many scripts he has written and published over the years to help sysadmins solve problems. Michel discusses how staying on-premises with Exchange is getting harder - the new version will be subscription-based! The conversation also digs into the new version of Outlook, the challenges of securing email, and Michel's latest book Pro Exchange Administration. Lin...
Feb 26, 2025•32 min•Ep 973•Transcript available on Metacast How do you manage your CI/CD pipeline resources? Richard chats with Eliza Tarasila about Managed DevOps Pools in Azure DevOps. Eliza tells the story of discovering that teams were using Azure DevOps internally at Microsoft but would need to build their tooling to stand up the resources for testing and deployment. Managed DevOps Pools became the standard way to specify resources like virtual machines and assign them to projects so that they would start up automatically. The resources in the pool ...
Feb 19, 2025•32 min•Ep 972•Transcript available on Metacast Ready to upgrade to Windows Server 2025? Richard talks to Robert Smit about his experiences doing an upgrade—with a few important dos and don'ts! Robert talks about dusting off your Active Directory setup and ensuring you're at the Server 2016 functional level. The conversation also dives into the new-build-versus-upgrade options, taking advantage of SMB over QUIC and SMB Compression, and much more! Links Windows Server 2025 Upgrading to Windows Server 2025 Azure Arc Windows Admin Center SMB Com...
Feb 12, 2025•38 min•Ep 971•Transcript available on Metacast How can Entra ID Protection help keep your organization resist security breaches? Richard talks to Corissa Koopmans about thinking beyond authentication and authorization and into conditional access - knowing what is normal and abnormal behavior for your users. Corissa recommends looking at the Entra ID Protection Dashboard - whether you have configured anything or not - to see what potential risks you have today. Whether it's logins from places where you have no workers or some "impossible trav...
Feb 05, 2025•38 min•Ep 970•Transcript available on Metacast Do you Kusto? Richard talks to Mark Morowczynski about his new book, The Definitive Guide to KQL, and the power of Kusto to look across your Azure tenant and understand operational and security issues. Mark talks about being able to query across all log sets, telemetry, the M365 graph, and more - to help understand issues. The book provides example queries you could run today, including knowing the first and last time a user logged on and what devices they used. There are examples of calculating...
Jan 29, 2025•34 min•Ep 969•Transcript available on Metacast What about SQL Server in Microsoft Fabric? Richard chats with Anna Hoffman about the preview release of SQL 2025 in Microsoft Fabric and the power of having your data store where you are doing your analytics and machine learning! Anna talks about new applications being developed using AI technologies like large language models and that often those applications need a data store - so why not keep it with the application in a configuration ideally suited for that work? The conversation digs into t...
Jan 22, 2025•34 min•Ep 968•Transcript available on Metacast Are your docs part of your DevOps cycle? Richard chats with Mattias Karlsson about automating documentation for APIs, cloud resources, and more! Mattias talks about using tools to build text files that contain every Azure resource being utilized, hopefully per application, along with API info, NuGet packages, and more. He also digs into the different audiences for that documentation - business wants to know what website exist, both interior and publically facing. Operations need to know what res...
Jan 15, 2025•36 min•Ep 967•Transcript available on Metacast How is least privilege different in 2025? Richard talks to Bailey Bercik about the ongoing efforts to minimize users, administrators, and applications' privileges in 2025. Bailey talks about the power of Entra Permissions Management to help you see what permissions are going unused on various accounts so that you can tailor rights to individual accounts without things becoming unmanageable. Artificial intelligence is a forcing function for many permission issues, with these new tools potentially...
Jan 08, 2025•39 min•Ep 966•Transcript available on Metacast For the first show of 2025, let's talk about being a sysadmin in the coming year. This is the sixth year of Richard going solo on the show to talk about the things he's seen in the past year and speculate a bit on the next year, at least for sysadmins. Economic uncertainty is still a thing, as is employment. The security situation continues to be tough - and getting worse. But remarkable new tools, including large language models, are on the horizon to make things a bit easier. The adoption rate...
Jan 01, 2025•33 min•Ep 965•Transcript available on Metacast What does Windows want for Christmas? Richard chats with Paul Thurrott about the crazy year that Windows has had and what 2025 holds. Paul starts with the Ignite keynote that focused on Windows being an open platform - which sounds funny on the surface, but has some logic to it! Security is a key part of that story, which brings up the issues around Crowdstrike and the Secure Future Initiative. And then there's Windows 10 going out of support in 2025 - what choices do you have going forward? Two...
Dec 25, 2024•38 min•Ep 964•Transcript available on Metacast Ready for some real-time intelligence? Richard chats with Yitzhak Kesselman about Real-Time Intelligence in Microsoft Fabric. Yitzhak talks about what it means to be real-time - that your company has a data analytics need with an ROI affected by a short amount of time. Perhaps it's a factory making products incorrectly or even issues with response times in a call center. The process involves bringing streaming data sources into the real-time hub and then attaching dashboards to them to see data ...
Dec 18, 2024•37 min•Ep 963•Transcript available on Metacast Can government agencies use M365 Copilot? Soon! Richard chats with Angela Dugan about how government entities: federal, state, counties, and cities, are exploring the power of M365 Copilot. Angela talks about the US Government GCC process for making M365 Copilot available in the next few months. The conversation turns to the usual challenges of data governance and security - all the same problems any other organization would have with tools that explore every element of data. Getting your data e...
Dec 11, 2024•35 min•Ep 962•Transcript available on Metacast Need some gift ideas for your favorite sysadmin? We're here for you! Richard brings back Rick Claus and Joey Snow for another round of great gadgets that sysadmins love. There are some inexpensive options, some expensive options, some silly things, and some awesome toys! Share this show with your loved ones to help them get something great for you! Links LinkTree The Help Desk Girl Stickers 50th anniversary of D&D Dice Nixie Tube Clock RGB Raspberry Pi 5 Case SCRIB3D Meater Pro Duo XBox Series S...
Dec 04, 2024•38 min•Ep 961•Transcript available on Metacast How does your organization respond to incidents? While at NDC Porto, Richard chatted with Mandi Walls about her experiences with different incidents, from corrupted files to data center failures. Mandi talks about detecting and determining the scope of an incident, whether it is specific to a customer (or group of customers), or possibly system wide. The conversation ranges over external attacks, bad software updates, unique configuration problems, and more. Keeping good records during the incid...
Nov 27, 2024•36 min•Ep 960•Transcript available on Metacast How do you test your database? While at NDC Porto, Richard chatted with Dan Mallott about building unit tests for transactional databases like SQL Server. Dan talks about using testing frameworks constructed for the purpose, like TSQL-T, to make it easier to test individual database elements, from stored procedures to column constraints. The conversation digs into the challenges around testing, tolerating the changes to the database, and tweaking how you write your T-SQL code to be more testable...
Nov 20, 2024•34 min•Ep 959•Transcript available on Metacast What's happening with SQL Server Management Studio? Richard chats with Erin Stellato, now at Microsoft, about the big jump coming for SSMS. Erin talks about how folks felt SSMS was a bit neglected when the reality is that there was a push to catch up with its parent codebase in Visual Studio. However, the next version of SSMS makes that jump, which opens the door to some excellent extension models. The conversation dives into the role of the Copilots in SQL Server through SSMS - helping you unde...
Nov 13, 2024•42 min•Ep 958•Transcript available on Metacast How does Software-Defined Networking in Azure work? Richard chats with Aidan Finn about his experiences working with the suite of Azure networking products, including Firewall and Route Server. Aidan talks about the training available on Microsoft Learn to get up to speed with the power of Azure Firewall, including building policy rule sets. The conversation also explores the power of defining how traffic can move within your network to clarify when potentially malicious software is active. Link...
Nov 06, 2024•40 min•Ep 957•Transcript available on Metacast ARM for Windows is here in the form of the Snapdragon Copilot+ PCs - how do you update them? Richard talks with Aria Hanson about how Windows Updates treat ARM like just another Windows device - all the updates! Aria talks about the transition time with Windows 24H2 update, which has some specific Copilot+ PC features. But when looking at ARM-based Windows devices, don't just focus on the Copilot part; check out the great battery life and the simpler architecture that should lead to long-life ma...
Oct 30, 2024•40 min•Ep 956•Transcript available on Metacast How can you secure your company information with Azure Virtual Desktop? Richard talks to Jim Duffy about his work helping companies comply with NIST SP 800-171 security standards. These are the new standards required for Department of Defense contracting - including all subcontractors and suppliers. The security standard is thorough, with over 100 requirements. And you have to be audited to show that you comply! Even if you don't work with the government, the NIST security standard is excellent,...
Oct 23, 2024•34 min•Ep 955•Transcript available on Metacast Can you pen test yourself? Paula Januszkiewicz says yes! Richard talks to Paula about taking an active role in understanding your organization's security vulnerabilities. Paula talks about the low-hanging fruit she often finds as a professional penetration tester - typically on poorly maintained infrastructure like PKI servers. The conversation digs into tooling you can use to find vulnerabilities - just make sure you trust the source of those tools. Not everyone is a good guy in open source! An...
Oct 16, 2024•37 min•Ep 954•Transcript available on Metacast How can OpenAI help you with PowerShell? Richard talks to Doug Finke about his experiences with ChatGPT and GitHub Copilot to help him write PowerShell and how he incorporated the OpenAI API into a PowerShell library to create a conversational interface in his PowerShell scripts! Doug talks about his productivity gains using OpenAI to write better quality PowerShell faster - helping him understand the code, automate test writing, and explore aspects of PowerShell he had never dug into. But beyon...
Oct 09, 2024•40 min•Ep 953•Transcript available on Metacast Microsoft 365 Data Governance has always been critical - but it's only getting more important! Richard talks to Nikki Chapple about her experiences working with companies trying to get their "data estate in order." That phrase is what Microsoft recommends before turning on tools like Copilot for M365. Nikki talks about how hard the goal of data security is - that it is just as tricky as any other security goal. Data security is an endless process that needs refining and work on routinely as new ...
Oct 02, 2024•44 min•Ep 952•Transcript available on Metacast What does Windows Server 2025 bring to Active Directory? Richard chats with Orin Thomas about the new version of Windows Server coming and what to expect around Active Directory. Orin talks about how mature the Windows Server space is, so only incremental improvements are warranted, but they are important ones - like retiring NTLM once and for all. And when it comes to Active Directory, there are new secure features you're going to want, but you do need to up your functional level to get them, a...
Sep 25, 2024•43 min•Ep 951•Transcript available on Metacast Do you know how asymmetric encryption works? While at the Kansas City Developers Conference, Richard sat down with Eli Holderness to discuss many of the encryption technologies being used today—and the new options coming in the future! Eli talks about how symmetrical encryption and public key encryption have been the focus of modern encryption, especially on the web. But the ongoing security arms race means we have to keep tweaking encryption—what if we made a bigger leap? Asymmetric encryption ...
Sep 18, 2024•39 min•Ep 950•Transcript available on Metacast What can you do to Microsoft 365 with PowerShell? Turns out - almost anything! Richard talks to Tony Redmond about his ongoing efforts to educate sysadmins about the vast array of capabilities in M365, including all the PowerShell cmdlets that can let you retrieve and control everything in M365. There's now so much information that Tony and his team have created a separate book explicitly focused on automating M365 with PowerShell. The conversation also turns to the role of Copilot - GitHub Copi...
Sep 11, 2024•38 min•Ep 949•Transcript available on Metacast How is generative AI evolving, and what can we do about it? While at NDC in Oslo, Richard chatted with Alison Cossette about her work as a data scientist before the ChatGPT explosion in November 2022 and what life has been like since the LLM came to town. Alison talks about the rigor of building AI models using generative AI before ChatGPT and how many of those efforts have diminished when confronted with a friendly, confident language model. Eventually, this rigor will be needed - as the danger...
Sep 04, 2024•38 min•Ep 948•Transcript available on Metacast Leadership wants to get on the AI bandwagon - what are the security risks? While at the Kansas City Developers Conference, Richard sat down with Steve Poole to talk about his experiences helping companies manage the risk of bringing AI into the company. Steve talks about the impact of introducing a new development stack, especially open-source stacks where you aren't sure of the providence of the code - sometimes there's malware in there! The conversation also moves to the various sources of lan...
Aug 28, 2024•34 min•Ep 947•Transcript available on Metacast What are the threats your cloud application and infrastructure are facing? While at NDC Oslo, Richard chatted with Daniela Cruzes and Romina Druta about their work building threat models for cloud-based applications. Daniela discusses how modeling helps to understand security concerns before applications are deployed and attacked - often, security retrofits are time-consuming and expensive, so thinking them through beforehand has enormous benefits. Romina dives into the supply chain side of thre...
Aug 21, 2024•36 min•Ep 946•Transcript available on Metacast 
