HTH0036: Just Shovel That Into My Face
Alternate episode name candidates:
- I didn't die in AZ-104
- It's a Mitigation System and it Did Not Mitigate
- I Don't Want To Go to Bezos Land
- I Don't Wanna Touch Your COVID Papers
- Where is My Year of Viva?
- What even are NFTs, anyway? Nobody knows.
- Blog post about PSWindowsUpdate and Outlook Categories
- Outages + Microsoft lying about service issues
- EX249896 "Admins are unable to migrate mailboxes to Exchange Online"
- Estimated start time: April 10, 2021 5:18 PM
- Last updated: April 13, 2021 12:54 AM
- We're deploying a fix to potentially mitigate this problem and we suspect it will complete by Friday, April 16, 2021
- Another hours-long Azure outage 3/15/21
- "We understand how incredibly impactful and unacceptable this is and apologize deeply. We are continuously taking steps to improve the Microsoft Azure Platform and our processes to help ensure such incidents do not occur in the future. In the September incident we indicated our plans to “apply additional protections to the Azure AD service backend SDP system to prevent the class of issues identified here."
- The first phase of those SDP changes is finished, and the second phase is in a very carefully staged deployment that will finish mid-year. The initial analysis does indicate that once that is fully deployed, it will prevent the type of outage that happened today, as well as the related incident in September 2020. In the meantime, additional safeguards have been added to our key removal process which will remain until the second phase of the SDP deployment is completed.
- In that September incident we also referred to our rollout of Azure AD backup authentication. That effort is progressing well. Unfortunately, it did not help in this case as it provided coverage for token issuance but did not provide coverage for token validation as that was dependent on the impacted metadata endpoint.
- Request credits
- Down again 4/1/21, this time seems to be Azure DNS taking it all down:
- AzureSupport Tweet
- MSFT365Status Tweet
- "so, which team pushed the faulty code THIS time? Last time there was a WORLD WIDE rollback, the time before that a SQL cluster blew up to where you migrated flows to a whole different DC. This, all in 2021. You guys need to get your ____ TOGETHER."
- Next Steps: We apologize for the impact caused by this outage. We are continuing to investigate to establish the root cause and additional preliminary details will be published in the next 24 hours. Stay informed about Azure service issues by creating custom service health alerts: https://aka.ms/ash-videos for video tutorials and https://aka.ms/ash-alerts for how-to documentation.
- “We rerouted traffic to our resilient DNS capabilities and are seeing improvement in service availability. “
- We apologize for the impact to affected customers. We are continuously taking steps to improve the Microsoft Azure Platform and our processes to help ensure such incidents do not occur in the future.
- Exchange Plus Addressing
- An SMTP email address uses the basic syntax: <local-part>@<domain>. For example, firstname.lastname@example.org. Plus addressing uses the syntax: <local-part>+<tag>@<domain>. For example, email@example.com. Use case: newsletters, junk email, alternate smtps that users can handle on their own
- Replying to individual messages in any chat coming to Teams
- Microsoft breaks Win10 thrice in one month
- When is the "final" March printing hotfix coming to WSUS?
- Why are people still printing anyway when they are WFH?
- The Macbook Touch bar is stupid
- No more UserVoice - A Loss For Words
- Teams performance problems thread - "Thank you for your feedback. Our performance team is working on improving the overall performance of the Windows client. We expect to see performance jumps in the latest version of Electron rolling out (Electron 10)."
- Mesh and bubbles
- Inna-Gadda-Da-Viva Baby
"Unplanned Outage" (Sponsor section - "Hope this Helps is helped by...")
Defender for Endpoint "Deef"
- The portal changed to https://security.microsoft.com/machines from https://securitycenter.windows.com/machines
- Bug in a Defender/SCEP GPO
- Windows Server 2012 R2 DCs with 2012 R2 functional level. Group Policy Management -> Computer Configuration->Policies->Administrative Templates->Windows Defender Antivirus->Scan->"Specify the day of the week to run a scheduled scan" -- Try to "enable" this setting and set a date of the week. Clicking "apply" and then "OK" incorrectly configures the GPO to "disabled" which is not at all the desired effect. Years-old threads exist online reporting this bug, but it seems no fix is available.
- Server 2012 is in extended support till 2023, so why is it excluded from DFE while 2008 R2 is still supported?
- Correction: The PowerEdge 2850 can run 2012 but not 2012 R2. Steve got the model number wrong.
State of the Zunion
Outlook Signatures are still a nightmare
Parting Words / "Unplanned Outage" (Sponsor section - "Hope this Helps is helped by...")
- "Consider your environment before printing this podcast"