Sander van Beek

Azure Service Groups for Flexible Resource Organization Azure Service Groups make it possible to bring resources together and manage them, even when they are spread across multiple subscriptions…

🔥Azure Service Groups make it possible to bring resources together and manage them, even when they are spread across multiple subscriptions and resource groups, without being tied to the default Azure hierarchy. cloudtips.nl/azure-servic...

Navigating the 2025 holiday season: Insights into Azure’s DDoS defense | Microsoft Community Hub The holiday season continues to be one of the most demanding periods for online businesses. Traffic surges, higher transaction volumes, and user expectations...

Navigating the 2025 holiday season: Insights into Azure's DDoS defense by Jaganatha Dasari and Syed Pasha techcommunity.microsoft.com/t5/azure-net...

In my latest YouTube video, I explain what the .terraform.lock.hcl file is within Terraform, why it exists, how it affects provider versions, and when you should, or shouldn’t, include it in version control.

youtu.be/DGNnjvnrlJI

#Terraform

Oud-Gamer- en Power Unlimited-journalisten beginnen gamesite Unpause Een groep Nederlandse gamejournalisten, waarvan een deel eerder voor het ter ziele gegane Power Unlimited werkte, is een nieuw platform gestart met nieuws en achtergrondinformatie over games en de game-industrie. Unpause is gratis te lezen, maar de makers vragen wel om donaties.

Een groep Nederlandse gamejournalisten, waarvan een deel eerder voor het ter ziele gegane Power Unlimited werkte, is een nieuw platform gestart met nieuws en achtergrondinformatie over games en de game-industrie. Unpause is gratis te lezen, maar de makers vragen wel om donaties. #Tweakers

Interview - Europa wil weg van Microsoft 365 en Nextcloud ligt voor de hand Nextcloud geldt als opensourcealternatief voor Amerikaanse cloudsoftware zoals Microsoft 365. Toch blijft adoptie uit. Oprichter Jos Poortvliet legt uit waarom.

Nextcloud geldt als opensourcealternatief voor Amerikaanse cloudsoftware zoals Microsoft 365. Toch blijft adoptie uit. Oprichter Jos Poortvliet legt uit waarom. #Tweakers

Why ‘Never persistent’ isn’t really never persistent: understanding browser sessions in Microsoft 365 Web Apps | Peter Klapwijk - In The Cloud 24-7 Discover why “Never Persistent” browser sessions in Microsoft 365 can still persist. Learn how Teams, Outlook and OneDrive behave with Conditional Access and browser settings.

We often assume that configuring a 'Never persistent' browser session in Microsoft Entra ID means users cannot stay signed in on unmanaged devices.
Well… it turns out reality is more nuanced.

More in my recent blog post 👇

#Security #EntraID

inthecloud247.com/never-persis...

PowerShell is fun :)Using Strict Mode in PowerShell PowerShell is incredibly flexible; it’s a forgiving scripting language. But this could turn into scripts not written according to best practices or that rely on things that work automatically…

PowerShell is flexible. But that could turn into scripts that rely on things that work automatically, and fail without explanation. In this small blog post, I will show you how Strict mode works and how it can help you

#PowerShell #StrictMode

powershellisfun.com/2026/02/20/u...

The Azure Bicep Console = ❤️ When working with Bicep templates, one of the biggest challenges is validating your logic before deployment. Naming rules, conditions…

In this blog, I will show you how to get started with the Bicep console and how it supports my daily development workflow, so it can save you time as well. cloudtips.nl/the-azure-bi...

🚨 Microsoft just changed Microsoft 365 governance → permanently

I sat down with Nik Charlebois to unpack Microsoft’s new Tenant Config Mgmt platform

This is a new operating model for Microsoft 365
✅ Tenant snapshots as config
✅ Drift detection
✅ Auto-remediation

https://entra.chat

🚨New #Entra #Connect #Sync Version 2.6.1 has been released
- Released for download via the Microsoft Entra admin center.
- Existing installations will be auto-upgraded to this build starting February 9th, 2026, and will be done in multiple phases.
bit.ly/4bBMrCr

Modern Endpoint Management SUMMIT 2026 - The journey to MEM Summit 2026 has begun. More content, deeper learning, and the same strong community spirit.

The agenda for the MEM Summit is live!

In the agenda, you’ll be able to explore all sessions, review topics, and build your own personalized schedule. The range of content is broad, covering the technologies and challenges that matter most today.

The agenda is found on our website

#MEMSummit

🚨New #EntraRoles have been deployed
- Teams External Collaboration Administrator
- Authentication Extensibility Password Administrator
bit.ly/4aiuWoi

Deploy Azure Monitor Baseline Alerts using Enterprise Policy as Code As many of you know, I am passionate about Infrastructure as Code and governance within Azure environments. Consistency, repeatability, and…

How do we combine strong governance with automation in a structured way? This is where Enterprise Policy as Code, or EPAC, comes into play. cloudtips.nl/deploy-azure...

Always On VPN vs. Entra Private Access: Choosing the Right Access Model for Your Organization The predominant solution for secure remote access today in the Microsoft ecosystem is Always On VPN. Always On VPN is based on traditional Virtual Private Network (VPN) technology originally develo…

Always On VPN vs. Entra Private Access: Choosing the Right Access Model for Your Organization by Richard M. Hicks directaccess.richardhicks.com/2026/01/27/a...

Monitoring compliance policy desired state in Intune with Unified Tenant Configuration Management Using Unified Tenant Configuration Management in Microsoft Graph to define baselines and detect drift in Intune compliance policies.

rozemuller.com/use-utcm-to-...

Announcing General Availability of RDP Shortpath Configuration via GPO and Microsoft Intune We are pleased to announce the general availability (GA) of centralized RDP Shortpath configuration using Microsoft Intune and Group Policy (GPO). This update gives IT administrators a unified, policy-driven way to control which RDP Shortpath modes (Managed, Public/STUN, Public/TURN) are enabled across Azure Virtual Desktop (AVD) session hosts and Windows 365 Cloud PCs. These Shortpath controls now map directly to registry-backed policies, so IT admins can easily maintain consistent behavior across large or distributed environments. RDP Shortpath provides multiple optimized UDP-based transport paths—Managed, Public/STUN, and Public/TURN—that improve connection performance and reliability across diverse network environments. These options collectively form the RDP Shortpath feature set, and we recommend keeping them all enabled so the best path can be selected automatically. However, if your organization requires stricter control—for example, disabling STUN based traversal to ensure traffic flows only through TURN’s dedicated port and subnet—admins now have the policy-driven flexibility to do so through centralized configuration. Organizations using Windows 365 and AVD have asked for stronger policy-governed control over Shortpath behavior—especially as network environments grow more complex. With this release, admins: * No longer need per-host manual configuration. * Gain predictable, enforced behavior across managed devices. * Can centrally govern Shortpath modes based on security, NAT topology, or network readiness. This release brings Shortpath into the same modern management motion that customers already use for Windows configuration, compliance, and security. Benefits of centralized Shortpath configuration Unified policy management across AVD and Windows 365 Admins can centrally control all three Shortpath modes through GPO or Intune, which directly writes the relevant registry-backed configuration on each session host. This ensures consistent and governed behavior across all devices. Operates in addition to AVD host pool configuration For Azure Virtual Desktop, these GPO and Intune configurations act in addition to host pool network settings. This gives admins an extra layer of control at the session host level. When both host pool settings and policies are configured, the session-host policy takes precedence, ensuring deterministic behavior. This layering model is reinforced in internal discussions where session host configuration remained necessary in cases such as enabling UDP listener paths.   Important! The settings described in this article update registry-backed policies that enable or disable RDP Shortpath modes. Network prerequisites must still be in place (UDP allowed; STUN/TURN endpoints reachable) for connections to succeed. After policies apply, restart the session hosts or Cloud PCs for changes to take effect. See Optimization of RDP documentation for more detail.   Configuring RDP Shortpath using Intune To enable the RDP Shortpath listener on your session hosts using Microsoft Intune:   * Sign in to the Microsoft Intune admin center. * Create or edit a configuration profile  for Windows 10 and later devices, with the Settings catalog profile type. * In the settings picker, browse to Administrative templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Azure Virtual Desktop > RDP Shortpath. * Expand the Administrative Templates category. * For each RDP Shortpath type, toggle the setting to Enabled or Disabled. * Enabled or Not Configured: The connection will attempt to use the specified network path. * Disabled: The connection will not use this network path. * Available RDP Shortpath types: * RDP Shortpath for managed networks using NAT traversal * RDP Shortpath for public networks using NAT traversal * RDP Shortpath for public networks using Relay (TURN) * Select Next. * Optional: On the Scope tags tab, select a scope tag to filter the profile. For more information about scope tags, see Use role-based access control (RBAC) and scope tags for distributed IT.  * On the Assignments tab, select the group containing the computers providing a remote session you want to configure, then select Next.  * On the Review + create tab, review the settings, then select Create. * Once the policy applies to the computers providing a remote session, restart them for the settings to take effect.  Configuring RDP Shortpath using Group Policy (GPO) in an Active Directory domain To configure the RDP Shortpath using Group Policy in an Active Directory domain:  * Make the administrative template for Azure Virtual Desktop available in your domain by following the steps in Use the administrative template for Azure Virtual Desktop.  * Open the Group Policy Management console on a device you use to manage the Active Directory domain.  * Create or edit a policy that targets the computers providing a remote session you want to configure.  * Navigate to Computer Configuration > Policies > Administrative Templates > Windows Components > Remote Desktop Services > Remote Desktop Session Host > Azure Virtual Desktop > RDP Shortpath.   * Review the available RDP Shortpath types:  * RDP Shortpath for managed networks using NAT traversal   * RDP Shortpath for public networks using NAT traversal   * RDP Shortpath for public networks using Relay(TURN)   * Double-click the policy setting Enable RDP Shortpath for managed networks to open it.  * Set the policy to Enabled or Disabled:   * Enabled or Not Configured: The connection will attempt to use the specified network path.  * Disabled: The connection will not use this network path.  * Ensure the policy is applied to the session hosts, then restart them for the settings to take effect.  Note After you configure the GPO policy, restart the session to ensure the changes take effect. Summary The GA of RDP Shortpath configuration via GPO and Microsoft Intune gives administrators:  * Stronger policy-governed control  * Deterministic Shortpath behavior  * A layered model that works with AVD host pool configuration  * A consistent management experience across Windows 365 and AVD  While these policy settings simplify administration, network prerequisites still determine whether Shortpath will successfully establish.  We welcome your feedback and hope these enhancements help streamline your connectivity strategy across Windows 365 and Azure Virtual Desktop environments.    Continue the conversation. Find best practices. Bookmark the Windows Tech Community, then follow us on LinkedIn or @MSWindowsITPro for updates. Looking for support? Visit Windows on Microsoft Q&A .

Announcing General Availability of RDP Shortpath Configuration via GPO and Microsoft Intune: We are pleased to announce the general availability (GA) of centralized RDP Shortpath configuration using Microsoft Intune and Group Policy (GPO).


This update gives IT administrators a… #WindowsITPro

Speaker announcement!

Kenneth van Surksum is a name many of you already know. As a returning speaker and active contributor, Kenneth always brings clarity and high-quality insights to the table, and this year will be no different.

Buy your tickets and join @kennethvs.nl in Paris!

#MEMSummit

YouTube video by Travis Roberts AVD FQDN and Endpoint Configuration | Stop the Lag and Freezing Now

🚨 Having AVD sessions freeze, drop, or refuse to connect?
Your firewall might be killing your AVD deployment.
Check out the deep‑dive on AVD endpoints, FQDNs, IPs, and URL checks you need and how to troubleshoot it fast.
🎥 youtu.be/mNtXB2xSmPs
#Azure #AVD #Networking #SysAdmin #TechVideo #MVPBuzz

Azure updates | Microsoft Azure Subscribe to Microsoft Azure today for service updates, all in one place. Check out the new Cloud Platform roadmap to see our latest product plans.

Interesting Azure ☁ update -> [In preview] Public Preview: 7th generation Intel-based VMs – Dlsv7/Dsv7/Esv7

Updated Exchange Online SMTP AUTH Basic Authentication Deprecation Timeline | Microsoft Community Hub We wanted to provide the updated Exchange Online SMTP AUTH Basic Authentication Deprecation Timeline.  

Updated Exchange Online SMTP AUTH Basic Authentication Deprecation Timeline | Microsoft Community Hub! 🦋
techcommunity.microsoft.com/blog/exchang...

Securing Microsoft Fabric with Private Networking Ready to take your Fabric security to the next level? This article breaks down how to secure your tenant by routing traffic through private…

Securing #MicrosoftFabric with Private Networking by Jack Roper #Azure itnext.io/securing-mic...

Simplify your identity landscape, reduce risk, and modernize access for any identity | Microsoft Community Hub A new four‑part webinar series that helps you turn the 2026 identity strategy into actionable steps—with demos, templates, and guidance from Microsoft Entra.

Simplify your identity landscape, reduce risk, and modernize access for any identity by Kaitlin Murphy techcommunity.microsoft.com/t5/microsoft...

Microsoft Releases Emergency Fix for Azure Virtual Desktop, Windows 365 Authentication Failures by Chris Paoli #Azure redmondmag.com/Articles/202...

A new era of agents, a new era of posture  | Microsoft Security Blog AI agents are transforming how organizations operate, but their autonomy also expands the attack surface.

A new era of agents, a new era of posture by MS Defender Research Team #Azure www.microsoft.com/en-us/securi...

On February 5th in Antwerp, we’re excited to have @daalmans.com and ‪@kennethvs.nl take the stage at MC2MC Connect.

Their session, “Essential Tips and Tricks for Today’s Workplace Admin,” is packed with actionable, real-world insights.

🎟️ connect.mc2mc.be

#MC2MC #ConnectMC2MC #ConnectMC2MC2026

PowerShell is fun :)Intune Win32 PowerShell Installer Type This month, Microsoft re-released PowerShell as a command-line option for Intune Win32 packages, making it easy to update the installation script without recreating the IntuneWin package. In this b…

This month, Microsoft re-released PowerShell as a command-line option for Intune Win32 packages, making it easy to update the installation script without recreating the IntuneWin package. In this blog post, I will show you how it works

#PowerShell #Intune #Win32

powershellisfun.com/2026/01/23/i...

Another Learning Opportunity! Generate MITRE ATT&CK Report for Microsoft Sentinel Analytics Rules https://charbelnemnom.com/mitre-attack-for-sentinel-analytics-rules/ #Microsoft #Azure #Blog > Please RP if you like it!

Automated Code Reviews in Azure DevOps using OpenAI models powered by Microsoft Foundry Code reviews can be a tough and frustrating experience due to long wait times, nitpicking, constant context switching, and many other reasons. GitHub has offered AI-assisted code reviews for quite …

🚀 New blog! Do you want to automate pull request code reviews in Azure DevOps using AI?

🔗 Read the blog here: johnlokerse.dev/2026/01/06/a...

Enjoy the read!

#azure #azureopenai #openai #microsoftfoundry #cloudmarathoner #MVPBuzz #azuredevops #codereview

🚀I did check out the Microsoft #MCP Server for Enterprise #Preview.
Now i can use prompts in #VisualStudioCode. Did you install that too?
bit.ly/4qHjIQS

Another Learning Opportunity! 8 Best Practices To Secure Domain Controller https://charbelnemnom.com/8-best-practices-to-secure-domain-controller/ #Microsoft #Azure #Blog > Please RP if you like it!