The current state of the world has caused some unique stresses on IT infrastructure. For IT departments servicing internal teams, remote access infrastructure in particular has felt the brunt of the blow. To that end, I spent a couple of weeks testing out enterprise VPN solutions.

I have been using Powershell to manage pieces of Azure on and off for about a year and half now. I had heard tell of Azure Automation but never really had a good reason to justify spending the time climbing that particular mountain (hill really…).

Then the request came through… let’s scale AzureSQL databases up and down based on time of day for a given project… If you have worked in Azure you know Microsoft has built in a fairly robust and relatively easy to use auto scale-out configuration interface for Azure App services. Not so for “up/down” scale operations (increasing/decreasing the size of a single-instance). Hence, my foray into Azure Automation.

I have done a fair bit of Azure Powershell scripting just using the ISE interface and keeping scripts on my desktop. I started out with “AzureRM” and migrated to “AZ” as Microsoft starting a couple of years ago pretty much said “AZ” is the future… switch now.

With that background in place, I will state that I found starting out on Azure Automation to be a bit of a bumpy ride. I wanted to hopefully save you the reader some of the time I spent chasing my tail…

A colleague of mine recently solved one of the biggest pain points I have dealt with regarding Office365 – that is, Microsoft’s seemingly hit-or-miss modern authentication.

Symptoms look like this:
1. Outlook client can’t connect and/or authenticate for end-users
2. Turning on Azure MFA for an end-user ruins their life (and yours) because all office applications, teams, etc. break.
3. Admins have an impending sense of “dread” when setting up systems for new users because 80% of the time they are going to spend hours sorting out the above issues.
4. You call Microsoft Support complaining of these issues and they are eventually stumped and tell you to rebuild the desktop/laptop from scratch… great for end-users that deal with this issue 1 year into the job and rather like their systems as-is… -or- MS Support tells you to pop a registry key into the end-user’s system which just disables Modern Authentication all together – which may fix Outlook but leaves many many other things broken…

The Event Viewer is a very useful tool however, like any log management solution, the biggest hurdle can be filtering out the noise and returning only the meaningful log data that you care about.

This is a follow-up on a previous article which can be viewed here: Finding Human Logins in the Windows Event Viewer – Suppressing Everything Else

One of the most common requests is seeing who has been in and out of a box. To that end, I want to expand a bit more and talk about how to filter on the following three things… Username, Event ID, and Logon Type.