RunAs Radio

April Yoho, a Senior Developer Advocate at GitHub, discusses how sysadmins can enhance their workflow using GitHub features. She highlights the power of GitHub Copilot for script quality and mastering branching and merging. The conversation explores ways to utilize Copilot’s custom instructions and agentic mode for generating scripts and turning them into actionable GitHub issues. April also touches on the evolving role of AI in software development, emphasizing its potential to boost productivity and collaboration within teams.

Here comes SQL Server 2025! While at Build, Richard chatted with Bob Ward about releasing a preview version of SQL Server 2025. Bob discusses SQL Server 2025 as an AI-ready enterprise database with numerous capabilities specifically tailored to your organization's AI needs, including a new vector data type. This includes making REST API calls to Azure OpenAI, Ollama, or OpenAI. This is also the version of SQL Server designed to integrate with Microsoft Fabric through mirroring. There are many more features, even a new icon!LinksSQL Server 2025 AnnouncementJSON Data TypeOllamaRecorded May 20, 2025

Liz Fong-Jones, a seasoned Developer Advocate at Honeycomb, shares her insights into modern telemetry solutions and their pivotal role in enhancing system reliability. She discusses strategies for educating leadership on effective telemetry practices and the cultural shift towards embracing failure as a learning opportunity. The conversation also touches on overcoming resistance to change in tech environments, boosting developer confidence during deployments, and the importance of meaningful insights from observability tools, ultimately advocating for a balanced approach to technology adoption.

Why would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying attention!) to fix it immediately. At the same time, for everyone else, the fix happened as the existing certificates expired. But not every scenario is automatic - some require sysadmin intervention. So, how do you get their attention? The story leads to the February 11, 2025 update that could knock some users off Active Directory, but had an easy and quick fix. The final phase should be September 2025; hopefully, the last stragglers will be ready!LinksKB5014754Microsoft Security Response CenterCreate and Assign SCEP Certificate Profiles in IntuneRecorded April 10, 2025

How do you talk to security? While at NDC Melbourne, Richard chatted with Sarah Young about her approaches to helping folks work with the security team. Often seen as an impediment to business, Sarah talks about what motivates security teams, how to use language to help them understand that you are taking security seriously, and how to get more things done! Ultimately, the DevOps mantra of providing value to the customer still works - working with people to improve the processes that lead to secure systems helps everyone!LinksDaniel Pink's DriveManaged Identities for AzureTenerife Airport DisasterRecorded April 30, 2025

Join Jason Helmick, a 30-year IT veteran and Microsoft’s PowerShell product manager, as he dives into the exciting updates of PowerShell 7.5. He shares insights on community contributions driving development and introduces Desired State Configuration 3.0, which enhances cross-platform capabilities. Jason reflects on the evolution of PowerShell, the transition from VBScript, and its application in modern cloud environments. Discover how these innovations can streamline IT practices and improve collaboration in tech teams.

In this conversation, Liz Tesch, a Senior Cloud Solution Architect on Microsoft's Incident Response team, shares insights on modernizing Active Directory for today's cybersecurity landscape. She explains the outdated practices of managing AD like it's 1999 and highlights the importance of reducing privilege levels to thwart attacks. Liz discusses the need for tools like Mimikatz awareness, auditing domain admins, and leveraging free resources such as Local Administrator Password Solution. She also emphasizes integrating security measures like Privileged Identity Management to bolster defenses against evolving threats.

How do you make a career in cybersecurity? Richard talks to Yuri Diogenes about his work in cybersecurity, including his book on building a career in cybersecurity. Yuri talks about the inquisitive mindset that works well in cybersecurity - wanting to understand why things happen and get to the root cause. The conversation also explores the value of experimentation and practical experience as well as certifications and training - they all have value. However, it is also recognized that cybersecurity encompasses a vast area of work - it's not one kind of job, so you have a lot of choices to make!LinksBuilding a Career in CybersecurityRecorded March 14, 2025

So what does modern work look like today? Richard talks to Karoliina Kettukari about her new role as the Head of Modern Work for a financial services company in Finland, and what modern work has evolved. Karoliina talks about how the pandemic accelerated modern work, such as being able to work anywhere and collaborating with whomever you need to. Post-pandemic, there is a push for more work from the office, but remote work is still essential - and now artificial intelligence is changing the landscape again. The rapid evolution of AI technologies is a challenge for admins, but the productivity benefits are becoming obvious - you need some good governance!LinksMicrosoft 365 Copilot OverviewThe EU Artificial Intelligence ActEuropean Collaboration SummitRecorded March 6, 2025

Tim Warner, a principal author at PolarSight and a recognized Microsoft MVP, discusses the disruptive potential of agentic AI for IT professionals. He highlights how technologies like Cursor AI and GitHub Copilot are evolving, allowing for automated script writing and execution. The conversation dives into the importance of context when using these tools and the need for human oversight. Warner explores the transformative effects of AI in security, workflow management, and the cloud era, emphasizing the vital balance between productivity and responsible technology use.