Windows Server

Find the answers you need to help your organization become cloud-ready. Watch AMA: Cloud native with Microsoft Intune – now on demand – and join the conversation at https://aka.ms/AMA/CloudNativeWithIntune. For more free technical skilling on the latest in Windows, Windows in the cloud, and Microsoft Intune, view the full Microsoft Technical Takeoff session list. View the full article

Windows LAPS continues to evolve. Find out what's new - from automatic account management and passphrases to disaster recovery and bug fixes. Watch The latest and greatest in the world of Windows LAPS – now on demand – and join the conversation at https://aka.ms/LatestInLAPS. To help you learn more, here are the links referenced in the session: Automatic account management demo Passphrase support demo Rollback detection demo Password recovery demo What is Windows LAPS? Windows LAPS feedback For more free technical skilling on the latest in Windows, Windows in the cloud, and Microsoft Intune, view the full Microsoft Technical Takeoff session list. View the full article

Secure, reliable, easy to use. Dive deep into the latest innovations in device management for frontline workers with Microsoft Intune. Watch Device management for the frontline: Intune to the rescue – now on demand – and join the conversation at https://aka.ms/IntuneToTheRescue. To help you learn more, here are the links referenced in the session: Work Trend Index Special Report: Technology Can Help Unlock a New Future for Frontline Workers Device Staging on Apple devices: To stage a device, set up VPP deployment for the Company Portal app, then configure and deploy a specific app configuration policy. To learn more, go to: https://aka.ms/Intune/FLW-home https://aka.ms/Intune/FLW-healthcare For more free technical skilling on the latest in Windows, Windows in the cloud, and Microsoft Intune, view the full Microsoft Technical Takeoff session list. View the full article

Need to dynamically scale Azure Virtual Desktop session hosts to meet your usage needs? Watch Azure Virtual Desktop hostpool management at scale – now on demand – and join the conversation at https://aka.ms/AVDHostpoolManagement. To help you learn more, here are the links referenced in the session: Watch Azure Virtual Desktop: Everything You Need to Know to explore the full capabilities of Azure Virtual Desktop! For more free technical skilling on the latest in Windows, Windows in the cloud, and Microsoft Intune, view the full Microsoft Technical Takeoff session list. View the full article

Flexibility, scalability, and seamless integration within Windows environments in the cloud. See how App Attach with Azure Virtual Desktop supports MSIX, App-V, and other solutions. Watch Azure Virtual Desktop app management – now on demand – and join the conversation at https://aka.ms/AVDAppManagement. To help you learn more, here are the links referenced in the session: Framework packages can be added to a custom image via scripts to prepare for any MSIX package. The script to install MSIX frameworks can be found here. For more free technical skilling on the latest in Windows, Windows in the cloud, and Microsoft Intune, view the full Microsoft Technical Takeoff session list. View the full article

We’re excited to announce that you can now use custom backgrounds for your basic plans in both Planner in Microsoft Teams and Planner for the web. This addition was a top feature request when we launched the new Planner, and it aims to make your planning more visually appealing and organized. What are custom backgrounds, and why use them? Custom backgrounds allow you to easily distinguish between different plans. Powered by AI, background suggestions are tailored based on the name of your plan, so you can quickly identify and navigate to the specific projects you are working on without confusion. Furthermore, backgrounds enable you to customize your team projects in a way that’s fun and aesthetically pleasing. How to add custom backgrounds To add a custom background to your plan, follow these steps: Open the plan details of any basic plan by either selecting the plan name or the dropdown menu next to the plan name in the header. The Plan details pane will open to the right with suggested backgrounds tailored to your plan. Select the background you want to apply. Try it today Smart backgrounds are available in the Planner app in Microsoft Teams and Planner for the web. Try it out today and let us know what you think! There are several ways to share your feedback with us—either via the Planner Feedback Portal or directly in the Planner app by selecting More (the question mark) in the upper right corner, then Feedback. Resources Check out the Planner adoption page. Sign up to receive future communication about Planner. Check out the Microsoft 365 roadmap for feature descriptions and estimated release dates. Watch Planner demos for inspiration on how to get the most out of Planner. Watch the recording from September's What’s New and What’s Coming Next + AMA about the new Planner. Visit the Planner help page to learn more about the capabilities in Planner. View the full article

Hi all, I have a customer who likes to POC Azure always-on VPN. Customer wants to avoid entering credentials to login to VPN. Is there a document that shows the steps to enable SSO? Is Intune required to enable SSO? Thanks. View the full article

Hi everyone! Tyson Paul here with this month’s “Check This Out!” (CTO!) guide. Our goal with these posts is to guide you toward content that piques your interest, whether it's for learning, troubleshooting, or discovering new sources. Each month, we’ll give you a snapshot of intriguing blog content, provide direct links to the source material, and introduce you to other valuable blogs you might not know about yet. If you’re a long-time reader, you’ll notice this series is similar to our previous “Infrastructure + Security: Noteworthy News” series. We hope you find this new format just as helpful and engaging. Thank you for your continued support from all of us on the Core Infrastructure and Security Tech Community blog team! Title: Lab: Manage Virtual Networks at Scale with Azure Virtual Network Manager (AVNM) Team Blog: Azure Networking Author: andreamichael Publication Date: 03/05/2025 Article Summary: The article introduces a lab for learning Azure Virtual Network Manager (AVNM) focused on managing virtual networks at scale. The lab provides an overview of AVNM's capabilities, including setting up connectivity, security, and routing configurations for virtual networks. It guides users through deploying Azure Resource Manager (ARM) templates, creating network managers, grouping networks, and setting up hub-and-spoke topologies. The lab also covers IP address management, security rule implementation, and analysis with AVNM's virtual network verifier tool. Participants are advised to ensure proper permissions, deploy resources, and follow clean-up procedures after the lab. Title: What’s new in Microsoft Intune: February 2025 Team Blog: Microsoft Intune Author: ScottSawyer Publication Date: 02/27/2025 Article Summary: In February 2025, Microsoft Intune introduced several enhancements to balance productivity and security. Key updates include improvements to the Managed Home Screen for Android, featuring QR code authentication for sign-in and custom ringtone selection to reduce confusion in environments with shared devices. The release also includes a more detailed device information page to aid troubleshooting. Additionally, the Device query feature for Windows devices, now generally available, allows IT professionals to swiftly assess configurations and detect inconsistencies across multiple devices, improving efficiency and decision-making. These updates aim to enhance user empowerment while maintaining robust security protocols. Title: Azure File Sync: faster, more secure and Windows Server 2025 support Team Blog: Azure Storage Author: Vritika Publication Date: 02/21/2025 Article Summary: Azure File Sync has introduced several updates enhancing performance, security, and compatibility, including a 7x faster server onboarding and a 10x increase in sync performance. It now supports Windows Server 2025, enabling improved scalability, security, and cloud integration. The platform integrates with Azure's Copilot for AI-driven troubleshooting and has added managed identities for secure authentication. These advancements streamline server provisioning, boost sync efficiency, and offer centralized management through the Windows Admin Center. Together, these features enhance Azure File Sync's role in facilitating seamless data migration and efficient, secure cloud integration for businesses. Title: Announcing General Availability of Azure Dl/D/E v6 VMs powered by Intel EMR processor & Azure Boost Team Blog: Azure Compute Author: AndyJia_Azure Publication Date: 02/10/2025 Article Summary: Microsoft Azure has introduced the General Availability of its Dl/D/E v6 series Virtual Machines, powered by Intel's 5th Gen Xeon processors, offering enhanced performance for both General Purpose and Memory Optimized workloads. The VMs, available in multiple configurations, feature improved scalability, local and remote NVMe SSD support, and Azure Boost technology for enhanced storage and network capabilities. They deliver significant performance improvements, including up to 400k IOPS, 200 Gbps network bandwidth, and a 4x boost in AI workloads. These VMs are now available across multiple Azure regions, with more to follow. Title: Active Directory is 25 Years Old. Do You Still Manage It Like It's 1999? Team Blog: Core Infrastructure and Security Author: LizTesch Publication Date: 03/06/2025 Article Summary: The article, written by Liz Tesch, emphasizes the need for modern management practices for Microsoft's Active Directory, which is 25 years old. Despite its longevity, many organizations still manage AD as if it were the late 1990s, exposing themselves to security risks due to outdated practices such as location-based OU structures, over-privileged service accounts, flat support structures, and ineffective deprovisioning processes. To mitigate these risks, organizations should align their AD structure with current security models, review and limit privileges of service accounts, streamline access controls, and ensure robust deprovisioning processes for both human and service accounts. Title: Way to minimize the impact of Allocation Failure issue in Cloud Service Extended Support Team Blog: Azure PaaS Author: JerryZhangMS Publication Date: 02/21/2025 Article Summary: The article addresses mitigating the impact of Allocation Failure in Cloud Service Extended Support (CSES). While the common solutions like redeployment lead to downtime, the blog offers a strategy to minimize disruption by switching requests to a newly created service. This involves creating a new CSES with updated settings and redirecting traffic via domain name adjustments. For custom domains, this means updating CNAME or A records. For scenarios using FQDN, a brief downtime may occur due to DNS changes. The article asserts these methods can significantly reduce downtime, aiming for zero downtime with custom domains and under one minute for FQDN scenarios. Title: 5 years of Arc Jumpstart with a refreshed website Team Blog: Azure Arc Author: liorkamrat Publication Date: 02/24/2025 Article Summary: In February 2025, Arc Jumpstart celebrates five years by launching a redesigned website, enhancing user experience with features like dark/light mode, improved accessibility, responsive design, and streamlined navigation. The update aligns with the mission to support the Microsoft Adaptive Cloud approach, focusing on automation, scalability, and open-source collaboration. New features like Jumpstart Gems and Badges aim to enrich user engagement and cloud proficiency. Enhanced GitHub issue templates facilitate feedback and maintenance. Arc Jumpstart evolves to unify distributed systems, integrate AI, and enable operations across hybrid, multicloud, edge, and IoT environments. Title: We're moving! Team Blog: Azure Stack Author: Cosmos_Darwin Publication Date: 11/25/2024 Article Summary: Microsoft has announced Azure Local as a new chapter for adaptive cloud infrastructure, replacing Azure Stack HCI and offering features like lower-cost edge devices and disconnected operations, with seamless transition for existing users. All related content will move to the Azure Arc blog as part of a unification process. This change was introduced at Microsoft Ignite 2024, and the team expresses gratitude for user engagement over the years. Azure Local, powered by Azure Arc, promises continued innovation and encourages followers to stay updated on the Azure Arc blog. Title: Securely Integrating Azure API Management with Azure OpenAI via Application Gateway Team Blog: Azure Architecture Author: Sabyasachi-Samaddar Publication Date: 02/25/2025 Article Summary: The article outlines a technical guide for securely integrating Azure OpenAI with Azure API Management (APIM) using Azure Application Gateway. It addresses the need for enterprises to secure Azure OpenAI, which can be exposed over the public internet, by implementing a solution that confines traffic within an Azure Virtual Network (VNET) using Private Endpoints. The strategy involves deploying APIM within an internal VNET as a secure proxy, utilizing Application Gateway for secure external access with Web Application Firewall (WAF) rules and SSL termination. The guide details the configuration of VNETs, subnets, and Network Security Groups (NSGs) to ensure network segmentation and security. This scalable architecture protects OpenAI from direct internet exposure while permitting controlled API access, leveraging managed identity authentication and enforcing granular network control. Title: New survey - Windows Server application survey! Team Blog: Containers Author: ViniciusApolinario Publication Date: 01/21/2025 Article Summary: Microsoft has launched a new survey aimed at gathering insights on how customers approach Windows Server application modernization. The survey seeks to understand challenges, modernization processes, and triggers from customers to help Microsoft align its goals and prioritize work for future developments. The company values customer feedback to enhance their products and is encouraging participation in the survey to shape its plans for the upcoming years. Participants can access the survey at https://aka.ms/WSAppModSurvey and are encouraged to share the link with others. Title: SMB security hardening in Windows Server 2025 & Windows 11 Team Blog: Storage at Microsoft Author: NedPyle Publication Date: 08/23/2024 Article Summary: Microsoft’s Secure Future Initiative (SFI) has introduced enhanced SMB security features in Windows 11 24H2 and Windows Server 2025. Key updates include mandatory SMB signing by default, NTLM blocking to enforce Kerberos authentication, and an authentication rate limiter to mitigate brute force attacks. Other enhancements include disabling insecure guest authentication, enforcing SMB protocol version management, and supporting SMB client encryption and SMB over QUIC across all Windows Server 2025 editions. These updates aim to bolster security by minimizing vulnerabilities in SMB, a crucial protocol for remote file and data access. Users can preview these OS updates now. Title: Azure Private Endpoint vs. Service Endpoint: A Comprehensive Guide Team Blog: FastTrack for Azure Author: SriniThumala Publication Date: 01/06/2025 Article Summary: The article compares Azure Private Endpoints and Service Endpoints as methods for enhancing security and connectivity for applications hosted on Microsoft Azure. Service Endpoints provide secure connections using public IPs routed through Azure's network, suitable for basic security needs with Network Security Group integration. Private Endpoints offer higher security by using private IPs, ensuring traffic remains internal for sensitive workloads or regulatory compliance. Use Service Endpoints for simpler security setups and reduced latency; choose Private Endpoints for full network isolation and strict security. The article advises selecting based on application security needs and performance requirements. Title: Optimizing your Hyper-V hosts Team Blog: Windows OS Platform Author: Steven Ekren Publication Date: 02/12/2025 Article Summary: The article provides insights on optimizing Hyper-V hosts by leveraging CPU scheduling and live migration settings. It discusses the relationship between physical CPUs, cores, and logical processors, detailing how virtual processors (VPs) are managed. Key optimization strategies include dedicating CPUs to the host via MinRoot to minimize resource contention, setting appropriate limits for live migrations to balance speed and system impact, and utilizing network configurations like RDMA for efficient data transfers. The article highlights tools and commands, such as Performance Monitor and PowerShell, to evaluate and implement these optimizations effectively. Title: Revolutionizing Network Management and Performance with ATC, HUD and AccelNet on Windows Server 2025 Team Blog: Networking Author: AnirbanPaul Publication Date: 11/04/2024 Article Summary: The release of Windows Server 2025 introduces three significant innovations in network management: Network ATC, Network HUD, and AccelNet. Network ATC simplifies network configurations by automating deployments and ensuring consistency across clusters, reducing errors, and handling configuration drift. Network HUD is designed to detect, prevent, and alert on network issues using real-time data analysis, ensuring stability across physical and virtual components. AccelNet optimizes SR-IOV management for virtual machines, enhancing high-performance network workloads by reducing latency while simplifying configuration and health monitoring. Together, these features enhance network efficiency and reliability, making them vital for modern digital environments. Title: Azure Virtual Desktop now supports Azure Extended Zones Team Blog: Azure Virtual Desktop Author: TomHickling Publication Date: 11/25/2024 Article Summary: Azure Virtual Desktop now supports deployment in Azure Extended Zones, enhancing location options for low-latency and data-residency workloads in metropolitan areas. The first zone is in Los Angeles, California. Access requires a request, and deploying host pools differs slightly due to the lack of a default outbound route. Internet access can be facilitated using Azure Load Balancer, Azure Firewall, or third-party firewalls. The Azure portal now allows creation or selection of a Load Balancer during host pool setup. Limited VM family availability is noted due to zone size. More details are available through specified Azure resources. Title: ADSS TSync vs Entra Cross-Tenant Sync: A Comprehensive Comparison Team Blog: Security, Compliance, and Identity Author: SankaraNarayananMS Publication Date: 03/06/2025 Article Summary: The article compares ADSS Tenant Sync and Entra Cross-Tenant Sync for managing identities across multiple Azure AD tenants. ADSS Tenant Sync, managed by Microsoft's consulting team, offers a centralized, customizable synchronization model ideal for complex organizations needing advanced features. In contrast, Entra Cross-Tenant Sync, a native Microsoft feature, provides a cost-effective, integrated solution with simpler authentication, limiting customization but emphasizing ease of management. The choice between them depends on an organization's needs for customization, budget, and integration with existing systems. Both aim to streamline identity management across tenants in different ways. Title: 3 internal obstacles to overcome for comprehensive security Team Blog: FastTrack Author: JulieHersum Publication Date: 01/28/2025 Article Summary: Organizations face significant cybersecurity challenges, with frequent incidents and high costs. Microsoft emphasizes comprehensive security solutions, such as Microsoft Defender XDR, to protect data and technology. However, deploying these solutions can be hindered by internal obstacles, including reluctance to replace legacy systems due to sunk cost fallacy, concerns about secure integration, and resource constraints. To overcome these issues, Microsoft offers resources like FastTrack to facilitate easier deployment. By adopting Microsoft Defender, organizations can achieve unified security, improve their security posture, and protect against cyber threats more effectively and efficiently. Title: Cloud security in the fast lane: Navigating PaaS challenges Team Blog: Azure Infrastructure Author: seanwhalen Publication Date: 03/06/2025 Article Summary: The article discusses the security challenges and strategies associated with Platform as a Service (PaaS) in cloud computing. As PaaS promotes innovation and scalability, it also introduces unique security hurdles, such as network integration issues, data exfiltration risks, a lack of infrastructure visibility, and insider threats. The article highlights the importance of adopting zero-trust models, strong access controls, and continuous monitoring to protect sensitive data. Azure's network security perimeter is presented as a comprehensive solution to enhance security through micro-segmentation, data exfiltration prevention, and unified security management, critical amidst increasing PaaS attacks. Title: Step-by-Step Guide : How to use Temporary Access Pass (TAP) with internal guest users Team Blog: ITOps Talk Author: dishanfrancis Publication Date: 01/13/2025 Article Summary: The article discusses the benefits of passwordless authentication, highlighting its enhanced security compared to traditional password-based methods. Microsoft Entra ID supports various passwordless authentication options such as Windows Hello, Microsoft Authenticator, and Passkeys (FIDO2). The article focuses on the use of Temporary Access Pass (TAP) as an initial authentication method to enable passwordless options. Originally available only for internal users, TAP now supports internal guest users—accounts in the same directory but with guest-level access, like contractors. The article walks through setting up TAP for internal guest users, ensuring a more secure login process. Title: Removal of Azure Policy aliases for Microsoft.Insights/alertRules Team Blog: Azure Governance and Management Author: ShannonHicks Publication Date: 03/05/2025 Article Summary: The article discusses the deprecation of the Microsoft.Insights/alertRules resource type and the removal of associated Azure Policy aliases. As a result, policies referencing these aliases will not be evaluated, with little impact expected since they usually target already-removed resource types. Attempts to modify such policy definitions will be blocked. Affected built-in policies, including "Metric alert rules should be configured on Batch accounts," will also be deprecated. To mitigate effects, users should identify affected policies, update their definitions, test the updates, and monitor for future Azure Policy changes to ensure continued compliance and governance. Title: New Cluster-Wide Control For Virtual Machine Live Migrations In Windows Server and Azure Stack HCI Team Blog: Failover Clustering Author: Steven Ekren Publication Date: 01/05/2023 Article Summary: The article discusses a new feature in Windows Server 2022 and Azure Stack HCI, which simplifies managing parallel live migrations in a cluster by introducing the MaximumParallelMigrations cluster property. Previously, administrators had to manually configure each node, but the new property allows a single setting to be inherited by all nodes within a cluster, even when new servers are added. This ensures consistent configuration across the cluster. The default value is one parallel migration, but administrators can adjust this based on their system's capabilities. It enhances reliability and simplifies management across diverse systems. Title: Daily schedule: Microsoft in-booth sessions at NVIDIA GTC Team Blog: Azure High Performance Computing (HPC) Author: SarahYousuf Publication Date: 03/06/2025 Article Summary: The article details Microsoft's participation at the NVIDIA GTC AI Conference from March 17-21 in San Jose, CA, outlining daily sessions at Microsoft's booth #514. Key sessions include discussions on AI applications across industries, integrating NVIDIA technologies with Azure cloud services. Topics range from AI-driven manufacturing processes, rare disease detection, large language models, and AI infrastructure to generative AI applications. Presentations also cover Azure's confidential computing and NetApp Files, emphasizing Microsoft's AI innovation and collaborations with NVIDIA to enhance performance, scalability, and security in AI deployments. The blog encourages attendees to engage with Microsoft's AI offerings at the event. Title: From the frontlines: Revolutionizing healthcare workers experience Team Blog: Intune Customer Success Author: Intune_Support_Team Publication Date: 02/28/2025 Article Summary: The article by Catarina Rodrigues discusses the transformative impact of technology in healthcare, focusing on Microsoft's Intune platform that manages mobile devices in critical environments like hospitals. Intune enhances healthcare operations by securing data access and allowing seamless device management across platforms. Within ICU settings, Android tablets are used to provide nurses with crucial patient information. With Intune, these devices can operate safely with shared access, authenticated sign-ins, and timely updates. The blog highlights the flexibility and security of Intune, illustrating how it streamlines communication and workflow for healthcare professionals, ultimately improving patient care. Title: Team Blog: Windows IT Pro Author: Publication Date: Article Summary: Title: Collecting Debug Information from Containerized Applications Team Blog: Ask The Performance Team Author: Becky Publication Date: 11/17/2023 Article Summary: The article, written by Debug Engineer Will Aftring, guides developers and IT admins on collecting debug information from containerized Windows applications. It highlights the complexities of migrating applications to containers, detailing steps such as identifying dependencies, configuring settings, and managing network communications. The author provides troubleshooting techniques when applications within containers fail to run correctly, including checking console logs, accessing log files, and using external tools for debugging. Strategies for handling memory dumps are also discussed. The article aims to simplify the debugging process and assist in the efficient transition of applications to a containerized environment. Title: Announcement: System Center 2025 is GA Team Blog: System Center Author: AakashMSFT Publication Date: 11/07/2024 Article Summary: System Center 2025 is now generally available, enhancing datacenter operations with a focus on infrastructure modernization and security. New features include support for heterogeneous infrastructure management, enhanced security with reduced reliance on legacy authentication, and improved management capabilities with Azure Arc integration. It supports the latest Windows Server 2025 and provides tools for managing virtual machines, enhancing data security, and streamlining IT operations. Key updates include seamless Azure integration, enhanced generation 2 VM support, and the discontinuation of obsolete features. Users can access System Center 2025 through the evaluation center or Microsoft Admin Center to explore these enhancements. Title: Microsoft Cost Management updates—February 2025 (summary) Team Blog: FinOps Author: flanakin Publication Date: 03/05/2025 Article Summary: The February 2025 Microsoft Cost Management updates include new AccountId and InvoiceSectionId columns in cost details datasets for better cost allocation. Users can now access Copilot directly from the Cost Management overview with sample prompts. Updates about the FinOps Open Cost and Usage Specification are available in the Learning FOCUS blog series. New cost-saving features include changes in Azure Reserved VM Instances, Azure NetApp Files support, Azure DevTest Labs hibernation, and Azure Monitor diagnostics. Also introduced are improvements in documentation, API modernization, and new AKS monitoring experiences. Title: Hyper-V HyperClear RETbleed Update Team Blog: Virtualization Author: brucesherwin Publication Date: 07/19/2022 Article Summary: The article discusses recent disclosures of speculative execution side channel vulnerabilities in Intel and AMD processors, specifically CVE-2022-23825, CVE-2022-29900, CVE-2022-29901, and CVE-2022-28693, similar to the Spectre attack. Microsoft's virtualization team has been using Hyper-V HyperClear, a mitigation architecture, to protect against these vulnerabilities without significant updates. HyperClear uses three main components: Core Scheduler, Virtual-Processor Address Space Isolation, and Sensitive Data Scrubbing, to maintain strong inter-VM isolation and safeguard against speculative execution attacks with minimal performance impact. Title: Stop Worrying and Love the Outage, Vol IV: Preference items Team Blog: Ask the Directory Services Team Author: Chris_Cartwright Publication Date: 01/28/2025 Article Summary: In the fourth installment of the "Stop Worrying and Love the Outage" series, Chris Cartwright from the Directory Services support team highlights the risks of using Group Policy Preference items that conflict with existing client-side extensions, leading to potential system instability and outages. Using the example of Cipher Suite Ordering, the article illustrates how conflicts between Administrative Templates and Preference items targeting the same registry key can lead to unpredictable outcomes. Cartwright advises against targeting Group Policy registry locations with Preference items, as it creates administrative challenges and system instability, unless it's a necessary workaround for unsupported OS limitations. Title: Protecting the Public IPs of Secured Virtual Hub Azure Firewalls against DDoS Attacks Team Blog: Azure Network Security Author: gusmodena Publication Date: 02/28/2025 Article Summary: The article discusses the enhancement of Azure Firewalls in Secured Virtual Hubs by configuring specific Azure public IPs, enhancing network security against DDoS attacks. This feature allows for complete control and management of public IP addresses, enabling custom configurations aligned with security policies. Azure DDoS IP Protection can be configured to mitigate attacks, maintaining service availability and security. The article provides steps for enabling DDoS IP Protection and discusses benefits such as enhanced security, flexibility in IP address management, and ensuring a robust defense against DDoS attacks, thereby securing the network infrastructure more effectively. Title: Get AI ready: What we’ve learned building AI competency at Microsoft Team Blog: Microsoft Learn Author: SandraMarin Publication Date: 02/13/2025 Article Summary: At Microsoft, developing AI skills and fluency is deemed essential for maximizing the technology's potential. Organizations are encouraged to provide both technical and non-technical team members with AI-learning opportunities, building a foundation for future leadership in the AI era. Jeana Jorgensen, Microsoft's Corporate Vice President of Worldwide Learning, emphasizes the importance of effective AI training programs, acknowledging the unique paths of different organizations. Her blog and the e-book "10 Best Practices to Accelerate Your Employees’ AI Skills" offer practical advice and insights to implement effective AI training, helping organizations to evolve, support employees, and foster innovation. Title: Upcoming Breaking Change in Az SSH for Arc Connections Extension Team Blog: Azure Tools Author: stevenbucher Publication Date: 02/27/2025 Article Summary: The Az SSH extension, crucial for secure Azure VM connections, will undergo a breaking change affecting Azure Arc Machine connections. By May 21, versions prior to 2.0.4 will fail upon installation due to the deprecation of a storage blob. While existing installations will function unless corrupted, reinstalling outdated versions will be impossible. Users should upgrade to at least version 2.0.6 using the Azure CLI to ensure continuity. Additionally, scripts using older versions should be updated. This change is vital for security, and users are advised to stay informed about further updates. Title: Azure VMware Solution Broadcom VMSA-2025-0004 Remediation Team Blog: Azure Migration and Modernization Author: rvandenbedem Publication Date: 03/04/2025 Article Summary: Microsoft recently identified a critical ESXi vulnerability in Azure VMware Solution and collaborated with Broadcom to develop a secure patch. Using advanced analytics for early detection, Microsoft swiftly assembled a global team to work on the ESXi 8.0 U2d Build 24585300 patch. The patch is set for completion within 30 days, ensuring proactive security for customers. New Azure VMware Solutions deployed after March 4, 2025, will have the patch pre-applied. The company's in-depth risk management and partnership with Broadcom enhance overall security, allowing for quick vulnerability responses and effective digital asset protection. Title: Simplify frontline workers’ sign-in experience with QR code authentication Team Blog: Microsoft Entra (Azure AD) Author: Robin Goldstein Publication Date: 02/25/2025 Article Summary: Microsoft has introduced QR code authentication in Microsoft Entra ID, aimed at easing sign-ins for frontline workers on shared devices by eliminating the need for usernames and passwords. This feature, now in public preview, allows employees to scan a unique QR code and enter a personal PIN for fast, secure access to essential applications. The system significantly improves efficiency and security, as demonstrated by Contoso Industries, which is transitioning to QR code authentication to simplify app access for its retail employees. The initial feedback has been positive, highlighting the streamlined authentication process and enhanced security measures. View the full article

REGISTER NOW | Open to All Microsoft Partners We are excited to invite you to an informative session organized by the Tech for Social Impact team! This event provides a great opportunity to learn from experts and participate in meaningful discussions about the unique security challenges faced by nonprofits. Furthermore, we will offer go-to-market resources tailored specifically for nonprofits that partners can take advantage of. The session will feature our speakers, Jerry Carlson and Aysha Kaushik, who will offer valuable insights and strategies to enhance security within nonprofit organizations. TOPIC: Partner Webinar - Security Conversations with Nonprofits WHEN: Wednesday, April 2, 2025 TIME: 8:00 AM – 9:30 AM PT / 11:00 AM – 12:30 PM ET / 4:00 PM – 5:30 PM GMT WHERE: Resister Today (online event) View the full article

Hi, I’m Liz Tesch, a Cloud Solutions Architect on the Microsoft Incident Response Critical Action Team (MIRCAT). My colleagues and I specialize in helping customers with incident response and compromise recovery. In our work with customers who’ve been the victim of a cyberattack, we often see Active Directories that are 20+ years old and clients who still administer them like it's 1999. Overview Previewed in 1999 and officially released in the Spring of 2000, Active Directory is 25 years old. For those of us who remember the early years of AD, much of what we learned back in the days of the MCSE certification still stands and gives us a solid foundation for identity administration and security. However, in 1999/2000, the threat landscape looked entirely different than it does now. Ransomware was not a thing, and as AD admins our concerns were mainly managing accounts and giving our users the access they needed to work. So, if you're still managing Active Directory like you were taught to in the early years - or if you were trained to manage AD by someone else who learned it early on - you may be unintentionally putting your organization at risk of cyberattacks. Let's take a closer look at what that means, why it's a problem, and what we can do about it. Issues Location-Based AD Structure As a sysadmin in the early days of AD, chances are you were taught to organize your Directory using location-based organizational units (OUs) like the picture on the left shows. Back then it made sense because we didn't have high-speed connections between most locations, and we had to take replication times into consideration a lot more often than we do today. The problem with organizing AD this way is that it makes it challenging to effectively manage AD with Group Policy. For example, say you want to apply a Group Policy to all Tier 1 Servers in your organization, but you have 50 location-based OUs that have servers in them. Now you have to apply that GPO to 50 different OUs. (You may also need to employ WMI filtering to restrict policy use to certain servers in those 50 OUs.) Some clients find it challenging even to locate where in AD all their Tier 1 servers are, they're so spread out in different location-based OUs. Every organization is different, but if you can, consider alternative designs such as organizing assets based on function, business unit, or importance to the business instead of using location alone. Over-Privileged Service Accounts Threat actors love service accounts with Domain Admin privileges. We often see them use service accounts to hide in client environments undetected for months and as a means of getting back into the environment when they do get detected. When I was a sysadmin in the early days, Domain Admin was sometimes used as a catch-all for service accounts where we were in a hurry and we thought "Well, we don't entirely know what this account needs so let's just give it Domain Admin and we know it’ll work.” In other cases, a vendor specified that a service account needed Domain Admin, so we gave it that and never looked back. If you haven't done it in a while, review your privileged service accounts in AD and check your vendor documentation to see if Domain Admin really is still necessary. If it is, contact your vendor and push back. These days many vendors are trying to find alternative solutions to help secure their clients more effectively. For example, members of my team commonly advise customers on how you can modify your SCCM deployment to run without Domain Admin. Flat Support Structures Microsoft has a modern method of tiering infrastructure and identities that's very effective at limiting lateral movement and privilege escalation. However, we often see clients with very flat support structures that are a great help to threat actors. In one case we found that the 60+ members of a helpdesk all had Domain Admin and could reset any password in the organization. It's also common to see desktop technician accounts with Local Admin rights to every endpoint in the organization, even when their responsibilities are restricted to a given business unit or geo. Is there a way we could minimize the blast radius here? For example, maybe we could organize the helpdesk team into tiers so that only a small number of analysts have delegated access to change passwords. And how about using Group Policy or Intune scope tags to restrict desktop teams to Local Admin just within their own division or office? Deprovisioning I see two common problems with deprovisioning accounts that directly put organizations at risk for attack. For the first, I’ll come back to service accounts. We usually see clients with effective and well-maintained systems for provisioning and de-provisioning human users as part of the onboarding and off-boarding processes. However, the same is not true of service accounts. It's very normal during IR investigation and cleanup to see stale privileged service accounts in AD that belonged to applications that were retired years ago. Why are they still here and available to threat actors? Many companies also lack systems and processes to deprovision rights where something has changed, but human users have not left the company. For example, we commonly find user accounts which were given additional entitlements as part of a project that never happened, but the rights have remained for months or even years. In one case, we had a client who had documented processes and workflows for adding users to the Remote Desktop Users group when they needed remote access for a project; however, there was no process for ever removing users from that group. Eventually there were almost 200 employees with permanent remote access to most of the endpoints in the organization. Conclusion Twenty-five years after its introduction, Active Directory remains a core component of many organizations’ IT function, as well as a key factor in their cybersecurity and cyber resiliency capabilities. However, to effectively secure our organizations against sophisticated modern threat actors, it’s crucial that we recognize and change our outdated ideas about how we design and administer AD. To get started: Evaluate your Active Directory structure to make sure it’s aligned to Microsoft’s Enterprise Access Model and, if it’s not, let your Microsoft team know how we can help Review privileged service accounts in AD and check your vendor documentation to see if Domain Admin really is still necessary – push back on vendors if it is Look for opportunities to limit the number of accounts with the highest privileges, as well as the number of assets those accounts control Verify your organization has effective processes and controls for deprovisioning entitlements and accounts – both human and non-human View the full article

According to the World Economic Forum Global Gender Gap Report 2024, women’s representation in STEM and non-STEM fields has increased since 2016, but significant gender gaps remain—particularly in STEM leadership roles. Women’s representation in AI has more than doubled since 2016, with industries like technology, information, and media seeing notable increases—a promising trend that the report states is important to foster systemic resilience in the changing economic landscape. Closing the global gender gap is essential to create sustainable economic growth and expand access to markets and opportunities. As we observe International Women’s Day in March, we are committed to supporting gender equity and collaborating with Microsoft partners who are driving innovation and contributing to the advancement of the United Nations Sustainable Development Goals. Microsoft actively partners with nonprofit partner-led associations—such as Women in Cloud (WIC) and the WIT Network—to advance these goals through community-driven initiatives, mentorship, and business development programs. We encourage our partners to learn more about these organizations and participate in their upcoming events. Continue reading hereView the full article

Join the OneDrive product team live each month on our monthly OneDrive Customer Office Hours to hear what's top of mind, get insights into roadmap updates, and dig into a special topic. Each call includes live Q&A where you'll have a chance to ask the OneDrive product team any question about OneDrive - The home of your files. 😎 Use these links to: Register and join live: aka.ms/OneDriveOfficeHours. Save the calendar invite so you never miss a call-https://aka.ms/OfficeHoursCalendar Each call is recorded and made available on demand shortly after. Our next call is Wednesday, March 12th, 2025, 8:00am - 9:00am PDT. This month's special topic: "Unlicensed User Accounts" with the Trent Green. We have heard your feedback and are doing a follow up session tied to this topic. We will have our product teams on call ready to answer your questions. Trent Green as speaker for March 2025 OneDrive Office Hours- Unlicensed User Accounts Our goal is to simplify the way you create and access the files you need, get the information you are looking for, and manage your tasks efficiently. We can't wait to share, listen, and engage - monthly! Anyone can join this one-hour webinar to ask us questions, share feedback, and learn more about the features we’re releasing soon and our roadmap. Note: Our monthly public calls are not an official support tool. To open support tickets, go to see Get support for Microsoft 365; distinct support for educators and education customers is available, too. Stay up to date on Microsoft OneDrive adoption on adoption.microsoft.com. Join our community to catch all news and insights from the OneDrive community blog. And follow us on Twitter: @OneDrive. Thank you for your interest in making your voice heard and taking your knowledge and depth of OneDrive to the next level. You can ask questions and provide feedback in the event Comments below and we will do our best to address what we can during the call. 😎 Register and join live: aka.ms/OneDriveOfficeHours. View the full article

The threat landscape continues to evolve creating ongoing challenges for small and medium businesses (SMBs) that are faced with increased regulations and cyberinsurance requirements. Today, Microsoft 365 Business Premium delivers core security solutions to SMBs that help safeguard data, defend against cyberthreats, and manage access and devices. With the growing volume of attacks and increased sophistication of threats, there are SMBs that want enhanced cybersecurity protection for their business. We are pleased to announce that Business Premium customers are now able to purchase Microsoft 365 E5 Security as an add-on to further enhance their security. E5 Security brings new security value on top of Business Premium with Microsoft Entra ID Plan 2, Microsoft Defender for Identity, Microsoft Defender for Endpoint Plan 2, Microsoft Defender for Office 365 Plan 2, and Microsoft Defender for Cloud Apps. Products included in Microsoft 365 E5 Security (ENHANCED) Identity and access controls Business Premium includes Microsoft Entra ID P1, which provides single sign-on, multi-factor authentication (MFA), and conditional access to help SMBs manage user identities and enable access to applications and resources from trusted users, devices, and locations. Microsoft Entra ID P2 offers advanced security and governance features including Microsoft Entra ID Protection and Microsoft Entra ID Governance. Microsoft Entra ID protection offers risk-based conditional access that helps block identity attacks in real time using behavioral analytics and signals from both user risk and sign-in risk. It also enables SMBs to detect, investigate, and remediate potential identity-based risks using sophisticated machine learning and anomaly detection capabilities. With detailed reports and alerts, your business is notified of suspicious user activities and sign-in attempts, including scenarios like a password-spray where attackers try to gain unauthorized access to company employee accounts by trying a small number of commonly used passwords across many different accounts. ID Governance capabilities are also included to help automate workflows and processes that give users access to resources. For example, IT admins historically manage the onboarding process manually and generate repetitive user access requests for Managers to review which is time consuming and inefficient. With ID Governance capabilities, pre-configured workflows facilitate the automation of employee onboarding, user access, and lifecycle management throughout their employment, streamlining the process and reducing onboarding time. (NEW) Extended Detection and Response (XDR) Microsoft Defender XDR delivers a unified and efficient approach to incident-level visibility across the attack lifecycle. Together XDR and exposure management (XSPM) consolidate multiple siloed security solutions to provide best-of-breed capabilities across identities, endpoints, apps, and email. (NEW) Identity threat detection and response (ITDR) Identities are one of the most common attack vectors making identity-specific threat detection and response a critical element to secure your business. Microsoft Defender for Identity includes dedicated sensors and connectors for common identity elements that offer visibility into your unique identity landscape and provide detailed posture recommendations, robust detections and response actions. These powerful detections are then automatically enriched and correlated with data from other domains across Defender XDR for true incident-level visibility. (ENHANCED) Device security Microsoft Defender for Business (MDB) already brings enterprise-grade device protection capabilities to Business Premium customers across Windows, MacOS, iOS, and Android devices. It includes vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. With streaming APIs, customers and partners can build Managed Detection and Response (MDR) services with Defender for Business. For customers who need advanced hunting, Microsoft Defender for Endpoint P2 adds advanced hunting, and 6 months of data retention on the device, along with endpoint security for IoT devices. (ENHANCED) Email and Collaboration security Microsoft Defender for Office 365 P1 in Business Premium includes SafeLinks with time of click URL filtering, safe attachments with real-time attachment scanning in sandbox, and phishing and malware defense across email, Microsoft Teams, OneDrive and SharePoint. It also has AI-powered LLM-based threat protection with 99.995% attacker intent detection accuracy. With Defender for Office 365 P2, you gain access to cyber-attack simulation training, which provides SMBs with a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing phishing attempts. Additionally automated response capabilities and post-breach investigations help reduce the time and resources required to identify and remediate potential security breaches. Detailed reports are also available that capture information on employees’ URL clicks, internal and external email distribution, and more. (NEW) Software-as-a-service (SaaS) security Microsoft Defender for Cloud Apps is a comprehensive, AI-powered software-as-a-service (SaaS) security solution that enables IT teams to identify and manage shadow IT and ensure that only approved applications are used. It protects against sophisticated SaaS-based attacks, OAuth attacks, and risky interactions with GenAI apps by combing SaaS app discovery, security posture management, app-to-app protection, and integrated threat protection. IT teams can gain full visibility into their SaaS app landscape, understand the risks and set up controls to manage the apps. SaaS security posture management quickly identifies app misconfigurations and provides remediation actions to reduce the attack surface. E5 Security delivers added protection to meet the growing needs of SMBs in a package that is cost-effective. Purchasing E5 Security has 57% savings when compared to the cost of separately purchasing the individual products that are included. FAQ When will E5 Security be available for purchase? E5 Security is available for purchase as an add-on to Business Premium starting today, 3/6. How can I purchase E5 Security? You can purchase E5 Security as an add-on to Business Premium through Microsoft Security for SMBs website or through your Partner. Does Microsoft 365 Business Premium plus Microsoft 365 E5 Security allow mixed licensing for endpoint security solutions? Microsoft Defender for Business does not support mixed licensing so a tenant with Defender for Business (included in Microsoft 365 Business Premium) along with Defender for Endpoint Plan 2 (included in Microsoft 365 Security) will default to Defender for Business. For example, if you have 80 users licensed for Microsoft 365 Business Premium and you’ve added Microsoft 365 E5 Security for 30 of those users, the experience for all users will default to Defender for Business. If you would like to change that to the Defender for Endpoint Plan 2 experience, you should license all users for Defender for Endpoint Plan 2 (either through standalone or Microsoft 365 E5 Security) and then contact Microsoft Support to request the switch for your tenant. You can learn more here. What are the differences between Microsoft Defender for Business and Microsoft Defender for Endpoint P2? MDB includes many of the same features as MDE P2, including enterprise-grade device protection for Windows, MacOS, iOS, and Android devices, vulnerability management, next-generation antivirus protection, AI-powered endpoint detection and response with automatic attack disruption, and automated investigation and remediation. MDE P2 adds endpoint security for IoT devices, threat hunting, and 6 months of data retention on the device. A detailed comparison is available here. As a Partner, how do I build Managed Detection and Response (MDR) services with MDB? For partners or customers looking to build their own security operations center (SOC) with MDR, Defender for Business supports the streaming of device events (device file, registry, network, logon events and more) to Azure Event Hub, Azure Storage, and Microsoft Sentinel to support advanced hunting and attack detection. If you are using the streaming API for the first time, you can find step-by-step instructions in the Microsoft 365 Streaming API Guide on configuring the Microsoft 365 Streaming API to stream events to your Azure Event Hubs or to your Azure Storage Account. To learn more about Microsoft Security solutions for SMBs you can visit our website. Partners can access training resources, customer decks and deployment checklists from our Business Premium Partner Playbook and find additional resources for Microsoft Security for Partners. View the full article

Hi, I'm wanting to overlay grid lines to scale to house plans. Can this be done? Thanks.. View the full article

When managing identities across multiple tenants, organizations often face a crucial decision: should they choose ADSS (Active Directory Synchronization Service) Tenant Sync or Entra Native Cross-Tenant Sync to enable collaboration across tenants? The ADSS Tenant Sync service for Tenant-to-Tenant Synchronization is designed to maintain a single unified global address list between tenants. It synchronizes and provisions users or contacts between tenants and provisions guest accounts for Azure B2B sharing of applications and resources. Cross-Tenant synchronization automates creating, updating, and deleting Microsoft Entra B2B collaboration users across tenants in an organization. It enables users to access applications and collaborate across tenants, while still allowing the organization to evolve. Both solutions aim to streamline identity management, but they differ significantly in terms of architecture, control, security, and overall functionality. Here’s a closer look at each solution, presented with relatable examples to help you make an informed decision based on your organization’s needs. Architecture and Core Functionality Imagine you are in charge of a large organization with multiple subsidiaries, each operating under its own Azure AD tenant. You need a solution to synchronize all these identities, but you're unsure where to start. ADSS Tenant Sync is a managed service provided by Microsoft Consulting - IMS team, utilizing a pull-push model. Here, synchronization rules are configured by Microsoft Consulting, and the ADSS server manages identity synchronization. This model is often preferred for larger, complex organizations, as it centralizes control and often includes expert support. It’s akin to outsourcing a specific task to a trusted third-party expert who sets up and manages the solution for you. Entra Cross-Tenant Sync, in contrast, is a native feature of Entra ID (formerly Azure AD) that follows a push-based model using SCIM (System for Cross-domain Identity Management). Synchronization happens directly from your source tenant, offering greater control and integration within your existing Microsoft ecosystem. It’s like managing your internal processes with a powerful tool that’s built into your existing system—no need for third-party involvement. Control, Authentication, and Security The level of control and the security measures between these solutions differ, particularly when it comes to permissions and access management. ADSS Tenant Sync requires permissions through Microsoft Graph and Exchange Online, demanding specific admin rights, like Exchange Recipient Admin rights and Write permissions for each object type you want to sync. This can feel like managing a series of security checkpoints where each part of the system requires specific access credentials to function properly. Entra Cross-Tenant Sync, on the other hand, simplifies authentication by allowing synchronization policies to be configured directly within both the source and target tenants. This reduces complexity and can be managed more easily, especially in organizations that prioritize ease of access and streamlined workflows. It’s more like having a universal access pass for various departments within a company, eliminating the need for multiple levels of clearance. Data Management, Synchronization, and Filtering When it comes to data handling, there are key differences in how each solution approaches storage and filtering. ADSS Tenant Sync utilizes a centralized identity store within Microsoft-owned Azure subscriptions before synchronizing data to target tenants. This approach allows for complex attribute filtering and customization, such as syncing users as guests or contacts with desired attribute flows and even supports distribution list synchronization as contacts. It’s like having a centralized warehouse where all the data is stored and categorized, allowing for flexibility when choosing what data to sync and how to manage it. In contrast, Entra Cross-Tenant Sync ensures that identities remain within their respective tenants, with no external storage of sensitive identity data. This model is beneficial for organizations concerned about data privacy, as the identities are kept within their home base. Additionally, Entra Cross-Tenant Sync supports syncing users as either external members or guests, depending on configuration. However, it does not support distribution list or contacts synchronization. It’s like keeping all documents in their respective departments to ensure that sensitive information stays within the correct boundaries. Both solutions support object filtering and attribute-based scoping, but ADSS offers more customization in terms of attribute management, making it more flexible for organizations with intricate requirements. Cost, API Support, and Suitable Use Cases Cost and extensibility are crucial factors when considering which solution to adopt. ADSS Tenant Sync operates as a third-party managed service through Microsoft, with a monthly fee attached. It’s ideal for businesses requiring extensive customization, external guest management, and broader synchronization capabilities. The use of Microsoft Graph and PowerShell APIs for extensibility also makes ADSS suitable for organizations that need advanced integrations and a highly tailored solution. Entra Cross-Tenant Sync, on the other hand, is natively integrated into the Microsoft ecosystem. It requires a P1 license for each synchronized user, but the overall cost can be lower compared to ADSS, especially for organizations that do not need extensive customization. The solution uses proprietary APIs managed by the Microsoft Entra Product team, offering a more straightforward, integrated experience. Entra Cross-Tenant Sync is typically more suitable for organizations that prefer an easy-to-manage, cost-effective synchronization solution, without requiring the advanced features of ADSS. Choosing the Right Solution Both ADSS Tenant Sync and Entra Native Cross-Tenant Sync have distinct advantages, and the decision between them depends on your organization’s specific needs. ADSS Tenant Sync is a solid choice for businesses that need advanced features, such as the ability to customize attributes, manage external guests, and support complex synchronization requirements, even if it comes with an additional cost. It’s more suitable for multi-tenant organizations or those working with business partners that require a more tailored solution. Entra Cross-Tenant Sync is a cost-effective, native option that seamlessly integrates into your existing Microsoft environment. It's ideal for enterprises looking for a simpler, more integrated way to manage multi-tenant synchronization without needing complex customization. This solution works well for organizations that prioritize streamlined workflows and less technical overhead. In conclusion, whether you choose ADSS Tenant Sync or Entra Native Cross-Tenant Sync depends on your organization’s goals, the level of customization required, and budget considerations. Both solutions offer effective ways to synchronize identities across tenants, and understanding these differences will help you select the one that aligns best with your infrastructure and long-term identity management goals. Learn more about IMS and explore its powerful migration capabilities today! Read our latest insights on the IMS blogs page Watch related videos on our YouTube channel for a seamless, hassle-free migration experience. If you would like to discuss in person, reach out to us at imssales@microsoft.com. Our team will connect with you. View the full article

I have a list of people who have access to a certain Site Collection and Subsite. I am trying to replace a value in the Subsite column using an If-Else statement in Power Query to only replace one value if it meets the criteria. Specifically, if the Site Collection is equal to "en_ca" and the Subsite is equal to "D26 Plumbing", I want to replace the Subsite text with "D26 Plumbing and Bath". I've tried a few different equations but I either replace everything in the list with "D26 Plumbing and Bath" or I get an error. = Table.ReplaceValue(#"Filtered Rows", each [Subsite], each if [SiteCollection]="en_ca" and [Subsite]<>"D26 Plumbing" then [Subsite] else "D26 Plumbing & Bath", Replacer.ReplaceValue,{"Subsite"}) What am I missing here? View the full article

Last month, we introduced consumption-based pricing for SharePoint agents. This new billing model offers greater flexibility for organizations looking to start using SharePoint agents. The pay-as-you-go (PAYGO) meter enables customers to pay only for the messages they consume, providing an alternative to a per user/per month license. This model is designed to accommodate varying usage patterns, making it ideal for businesses with fluctuating demands. Under the PAYGO model, customers are billed $0.01 per message. Each interaction with a SharePoint agent uses 32 messages, so customers are billed at $0.32 per interaction with SharePoint agents. The PAYGO meter uses your Azure subscription as the payment instrument, ensuring seamless integration with existing billing processes. This meter is available worldwide. For more details, see https://learn.microsoft.com/en-us/SharePoint/microsoft-365-pay-as-you-go-pricing There are no in-product feature differences between the PAYGO meter and the SharePoint agent included in the Microsoft 365 Copilot license. Users have the same capabilities and benefits, regardless of the billing model they choose. Admins will need to enable PAYGO billing in the Microsoft 365 Admin center. To use SharePoint agents on a pay-as-you-go basis, admins must first set up billing and activate the service in the Microsoft 365 admin center. An Azure subscription and resource group are required to set up pay-as-you-go billing. Admins need to have the owner or contributor role for the Azure subscription to set up billing. Here is a quick overview of the steps to set up PAYGO billing for SharePoint agents: Visit the https://admin.microsoft.com/Adminportal/Home#/syntex/documents as a Global Admin or SharePoint Admin Click Pay-as-you-go services in org settings or Activate pay-as-you-go under setup. Go to “SharePoint agents” Tab under Billing Tab Setup billing by adding Subscription, Region, and Resource group. For information about how to create an Azure subscription, see Create your initial Azure subscriptions. For information about how to create an Azure resource group, see Manage Azure resource groups by using the Azure portal. Detailed instructions can also be found at: Set up SharePoint agents for pay-as-you-go billing - SharePoint in Microsoft 365 | Microsoft Learn Note: The use of PAYGO to enable unlicensed users to utilize SharePoint agents will respect any controls in place to manage Copilot within the organization, such as any controls that are in place to manage the information a user can access through agents, such as restricted access policies https://learn.microsoft.com/en-us/SharePoint/manage-access-agents-in-sharepoint#manage-what-information-a-user-can-access-through-the-agents . Once set up, it will be on by default for everyone in the tenant. We are listening to feedback for needing additional controls and reporting and will share more about what we’re doing here soon. Admins can also disable PAYGO at any time at a tenant level. SharePoint agent promotion ending June 30th, 2025 We are currently offering a SharePoint agent promotion which provides any organization with at least 50 Microsoft 365 Copilot licenses 10,000 interactions monthly for non-licensed users to consume. Customers who wish to use more than 10,000 interactions may do so via purchasing a Microsoft 365 Copilot license or enabling the pay-as-you-go meter. Admins can manage the trial access using the Powershell cmdlets. Coming late March, tenant level usage for the promotion interactions can also be viewed in the Copilot Admin UI. Learn more trial access: Manage trial access to SharePoint agents with PowerShell Read more about our limited time promotion here. To learn more, please check out our Microsoft Learn articles including: Optimize SharePoint Content Retrieval in Your Agent​ Microsoft 365 pay-as-you-go pricing - SharePoint in Microsoft 365​ Get started with SharePoint agents​ Manage access to SharePoint agents ​ Manage trial access to SharePoint agents with PowerShell​ Set up SharePoint agents for pay-as-you-go billing ​ Get-SPOCopilotAgentInsightsReport (Microsoft.Online.SharePoint.PowerShell) ​ Collections | Microsoft Learn Join us at upcoming SharePoint events Throughout the year, we want you to build connections with our Program Managers, Engineers, Designers, and others so we can hear directly from you and continue to share the latest product updates, learnings, and best practices. Here are just a couple of opportunities coming in in the next couple months: SharePoint Hackathon MVP Summit Microsoft 365 Community Conference SharePoint Intranet Festival - SWOOP Analytics® | Digital Workplace Analytics European Collaboration Summit Microsoft Build Microsoft 365, Microsoft Data & Power Platform Conferences - TechCon 365, PWRCON & DATACON View the full article

If in my meeting i created a transcript only, how can I read the the transcript without using Teams or Stream or any MS apps. Is there an unrelated app that can just read/display the transcript info from the created mp4 file? THX>E View the full article

How to resolve the ad sync role conflict, installing the IDFix to get a noted of conflicting objects? or any other idea?? Thanks in advance.. View the full article

Hi, I have an issue with my PC running WIN11. I have a Logitech wireless keyboard/mouse combo connected to a bluetooth dongle on one of my USB ports (front of the computer case). Whenever I plug in a thumbdrive to the USB port adjacent to it, the keyboard stops working while the mouse is still functioning. In the device manager, there are no issues indicated with the keyboard when this happens. Any thoughts how I may fix this? Thanks! View the full article

Introduction Farzad here! Welcome to the first post in RAG Time, a multi-part, multi-format educational series covering all things Retrieval-Augmented Generation (RAG). This series consists of five distinct journeys, each comprising a blog post and a video exploring a key RAG concept, including practical guidance on leveraging Azure AI Search. Visit our RAG Time site to access the complete series and supporting resources. Series Overview: RAG Time This series consists of 5 journeys, that cover various aspects of a RAG system: RAG fundamentals Retrieval: Building the ultimate retrieval system System performance: Optimize your vector index at scale Data pipeline and indexing: RAG for all your data Hero use cases Journey 1 Overview: RAG Fundamentals In Journey 1, we'll introduce core RAG concepts and explore Azure AI Search's role: What is RAG and why it matters Building a RAG engine Introduction to data and indexing Introduction to retrieval and vector search What Is RAG and Why Does It Matter? What Is RAG and Why Does It Matter? Retrieval-Augmented Generation (RAG) is a powerful technique that combines large language models (LLMs) with advanced search capabilities. Here's a helpful analogy: The Storyteller (LLM): Great at generating coherent, context-aware content but may lack precision or current information if relying solely on static knowledge. The Librarian (Retriever): Excels at indexing and retrieving the right information at the right time, ensuring the LLM remains accurate and contextually grounded. Together, they create AI solutions that are creative, articulate, accurate, and context-aware—essential for enterprise applications like customer support, legal research, and more. Key Benefits: Accuracy Through Context: RAG references real-world data, significantly reducing the risk of "hallucinations." Adaptability and Freshness: Real-time data retrieval ensures up-to-date, relevant information—ideal for frequently changing data such as product catalogs or news. Enhanced User Trust: Providing sourced answers increases user confidence, particularly critical in customer support and compliance scenarios. Building a RAG Engine Accuracy Through Context: RAG grounds LLM outputs in real-world data. Instead of relying solely on pre-trained knowledge, your AI references actual documents or knowledge bases, reducing the likelihood of “hallucinations.” Adaptability and Freshness: Because you’re retrieving data in real-time, RAG can serve up the latest information. This is crucial for scenarios where data changes frequently—think product catalogs, internal policies, or breaking news. Enhanced User Trust: By providing sourced answers, RAG fosters user confidence. For instance, in customer support scenarios, the AI can cite sections of a policy document, giving users more confidence in the response. Building a RAG Engine A basic RAG system consists of: Retriever: Ingests, processes, and stores data, optimizing it for AI consumption. Generative Model: Applies reasoning to prompts and retrieved information to generate responses. Agent/Orchestrator: Coordinates the workflow and logic to complete specific tasks. User Interface: Collects user inputs and delivers final responses. When building a RAG system, two essential pipelines exist: Data Pipeline The data pipeline ingests, processes, and indexes data for retrieval. Its main steps are: Ingest: Import data from various sources. Extract: Parse and transform raw documents and metadata into a usable format. Chunk: Divide large documents into smaller segments suitable for context windows. Embed: Convert text segments into vector embeddings. Store: Index embeddings and enriched data for efficient retrieval. Query Pipeline The query pipeline retrieves and processes data to respond to user queries: Transform Query: Optimize raw user input into structured search queries. Retrieve: Fetch relevant data. Rerank: Sort retrieved results by relevance. Generate Response: Use generative language models to create context-aware responses. Orchestration and Agent Logic: Manage system interactions, workflows, and functions. Data Pipeline and Indexing Introduction Before retrieval is possible, data must be systematically stored and indexed. Azure AI Search indexing transforms chaotic data collections into structured reference systems: Data Ingestion: Import data from multiple sources like blob storage, databases, or file systems, automatically extracting text and metadata. Tokenization and Metadata Enrichment: Analyze text, break it down into tokens, and enrich content with techniques like OCR (images) or entity recognition (names, locations). Building the Searchable Index: Create a structured index for efficient keyword-based and semantic searches, functioning as a comprehensive "table of contents." Why This Matters for RAG Effective indexing ensures rapid, accurate retrieval, crucial for a robust RAG system. Retrieval and Vector Search Introduction The retrieval phase, part of the query pipeline, locates relevant data using advanced search techniques, prominently vector search: Vector Search: Converts data into high-dimensional vector embeddings, capturing semantic meaning rather than relying solely on keyword matches. Ideal for GenAI, vector search understands context and nuance better than traditional keyword searches. Example: Keyword-based searches excel at exact matches (e.g., "401k policy ID 1984G"). Vector-based searches recognize semantically related terms (e.g., "retirement plans" or "investment matching" related to "401(k) policies"). Scalability and Performance Azure AI Search efficiently scales to millions or billions of documents: Efficient Vector Similarity Search: Optimized storage and comparison of vectors ensure quick query response as datasets grow. Real-World Impact: Enhances customer support by swiftly matching user queries (e.g., "return policies") to relevant documents, regardless of wording variations. Next Steps Ready to dive deeper? Explore these resources available in our centralized GitHub repo: Watch Journey 1 RAG Time GitHub Repo: Hands-on notebooks, detailed documentation, and practical guides Azure AI Search Documentation Azure AI Foundry Stay tuned for upcoming sessions on advanced indexing, large-scale vector management, and building AI-driven applications leveraging Azure OpenAI, Azure AI Foundry, and more. Have questions, insights, or RAG project experiences to share? Comment below or start a discussion on GitHub—your feedback shapes our future content! View the full article

Customers across the globe already rely on Microsoft for a communications platform that is fast, easy, and secure – and we are committed to simplifying and innovating in this area. Today, we’re excited to announce the launch of a new Employee Communications adoption site to help customers understand what’s possible using Microsoft technology and assist communicators in their pivotal role in driving AI business transformation. This new site provides resources and guides to help communicators connect employees, support leaders, reach audiences, share knowledge, and harness the power of AI. Visit our new site at https://aka.ms/MicrosoftModernComms, which includes: Modern Employee Communications Guide Guidance on migrating content from a different platform to Microsoft Deploying Viva Engage in Three Chapters Tips for using Copilot for communications workloads A look at how Microsoft does internal communications and change management New capabilities & best practices across our communications apps On the site you’ll also find our new Modern Employee Comms playbook, offering a simplified view of our communications solution and guidance on how to modernize your campaigns, brand experiences, drive leadership engagement, and how to manage and measure campaigns. Viva Connections experience Meta Customers looking for a new communications & communities solution In 2024, Meta announced they were shutting down their Workplace tool. We know many customers are looking for a new communications and communities solution that brings together information workers and frontline workforces. Whether your organization is looking to start fresh or migrate your content from Meta, we’ll help you every step of the way. Learn more: https://aka.ms/metamigration Customer Zero Success: Deploying Viva Engage at Microsoft At Microsoft, we have transformed how we use Microsoft Viva Engage to take important actions like connect with our employees, support our internal communications, and drive organizational change. We have learned a lot along the way, lessons that we share with you now in our new downloadable readiness guide that will help you through how to get more out of Viva Engage at your company. Copilot for Communicators If you’re a communicator looking to better understand how Copilot and AI can help you do your best work, check out these resources: Copilot Prompt Gallery for Communicators Copilot Communications Scenario Library [Watch]: What’s new in Microsoft for communicators We’re continuing to prioritize employee communications and communities innovation in M365 and Viva. Watch our latest session from Microsoft Ignite to see what’s new and what’s coming. And make sure to read our Ignite 2024 recap to catch up on the great innovations for communicators. Check out the latest capabilities available now Since Ignite, we’ve continued to add robust features. Go deeper on what has shipped since November 2024: Viva Engage Community Experts Community Analytics Verified Answers Viva Connections PowerApps Cards My sites card Join product and communications leaders during our live, virtual sessions Want to learn how to get the most out of Viva Engage? Join us for the Monday Masterclass: Your Guide to Viva Engage Essentials, a comprehensive session designed to introduce new customers to the powerful features of Viva Engage. Curious to learn more about the impact of AI on communications? Happening the First Friday of each month, we’ll help you understand how AI is changing the way communicators work, drive engagement, support leaders and deliver effective communications. Check our Corporate Communications blog for information on the monthly sessions. Join us tomorrow, March 7th, to hear from Steve Clayton, VP of Communications, on how Microsoft’s communications team has been integrating generative AI into their work. We hope you find the new Modern Employee Communications adoption site useful, and we will continue to add additional materials to help you deliver effective communications with Microsoft. Want to learn more? Join us for the Communications track at Microsoft 365 Communications Conference. View the full article

Hi, Microsoft 365 Insiders! We’re excited to let you know that you can now change your display name in Teams meetings. Edit your display name in Teams meetings Whatever the discussion entails, you can now ensure participants know exactly who you are from the moment you meet. This new feature also enables you to tailor how you appear in meetings to the group. You can shorten your name for privacy or conciseness, add your job title or company for context, or use a nickname or more familiar name for a specific audience – or just to add some flair to your profile. How it works As the meeting organizer, select Meeting options > Let people edit their display name. As a meeting attendee or organizer, after the meeting starts, change your display name for that meeting by selecting People in your meeting controls. Hover over your name in the Participants pane and select More options. Then, select Edit display name. Enter the display name you want everyone to see, then select Save. Tips and tricks Participants who have edited their names will have an (Edited) label next to their name in the meeting screens to notify others of the change. Name changes will remain in place for the duration of the meeting only and do not get applied to participants’ original name on their People card. Original People card names will display in some meeting features such as calendar invites, the list of people invited to meetings, group chat rosters, and so on. Permanent meeting artifacts, such as the attendance report and transcriptions, will not reflect name changes. Requirements To access this feature, it must first be enabled by your organization’s admin in the Teams admin center for select or all tenants. This feature is turned off by default for all tenants. Availability To use this new feature, you must be a member of the Teams Public Preview or Microsoft 365 Targeted release and use the new Teams client on Windows, Mac, or the web. To enable your Teams client for the Public Preview, IT administrators must enable Show preview features in their update policy. You can learn more here. For Targeted release, global admins can go to the Microsoft 365 admin center and give access to a select set of individuals or the entire organization. Learn more here. Feedback We want to hear from you! Select Settings and more > Feedback in the top-right corner of the Teams app, and then select either Report a problem, Give a compliment, or Suggest a feature to share your thoughts. Learn about the Microsoft 365 Insider program and sign up for the Microsoft 365 Insider newsletter to get the latest information about Insider features in your inbox once a month! View the full article

We look forward to seeing you at the NVIDIA GTC AI Conference March 17 - 21 in San Jose, CA or virtually. Visit Microsoft booth #514 for daily informative sessions from Azure, partner and customer AI experts and discover the latest in AI services and technology that can help power your AI innovation. This blog post provides our daily in-booth sessions schedule. For Microsoft sessions in the GTC main conference program and our full presence at GTC, see Innovation starts here! Join Microsoft at NVIDIA GTC AI Conference. Live sessions in Microsoft booth #514 Mark your calendar and visit booth #514 to attend the below sessions. We'll be adding more sessions before March 17th, be sure to check back for the latest schedule. Tuesday, March 18 3:00 pm - 3:20 pm PST | March 18 Software-Defined Factory: The New Frontier for Supply Chain and Manufacturing with NVIDIA Omniverse on Azure. As industries accelerate toward a software-defined future, AI-powered simulation is redefining product design and factory automation. With NVIDIA Omniverse on Azure, businesses can seamlessly integrate real-time collaboration, digital twins, and generative AI to drive efficiency, innovation, and scalability. Learn how enterprises are using advanced simulation to streamline manufacturing, enhance product lifecycles, and create next-generation consumer interactions. Presenters: Prasad Satyavol, Lead, Manufacturing Americas, Accenture 3:30 pm - 3:50 pm PST | March 18 Catalysts: How Pangaea Data uses Azure AI Foundry to transform rare disease detection. Learn how Pangaea Data leverages AI to identify patients with rare diseases and aids in identifying candidates for clinical trials. In this session, you will discover how Pangaea utilizes a range of Azure Virtual Machines and Azure AI Services accelerated by NVIDIA GPUs to enhance the accuracy and speed of rare disease detection through advanced data analysis and privacy-compliant methodologies. Presenters: Abby Hamilton, Product Marketing Manager, AI for Science, Microsoft; Dr. Vibhor Gupta Founder, Pangaea Data 5:00 pm - 5:20 pm PST | March 18 Introduction to Azure confidential GPUs and Azure AI confidential inferencing Discover Azure's industry-first confidential GPUs in the public cloud: the Azure NCC H100 v5 confidential VMs with NVIDIA H100 Tensor Core GPUs, generally available since September 2024. Explore the preview of Confidential inference for the Azure OpenAI Service Whisper model for speech to text transcription and learn how these innovations are setting new standards in secure and confidential AI. Presenters: Krishnaprasad Hande, Senior Technical Program Manager, Microsoft Azure Confidential Computing 6:30 pm - 6:50 pm PST | March 18 Navigating the Expanding Landscape of Large Language Models: Strategies for Optimal Model Selection in Azure AI Foundry. This session explores the evolving LLM landscape, offering insights on evaluating and selecting models for various applications. Attendees will learn key selection criteria, including performance metrics, Azure AI Foundry tools, and use case alignment. The goal is to equip participants with the knowledge to navigate the LLM ecosystem effectively and make informed AI decisions. Presenters: Sharmila Chockalingam , Sr. Product Marketing Manager, Microsoft Azure AI Wednesday, March 19 12:00 pm - 12:20 pm PST | March 19 Basecamp Research pushes scientific boundaries using Azure AI Foundry at the ends of the earth. Discover how Basecamp Research utilizes AI to create the world's largest biological database. Basecamp Research uses Azure Virtual Machines and Azure AI Services accelerated by NVIDIA GPUs to analyze and interpret complex biological data, leading to the discovery of novel enzymes and proteins with potential applications in drug discovery and synthetic biology, driving groundbreaking scientific discoveries from remote locations. Presenters: Abby Hamilton, Product Marketing Manager, AI for Science, Microsoft; Gus Minto-Cowcher, Platform Engineering Lead, Basecamp Research 1:00 pm - 1:20 pm PST | March 19 Build Generative AI models with NVIDIA NeMo on Azure and NVIDIA DGX Cloud Learn to build, customize, and deploy multimodal generative AI models with NVIDIA NeMo on Azure. This session covers state-of-the-art NeMo models, from billions to trillions of parameters, including Nemotron, PaxML, and LLAMA. Explore training, fine-tuning, and Azure's optimizations for on-premises performance in the cloud. Presenters: Hugo Affaticati, Cloud Infrastructure Engineer, Microsoft; Miro Enev, Solution Architect Manager & Principal Engineer, NVIDIA 1:30 pm - 1:50 pm PST | March 19 Unify teams, sites, and systems with Azure’s adaptive cloud approach Learn to build, deploy, scale, and manage modern and critical workloads (including AI applications) from cloud to edge with Microsoft’s adaptive cloud approach. Understand how this innovative approach differentiates Azure for customers in their hybrid and multi-cloud journey. Presenters: Earl Valencia, Senior Product Marketing Manager, Microsoft; Julie Wang, Product Marketing Manager, Microsoft 2:00 pm - 2:20 pm PST | March 19 Build Secure and Scalable Gen AI Applications with Azure Databases and NVIDIA AI Learn how to build secure and scalable Generative AI (GenAI) applications by integrating Azure Databases, SQL Server, and NVIDIA AI, how GPUs optimize AI workloads and how databases enhance AI pipelines. We’ll discuss best practices for enterprise-grade security, managing AI workloads at scale, and leveraging hybrid AI deployments and provide insights into future advancements. Presenters: Bob Ward, Principal Architect and Muazma Zahid, Data and AI Leader, Microsoft 2:30 pm - 2:50 pm PST | March 19 Evolution of AI: From AlphaGo to Agentic and Physical AI, all powered by Azure The AI journey that was sparked from a single move on a Go board to the emergence of agentic and physical AI underscores the incredible potential of AI to innovate, transform industries, and elevate human capabilities. Come learn how NVIDIA and Microsoft Azure are powering the next generation of AI capabilities through the entire AI stack from infrastructure to applications. Presenters: John Lee, Principal Program Manager, Microsoft 3:00 pm - 3:20 pm PST | March 19 Accelerating Snorkel AIML Research on Azure AI Infrastructure powered by NVIDIA GPUs Snorkel researchers have contributed to over 170 papers on topics ranging from zero-shot robustification to enterprise alignment to fine-grained LLM evaluation. Join this session to learn how Snorkel is using reward model tuning to harness LLMs for high-level reasoning for agenitic systems and how designing projects on Azure AI infrastructure powered by NVIDIA GPUs helps Snorkel researchers deliver value for our customers and the OSS community even faster. Presenters: Ramya Ramakrishnan, Staff Applied Research Scientist, Snorkel AI 3:30 pm - 3:50 pm PST | March 19 Innovating with AI Physics: Driving Breakthroughs in Engineering with NVIDIA and Microsoft Azure. Engineering and scientific teams are revolutionizing product design with AI-driven physics simulations across industries, from life sciences to aerospace. Join Rescale to explore real-world breakthroughs—from cardiovascular CFD to turbomachinery flows. See AI Physics on the Rescale platform, powered by NVIDIA and Microsoft Azure, in action. Watch a live demo showcasing GM Motosports seamless AI-driven simulations. Presenters: Madhu Vellakal, Solutions Engineering Manager, Rescale 4:00 pm - 4:20 pm PST | March 19 Managed Deployments for AI Workloads on Azure GB200 VMs with Azure CycleCloud and CycleCloud Workspace. Discover how to efficiently manage and deploy AI workloads in Azure using Azure CycleCloud and CycleCloud Workspace for Slurm on the GB200 platform. This session will cover how to deploy HPC environments at scale with CycleCloud, leveraging Slurm for workload management, and the benefits of using Azure GB200 VMs for AI deployments. Learn best practices and gain insights into optimizing your AI infrastructure. Presenters: Param Shah, Technical Program Manager, Microsoft HPC & AI 4:30 pm - 4:50 pm PST | March 19 Solving the Unsolvable with LLMs that Reason—Powered by Azure AI Foundry & NVIDIA The next wave of AI is here—models that don’t just generate, but reason, plan, and solve. With OpenAI’s O-series, DeepSeek’s R1, and other cutting-edge models, enterprises can tackle complex decision-making, strategic problem-solving, and AI-driven autonomy. Join this live demo session to see how Azure OpenAI Service and Azure AI Foundry empower developers to test, compare, and deploy these next-gen models at scale. Presenters: Andy Beatman, Director, Product Marketing, Microsoft Azure AI Foundry 5:00 pm - 5:20 pm PST | March 19 The Power of horizontal intelligence in a Omniverse on Azure Digital Twin World Traditional data models create silos, limiting collaboration and efficiency. With 3D digital twins, organizations can enable Horizontal Intelligence. Explore how integrating real-time operational and enterprise data in a Omniverse on Azure environment fosters better decision-making, predictive insights, and cross-functional collaboration. Presenters: Pratap Gulabrao, Vice President - Industry Solutions Lead, Celebal Technologies 5:30 pm - 5:50 pm PST | March 19 Enabling Trustworthy AI with Microsoft Azure AI Foundry and Azure OpenAI Service At Microsoft, we believe AI should be powerful, responsible, and secure. Discover the latest trust and safety innovations across Azure AI Foundry, Azure OpenAI Service, and Microsoft Copilot - designed to help enterprises deploy AI with privacy, security, and governance from the start. See live demos of enterprise safety controls, content filtering, and compliance features. This session will equip you with the tools to build and deploy AI you can trust. Presenters: Andy Beatman, Director, Product Marketing, Microsoft Azure AI Foundry 6:00 pm - 6:20 pm PST | March 19 Using Robotic Automation Insights to Revolutionize Server and GPU design with Omniverse Kit App Streaming on Microsoft Azure. Supercharge Server and GPU design & assembly for higher yields through robotic automation. Learn how Bright Machines is delivering Design for Automated Assembly (DFAA) and Digital Twin solutions enabled by Omniverse Kit App Streaming (OKAS) and Microsoft Azure. Presenters: Hari Ramachandran, VP Product, Bright Machines; Sashank Ganti, Principal Product Manager, Bright Machines 6:30 pm - 6:50 pm PST | March 19 Small language model Inferencing for RAG applications - Deploy DeepSeek R1 on Microsoft Azure PCIe H100 Infrastructure. Learn how to deploy models like DeepSeek R1 from the model catalog in Azure AI Foundry for cost optimized inferencing for your small language model and RAG applications. Presenters: Rishab Verma, Senior Product Manager, HPC and AI Infrastructure, Microsoft Thursday, March 20 12:00 pm - 12:20 pm PST | March 20 Accelerating AI Innovation with NVIDIA Inference Microservices on Azure AI Foundry Discover how NVIDIA and Microsoft Azure are transforming AI deployments with NVIDIA Inference Microservices (NVIDIA NIM) on Azure AI Foundry. Learn how NVIDIA NIM simplifies deployment of foundation models across diverse AI use cases, leveraging Azure’s NVIDIA GPU-accelerated infrastructure for unmatched performance, scalability, and reduced TCO. Presenters: Tina Manghnani, Product Manager, Microsoft; Abhishek Sawarkar, Product Manager, NVIDIA 4:30 pm - 4:50 pm PST | March 20 Introducing Azure NetApp Files (ANF) for AI Azure NetApp Files (ANF) is a high-performance file storage service by Microsoft, integrated with NetApp technology. Dive into how it's new GenAI Toolkit seamlessly integrated with Azure OpenAI Service models, simplifies GenAI services deployment, enhances LLM accuracy, and facilitates retrieval-augmented generation (RAG) for precise outputs by leveraging proprietary data stored in ANF for superior inference capabilities and business continuity. Presenters: Andy Chan, Principal Product Manager, Azure Netapp Files HPC/EDA, NetApp Microsoft Azure at NVIDIA GTC We look forward to seeing you at the NVIDIA GTC AI Conference. Visit our Innovation starts here! Join Microsoft at NVIDIA GTC AI Conference blog post to learn how to engage with Microsoft Azure at GTC and discover Azure's end-to-end platform for AI innovation. #AzureGTC25 #AzureAI View the full article

The MSSQL Extension for VS Code continues to evolve, bringing powerful new features and enhancements that make SQL development more seamless and efficient. In this update, we’re excited to share the latest improvements in v1.29.0 and give you a sneak peek at what’s coming next in our open roadmap. This extension is designed for developers working with Azure SQL (including Azure SQL Database, Azure SQL Managed Instance, and SQL Server on Azure VMs), SQL Database in Fabric (Preview), or SQL Server as a backend. With a rich set of features for connecting to databases, managing schemas, executing queries, and visualizing query plans, the MSSQL Extension for VS Code provides a modern SQL development experience inside your favorite editor. What's new in MSSQL extension for VS Code v1.29.0? The latest update (v1.29.0) brings several key enhancements focused on improving usability, fixing long-standing issues, and ensuring better compatibility with Azure SQL and SQL Server. Here’s a detailed look at what’s new in this release: Fixed support for Always Encrypted - Secure Enclaves in the Connection Dialog. Improved usability by removing SQL editor actions from the Git diff editor. Enhanced Query Result pane by fixing issues related to copying data while sorting and filtering. Resolved column filter issues in multiple result set scenarios. Improved accessibility in Query Plan Visualizer. Fixed indefinite hangs when connecting to paused Azure SQL Database Serverless databases. Fixed HTTPS-over-HTTP proxy handling issues. Enabling the New UI Features We’ve seen some confusion from developers about accessing the latest UI improvements. To make sure you’re using all the newest features, you need to enable the new UI settings in VS Code. When you update to v1.29.0, a prompt will appear guiding you through the setup. If you missed it, you can enable the new UI manually in your VS Code settings. Check out our official documentation for more information. Looking ahead: Open roadmap The MSSQL extension for Visual Studio Code is evolving rapidly, with a strong focus on developer productivity, seamless local-to-cloud transitions, and intuitive database schema management. Our roadmap reflects the top priorities we’re working on based on community feedback, GitHub discussions, and real-world use cases. Our vision We aim to deliver a modern, developer-first SQL experience by focusing on three key areas: Developer productivity – Streamlining workflows, improving UI/UX, and reducing friction in database interactions. Seamless development from local to cloud – Enabling developers to start locally in VS Code using local database containers or Dev Containers while ensuring a smooth transition to cloud environments with CI/CD support and cloud-native deployments. Schema Management & API-Driven Development – Expanding schema design capabilities and enabling modern API-driven workflows to make database access seamless for application developers. What is next in 2025? We have exciting updates lined up to enhance the MSSQL extension and make SQL development even more seamless: General Availability of UI Enhancements – Bringing Connection Dialog, Object Explorer, Query Results, and Table Designer to full stability and refinement. Local-to-Cloud Deployments – Easily transition from local development to the cloud with Local Database Containers, Dev Containers, and Cloud Database Deployment. Expanded Import/Export Capabilities – Support for Flat File Import and DACPAC Import/Export. Complete Schema Management – A more intuitive experience with Schema Designer and Schema Compare. Developer Tools – Data API Builder integration for seamless API generation. How you can help us shape the future The MSSQL Extension for VS Code is built with developer feedback at its core. While we strive to bring the best SQL development experience, not every feature request is feasible due to technical limitations and other constraints. But your input helps us prioritize! If there’s something you’d love to see in a future update, here’s how you can contribute: 💬 GitHub discussions - Share your ideas and suggestions to improve the extension. ✨ New feature requests - Request missing capabilities and help shape future updates. 🐞 Report bugs - Help us track down and fix issues to make the extension more reliable. Conclusion The latest updates in v1.29.0 bring important improvements, but we’re just getting started. With major enhancements on the way, we’re committed to making SQL development more productive, seamless, and intuitive inside VS Code. As we continue to evolve the extension, we encourage feedback and collaboration to help us refine and improve the experience. Thank you for being part of this journey! 🚀 View the full article