RunAs Radio

Configuration drift is real - how do you control it in your Azure tenant? Richard talks to Nik Charlebois-Laprade about his ongoing work on desired state configuration DSC for Microsoft 365 tenants. Microsoft365DSC has been an open-source tool for managing configuration for some time, but today it has become a preview product called Unified Tenant Configuration in Microsoft Graph. Nik talks about managing multiple tenants, including a single tenant, using reference configurations that help you detect and correct configuration changes. It's early days for the product, but there's a ton of power here to keep your tenant working the way you expect!LinksMicrosoft365DSCUnified Tenant ConfigurationRecorded February 13, 2026

How does artificial intelligence become more sustainable? Richard chats with Darshna Shah about her experiences as Chief AI Officer at Elastic. Darshna discusses the resources required to run large language model experiments, the pressure this has put on the electrical grid, and more. The conversation turns to efficiency - and the idea that there is little incentive in the current land grab around LLMs to be more efficient - that the focus is on growing quickly. But as technologies mature, efficiency becomes a key competitive advantage!LinksRDeepEvalAzure AI Evaluation SDKGitHub Green Software FoundationRecorded January 29, 2026

SQL Server 2025 is released - what's in it, and what happens next? Richard chats with Bob Ward about the huge array of announcements coming out of Ignite around SQL Server 2025, including AI-related features, new reliability and performance options, engine improvements, and more! The tooling for SQL Server also continues to evolve, including making Copilot available through SSMS and as part of the SQL extension to Visual Studio Code. And there's more to come - have a listen!LinksSQL Server 2025SQL Server 2025 UnveiledSSMS with Erin StellatoSQL Server Management StudioJSON Data in SQL ServerManaged Identity for SQL ServerSQL Server in Microsoft FabricMirroring SQL Server in FabricNext-Generation SQL Managed InstanceMSSQL Extension for Visual Studio CodeRecorded January 5, 2026

How can you hire and get hired in 2026? While at NDC London, Richard chatted with Suzi Edwards-Alexander about her experiences recruiting technology folks into companies. Suzi talks about developing interview practices that actually reflect the job, rather than examining esoteric knowledge or certifications - it's possible to have an interviewing experience that is actually enjoyable! The conversation dives into the power imbalance between employers and employees and how to resist being seen as lesser for not being employed. Work should be a mutually beneficial experience - we have to do better!LinksAppartenirRecorded January 29, 2026

What does it take to get your SaaS offering on multiple cloud providers? Richard chats with Steve Buchanan about his new role at JAMF, which focuses on a mobile device management product for Apple devices. Originally built as a SaaS product on AWS, Steve is helping to build out the JAMF stack on Azure to support a broader range of customers. Steve talks about Kubernetes as the common ground among the major cloud players, but you need to dig into the rest of the tooling to minimize differences across implementations. That means cloud-agnostic tools for deployment, identity, instrumentation, and more! The good news is that there are plenty of tools out there to help you, but it does take time to work out your suite of tools to get consistent results, no matter where the backend resides.LinksJAMFOpenTofuElastic Kubernetes ServiceAzure Kubernetes ServiceGoogle Kubernetes EngineMicrosoft IntuneiOS and IntuneOktaPrometheusGrafanaSteve's Pluralsight ClassesKAgentSOC 2 Type 2Recorded January 8, 2026

How have large language models impacted hacking? Richard talks to Erica Burgess about her experiences using LLMs for red team hacking, collecting bug bounties, and identifying vulnerabilities in systems. Erica discusses the power of LLMs to generate a variety of viewpoints on a potential exploit and help the hacker think "out of the box." Coordinating multiple agents to attempt a variety of exploits, retrieve information, and otherwise deal with the drudgery parts of hacking means a skilled operator can move faster - what once would be days of work can be minutes. Where does AI in hacking go? Lots of scary places - but also pointing the way to new ways to protect systems!LinksBurninator SecRecorded January 24, 2026

You're using Active Directory Certificate Services - but is it configured securely? Richard talks to Ron Arestia about his work with organizations implementing their own Public Key Infrastructure (PKI) with ADCS. Ron explains how poorly configured ADCS enables lateral attacks within an organization once an initial breach occurs, allowing black hats to move throughout your network. A well-designed PKI system has tiers of protection, with the top level completely disconnected from the network. Or do you really need your own PKI system? The conversation digs into the various scenarios, including third-party options. Certificates are the top level of security for your organization - you need to get it right!LinksActive Directory Certificate ServicesWindows Hello for BusinessCertified Pre-OwnedMicrosoft Defender for IdentitySecure Privileged AccessPass the HashMicrosoft Cloud PKI for Microsoft IntuneMicrosoft Entra Conditional AccessMicrosoft AutopilotRon's BlogRecorded February 6, 2026

Ready to get started with Purview? Richard chats with Erica Toelle about the first steps you can take to harness the power of Purview in your organization. Erica explains that Purview is an umbrella product that covers several infosec technologies, including information rights management, data loss prevention, structured data governance, and more. When preparing for M365 Copilot, you want to start tagging sensitive information in your organization, and Purview can help by using LLMs to identify potentially sensitive content. You can also monitor how data is used, the types of prompts sent to M365 Copilot, and more. This can help you bootstrap M365 Copilot by using Purview to see which data Copilot uses, and then tune the access rules for that data. "Getting your data estate in order" is not a destination; it's a journey, and Purview can give you a map!LinksMicrosoft PurviewData Security Posture ManagementData Governance with Microsoft PurviewConditional Access with Microsoft PurviewSharePoint Advanced ManagementMicrosoft 365 ArchiveEndpoint Data Loss PreventionPurview Browser ExtensionRecorded January 7, 2026

Business Process Automation has been around a long time - what are the latest approaches? Richard talks to Ian Cooper about his work building BPA workflows in organizations - starting on paper or a whiteboard to make sense of the process before bringing tools into the equation. Ian talks about building repeatable workflows that are well-documented and source-controlled, typically through GitHub. As workflows get more complex, you'll need orchestration engines that can handle failures and provide telemetry to identify when and where things go wrong. And make sure you let users know how things are going - or they will worry! LinksKafkaDurable FunctionsGitHub ActionsTemporalPulumiOpenTelemetryRecorded December 5, 2025

How do you get an idea to implementation in your organization? Richard chats with Amber Vanderburg about the work she's done helping teams understand the process of getting projects started and finished. Amber talks about defining a clear starting line, ending line, and dead line. While many projects are important, prioritization is the challenge. This means often other priorities have to be resolved before something new can be started - you need resources and time to be successful. Working through the process takes time, but the alternative is failure to meet expectations. It takes planning and clear communication to get things done!LinksPathwayz GroupMythical Man MonthThe Four Disciplines of ExecutionSpeed of TrustThe Culture MapRecorded December 4, 2025

What's coming in 2026 for Azure? Richard chats with CVP and Chief Product Officer for Azure, Jeremy Winter, about the announcements at Ignite and what we can expect in Azure over the next year. Jeremy talks about new features for migrating workloads to Azure, creating more reliable application implementations, the vast array of AI-related technologies being released, and more! The conversation also digs into the new data centers being built all over the world, and how they are becoming more efficient with resources.LinksAzure CopilotAzure SRE AgentAzure Resiliency AgentAzure MigrateKubernetes FleetAzure HorizonDBAzure Red Hat OpenShiftAzure FairwaterRecorded December 3, 2025

AI tools continue to evolve - what can we do with them today? Richard chats with Cecilia Wirén about her experiences using the latest AI tools to support DevOps workflows, diagnostics, and the crafting of new scripts. Cecilia focuses on tools that can help admins who occasionally work on scripts, including getting into a GitHub workflow to track prompts and results generated by LLMs, so you can always revert and learn from various approaches to interact with these new tools. The tools continue to evolve; it's worth looking at the latest features and models!LinksAzure SRE AgentMicrosoft Security CopilotGitHub CopilotAwesome CopilotCopilot ExtensionsRecorded December 3, 2025

A new year - and so much to do! To start 2026, Richard flies solo again to discuss the issues he's seen on sysadmins' minds as we head into the new year. Obviously, AI is eating up a lot of the conversation from many different angles: tools that can help us be more productive, security issues in our organizations due to misuse, and now, AI-driven hacking. Security still looms large, and not just from an AI perspective - the latest round of supply chain attacks has led to litigation, putting new emphasis on making sure you're secure. Windows has a new leader, things are changing there, and there's the ongoing migration to the cloud. Does it still make sense? There seems to be more concern about data sovereignty than ever, and some meaningful conversations to have. Happy New Year!LinksAzure SRE Agents with Deepthi ChelupatiMicrosoft PurviewThe M365 Copilot Data Readiness Checklist with Nikki ChappleQuering for Breaches with Mark MorowcyznskiManaging Vendor Incidents with Mandi WallsIncident Management and the Crowdstrike event with Lieam WestleyMicrosoft IntuneMicrosoft Entra IDMicrosoft Defender for EndpointMicrosoft Entra ID Protection with Corissa KoopmansWindows Server 2025Upgrading to Windows Server 2025 with Robert SmitRecorded December 20, 2025

So what does Windows want for Christmas? Paul Thurrott is back to talk about everything that happened to Windows in 2025, and what that might hold for 2026. Paul talks about Pavan Davuluri being promoted to President of Windows & Devices - and reunifying the Windows Client and Windows Core teams. That sets up an opportunity to make some significant moves from Windows, which, of course, will involve AI - although the reaction to the public when Pavan said as much was not all that positive. Windows has plenty of problems to address, but one of the brighter notes is Windows on ARM and the Snapdragon processor. And maybe, just maybe, someone's wish will come true, and we'll see Windows 12!LinksPavan's Famous AI TweetM365 CopilotMicrosoft LoopMicrosoft RecallRecorded December 16, 2025

How is zero-trust security evolving? Michele Leroux Bustamante discusses the challenges CISOs face today in controlling access to infrastructure, authenticating and authorizing users, and managing the ongoing evolution of an organization's dependencies. The conversation digs into the variety of stacks available to address various elements of an organization's security requirements. Michele also talks about the NIST Cybersecurity Framework as a starting point for understanding the security elements your organization needs to focus on and improve—security is a continuum, not a destination!LinksAzure EntraAuth0DuendeKeyCloakNIST Cybersecurity FrameworkOpen Policy AgentPolicy ServerDefender for CloudAzure API ManagementAzure Front DoorRecorded October 29, 2025

On July 19, 2024, a misconfigured file sent as part of an update to the Falcon Sensor suite by CrowdStrike caused service outages worldwide. Liam Westley talks about his experiences executing the incident management plan at his company that day—even though his company did not use the software! Liam talks about dealing with the regulatory requirements of a finance company as part of incident planning, and how the software and services supply chain can lead to outages because those companies are affected. A great story about the day of the incident and the improvements in planning and resiliency that followed!LinksCrowdStrike Incident TimelineAzure Front DoorRecorded October 29, 2025

What does it take to be ready to deploy M365 Copilot in your organization? Richard talks to Nikki Chapple about her latest incarnation of the M365 Copilot Readiness Checklist, working step-by-step to bring M365 Copilot into the organization without causing data leak issues. Nikki discusses utilizing existing tools to accurately identify sensitive data, archiving outdated information, and monitoring data usage by both users and agents - allowing you to detect issues before they escalate. The conversation also delves into the process of identifying issues, discussing policy changes, and how to communicate those changes so that people can take advantage of the power of these new tools without feeling threatened. It's a journey!LinksMicrosoft PurviewSharePoint Advanced ManagementDefender for Cloud AppsRestricted SharePoint SearchMicrosoft 365 ArchiveSharePoint Restricted Content DiscoveryData Security Posture Management for AINikki's Readiness ChecklistM365 Copilot Oversharing BlueprintMicrosoft Purview Secure by Default BlueprintPrevent Data Leaks to Shadow AI BlueprintRecorded November 7, 2025

The seasonal gift show is back - Joey Snow and Rick Claus bring their lists of great gifts for sysadmins. You know they're impossible to buy for, so we are making it easier for you with a range of prices and seriousness for your favorite sysadmin. Useful gadgets, upgrades to older devices, and some fun stuff that reminds the sysadmins in your life that you get their struggles. Share this show and toy list with everyone you know who struggles to find the right thing!LinksUSB TesterBattery DaddyUSB Air DusterSmart Soldering IronPro Tech Go ToolkitEffing Candle CoDumpster Fire Pencil HolderNES Cartridge Hard Drive EnclosurePicoKVMCO2 MeterWireless HeadphonesDigital Photo FrameSuper-Knips with Lead CatcherInkplate 6COLORInsta360 Link 2Home Assistant VoiceThrow Throw BurritoBose Ultra Open EarbudsUbiquiti Cloud Gateway FiberRecorded October 30, 2025

How can Azure Site Reliability Engineering Agents help your Azure infrastructure? While at Techorama in Utrecht, Richard chatted with Deepthi Chelupati about the LLM service that helps you build and maintain more reliable applications and infrastructure in Azure. Deepthi talks about monitoring deployment problems, handling errors in production, and application telemetry in operation as areas where Azure SRE Agents can help catch issues earlier and let you respond faster. The conversation dives into the array of capabilities and where you can provide information to administrators so they can decide how to proceed—perhaps pushing information to development or starting a recovery process of some kind. How you use Azure SRE Agents is up to you!LinksAzure SRE AgentPagerDutyAzure MonitorAzure DevOpsRecorded October 28, 2025

How resilient are your Azure deployments? Richard chats with Chris Ayers about his work on Azure reliability - not only for customers using Azure, but for Azure itself! Chris focuses on the Well-Architected Framework as a guideline for thinking through all the elements of resiliency in Azure. As with all things, there are trade-offs of cost and reliability - you'll want to build a spreadsheet to balance the cost of an outage against the expenses of resiliency services in Azure - and your own labor to maintain it! Chris provides his own talks and an extensive list of links for you to build up a comprehensive analysis of resiliency options - check it out!LinksFastTrackAzure StatusAzure Well Architected FrameworkVirtual Machine Scale SetDeployment Stamps PatternAutomatic Scaling in Azure App ServiceAzure MonitorAzure Command-Line InterfaceCopilot in AzureAzure AdvisorAzure Proactive Resiliency Library v2Azure Front DoorChris' Azure Resiliency TalkRecorded October 3, 2025