Using PowerShell to automate all things Azure and Microsoft 365 with Matthew Dowst [MVP]

1
00:00:00,000 --> 00:00:06,320
Hello again to another edition of the N65 podcast. Today I have Matthew,

2
00:00:06,320 --> 00:00:13,280
Drost as guest and he is a power shell expert and work as automation architect

3
00:00:13,280 --> 00:00:20,680
with 20 years experience in IT and also he writes the book, the Prost-Parsial

4
00:00:20,680 --> 00:00:27,040
Prost-Parsial automation was power shell and yeah, you also as a community builder

5
00:00:27,040 --> 00:00:35,600
you find the power shell weekly and also yeah the podcast so YouTube channel so

6
00:00:35,600 --> 00:00:42,120
yeah check it out you find all the links in the podcast description so yeah

7
00:00:42,120 --> 00:00:49,080
check it out so welcome Matthew. Oh thank you, thanks for having me. So yeah then

8
00:00:49,080 --> 00:00:55,800
that's direct deep dive into the topic and my first question is so I work a

9
00:00:55,800 --> 00:01:00,200
little bit with power shell but not so deep and there are people say it's a

10
00:01:00,200 --> 00:01:08,080
developer tool I say it's an admin tool or is it something else? So that's a

11
00:01:08,080 --> 00:01:14,760
great question so it's both essentially so that's the great thing about power

12
00:01:14,760 --> 00:01:19,120
shell like if you actually look at the the description of power shell from

13
00:01:19,120 --> 00:01:24,840
Microsoft it lists itself as an admin tool and a workflow automation tool so

14
00:01:24,840 --> 00:01:31,400
that it you know you can do you know simple standard command line you know

15
00:01:31,400 --> 00:01:36,240
admin type requests but you can also build full-fledged you know enterprise ready

16
00:01:36,240 --> 00:01:44,800
automations using it. Awesome and and want to have yeah what what have you

17
00:01:44,800 --> 00:01:51,480
pulled into the the using power shell if you started with with with the topic?

18
00:01:52,040 --> 00:01:58,600
So for me I started in power shell around the systems center suite so a lot

19
00:01:58,600 --> 00:02:07,520
around you know monitoring and observability and then working in the ITIL

20
00:02:07,520 --> 00:02:11,600
space with you know the help desk you know essentially making anything that's

21
00:02:11,600 --> 00:02:17,760
repeatable scriptable right and then building out from there to you know full

22
00:02:17,760 --> 00:02:25,840
fledge you know automation platform running you know majority on power shell

23
00:02:25,840 --> 00:02:37,080
and yeah it's I think it's yeah or all say it's it's like a scripting tool but I think

24
00:02:37,080 --> 00:02:45,480
it's yeah it's just yeah it's more than behind this in power shell so how how

25
00:02:45,480 --> 00:02:53,640
did you use it or what would you say it's power shell good good for so yeah I

26
00:02:53,640 --> 00:02:59,440
mean yeah I was you know get get the question you know for people what can I do

27
00:02:59,440 --> 00:03:03,320
this is like well yes the answer is always gonna be yes it just depends on how

28
00:03:03,320 --> 00:03:09,080
much time and how much money you have right but seriously it's you know we

29
00:03:09,080 --> 00:03:13,440
talk about you know going and then running like a simple command of you know like

30
00:03:13,440 --> 00:03:18,880
get you know MG graph user right but there's so much that you could build

31
00:03:18,880 --> 00:03:23,640
around that you know especially with with power shell being object oriented

32
00:03:23,640 --> 00:03:33,920
right a great example you know being that you know we have automation that we run

33
00:03:33,920 --> 00:03:40,040
up my company that go out and they they talk to graph but then they also go back

34
00:03:40,040 --> 00:03:44,240
down and talk to active directory at the same time then go talk to exchange online

35
00:03:44,240 --> 00:03:48,920
or the exchange hybrid server those type of things and it's able you know being

36
00:03:48,920 --> 00:03:55,840
able to kind of bounce around to those different items in one you know essential

37
00:03:55,840 --> 00:04:01,880
click of the button or right or execution of a script and then have it be able to

38
00:04:01,880 --> 00:04:06,680
make determinations based upon what's returned to it right so that's a big part of

39
00:04:06,680 --> 00:04:12,160
you know what I try to kind of evangelize is you know make your scripts adaptable

40
00:04:12,160 --> 00:04:18,640
right there you build the build the logic into them so that you can create a

41
00:04:18,640 --> 00:04:23,320
function to go do something like you know create a user or pull down sign in logs

42
00:04:23,320 --> 00:04:28,000
or those type of things right but then you can link those together with logic

43
00:04:28,000 --> 00:04:33,640
you know whether you're using you know loops or if statements or switches or what

44
00:04:33,640 --> 00:04:39,600
whatever you have in your script but you know use those little blocks and then

45
00:04:39,600 --> 00:04:43,720
build those together and then you can make some pretty great and powerful

46
00:04:43,720 --> 00:04:50,200
things right especially if you can then bring data into it as well

47
00:04:50,200 --> 00:05:01,880
so awesome and I think a little bit yeah in the last years Microsoft 365 has

48
00:05:01,880 --> 00:05:11,840
matured and how have the rule of a power change in this time so a big thing in

49
00:05:11,840 --> 00:05:20,920
the last year has has really been the the graph modules coming coming into

50
00:05:20,920 --> 00:05:26,280
power show so that is really helped to kind of define exactly what it was in

51
00:05:26,280 --> 00:05:31,240
there before it was really separated where you had you know the SharePoint team

52
00:05:31,240 --> 00:05:37,920
had their commands and the Azure AD or now intradd had their own commands and

53
00:05:37,920 --> 00:05:43,880
nothing was centered nothing was you know really clean and 90% of the time when I

54
00:05:43,880 --> 00:05:48,080
had to deal with anything and along those lines I just ended up writing directly to

55
00:05:48,080 --> 00:05:53,600
graph just using a web request you know using using a rest method but you

56
00:05:53,600 --> 00:05:57,360
understand that that's not something that you know you're every day person is

57
00:05:57,360 --> 00:05:59,560
going to want to have to deal with right when they're not going to have to deal

58
00:05:59,560 --> 00:06:04,480
with you know paging and looping and you know timeouts and all those type of

59
00:06:04,480 --> 00:06:09,320
things right so by introducing the graph modules they really helped to

60
00:06:09,320 --> 00:06:15,960
standardize exactly what is happening across the the landscape really think

61
00:06:15,960 --> 00:06:23,840
they they took a big Q from the PNP folks in you know getting a really standard set

62
00:06:23,840 --> 00:06:30,760
kind of a crossed the entire ecosystem making it a lot simpler you know as

63
00:06:30,760 --> 00:06:34,080
long as you still have all the same versions of the modules installed that's

64
00:06:34,080 --> 00:06:41,840
sold a different story but yeah yeah last time I have talked to I don't know

65
00:06:41,840 --> 00:06:49,720
what is worth the micro Microsoft graph use a group and they say that

66
00:06:49,720 --> 00:06:55,240
PowerShell is just becoming a rapper so I'm always did you but what did you

67
00:06:55,240 --> 00:07:02,480
think I mean it always has been a rapper right so whether it's a rapper for

68
00:07:02,480 --> 00:07:08,840
making SDK calls or making a rapper for you know graph calls those type of

69
00:07:08,840 --> 00:07:15,920
things it's you know it's a pretty good rapper you know you get defined parameters

70
00:07:15,920 --> 00:07:20,160
I mean nothing's worse than looking at that graph documentation or any

71
00:07:20,160 --> 00:07:24,360
documentation and trying to guess exactly what it is that they want in there

72
00:07:24,360 --> 00:07:27,800
right so with the with the power show you get the defined parameters and things

73
00:07:27,800 --> 00:07:36,320
like that obviously with that comes certain you know certain things where you

74
00:07:36,320 --> 00:07:41,800
know you can't quite get as maybe defined as you would like to be but you know

75
00:07:41,800 --> 00:07:51,320
you're probably hitting a good 90 to 95% of use cases out there and how do you

76
00:07:51,320 --> 00:08:01,560
balance power shell for those direct AP usage I mean I so it's that's funny we

77
00:08:01,560 --> 00:08:09,320
actually just we just had this conversation on my team I look at it I approach it

78
00:08:09,320 --> 00:08:16,160
two different ways one is if I have control of the environment I'm gonna use

79
00:08:16,160 --> 00:08:21,760
the modules where possible right it makes it just simpler for people to

80
00:08:21,760 --> 00:08:26,280
understand anybody who's familiar with the modules can then go back in and look

81
00:08:26,280 --> 00:08:33,440
at those you know if something changes you know you can update the modules and you

82
00:08:33,440 --> 00:08:37,920
know for the most part right but you're gonna have your

83
00:08:37,920 --> 00:08:42,240
documentation of breaking changes and all those type of things if it's something

84
00:08:42,240 --> 00:08:49,000
that I'm deploying out I don't really have as much control over like where it goes

85
00:08:49,000 --> 00:08:53,240
you know something I'm delivering those points I tend to kind of link more

86
00:08:53,240 --> 00:08:58,400
towards the API that way I can be very you know much in control of like which

87
00:08:58,400 --> 00:09:03,560
version it's calling and things like that it but it doesn't make the long term

88
00:09:03,560 --> 00:09:07,080
upkeep of it a lot more difficult right because now I'm having to pay attention

89
00:09:07,080 --> 00:09:13,920
to API versions all throughout you know these scripts and you know knowing when

90
00:09:13,920 --> 00:09:19,440
ones are gonna be you know get in a defly for they you know have breaking

91
00:09:19,440 --> 00:09:22,960
changes and things like that so it makes a little more difficult to monitor

92
00:09:22,960 --> 00:09:28,960
maintain but from a from a standpoint of being able to really have type

93
00:09:28,960 --> 00:09:35,920
control over exactly what that's doing in a static type environment

94
00:09:35,920 --> 00:09:44,080
and actually I think we have all this this new I don't know okay

95
00:09:44,080 --> 00:09:50,280
actually it's it's copialoid copilot but we have also yeah local tools like power

96
00:09:50,280 --> 00:10:00,560
automate and I think it's replaced a lot of shell power shell use cases or yeah I

97
00:10:00,560 --> 00:10:08,480
work hard so so you know I've kind of maybe had a little bit of the opposite I'm

98
00:10:08,480 --> 00:10:15,360
actually working right now on a project to I'm trying to clean up my backlog

99
00:10:15,360 --> 00:10:21,640
essentially have a massive backlog and you know I put that in the in a copilot

100
00:10:21,640 --> 00:10:29,400
in M365 but the the DevOps things that they have built in there aren't really

101
00:10:29,400 --> 00:10:34,400
good and you know they they can't do the things that I was looking to do for

102
00:10:34,400 --> 00:10:38,800
example I wanted to get a work item and then see across you know four different

103
00:10:38,800 --> 00:10:43,560
repos what potential files that would be touching and what that would be

104
00:10:43,560 --> 00:10:48,160
affecting and then be able to write my you know accept this criteria risk

105
00:10:48,160 --> 00:10:54,800
criteria and stuff based upon that so I did have I wrote a power shell Azure

106
00:10:54,800 --> 00:10:59,240
function that goes in pools that data for me and then was able to click

107
00:10:59,240 --> 00:11:06,640
that into into the M365 copilot and then kind of build my own function tools

108
00:11:06,640 --> 00:11:14,240
into that so you know at a point it's like you know the power shell is always

109
00:11:14,240 --> 00:11:17,480
going to do exactly what you tell it to do right there's there was no way I was

110
00:11:17,480 --> 00:11:22,640
ever going to build a power shell tool to go through and then look at my

111
00:11:22,640 --> 00:11:27,560
backlog and tell me what I need it to know right but it can get that data so

112
00:11:27,560 --> 00:11:32,560
that I can make that determination or something else can make that determination

113
00:11:32,560 --> 00:11:41,560
and that Microsoft have no co-pilot for power shell or I'm not

114
00:11:41,560 --> 00:11:48,560
no they're they they had one one point that they tried putting it in but I think

115
00:11:48,560 --> 00:11:54,720
they're just sticking with you know the this code and get hub copilot about

116
00:11:54,720 --> 00:12:01,480
but they're yeah well what's something power shell can do today what GUI

117
00:12:01,480 --> 00:12:16,760
still can't I mean really consistency in scale right so that's a big part of

118
00:12:16,760 --> 00:12:23,240
it you know if you go and you look at the GUI it's great for you know kind of

119
00:12:23,240 --> 00:12:26,840
like one-off changes and things like that but you know once you're trying to do

120
00:12:26,840 --> 00:12:31,840
something you know across multiple regions or multiple areas and things like

121
00:12:31,840 --> 00:12:39,280
that it's gonna get ugly quick you know it's kind of the same thing as as a

122
00:12:39,280 --> 00:12:43,280
venture earlier on you know I'm working right now including them a backlog and

123
00:12:43,280 --> 00:12:48,360
I had all sorts of things in all different states you know some more groom some

124
00:12:48,360 --> 00:12:52,920
are but you know they have said so I wrote a quick power shell said hey reset all

125
00:12:52,920 --> 00:12:58,800
these things back to want right and then I can go through and as I'm going through

126
00:12:58,800 --> 00:13:03,400
my list manually in the GUI I'm able to go there and do that but they would have

127
00:13:03,400 --> 00:13:09,360
taken me hours to just click through every single item I mean I'm talking

128
00:13:09,360 --> 00:13:12,440
there's like 900 items in there right there's no way I would have clicked through

129
00:13:12,440 --> 00:13:17,960
and been able to even keep track of anything of that scale without some sort

130
00:13:17,960 --> 00:13:24,320
of you know automated way to go through it and determine exactly what I have

131
00:13:24,320 --> 00:13:29,120
going through there is you know kind of same thing on you know when I was going

132
00:13:29,120 --> 00:13:33,880
into looking at okay was last time this item was changed and it said you know well

133
00:13:33,880 --> 00:13:37,840
here's your last change date it's like okay well that change was just related to

134
00:13:37,840 --> 00:13:42,520
me moving the item around right when you move something around an Azure DevOps

135
00:13:42,520 --> 00:13:47,520
it's just assigns this random number to it so it's like okay well I don't I

136
00:13:47,520 --> 00:13:52,360
really want to know when the last time it was meaningfully changed so I was able

137
00:13:52,360 --> 00:13:55,680
to use power shell to go and look at the history and say okay you know I don't

138
00:13:55,680 --> 00:13:59,640
care about this change this type of change I don't care you know what if a tag was

139
00:13:59,640 --> 00:14:02,720
added to it I want to know when a description was added when a comment was made

140
00:14:02,720 --> 00:14:07,520
you know when acceptance criteria was written and I was able to get that data

141
00:14:07,520 --> 00:14:11,880
loaded into a spreadsheet and then quickly make a determination on okay this

142
00:14:11,880 --> 00:14:16,080
hasn't been touched for years it's going away now right whereas there is no way

143
00:14:16,080 --> 00:14:20,080
for me to actually be able to do that through the GUI without clicking on each

144
00:14:20,080 --> 00:14:23,760
individual work item clicking on the history on it and then scrolling down and

145
00:14:23,760 --> 00:14:31,520
trying to find the last meaningful change on it and I use it power shell only for

146
00:14:31,520 --> 00:14:38,840
mr. to work but when you use power shell is there any hidden cost I come from

147
00:14:38,840 --> 00:14:43,120
data and there are a lot of hidden across the Microsoft is there any hidden

148
00:14:43,120 --> 00:14:52,680
cost or is there something people have to look at of when they think about I think

149
00:14:52,680 --> 00:14:58,440
financial ups yeah I mean you know you run power shell on your machine is just

150
00:14:58,440 --> 00:15:04,520
the cost of operating right there's nothing to that Microsoft does have the

151
00:15:04,520 --> 00:15:11,440
Azure automation which allows you to run scripts in in directly in Azure or on

152
00:15:11,440 --> 00:15:17,600
on prem in a with a hybrid worker which is great because you can you know cross

153
00:15:17,600 --> 00:15:22,560
platform stuff from a single pane of glass type of things but the the run cost on

154
00:15:22,560 --> 00:15:29,360
that is infantessel I mean I we have ones that run thousands of operations

155
00:15:29,360 --> 00:15:35,760
and I think the most I've ever seen it here was like ten bucks it's pretty cheap

156
00:15:35,760 --> 00:15:44,200
yeah okay I think ten dollars it's it's a price for our enterprise

157
00:15:44,200 --> 00:15:49,840
illusions that it's really okay for Microsoft environments I think you don't

158
00:15:49,840 --> 00:15:58,080
have called the CFO for this yeah not only yeah but but when you get an

159
00:15:58,080 --> 00:16:07,200
advice to future applicants will they need more or less power shell and why more so

160
00:16:07,200 --> 00:16:17,840
yeah I mean as they're kind of saying you know the the the clickers are you know are

161
00:16:17,840 --> 00:16:23,600
kind of going away right so with whether it's AI or whether it's a shell or you

162
00:16:23,600 --> 00:16:28,720
know what have you on the on the you know kind of the days of going through and

163
00:16:28,720 --> 00:16:35,600
clicking things are coming to an end so you kind of see you know even if you have

164
00:16:35,600 --> 00:16:41,200
you know your co-pilot's going out and doing things right how much control do

165
00:16:41,200 --> 00:16:44,040
you really want to give it versus telling it okay hey give him just give me a

166
00:16:44,040 --> 00:16:47,360
script that does this and then you can go back and you can look at it you can

167
00:16:47,360 --> 00:16:51,680
understand it and kind of see exactly what it's going to do before clicking that

168
00:16:51,680 --> 00:16:59,600
fire button it happened it go off and just do things so it's it's it's it's it's it's

169
00:16:59,600 --> 00:17:07,400
good you know in the in the in the Roma Bay I think having the ability to look at

170
00:17:07,400 --> 00:17:12,200
it before it fires right and knowing exactly what it's going to do versus what

171
00:17:12,200 --> 00:17:18,720
it's going to tell you that it's going to do is it's going to be a big value add

172
00:17:18,720 --> 00:17:27,960
the awesome and I think a little bit about governance and reporting and there's

173
00:17:27,960 --> 00:17:33,720
a question how do you use power shell for our visibility and reporting across

174
00:17:33,720 --> 00:17:42,120
tenants yeah I mean that's a great question so we use it a lot at my company so we

175
00:17:42,120 --> 00:17:47,120
we do Azure management for customers where we go then we manage their

176
00:17:47,120 --> 00:17:55,640
Azure and we're able to use power shell to gather data and monitor things that

177
00:17:55,640 --> 00:18:02,760
just don't exist inside of Azure or inside of m365 by by default or at least

178
00:18:02,760 --> 00:18:10,080
they're not reasonable to to obtain a great example is external share

179
00:18:10,080 --> 00:18:15,440
external shares in SharePoint and OneDrive and things like that if you've ever

180
00:18:15,440 --> 00:18:22,600
looked in the Azure cloud apps you know the previously the MCAS defender

181
00:18:22,600 --> 00:18:28,280
whatever it's named this week but the the reporting on it like if you share a

182
00:18:28,280 --> 00:18:32,520
site with somebody externally are you going look at that report it's going to

183
00:18:32,520 --> 00:18:37,000
come back and it's going to tell you that every single file on that site is

184
00:18:37,000 --> 00:18:42,400
shared externally which yes technically it is but I don't need to know that the

185
00:18:42,400 --> 00:18:47,840
FAV CON is you know that's not really telling me what has been shared and to who

186
00:18:47,840 --> 00:18:51,360
it's been shared with and into what level right so we were able to use power

187
00:18:51,360 --> 00:18:55,480
shell to go and actually look at those objects that get returned and say okay

188
00:18:55,480 --> 00:19:01,600
you know it's being assigned a permission item and then we have it walk up the

189
00:19:01,600 --> 00:19:06,080
the list and say okay well this was shared at the folder level or this was

190
00:19:06,080 --> 00:19:10,360
shared at the library level where this entire site was shared in those type of

191
00:19:10,360 --> 00:19:15,400
things and then giving a report these reports coming in like about 1% of the

192
00:19:15,400 --> 00:19:18,560
actual number of things because you're just looking at exactly what we're

193
00:19:18,560 --> 00:19:23,480
shared somebody right click on this folder and said share this and that becomes

194
00:19:23,480 --> 00:19:30,560
one item instead of the 1500 sub files and folders and things that are underneath of it.

195
00:19:30,560 --> 00:19:38,520
And yeah you work I think in your company will love a lot of clients and have you

196
00:19:38,520 --> 00:19:43,960
at you don't have to say the names of the kinds but can you share in one or two

197
00:19:43,960 --> 00:19:50,120
examples that power shall save a massive time or prevent major issues.

198
00:19:50,120 --> 00:19:57,240
Oh yeah great so one really great one that we had a couple years back was when

199
00:19:57,240 --> 00:20:05,280
that log for J issue came out and you know there was a security vulnerability in

200
00:20:05,280 --> 00:20:09,920
in the log for J for those who aren't familiar with it you know basically it's a

201
00:20:09,920 --> 00:20:16,920
kind of a package add on that is in a ton of different applications and it gets

202
00:20:16,920 --> 00:20:21,000
packaged inside of that application so it becomes very difficult you can't send

203
00:20:21,000 --> 00:20:27,080
a update and say you know update log for J you have to go and determine you know

204
00:20:27,080 --> 00:20:32,240
all of these different applications whether or not they're using it but there

205
00:20:32,240 --> 00:20:38,480
was things like DLLs or you know files on Linux servers and things like that to help

206
00:20:38,480 --> 00:20:44,360
you be able to identify if an application was using log for J so we wrote a

207
00:20:44,360 --> 00:20:48,440
power shell script that one the first thing it does is it goes in search of the

208
00:20:48,440 --> 00:20:54,240
machine looks for any instances of log for J right so it searches the file searches

209
00:20:54,240 --> 00:20:58,640
the registry searches you know the memory of those type of things to determine

210
00:20:58,640 --> 00:21:03,600
okay is log for J on this machine great that really you know made it a lot easier

211
00:21:03,600 --> 00:21:08,360
to be able to determine if it was on there but then taking that a step further

212
00:21:08,360 --> 00:21:14,240
we said hey go look at Azure go look at every single virtual machine and

213
00:21:14,240 --> 00:21:18,880
Azure Arc machine and then run this script against them and then come back with

214
00:21:18,880 --> 00:21:23,520
a consolidate report of every single machine in my environment that has you know

215
00:21:23,520 --> 00:21:27,600
the potential for having log for J on it and you know even took that script

216
00:21:27,600 --> 00:21:34,080
even further and it's actually out on my oh my get off the copy of it but it goes

217
00:21:34,080 --> 00:21:39,600
through and it turns on the VMs that are turned off checks them and it turns them

218
00:21:39,600 --> 00:21:43,080
back off right and they are and it all runs in parallel so that you're not

219
00:21:43,080 --> 00:21:48,000
seeing they're waiting for each machine to run individually and you're not

220
00:21:48,000 --> 00:21:51,720
having to log into every single machine you are cooking off one script and is

221
00:21:51,720 --> 00:21:55,040
going through it's finding every single thing in your environment that could

222
00:21:55,040 --> 00:22:02,120
potentially have that vulnerability that you need to remediate I think there was I

223
00:22:02,120 --> 00:22:08,160
think Shakespeare has asked the question automate everything or automate

224
00:22:08,160 --> 00:22:16,640
nothing yeah I automate all the things but yeah I always I was do say you know it

225
00:22:16,640 --> 00:22:22,800
doesn't matter you know how great of a programmer or coder or you know automation

226
00:22:22,800 --> 00:22:27,440
expert you are a bad process is a bad process if you automated it's just a faster

227
00:22:27,440 --> 00:22:34,080
bad process so you know it's always about you know walking that fine line of you

228
00:22:34,080 --> 00:22:37,600
know should we automate this is always a kind of the first question I think that

229
00:22:37,600 --> 00:22:47,080
people should ask yeah okay cool cool cool awesome I think I am more

230
00:22:47,080 --> 00:22:54,520
exposed like you say I'm a script kitty what separates a basic script

231
00:22:54,520 --> 00:23:05,760
they're from someone truly advanced in power shell I mean I think anybody is you know

232
00:23:05,760 --> 00:23:14,680
could be at any level so I'm I'm sure you know if I understand the you know how

233
00:23:14,680 --> 00:23:20,480
the low code backside power shell works you know it's going to be the same as

234
00:23:20,480 --> 00:23:25,640
somebody who you know is able to to write a power ship I think the big thing is

235
00:23:25,640 --> 00:23:32,920
learning those you know repeatable patterns things like that so avoiding you know

236
00:23:32,920 --> 00:23:38,960
writing the same thing over and over and over and over again right so instead of

237
00:23:38,960 --> 00:23:47,200
having four different calls to you know they do the same thing inside of your function

238
00:23:47,200 --> 00:23:52,200
or inside of your script right build build a build it into a function and I can just

239
00:23:52,200 --> 00:23:55,560
call that function instead of having to repeat all those lines and those type of

240
00:23:55,560 --> 00:24:00,680
things and it you know it's it's fun that you know every single computer science

241
00:24:00,680 --> 00:24:03,960
class every day tell they'll tell you the same thing is like oh well it makes it

242
00:24:03,960 --> 00:24:06,720
so much easier because you know when you have to change you know it to change it in one

243
00:24:06,720 --> 00:24:12,320
place but the the big thing to understand it and I think that kind of gets lost in

244
00:24:12,320 --> 00:24:17,440
that is is also remembering where you're calling that from all right so understanding

245
00:24:17,440 --> 00:24:21,680
the flow that you have going in there because if I make a change to it well how

246
00:24:21,680 --> 00:24:25,160
does that affect the other times that it's called right in those type of things so

247
00:24:25,160 --> 00:24:32,600
it's really it's it's not so much a skill as much as a as a more of a thought

248
00:24:32,600 --> 00:24:38,280
process that I try to help instill you know whether it's it's my writing or my

249
00:24:38,280 --> 00:24:43,880
blogs or whatever I'm doing you know I try to milliamphasize on the the thought

250
00:24:43,880 --> 00:24:47,720
process behind it all right so I really kind of try to get a good idea of what

251
00:24:47,720 --> 00:24:52,400
it's doing what it's going to do and then you know how do we execute that before I

252
00:24:52,400 --> 00:25:00,920
ever you know click you know the first letter or whatever inside of you know

253
00:25:00,920 --> 00:25:09,720
VS code and yeah this is the school for a short break before I ask my last last

254
00:25:09,720 --> 00:25:18,160
question my last questions so you find Matthew's links all in also his block in

255
00:25:18,160 --> 00:25:25,800
in the show notes and yeah my next question is I think I'm from the data side

256
00:25:25,800 --> 00:25:33,000
and we have this all this wonderful Microsoft learning stuff and they have

257
00:25:33,000 --> 00:25:39,600
this gold standard and they say okay it's must be safe repeatable and scalable

258
00:25:39,600 --> 00:25:48,040
how do you think yeah design power shell that's matched these three key criteria

259
00:25:48,040 --> 00:25:54,520
yeah yeah I mean the exact same way right so you know you're always looking for

260
00:25:54,520 --> 00:26:01,760
scalability and maintainability or there are the the two biggest things and you know

261
00:26:01,760 --> 00:26:13,560
one of the you know I come from a I got a lucky on you know my my background started

262
00:26:13,560 --> 00:26:18,040
out in infrastructure right then I worked for the company that I worked for we do

263
00:26:18,040 --> 00:26:22,720
infrastructure but we also do custom app dev so over the years as I've worked more

264
00:26:22,720 --> 00:26:27,520
or you know with you know in developer type role I've been able to

265
00:26:27,520 --> 00:26:31,720
mourn from those folks and from the data folks as well too at the same time of

266
00:26:31,720 --> 00:26:36,360
you know what's what's what's the best way to go through and you know get this data

267
00:26:36,360 --> 00:26:42,320
or you know be able to determine this in those type of things so you know really

268
00:26:42,320 --> 00:26:48,680
asking the questions you know knowing where to get data from when when does it make

269
00:26:48,680 --> 00:26:52,880
sense to have power shell do something versus when it makes sense to have something

270
00:26:52,880 --> 00:26:58,400
else do it you know if I'm calling as your data to explore right am I just gonna call

271
00:26:58,400 --> 00:27:02,600
a table and get everything back or am I gonna write a query that's gonna return

272
00:27:02,600 --> 00:27:11,480
exactly what I want right so going through you know you know kind of making an

273
00:27:11,480 --> 00:27:17,160
determination of you know when does it need to be built into the you know

274
00:27:17,160 --> 00:27:21,280
documentation or when does it need to be built into the script or versus when can I

275
00:27:21,280 --> 00:27:31,000
get that from you know an external force source yeah it's it's the record time is

276
00:27:31,000 --> 00:27:41,040
my the forest so we have the star wars the May okay I'm more static in you

277
00:27:41,040 --> 00:27:52,320
and yeah okay let us get through a how topic so what are

278
00:27:52,320 --> 00:28:00,600
come mistakes people make when automating Microsoft 365 for Azure with power

279
00:28:00,600 --> 00:28:10,640
shell so I think probably the biggest mistake that I that I see a lot is

280
00:28:10,640 --> 00:28:19,080
not having the ability to restart your automation so you know the the classic

281
00:28:19,080 --> 00:28:23,720
example of creating a user you know saying creating a user an intro right so

282
00:28:23,720 --> 00:28:27,520
the first thing that you want to do is you want to create the user account and then

283
00:28:27,520 --> 00:28:31,920
you know set a bunch of attributes maybe assign it to a group all right what

284
00:28:31,920 --> 00:28:37,280
happens if something goes wrong setting the attributes and then you need to

285
00:28:37,280 --> 00:28:42,480
restart from the beginning right so do we being able to build in a check into your

286
00:28:42,480 --> 00:28:46,120
own process is to say oh well the account already exists so now I'm gonna go

287
00:28:46,120 --> 00:28:49,760
and I'm just gonna I'm gonna skip to step two and then be able to write that and

288
00:28:49,760 --> 00:28:57,960
then at the same time you know being able to identify when something should end

289
00:28:57,960 --> 00:29:04,760
versus when it should continue on so you know for example if it goes and

290
00:29:04,760 --> 00:29:10,240
creates the user and then fails to set in you know the manager attribute well

291
00:29:10,240 --> 00:29:14,200
do I really need to stop everything else from processing because it failed to do

292
00:29:14,200 --> 00:29:19,280
that probably not right I can just record that error and then move on right

293
00:29:19,280 --> 00:29:23,960
where a lot of times what you'll see is you'll see a script that'll say you know

294
00:29:23,960 --> 00:29:29,520
create a new user and in that one call they're doing they're writing every

295
00:29:29,520 --> 00:29:34,520
single attribute that exists in there versus having it say okay create the new

296
00:29:34,520 --> 00:29:40,600
user with the very bare minimum of what is required to create it and then your

297
00:29:40,600 --> 00:29:45,880
next step assign each attribute and you could you know maybe even go so far as

298
00:29:45,880 --> 00:29:50,760
to assign them one at a time be a loop so that if one of them fails your entire

299
00:29:50,760 --> 00:29:56,240
thing is not gonna fail right and then if you need to restart it you know setting

300
00:29:56,240 --> 00:30:00,000
an attribute again you don't really need to check for that because that's not

301
00:30:00,000 --> 00:30:03,360
gonna cause an issue but if you keep creating an account over and over again

302
00:30:03,360 --> 00:30:09,480
then it will same thing with the groups you know looking at it logically where you

303
00:30:09,480 --> 00:30:12,320
know if you actually try to add a user to a group they already exist it throws an

304
00:30:12,320 --> 00:30:17,880
error right so knowing how to capture those errors and then don't just put you

305
00:30:17,880 --> 00:30:23,000
know error actions silent and assume that it failed because of that right actually

306
00:30:23,000 --> 00:30:28,080
capture that error and say okay did it fail because the group doesn't exist or

307
00:30:28,080 --> 00:30:32,440
did it fail because you know it personally was already a member of it right in

308
00:30:32,440 --> 00:30:36,440
the maker of the termination on whether when you want to actually throw that error

309
00:30:36,440 --> 00:30:48,040
message yeah errors is also a nice topic so and where I work I see often yeah we know

310
00:30:48,040 --> 00:30:58,840
Microsoft rename something and do often updates and yeah it's cool I'm happy with

311
00:30:58,840 --> 00:31:04,920
this but sometimes I yeah I don't get the information they have updated like the

312
00:31:04,920 --> 00:31:12,720
graph API or something or the ETL pipelines so how do you test scripts in

313
00:31:12,720 --> 00:31:21,080
on the environment or or environments or tenants that are constantly changing so

314
00:31:21,080 --> 00:31:28,240
you know that that's one of the most difficult things that I have to deal with in my

315
00:31:28,240 --> 00:31:33,240
job because I can write all the pester tests that I want to go through and

316
00:31:33,240 --> 00:31:42,200
like test the logic of my code and then you know fake and mock all the

317
00:31:42,200 --> 00:31:49,080
graph calls but that doesn't tell me if something in graph changed right so I need

318
00:31:49,080 --> 00:31:55,760
to actually be able to replay graph calls and it's actually something I've been

319
00:31:55,760 --> 00:32:01,560
working on hopefully I'll get it out here soon within the next couple of months

320
00:32:01,560 --> 00:32:06,800
building right now I just have it as a bunch of one-off scripts but I've built

321
00:32:06,800 --> 00:32:18,440
using the the PS web and PS node to create my own API calls that act like

322
00:32:18,440 --> 00:32:26,160
graph right so that I can actually determine your how's it gonna behave under

323
00:32:26,160 --> 00:32:31,720
certain situations at the same time to some point like you know I have

324
00:32:31,720 --> 00:32:38,480
development tenants that I've written I have to go write graph scripts that go

325
00:32:38,480 --> 00:32:44,720
and the tenant as I expect it to be and then test my script against it as well so

326
00:32:44,720 --> 00:32:50,880
it is it's it's never simple but you know once you kind of get it built now I have

327
00:32:50,880 --> 00:32:56,280
it all in pipelines right so I have ones for testing yeah measure bicep deployments

328
00:32:56,280 --> 00:33:02,040
things that I'm using PowerShell to essentially wipe out the environment

329
00:33:02,040 --> 00:33:07,480
afterward the setting it back to the level that you would you know encounter at a

330
00:33:07,480 --> 00:33:12,480
customer right so what you would if you run into things with like providers not

331
00:33:12,480 --> 00:33:16,800
being enabled and turned on and those type of things being able to determine

332
00:33:16,800 --> 00:33:23,600
that so you know doing those captured states and then writing that back has been a

333
00:33:23,600 --> 00:33:35,080
a challenge to say at least okay this and what when you have bring this out you

334
00:33:35,080 --> 00:33:40,600
have our give me information so I can share it with the yeah yeah definitely

335
00:33:40,600 --> 00:33:50,200
cool and yeah let's talk a little bit about the future where is the PowerShell

336
00:33:50,200 --> 00:33:56,680
hitting in the Microsoft ecosystem over the next years what what did you think

337
00:33:56,680 --> 00:34:03,320
yeah I mean I definitely see you know it's not going anywhere that's that's for sure

338
00:34:03,320 --> 00:34:08,960
you know they still have a strong investment and it's tied very closely now with the

339
00:34:08,960 --> 00:34:15,720
.net releases and staying up and staying current with that you know the the

340
00:34:15,720 --> 00:34:20,920
stuff that we saw recently released with the Microsoft graph you know that shows

341
00:34:20,920 --> 00:34:27,680
that they're putting up a big investment into it out there even though the Azure

342
00:34:27,680 --> 00:34:31,520
team kind of leans towards the CLI sometimes that's you know they basically

343
00:34:31,520 --> 00:34:36,920
become kind of one of the same Microsoft made the commitment that in Azure and

344
00:34:36,920 --> 00:34:45,520
in 365 anything that you can do through the GUI you should also be able to do

345
00:34:45,520 --> 00:34:54,160
through PowerShell and think you will everything eventually move to graph

346
00:34:54,160 --> 00:35:00,760
OP first or not there's there's always a place for the

347
00:35:00,760 --> 00:35:06,240
commandless and the wrappers and the things like that right so that there's not the

348
00:35:06,240 --> 00:35:12,880
need to you know as I mentioned you know writing to the API you know you have to go

349
00:35:12,880 --> 00:35:17,240
you know I got to open up my web browser I got to look up the commands I got to

350
00:35:17,240 --> 00:35:23,000
build out the JSON and all those type of things versus you know if I need to you

351
00:35:23,000 --> 00:35:31,680
get a security alert from m365 right I can literally type in you know get

352
00:35:31,680 --> 00:35:35,920
-mg security alert and if I don't know how that's supposed to be I have to get

353
00:35:35,920 --> 00:35:39,240
help at the front of it and it's gonna pop back right there in that console tell

354
00:35:39,240 --> 00:35:45,400
me exactly you know how to use it so it's it makes things much quicker much

355
00:35:45,400 --> 00:35:50,240
you know almost seamless especially you know with the administration and you know

356
00:35:50,240 --> 00:35:54,880
the quick things that you want to be able to do configurations those type of

357
00:35:54,880 --> 00:36:04,440
things and we have so many I think we have the Microsoft have a lot of upcoming

358
00:36:04,440 --> 00:36:11,840
people they like to learn administration and when you give them an advice to

359
00:36:11,840 --> 00:36:18,800
learn PowerShell today what should they do to be relevant after their

360
00:36:18,800 --> 00:36:27,080
study or make their certification what's what's a tip to for for new admins I mean

361
00:36:27,080 --> 00:36:34,920
I would say try to do anything that you did in the portal you know through

362
00:36:34,920 --> 00:36:39,800
PowerShell all right so you know whether that's going through and you know

363
00:36:39,800 --> 00:36:44,680
enabling admin roles or you know defa or you know creating a sharepoint site

364
00:36:44,680 --> 00:36:50,440
or you know whatever is that you're doing if you can do that through PowerShell

365
00:36:50,440 --> 00:36:54,040
then save it you know not now you've done that so the next time you have to go

366
00:36:54,040 --> 00:36:57,600
through and create a site hey you know when I've already have my template here

367
00:36:57,600 --> 00:37:03,440
for this all right so that you know when I create a conditional access policy

368
00:37:03,440 --> 00:37:06,400
here's the things that I need to enable I don't need to have two screens open

369
00:37:06,400 --> 00:37:11,320
side by side and you know trying to copy things over right I have my template

370
00:37:11,320 --> 00:37:17,920
there I've saved it and I can reuse that anytime I need to do that same process again

371
00:37:17,920 --> 00:37:27,600
awesome and now we come to my favorite part and it's the heart date part so I

372
00:37:27,600 --> 00:37:36,080
ask you five questions and you are ending it there if you are managing

373
00:37:36,080 --> 00:37:43,120
Microsoft C6 found without punish without power shell sorry you are doing it wrong

374
00:37:43,120 --> 00:37:51,520
yeah I think this is the right answer but bye sorry was that

375
00:37:51,520 --> 00:38:01,040
I missed that last question if you are managing Microsoft C65 without

376
00:38:01,040 --> 00:38:10,520
power shell you are doing it wrong and why why because you're making your job

377
00:38:10,520 --> 00:38:16,360
harder essentially you know as I'm you know just mentioned do it once don't do it

378
00:38:16,360 --> 00:38:20,800
over and over again right you know I always say that you know PowerShell made my

379
00:38:20,800 --> 00:38:24,240
ADHD a superpower because I can ever do something more than three times in a

380
00:38:24,240 --> 00:38:30,640
row without going insane so I script it but that that is allowed me to you know

381
00:38:30,640 --> 00:38:35,040
just be able to complete things so much quicker in the future right so it may

382
00:38:35,040 --> 00:38:40,400
take you an extra minute or two now to do it but you're gonna save yourself so

383
00:38:40,400 --> 00:38:48,120
much time down the road and yeah my next question is power automate is not replacing

384
00:38:48,120 --> 00:38:58,920
power shell it's you know it it supplements it really it or compliments it you know

385
00:38:58,920 --> 00:39:03,960
there's a lot of things that power automate can do that makes it you know pretty

386
00:39:03,960 --> 00:39:09,280
quite an easy to kind of just jump in there and start doing things definitely

387
00:39:09,280 --> 00:39:17,040
when it comes to you know your standard you know M325 office and those type of

388
00:39:17,040 --> 00:39:25,040
things it's it's it's great but when you really need to get down dirty into

389
00:39:25,040 --> 00:39:29,800
things right so power shell can can supplement that whether that's you know

390
00:39:29,800 --> 00:39:32,800
it doesn't necessarily need to replace it either right you can create an

391
00:39:32,800 --> 00:39:39,560
Azure function that does a portion of your power automate for you and the

392
00:39:39,560 --> 00:39:48,560
GUI based automation is fine for beep and but it's completely breaks it it's

393
00:39:48,560 --> 00:39:54,240
fine for individual use right it works great when you know when you have

394
00:39:54,240 --> 00:39:58,320
something that you do repeatedly and that you need to get done when you want to

395
00:39:58,320 --> 00:40:06,000
do something at an enterprise scale the GUI's tend to kind of break down right

396
00:40:06,000 --> 00:40:09,720
because you want a lot more control you want a lot more logging you want a lot

397
00:40:09,720 --> 00:40:16,400
more customization then you're gonna get through a through a GUI tool and most

398
00:40:16,400 --> 00:40:22,680
organizations don't have a tooling problem they have a

399
00:40:22,680 --> 00:40:43,840
sprawl problem yeah I'm so with you I'm so you sprawl and sincere yeah and my last

400
00:40:43,840 --> 00:40:49,560
question is Microsoft Graph will not kill power shell as they will make it more

401
00:40:49,560 --> 00:40:55,440
anything it's gonna make it even more powerful right so anything that you can do

402
00:40:55,440 --> 00:41:03,000
through an API power shell could do so as more things become that have APIs and

403
00:41:03,000 --> 00:41:08,880
don't require all these you know very specific DLLs like back in the old days of

404
00:41:08,880 --> 00:41:12,960
SharePoint right where you had to have which share version of SharePoint you were

405
00:41:12,960 --> 00:41:17,840
using and that admin console on there to be able to it was you know the same

406
00:41:17,840 --> 00:41:22,040
thing with like the old system center days where you had each individual system

407
00:41:22,040 --> 00:41:25,120
center product and you had to have the management console installed and be able

408
00:41:25,120 --> 00:41:29,320
to do that right now the API is it becomes open it becomes so much more that you

409
00:41:29,320 --> 00:41:34,080
can do with with you know a lot less as I mentioned like with Azure automation

410
00:41:34,080 --> 00:41:38,560
right those jobs run in Azure I don't have to have that on my machine it has

411
00:41:38,560 --> 00:41:43,800
built in schedulers that has built in credential objects and variables and

412
00:41:43,800 --> 00:41:48,080
all those type of things directly in there and if I'm calling APIs then it just

413
00:41:48,080 --> 00:41:52,520
runs straight in Azure I don't have to worry about it so the more things that

414
00:41:52,520 --> 00:41:58,760
move to an API type level like that the more powerful power shell will become

415
00:41:58,760 --> 00:42:06,240
awesome oh that's more so great to talk with you and yeah I think the last

416
00:42:06,240 --> 00:42:15,080
drugs for the audience sir I give you yeah don't be afraid to automate don't be

417
00:42:15,080 --> 00:42:19,520
afraid to get in there and start playing around and seeing what there is and

418
00:42:19,520 --> 00:42:24,120
always remember you can just type in get dash help a whole air power shell and

419
00:42:24,120 --> 00:42:31,800
what you know what command you're trying to do and it will tell you awesome