Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.

Share tech news, updates, or what's on your mind.

Sign up to Post

Team, need you help in below:

I want to restrict emails being sent from our internal sender within internal enviornment or external domain that matches certain criteria.

The criteria is: ANy email with attachment where the attachment has any matching properties (basically we are testing Azure Information Protection labels. so any email with a specific label) should not be blocked from going outside and should be blocked even from sending it to other user of the same domain.

So, I have created a rule (attached   Rule for attachmentpic) but it does not seem to work
PMI ACP® Project Management
LVL 13
PMI ACP® Project Management

Prepare for the PMI Agile Certified Practitioner (PMI-ACP)® exam, which formally recognizes your knowledge of agile principles and your skill with agile techniques.

In Azure under App Registrations and Reply URL I try to add an URL with the character : (colon), but it says it is a not valid link.

It looks like there are no other options to change the URL in the web app I am using. (Mediawiki).

I managed to add the link in the manifest. It worked for some days. But today it didn't work anymore.  Saying it could not find the link in my app id.

Is it possible to use the wiki link Special:PluggableAuthLogin without the colon? It would be nice because Azure does not like it.

We have Windows 2012 Domain Controllers and windows 10 workstations on our network. We have gone with 0365 and we are going to use SharePoint online and our active directory gets synced with Azure AD.
We have 100 staff and I would like to create a security group called “All Staff group” and would like to give permissions to this group to access the resources.
Firstly, do I need to create a Universal -Security group OR Global- Security group?
Secondly, after creating this group, do I need to add all the 100 staff to this group?
Thirdly, do i need to add any values in the attributes?

Any tutorials  and help much appreciated.
Hi experts,
We are about to move our users to Office 365 and my company is struggling the best solution to control users to ensure all users that are only allowed to our production tenant are from from trusted locations only. We use a proxy solution - ZScaler but the challenge with them they have trusted IP ranges we currently use in our conditional access policy BUT they are all the same trusted IPs used for all their customers (nothing dedicated for our company). Plus we can't use certificates to enroll our machines to Azure to use Intune policies due to infrastructure limitations.

Any ideas? just curious how you protect your environment ensuring your users logging into your tenant are indeed 'trusted'.
I have a Windows Server 2016 Standard Server with a domain with local machines. I would like to integrate this server with existing Office365 users and Azure servers for email and single sign on. Is it better to use the Essentials Office365 integration or the Azure active Directory integration or the AADConnect?
This is an odd issue I can't figure out.  I have several remote users who log in to our network through a Sonicwall using NetExtender then into our Terminal Server through Remote Desktop.  They are set up in the Environment tab in Active Directory to start the specific program they need upon login so they are just taken directly to the login for that program (Abila HRMS HR program).

One user (MP) can login just fine and after connecting through Remote Desktop they see the login screen for Abila HRMS. This is where the problem starts.  The user logs in to HRMS and then just sees a blank screen (note: this user is using a laptop).

I had another user (SK) login at her Desktop computer using the other user's credentials and after logging into HRMS, she sees the HRMS program running minimized.  She maximized the program and disconnected from the session leaving the program up and then the other user (MP) was able to login to HRMS and see the program.  But if he logs out and tries to get back in, the same thing happens.  I tested MP's login from a laptop and had the same issue, I just see the blank screen.

Basically the HRMS program is starting minimized and the user MP can't see it as it must be off screen on his laptop (and from the laptop I tested from), but the user SK from her desktop can see the minimized program at the bottom and then maximize.

Is there some sort of setting that would force the program to start maximized for this user?
I want to activate our Intune Windows 10 Edu device with a MAK key. I have tried using the Intune profile 'Edition Upgrade' and chosen the OS version and MAK key, but it doesn't activate. Manually activation works, the key is fine.

I bet I can activate using a script
slmgr /ipk 12345-12345-12345-12345-12345
slmgr /ato

but that will run every login/startup?

what to do? Id prefer a profile option.
Looking for help getting my Sonicwall logs files to upload the the Microsoft Azure Cloud App Security system. I am trying to setup the Sonicwall's so they forward their logs to MS to be analyze. I need to have a forwarding machine installed to do this. They have a Docking image of Linus, but I can't seem to get it to work. My working knowledge Linux is pretty limited. I have been using this article as a reference: Thanks
When creating a sql db with cli, how do add 5btu?  I have this so far:

az sql db create --name chr1db --server chris11ql --edition Basic --max-size 100MB (5BTU??)

Let me clarify, I am looking for what is the --service-object.  II cannot find the script for all service levels Specifically, I am looking for Basic. I know Standard is S0.
Hyper-v Guests sluggish, random disconnects, high cpu (after September 23rd, 2019 update)

Host: Windows 2016 Server Stnd
Guests: Windows 10 Pro (6 guests)
Ram (16GB Each)
Everything is up to date; windows patches, we have removed antivirus and security tools, we still have these random issues.
Users can connect, if they get disconnected (RDP) they cant connect and we have to reset the vm.

Can someone help me here? Please and thank you :P
CompTIA Security+
LVL 13
CompTIA Security+

Learn the essential functions of CompTIA Security+, which establishes the core knowledge required of any cybersecurity role and leads professionals into intermediate-level cybersecurity jobs.

I'm migrating to new hardware from SBS 2011 to Window Server 2016 Standard (not Essentials), I will add the Essentials role. I've done half a dozen SBS 2011 to Windows Server 2012 R2 Essentials and to 2012 R2 Standard but it's be a while and this is 2016. We are not migrating Exchange, already on Office 365. We don't use WSUS or Sharepoint.

I am looking for a step by step document, I previously used but that is from 2014. Is there a more current step by step for 2016?
I have created an azure dynamic device group withe a rule
(device.devicePhysicalIDs -any _ -contains "[ZTDId]")

In ‘Windows enrolment / windows autopilot devices’
There are 2 devices listed which did indeed autopilot when built.

The group has a status of ‘up to date’ But a last update status of ‘unknown’

We only have a small tenant, the group was created hours ago by an admin. We have a license which supports Intune.

Why doesn’t the group have any members?
Could someone explain to me the difference between Anywhere Access and a VPN with Remote Desktop on Windows Server 2016 Essentials?  I am in the throes of setting up remote access and have to figure out how to set this stuff up.  Any advice on how to proceed would be appreciated.
I have some very odd services showing up on a Windows Server 2016 Essentials Server:

User Data Access_8222e
User Data Storage_8222e
Windows Push Notification User Service_8222e

   Google doesn't have much on these services. Anyone know what they are and if they are needed?
Our Remote Desktop Gateway is Windows Server 2016.

I need to be able to disable a RD CAP and RD RAP via powershell.  We are going to set up a scheduled task to run the script to disable certain RD CAP and RD RAP rules.  So I need to be able to disable the rules by name.


I created an Azure VM using the CIS Hardened Ubuntu image. When setting up the VM I chose to use a public/private key to access the VM. This was in April of this year. Now when I logon its telling me my password has expired but we never gave the user a password.

I'm guessing that this is due to the hardened CIS image and it wants us to change the password. However we dont know what the old password would be. Using the serial console in Azure I can create another admin user and i tried to use chage -d -1 <user> but that doesnt seem to work.

I'm wondering if anyone else has come across this issue or can help me find a way to remove the password expiration.
We currently have a AD domain with two replicating 2012 Server DCs. Domain Functional level is at 2012.  

The Primary DC is a physical server with Windows Server 2012 Standard, and will be (7) years old.  

The other replicating DC is a Windows Server 2012 DC that's a VM.  The Hyper-V server that hosts this VM and another VM that is an Exchange 2010 Standard server is Windows Server 2012 Standard and is also close to (7) years old as well.

Overall, AD is healthy without issues.   At the end of this year we will retire the existing Exchange 2010 server and move to O365 hosted mailboxes.

I am getting ready to purchase a Dell R440 that will serve as a Hyper-V server.  Will purchase Windows Server 2019 Standard.  I will install a new VM that will replace the primary 2012 DC that's on the physical server.

I also have an existing Dell R440 server that is a Hyper-V Server with Windows Server 2016 Standard.  I have one VM that is a Windows Server 2016 that serves as a Storage server.
I plan on spinning up a second VM on the server to serve as a new replicating DC server.

When I purchase the new Dell R440 server along with Windows Server 2019 Standard, should I go ahead and install the Hyper-V Host with Windows Server 2019 Standard, and then also install the new primary DC that will hold all FSMO roles as a Windows Server 2019 Standard VM or downgrade it to Windows Server 2016 Standard?

I already have 25 Windows Server 2016 CALS.  I can go ahead and bite the …
Really I just want to check that what i am doing is a supported config.

I have 3 servers i use for HCI using S2D 2019.

I have 3 Virtual Disks all using 33% of the storage minus 1 spare HDD for failure(cache + ssd + hdd) seems to be working ok.

I want to add 8 1TB drives into each of the servers to create a new virtual disk that only uses cache + hdd.

The HDDs are a different model than the HDDs used in the other 3 virtual disks. I know that i should utilise only the one storage pool, but would i still be in a supported configuration, on top of that how would it know what disks to create the new virtual disk on? I dont want it to attempt to use the space capacity disks i currently have (they are 1.6tb disks) with the new ones i intend to use (1tb disks)

Thanks in advance for any feedback!
Azure AD Experts,
Whats the difference of get-azureaddirectoryrolemember vs get-azroleassignment?

It's odd most of the directory roles are in get-azureaddirectoryrolemember...
but there's a bunch of stuff under get-azroleassignment, which I'm guessing has some privileged assignments delegated to primary ids as well?
JavaScript Best Practices
LVL 13
JavaScript Best Practices

Save hours in development time and avoid common mistakes by learning the best practices to use for JavaScript.

I have set up a replica DC in Azure. My boss wants to get rid of the on-prem DC and only have the one in Azure. I have transferred all the FSMO roles to the Azure Domain controller, but when I remove the Site to Site VPN connection I can't log into the Azure DC anymore. The internet access is being turned off on-prem tomorrow. Am I missing a step?
Someone accidentally deleted our Windows Server 2016 AD-Integrated forward lookup zones using a third party tool. What would be the easiest way to recover the DNS zones? We do have the ability to restore the any of the domain controllers in its entirety, but we will have to accommodate for an Authoritative restore which it doesn't seems to be a straight forward process.
Good Evening,

We have users currently running application from ACCDE File created with Access 2016. This application is using Access 2016 as a front-end to a SQL server database. The ACCDE file is accessed by several users throughout the day and launched via Citrix StoreFront. These users step in and our of their desk and when they try to login to Citrix StoreFront and launch application, it no longer runs for them. This happens about twice a day.

When I go to the file and I try to open the ACCDE file to review and compact and repair, I get Access message that the file experienced an error (see attached). I do not know what the error is or why the file is getting corrupted. Can you please help?

Some additional information: The latest Microsoft Office Updates  applied to the server are from mid August 2019. The only way for users to continue their work and launch application successfully is to replace ACCDE file. We have also written a GPO to remove file from Access Disabled Items list for all users.

We ran Process Monitor and get a Sharing Violation message for several users running the application.   Not sure if this is related. See attached.

Thank you very for your input.

After ACCDE File gets corrupted and no longer opens Access adds to Disabled Items
Process Monitor displaying sharing violation for ACCESS
Hi Experts,

on a Fileserver 2019 I have a data partition with REFS.
Now they need replication but this is not supported.

What can I do ?
what kind of activities on a windows server would actually require local administrator privileges, or as a server engineer yourselves, what day to day tasks do you perform on windows servers that do require you to be a member of the local admins group. We have got to go through the local admins groups on a number of critical servers and the numbers seem on the high side, but I want to be equipped with some examples of when you do need local admin rights to query if these users would ever need to perform such a task as part of their duties? If I could get something like the most common 5 admin type duties that are performed on windows servers that do require local admin rights that would be a start I suppose. I suspect in many cases those with administrator group privileges on some of the servers have no real requirement to have it. In case its of interest the vast majority of these servers run Windows server 2012.
I am running a powershell script that installs Adobe CC at startup, it is huge and takes a long time, as the script runs immediately after imaging various other updates, installs etc that are going on seem to make windows reboot before the adobe cc script finishes. Is there a way to prevent restart in my powershell script? any other ideas?



Microsoft Azure is a cloud computing platform and infrastructure for building, deploying and managing applications and services through datacenters. It provides both platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) services and supports many different programming languages, tools and frameworks, including both Microsoft-specific and third-party software and systems. Cloud Services is a PaaS environment and can be used to create scalable applications and services; there are specific software development kits (SDKs) provided by Microsoft for Python, Java, Node.js and .NET. Azure also has file and storage services, data management, analytics and DNS services.