But First: What’s Lokka?
Many PowerShell scripts need to run on a scheduled basis or have to process large amounts of data. Azure Automation runbooks are a good way to handle both types of task. This article describes three important and practical steps to improve writing PowerShell code for Azure Automation.
In this episode of the Practical 365 Podcast, Steve Goodman and Paul Robichaux discuss the newest features and changes in Microsoft 365 Copilot Studio, examine an open-source solution, Jan, which enables running large language models locally for privacy-friendly AI, and reflect on Microsoft’s recent change in its remote work policy.
A reader question asked if it was possible to find the last app accessed by a user. Of course, anything is possible with PowerShell, but how? In this article, we explore using the Entra ID sign-in logs and Microsoft 365 audit log as sources for finding the desired information. Some performance issues emerge, so we end up running the code in Azure Automation.
Microsoft is rolling out Phase 2 of Azure services MFA enforcement starting October 1, 2025. This update requires MFA for all Azure Resource Manager operations. In this article, we dive into what you need to do to comply with the new enforcement requirements.
Auditing Attack Surface Reduction (ASR) rules can generate overwhelming data. In this blog, we walk through the different ways of verifying the audit results, different types of exclusions, and provide an advanced KQL that surfaces detailed information.
In this blog, we explore practical ways to optimize SharePoint Online performance for large document libraries. From avoiding the 5,000-item list view threshold to using PnP PowerShell and Microsoft Graph API for bulk updates, you'll learn how to keep your libraries fast, responsive, and scalable.
A reader asked if it's possible to analyze the external meeting participants for Teams online events. The information is available through the Events Graph API, and some PowerShell code written using the Graph PowerShell SDK quickly extracts events to analyze and determine the set of external domains meeting participants come from.
In this episode of Practical AI, we explore how to run large language models locally using Jan, a privacy-first, open-source desktop client. With support for Model Context Protocol (MCP) servers, Jan lets you integrate tools like Microsoft Learn directly into your AI workflow—no cloud required.
In this article, we explore the best way to configure Microsoft Defender for Servers on Windows. From PowerShell and GPO to SCCM and Defender Security Management, we break down the pros and cons of each method.
Everyone probably knows how to use the Send As and Send on Behalf of permissions to send email from user mailboxes. Here we venture into the same task, but for Microsoft 365 Groups, shared mailboxes, distribution lists, and mail-enabled security groups. Once your permissions are aligned, everything is pretty simple.
In this episode of Practical Protection, we discuss Microsoft’s Secure Future Initiative and what their latest progress report reveals about improving identity protection, reducing privileged access, and accelerating vulnerability response—and what you can take from it to strengthen your own environment.
In this installment of the Graph Activity Log series, we uncover how attackers exploit OAuth app consent to silently access Microsoft 365 data. Using targeted KQL queries and PowerShell automation, this blog shows how to detect, investigate, and respond to these stealthy identity-based threats.
