Joe Sutherland

@IAMERICAbooted My brain's first reaction: "Why does a self-addressed stamped envelope need dedicated egress IPs" 🤣

If your SASE provider doesnt provide dedicated IP blocks for egress, get a new SASE provider

@IAMERICAbooted @NathanMcNulty And you can't even submit the elevation request without a servicenow ticket number, so... 🤣

@NathanMcNulty But they have to elevated first and approved. :)

If you think Intune's multi-admin mode is going to save you from a phished Global Admin, I have bad news... GA can just create a second admin and approve their change ;)

@NathanMcNulty Some WOPI calls getting stuff from vti folder in my OneDrive that looks potentially related, but haven't been able to reverse engineer it yet. 3/3

@NathanMcNulty By users from the addin store. Those do follow the USER and not the CLIENT (install on device A, login to new device B, and have the addin without needing to install), so somewhere in M365 that association is stored... I looked at Excel online in browser tools and see 2/3 (oops)

.@NathanMcNulty Do you know if there is an equivalent of the EXO cmdlet Get-App (limited to Outlook addins) that will show me all addins installed for a user for Word, Excel, PowerPoint? #office365 #m365 1/2

@NathanMcNulty Those installed addins follow the user, not the client, so there has to be somewhere in M365 where the association of user and addin is stored. Just don't know where that is/how to get to it... (Yet!) 2/2

@NathanMcNulty This is the portal where you configure administrative deployment of addins. What neither this nor the centralized deployment powershell do is discovery of addins users have installed from the store. 1/2

@devangchheda_ @NathanMcNulty You're right that it unfortunately doesn't answer my discovery question, but that is a fantastic article! Thank you!

@NathanMcNulty @joesuffceren Not the answer you are looking for, but the link below would be my first read: smbtothecloud.com/from-com-to-we…

@JProkap @gabsmashh Need angel investors? 😂

@gabsmashh Now I want to make a SaaS app named "Cornbread"

phone, please. i am trying to type okta, not okra. while delicious, okra does not help me with sso.

@gabsmashh I mean... It could... Maybe you're not trying hard enough? Southern Appetizer Made (with) Love? Okra Always Undoes Targets (of) Health? Or, if you boil instead of fry: Super Super Slimy Okra. 😂

@stianstrysse @NathanMcNulty Many of the apps do a check for their requested/demanded perms and bark when you take them away. But, for the others, this is a great trick. If you break something and need to put it back to stock, just hit the admin consent url again and all is well.

@NathanMcNulty Actually - you can! I’ve consented several multi-tenant apps and then immediately revoked and/or replaced certain Graph app permissions that I couldn’t stomach. Like replacing Group.Read.All with GroupMember.Read.All 😎 Stuff still worked!

I bet at least 80% of Entra admins would blindly grant RoleManagement.ReadWrite.All to an Enterprise app that was purchased by their company Most wouldn't even know what that means - and in doing so, they practically give Global Admin level permissions to the application vendor

@PyroTek3 @Microsoft365 -Final-finalv4-final.docx

@Microsoft365 I'm that guy!

If you put "FINAL" in a document title this week we love your optimism and need more people like you.

@shanselman Pushed that thing to its limits. Bought a Voodoo3 graphics card for it from money I saved up. Nuked parents win98 install not understanding partitioning when my uncle gave me a Redhat CD to install Linux.

@shanselman My mom entered a raffle at the grocery store for a Compaq with a Cyrix proc. Store manager had forgotten to put out the raffle display, so she was the automatic winner at our store, and then she was drawn in the regional drawing of all the store winners. 1/2

My parents sold our van so I could have a Commodore 64. That wasn’t just a computer, it was belief in my future. Full talk: hanselman.com #TEDx

@shanselman I'm not crying; you're crying! 😭😭😭 Amazing story.

@kmcnam1 Hopefully she quoted Vader to you? Missed opportunity if not! 🤣

Awesome full circle moment this week: About 6 or 7 years ago, I had a younger coworker approach me wanting to learn ISE. I spent about 4-6 hours a week in the evening for months to give her lectures and lab access to my own lab. After a couple months, she was kicking ass on ISE. She ended up leaving my company to go to a partner about a year or two later, but we remained casually connected on LinkedIn. This week I had a 2-day training class and lab to learn a new technology that I have been itching to dig deeper into. Guess who my instructor was? The same awesome lady I helped initially with ISE. She ended up being an amazing instructor this week and everything clicked as far as what I was hoping to get out of that class.

@kmcnam1 TOTALLY stealing "imaginary epeen!" 🤣🤣🤣

I never understand why random older dudes try to flex their experience with to play gatekeeper to younger people (especially young women) in tech or those getting into tech. We should be encouraging younger people to be passionate about tech, not trying to discourage them by flexing some imaginary epeen by citing the obsolete technology we worked on, back when dial-up was still a thing.