GCast 145:

Azure Active Directory Bulk User Operations

It can take a long time to manually create, invite, and delete many users in Azure Active Directory. Fortunately, AAD provides bulk operations to facilitate these activities.

Episode 742

Matt Groves on Fluent Migrator

Matt Groves describes how to use the Fluent Migrator open source tool to manage changes to the structure and data of your relational database. In addition, he talks about his NoSqlMigrator project, which brings this functionality to NoSQL databases.




The cast of The Comedy of Errors Tim Burton's 2003 film "Big Fish" was far from his most commercially successful movie. But it was a delightful story that combined fantasy, love, and adventure. In 2013, a musical adaptation of the tale premiered in Chicago. In 2023, the play returned to Chicagoland at the Marriott Theatre in Lincolnshire.

I attended the final performance Sunday evening and found it nearly as delightful as Burton's movie.

The musical's plot is similar to Burton's movie, with minor deviations. Edward Bloom is dying. His son Will feels he does not know his father because Edward has spent his life telling elaborate stories of his life. Through Edward's stories and through song, we get a look into the father's adventures as he befriends the giant Karl and courts his wife Sandra and joins a circus and rescues his hometown. But we are never sure which parts are authentic, which are invented, and which are exaggerated. We hear every story filtered through Edward's oratory and wit.

The songs are trite and formulaic but catchy. What elevated this show was the performance of Alexander Gemignani, who played Edward Bloom. He made the character larger than life. His transition from energetic young Edward to frustrated and feisty old Edward was outstanding.

After the show ended and the actors took their bows, Gemignani called to the stage the entire crew for a final thank you as the run ended. It was a fitting tribute and an ideal end to a delightful evening.

The cast of The Comedy of Errors The Chicago Shakespeare Theatre knows how to create a new twist on an old idea. They did so Friday night in their production of William Shakespeare's "The Comedy of Errors."

"Errors" is one of Shakespeare's simplest and shortest plays. Two pairs of twins begin life together. Two are well-born lords named Antipholus, while two named Dromio act as servants to the Antipholuses. At a young age, a shipwreck separates them. One Antipholus and Dromio settle in Ephesus, while the other pair settle in Syracuse. As adults, the four find themselves in the same city and cross paths repeatedly, which results in repeated mistaken identities and much slapstick humor. The script features variations on the same joke.

Rather than present the Bard's play directly, CST depicted a Hollywood studio filming an adaptation of "The Comedy of Errors" in London during the World War II German bombing of the city. We see multiple subplots within the moviemaking - the egotistical stage actor who feels the role of Dromio is beneath him; the director's wife, who is having an affair with the lead actor; parts that are filled by a standup comic and a pop singer to boost ratings. In between, we see the story of Antipholus and Dromio unfold.

This play within a movie within a story within a play makes Shakespeare's simple story more complex and more fun. A host of eccentric 20th-century actors portray eccentric 16th-century characters.

The play provides many laugh-out-loud moments as the outer story leaks into the inner story. The leading man's halitosis spoils a love scene. Debris from an air raid injures an actor, who must deliver his lines from a wheelchair.

CST founder and Artistic Director Barbara Gaines directed this adaptation, ending her longtime association with the Theatre. Ms. Gaines is stepping down this year.


She goes out on a high note.

Scott Rutz on Dapr

Comments [0]

Episode 741

Scott Rutz on Dapr

Scott Rutz describes how to use Distributed Application Runtime (Dapr) building blocks to simplify your microservices applications.


For the first time in a long time, I am excited to continue Robert Jordan's "Wheel of Time" series. For eleven books, Rand Al'Thor and his companions have been preparing to battle the forces of evil at the Last battle. The series began with great promise but dragged over the past few novels as Jordan failed to advance the story or resolve plot lines at an acceptable pace. 

This changed with the death of Robert Jordan.

Novelist Brandon Sanderson picked up the mantle and vowed to conclude the series. Jordan made extensive notes and expected his successor could resolve all subplots in a single book. But Sanderson and his publisher recognized the complexity woven by Jordan would take more than one book to resolve, so they split the conclusion into three volumes. "The Gathering Storm" is the first of those three - Number 12 in the series.

In this book, Rand prepares his armies for the last battle. We see his battle to retain his sanity as his power increases. We see his rejection of sentiment and emotion as he becomes focused on the fight with the Dark One to decide the world's fate. Close friends become pawns in his chess game, and bystanders are often expendable if Rand achieves his primary objectives. 

Other subplots brought to a conclusion: 

- The Aes Sedai have imprisoned Egwene for the crime of laying claim to the group's leadership. Egwene attempts to unite the White Tower and the Aes Sedai sisters despite her captivity.

- Rand attempts to make a truce with the Seanchan. Their invasion complicates Rand's war, so he approaches Tuon with a deal.

Sanderson tells the story much better than Jordan did. One chapter describes a town whose citizens are cursed to go on a murderous rampage each evening at sunset only to forget their crimes at daybreak. Sanderson builds tension where Jordan would have dragged out the narrative to the point of tedium. When  Egwene al'Vere visits Tel'aran'rhiod, Sanderson focuses on the essential details, giving the reader a sense of the shifting nature of the dream world. Jordan would have described in detail every article of clothing and background scenery without regard to its impact on the scene or story.

This will sound mean. Robert Jordan's "Wheel of Time" series benefited from the death of Robert Jordan. "The Gathering Storm" combines the imagination of Robert Jordan and the world he created with the storytelling of Brandon Sanderson. It is a winning combination.


Scythian in concertScythian is a product of multiple cultures, and they combine those cultures in their music.

Brothers Alexander and Danylo Fedoryka, who lead the band, are the children of Ukrainian immigrants. The brothers grew up in the hills of Virginia, and the band still resides in northern Virginia. So they incorporate the music of their parents' homeland with the traditional folk music of the American Southeast. All this is unusual because they are primarily a Celtic band. The brothers explained the relationship between Ukrainians and Irishmen: "We are basically cousins," they explained, because both peoples have suffered oppression, both enjoy music and a good time and both eat lots of potatoes.

And just to confuse us, they began their Sunday evening concert at Chicago's Athenaeum Center with a whaling song. The sea shanty "Wellerman" went viral two years ago, thanks to a Tik Tok video, and Scythian performed the harmony vocals exquisitely.

Danylo plays guitar and accordion, while Alexander plays fiddle, mandolin, and guitar. They are supported by Ethan Dean on bass and Johnny Rees on drums. Each member is excellent at his instrument, but they particularly shine on their vocals, which they often sing in harmony with one another. Although the Fedorykas sang lead on most tunes, Rees stepped to the front for a beautiful rendition of "Danny Boy."

All four dressed in traditional Ukrainian costumes for the event. They mixed in a few Ukranian tunes, along with some Americana music, such as "Song of Sacrifice" and the traditional "Crawdad Hole," which they offered as a tribute to Doc Watson.

The night's performance included more than just music. During some Celtic songs, a local group of young dancers joined them on stage to perform traditional Irish dances. Most of these songs were traditional or traditional-sounding, but they showed off their arrangement of U2's "I Still Haven't Found What I'm Looking For." Late in the set, the band's roadie came onstage to dance with a broom while the band accompanied him with an Irish reel.

I did not know what to expect when I arrived at The Athenaeum Sunday evening. I received everything.


GCast 144:

Managing Azure Active Directory Groups

This video walks you through the process of creating and managing security and M365 groups in Azure Active Directory.

Episode 740

Mike Shelton on Data Lakehouses

A Data Lakehouse combines the advantages of a Data Warehouse and a Data Lake. Mike Shelton discusses this technology and how to use it.

Elle King in concertElle King does not look or act like other famous singers. And she does not care.

She sings about drinking and smoking. And she carries a few more pounds than other singers boasting similar success. And she swears. She swears a lot. But she does not care. "You don't see women who look like me and sing about these things," she boasted to the crowd Saturday night at Chicago's Salt Shed amphitheater.

King opened with "Tusla," a recent rocking country song about a woman throwing all her man's possessions out on the grass after he leaves town with another woman: "Well, that good-for-nothin' mothertruckin' son of a gun; I don't need to know her name 'cause I can tell you which one," she wailed to an appreciative audience.

King has plenty of country and western songs, and she sang many on this night. Her band dressed in cowboy hats and The Great Whiskey Project from Mobile, AL delighted the crowd with their country-blues numbers before Elle took the stage.

King also has plenty of pop material from which to draw, and she mixed in some of these songs. Early in her set, she performed "Ex's and Oh's," her biggest hit, and the band impressed with a rendition of Dr. Hook's "The Cover of Rolling Stone."

But the evening mainly belonged to country music which Elle delivered in abundance. She sang a few slow songs ("Jersey Giant"), but most of the set was rough and rowdy.

King got a bit rough herself. I could not tell if she was joking when she told the keyboard player to "Shut the f*** up!" He seemed to take it in stride.

She closed the show with "Drunk (And I Don't Wanna Go Home)," a single she recorded with Amanda Lambert.

This was my first visit to the Salt Shed. The venue opened last year, and the indoor concert area opened earlier this year. Most patrons stand at the Shed, but the indoor space provides some grandstand seating.


It was a good night and a good show to experience this theater.

A New Era for "1776"

Comments [0]

The cast of 1776 To prepare myself for  "1776: The Musical," I listened to the 1969 original Broadway Cast recording. Then, I watched the 1972 movie adaptation starring William Daniels as John Adams.

I was not prepared.

"1776" tells the story of America's founding fathers as they debated declaring independence from Great Britain during the Revolutionary War. The story takes in Philadelphia during a sweltering June and July of 1776. Delegates represent all thirteen colonies, but the story focuses on John Adams, Benjamin Franklin, and Thomas Jefferson. 

The original production was good enough to win the 1969 Tony Award for Best Musical (it beat out "Hair" for the award) but lacked the staying power of other award winners. The performances on the soundtrack and in the film version were good but never great. However, the subject matter remains a fascinating topic. Numerous historians have analyzed how America became the first set of colonies to break away from its parent nation. The struggles of the young nation to find an identity is worth investigating.

Directors Jeffrey L. Page and Diane Paulus took the play to another level. They reimagined the founding fathers as women - often women of color. Only two minor characters in the play are female. Abigail Adams and Martha Jefferson were wives of statesmen, and their parts in the script were minor. But the actors portraying the men on stage were either female, trans, or non-binary. This casting brought a renewed energy to the performance. The ladies consistently referred to one another as "sir" and "he" and "him," despite the fact they were addressing actresses. 

The current production of "1776" breathed new life into a play that had begun to show its age.



Microsoft Azure Spring Apps (ASA) offers a simple, reliable, and scalable way to host your Java Spring applications. ASA frees you from managing the hardware, networking, infrastructure, and containers on which your application is running. All of those things are handled by the platform. ASA also provides simple deployment mechanisms for your code.

In this article, I will show you how to deploy a local Spring application to an Azure Spring App.


Azure Prerequisites

This article assumes that you already have an Azure Spring Apps Service and an Azure Spring App running under that service. Refer to the following articles for information on how to create these:

When I wrote this article, I created a service named "dgtestasasvc" and an app named "dtestapp", as shown in Fig. 1.

Apps listing

Fig. 1

Local Prerequisites

In order to proceed, you will need to have Java, Maven, and git installed locally. Many IDEs will assist you in installing these. If you are running on a Windows operating system, you should also install [Windows Subsystem for Linux[(https://learn.microsoft.com/en-us/windows/wsl/install).

Sample Code

You are welcome to use your own Spring application. However, if you do not have one available, you can this sample Spring Boot application. It contains a single page that displays the message: "Greetings from Spring Boot!"

Retrieve and build the sample application with the following commands:

git clone -b boot-2.7 https://github.com/spring-guides/gs-spring-boot.git
cd gs-spring-boot/complete
mvn clean package -DskipTests


The Azure CLI contains a command to deploy a Spring App to an existing Azure Spring App. The syntax is:

az spring app deploy \
    --resource-group  \
    --service  \
    --name hellospring \
    --artifact-path target/spring-boot-complete-0.0.1-SNAPSHOT.jar

Here is the syntax for my service and app:

az spring app deploy \
    --resource-group dgtestasarg \
    --service dgtestasasvc \
    --name dgtestapp \
    --artifact-path target/spring-boot-complete-0.0.1-SNAPSHOT.jar

This deployment may take a couple minutes.

Test the Deployed App

If your application deploys without error, you can view it by opening a web browser and navigating to:

https://ASA Service Name-App-Name.azuremicroservices.io


Here is the URL for my deployment:


The output is shown in Fig. 2.

Test Output

Fig. 2


In this article, you learned how to deploy a local Spring application to an Azure Spring App.

Episode 739

Jimmy Bogard on Vertical Slice Architecture and MediatR

A few years ago, Jimmy Bogard become frustrated with building and maintaining applications that partition components horizontally. He found that separating application code along vertical lines reduced the complexity and rigidity of his applications. He discusses this pattern and MediatR - the open-source tool he created to facilitate Vertical Slice Architecture.






February 2023 Gratitudes

Comments [0]

Today I am grateful for all I learned about Kubernetes over the past 2 weeks.

Today I am grateful for a new countertop combination toaster oven / air fryer / convection oven.

Today I am grateful to be a guest on the Visual Studio Toolbox show last night.

Today I am grateful to pass 700 subscribers to my shows "Technology and Friends" and "GCast."

Today I am grateful to talk with Matt yesterday for the first time in years.

Today I am grateful to see a musical production of "Wuthering Heights" last night at the Chicago Shakespeare Theatre.

Today I am grateful to see the Tannahill Weavers in concert last night.

Today I am grateful to have friends over to watch the Super Bowl yesterday.

Today I am grateful for dinner with my son last night

Today I am grateful for the outpouring of support for those affected by the shooting at Michigan State University.

Today I am grateful to see Ana Popovic in concert last night.

Today I am grateful for:

  • a successful surgery for Marlene
  • a conversation with Betsy yesterday

Today I am grateful to go to Andy's Jazz Club with John and Kim last night

Today I am grateful for a birthday conversation with my brother across the International Date Line

Today I am grateful

-to attend a memorial service for Ed yesterday -to see Denny Laine in concert last night

Today I am grateful to see Dave Mason in concert last night.


Today I am grateful to be a guest on the Visual Studio Toolbox show. 2/23
Today I am grateful for lunch with my sons yesterday

Today I am grateful to pass the AZ-204 exam

Today I am grateful to replace the batteries in my smoke detector.

Today I am grateful to visit Marline in the hospital yesterday.

Today I am grateful to edit a bunch of videos last week.

Today I am grateful for a fresh haircut.

Today I am grateful to work with a partner on-site this week.

Today I am grateful

  • to all who sent me kind birthday wishes yesterday
  • for dinner with Mike and Travis
  • to see Drunk Shakespeare last night at the Lion Theater

Today I am grateful to celebrate my birthday last night with some of my favourite people by seeing 1776: The Musical.

Today I am grateful that the predicted severe storm mostly missed us yesterday.

Today I am grateful to see Elle King in concert last night.

Drunk Shakespeare performing MacbethI have walked past the Lion Theater on Wabash Street hundreds of town without noticing the entrance, the sign above it, or the play inside.

Finally, I made my way inside to see "Drunk Shakespeare."

The premise: A group of actors perform a play by William Shakespeare. They switch between a faithful adaptation of the bard's script and off-color humor. The twist is that one of the performers publicly downs four shots of whisky before the play begins. He drinks a few more during the night, becoming progressively more drunk and sloppy. "You cannot spell 'bard' without 'bar'," announces the Master of Ceremonies.

Tonight's performance more or less followed WS's script for "Macbeth"; but the cast interjected plenty of jokes into the mix.

Drunk Shakespeare performing MacbethThe performers often break the figurative fourth wall, interacting with the audience, sometimes flirting or telling raunchy jokes. This was easy to do as the audience sat on benches along the long narrow stage, making it difficult to separate the performers from the observers.

The show was funny enough without adding the gimmick of one drunk actor. It was one more joke, and while amusing, it was far from the funniest part of the evening. I am not convinced that he was consuming alcohol. The shots he downed could have been anything. But a schtick is a schtick, and this one did not detract from the show.

"Drunk Shakespeare" is part scripted, part improv, and all fun.

I enjoyed this show more than I expected I would.


Microsoft Azure Spring Apps (ASA) offers a simple, reliable, and scalable way to host your Java Spring applications. ASA frees you from managing the hardware, networking, infrastructure, and containers on which your application is running. All of those things are handled by the platform. ASA also provides simple deployment mechanisms for your code.

In a previous article, I showed how to create an Azure Spring App Service. A service can host many Apps.

Creating an Azure Spring App

To add an Azure Spring App to an Azure Spring App Service, log into the Azure portal and navigate to your Azure Spring App Service "Overview" tab, as shown in Fig. 1.

Overview Blade

Fig. 1

Click the [Apps] button (Fig. 2) to open the "Apps" blade, as shown in Fig. 3.

Apps Button

Fig. 2

Apps Blade

Fig. 3

Click the [Create App] button (Fig. 4) to open the "Create App" dialog, as shown in Fig. 5.

Create App Button

Fig. 4

Create App Dialog

Fig. 5

A new empty row displays.

At the "App name" field, enter a name for your Azure Spring App. The name must be unique within this Azure Spring App Service.

At the "Deployment Type" dropdown, select "Artifacts" if you plan to deploy a JAR file; or select "Custom Container" if you plan to deploy from a container image.

At the "Runtime platform" dropdown, select the version of Java on which your app runs.

At the "vCPU" dropdown, select the fraction of virtual CPU to allocate to this app: 1 or 0.5.

At the "Memory" dropdown, select the amount of memory to allocate to this app.

At the "Instance count" field, enter the number of instances of the app you want to deploy.

Click the [Create] button to begin creating a new Azure Spring App with sample application code deployed.

After the App is created, it should be listed in the "Apps" blade, as shown in Fig. 6.

Apps Blade With App

Fig. 6

Click the [Refresh] button if you do not see the App listed.

Click the App name to view details about the Azure Spring App. The App's "Overview" blade displays, as shown in Fig. 7.

App Overview Blade

Fig. 7

Click the [Assign Endpoint] button (Fig. 8) to create a direct endpoint URL for this app.

Assign Endpoint Button

Fig. 8

You can view the sample application deployed by clicking either the "URL" link or the "Test endpoint" link (Fig. 9) to display the sample web page shown in Fig. 10.

URL Links

Fig. 9

Test App

Fig. 10


In this article, I showed you how to add an Azure Spring App to an Azure Spring App Service. In the next article, I will show you how to deploy your own Spring App to this Azure Spring App.

GCast 143:

Invite External Users to Azure Active Directory

You can allow users outside your organization to access your Azure Active Directory resources without the need to manage their accounts. This video shows you how to invite external users.


Microsoft Azure Spring Apps (ASA) offers a simple, reliable, and scalable way to host your Java Spring applications. ASA frees you from managing the hardware, networking, infrastructure, and containers on which your application is running. All of those things are handled by the platform. ASA also provides simple deployment mechanisms for your code.

Creating an Azure Spring App Service

When working with ASA, you first need to create an Azure Spring App Service. A service can host many Apps.

To create a service, log into the Azure portal and click the [Create a resource] button (Fig. 1) and search for "Azure Spring Apps", as shown in Fig. 2.

Create Resource Button

Fig. 1

Search For Azure Spring Apps

Fig. 2

If the "Azure Spring Apps" tile (Fig. 3) displays, click the [Create] button to display the "Azure Spring Apps" information screen, as shown in Fig. 4.

Azure Spring Apps Tile

Fig. 3

Azure Spring Apps Info

Fig. 4

The "Azure Spring Apps" creation dialog displays with the "Basics" tab selected, as shown in Fig. 5.

Basic Tab

Fig. 5

At the "Subscription" dropdown, select the Azure subscription in which you want to create the Azure Spring Apps service. Most of you will have only one subscription.

At the "Resource group" field, enter the name of the Resource Group in which you want to store this service or click the "Create new" link to create a new Resource Group.

At the "Name" field, enter a unique name for the Azure Spring Apps Service.

At the "Region" dropdown, select the Azure region in which to create the Azure Spring Apps Service. To minimize latency, consider the location of your users and any other services or data with which your apps will interact.

By default, the "Pricing" field selects the Basic tier pricing. Click the "Change" link to select a different pricing tier.

Click the [Review and create] buton to advance to the "Review and create" tab, as shown in Fig. 6.

Review Create Tab

Fig. 6

If you made any errors, they will display here. You will need to return to the tab with the error and correct it before you can proceed. If everything looks good, click the [Create] button to begin creating the Azure Spring Apps Service. This will take a few minutes.

After the Azure Spring Apps Service is created, the "Your deployment is complete" confirmation displays, as shown in Fig. 7.

Deployment Complete message

Fig. 7

Click the [Go to resource] button to navigate to the "Overview" blade for your Azure Spring Apps Service, as shown in Fig. 8.

Overview Blade

Fig. 8

Creating an Azure Spring App

Deploying a Spring App to Azure Spring Apps


In this article, I showed you how to create a new Azure Spring App Service. In the next article, I will show how to create a new Azure Spring App within this service.

Episode 738

Rob Richardson on Containerization

Rob Richardson talks about the advantages of running your applications in containers and using tools like Kubernetes to manage them.



Dave Mason BandI love when an artist opens a concert with one of my favourite songs. Dave Mason did just that Monday evening at the City Winery when he began his set with "Only You Know and I Know" - an early 1970s song that caught the ear of preteen David as I listened to my parent's AM radio.

Mason came to prominence in the late 1960s as a founding member of Traffic, a band known for its psychedelic blues numbers. Mason's band performed songs from this era, including "Rock And Roll Stew," "Low Spark of High Heeled Boys," and "Dear Mr. Fantasy." He followed up this set with a rendition of "Can't Find My Way Home," a song made famous by Blind Faith, the supergroup made up of Traffic alumni and others.

Mason sang lead on some songs and let his bandmates take the lead on others. And what a band it was! Martin Fera (drums), Johnne Sambataro (guitar), Ray Cardwell (bass), and Tony Patler (keyboards) were all top-notch.

David Giard and Dave MasonDave Mason has been around long enough to change his musical persona multiple times, and he drew on all these styles at his performance Monday evening at the City Winery.

His solo work from the 1970s appealed to me because that is when I first discovered him. He played selections from his "Alone Together" album, which he recently re-recorded because the original master tapes were destroyed in a Universal Studios fire. He broke out a 12-string guitar solely for his megahit "We Just Disagree." He sang the love song "Every Woman" to prove, in his words, "I'm a sensitive son of a bitch!" And he closed with "Feelin' Alright?" - a song written by Mason but made famous by Joe Cocker.

This finale brought the audience to its feet for a climactic conclusion.

Denny LaineDenny Laine has had a hand in more popular music than you probably realize.

He was a founding member and lead singer of The Moody Blues before Justin Hayward replaced him and the band took a different direction. In 1971, Paul and Linda McCartney recruited him to join their new band, Wings. That collaboration lasted ten years.

In between, Laine has recorded solo albums and worked with many of the biggest names in rock & roll. He spent much of his performance Sunday night at the City Winery dropping those names. He told stories of his interactions with McCartney, Jimi Hendrix, Sonny Boy Williamson, Paul Simon, and many others with whom he worked and befriended over the years. It was an evening of music and storytelling, and Laine drew on his over six decades in the business to provide both.

He told a story of the beautiful French girls who failed to show up for a Paris date with him and Mike Pender. While waiting for the girls, Laine wrote "Boulevard De La Madeleine" - a song that peaked at #2 in France.

He told of touring with Sonny Boy Williamson, who inspired him to write "Bye Bye Bird" - an early Moody Blues hit.

He talked of writing "Deliver Your Children" for Wings and of McCartney's suggestion to add a Spanish guitar to the arrangement.

He told of showing two partial songs to McCartney, who suggested combining them. When Laine admitted he had no words yet for the tune, Paul told him to call it "No Words." Denny later wrote words around this title.

Denny Laine and David GiardHe related the tale of co-writing and recording the classic "Band on the Run" album in Nigeria. Robbers stole the rehearsal master tapes from McCartney at knifepoint as he walked to his room. Laine closed by playing "Band on the Run," inspiring the audience to sing along.

Although most of Mr. Laine's career involved collaboration with a band, he performed solo on this night, accompanying himself on guitar. The 78-year-old no longer has the vocal range he boasted in his youth, but no one can question his guitar playing.

Nearly all of the evening's music was written or co-written by Laine. But he did insert his interpretation of Paul Simon's "Richard Coury" - a song that Wings would sometimes play in concert.

Laine endeared himself to the sold-out audience by his playing and his personality. After nearly two hours performing, he remained on stage to chat, sign autographs, and pose for photographs with fans.


Running an active YouTube channel can be hard work. You may want to offload some of that work to others. You likely do not want to share your password, so YouTube provides a way to grant access to other users, allowing them to perform actions on your account.

The user to whom you delegate much have a Gmail address and should have a YouTube channel (If they don't have one already, they will be prompted to create one when they accept your invitation.)

Granting Permission

The following section pertains the person granting permissions.

To begin, log into your YouTube account, click your account icon in the top right corner, and select [YouTube Studio] from the dropdown menu, as shown in Fig. 1.


Fig. 1

The "YouTube Studio" page displays. Select [Settings] from the left menu, as shown in Fig. 2.


Fig. 2

The "Settings" dialog displays, as shown in Fig. 3.


Fig. 3

Select [Permissions] to display the "Permissions" dialog, as shown in Fig. 4


Fig. 4

Click the [INVITE] button (Fig. 5) to display the Invitation dialog, as shown in Fig. 6.


Fig. 5

Invitation Dialogue

Fig. 6

At the "Email" field, enter the email address of the person to whom you wish to delegate permissions. This must be a valid Gmail address.

At the "Access" dropdown (Fig. 7), select the type of access you wish to grant to this user. A description appears below each access level. Only grant the amount of permission the user needs to perform the operations you wish to perform.

Access Dropdown

Fig. 7

After you select an Access permission, you return to the Invitation dialog, as shown in Fig. 8.

Invitation Dialogue

Fig. 8

Click the [DONE] button to close this dialog and return to the "Permissions" dialog, as shown in Fig. 9.


Fig. 9

Click the [DONE] button to grant permissions.

Accepting Permissions

The following instructions apply to the user to whom permission is granted.

You will receive an email similar to the one shown in Fig. 10.

Invitation Email

Fig. 10

Click the [ACCEPT INVITATION] button.

If you do not yet have a YouTube channel, you will be prompted to create one, as shown in Fig. 11.

How You'll Appear

Fig. 11

A confirmation message similar to the one shown in Fig. 12 displays, indicating what permissions you have on the channel.


Fig. 12

Click the [CLOSE] button to close this dialog and display your YouTube channel.

In order to act on the other channel to which you were granted permissions, click your account icon in the top right corner, and select [Switch account] from the dropdown menu, as shown in Fig. 13.


Fig. 13

Select the other channel, as shown in Fig. 14.

Switch Account

Fig. 14

You will now be able to perform any actions on that channel to which you were granted permission.


In this article, you learned how to grant permission to another user to manage your YouTube channel.

NOTE: Thank you to Peter Laudati for helping me work through and better understand this process.

Episode 737

Kira Soderstrom on Power Platform

Kira Soderstrom describes how to build low-code solutions using Microsoft's Power Platform.


Power Platform Training Material:



Power Platform Learning Resources and Customer Success Stories: 



PowerUp Online and Interactive Training Resources for Canvas Apps: 



Power Platform Admin Documentation: 



Power Platform Center of Excellence Overview: 



The Tannahill Weavers The Tannahill Weavers have been performing for 55 years. Dozens of musicians have come and gone over the years, but the two consistent members have been Roy Gullane on guitar and lead vocals; and Phil Smillie on various woodwind instruments. Saturday night at the Old Town School of Folk Music, they were joined by Malcolm Bushby on fiddle and Iain MacGillivray, who rotated between woodwind, fiddle, and bagpipes.

The Weavers have recorded some modern music over the years, but this concert consisted primarily of traditional Celtic songs - mostly from their native Scotland. Some of the music was written in the past century, but it still had a classic feel to it. They played jigs and ballads and reels, alternating between instrumentals and vocal compositions - many of which showed off the band's tight harmonies.

Roy Gullane took center stage, singing lead on most songs and chatting with the audience. He joked about the pleasantness of bagpipes and his younger romantic self. But it was MacGillivray who stole the shoe with his impressive bagpipe playing. This was the first time I had seen a bagpiper up close, and his melodies and rapid finger impressed me.

The show felt more intimate than most shows at the Old Town. The band performed in Szold Hall, which is much smaller than Maurer Hall, where most visiting artists perform.


Other bands have worked to keep Celtic music alive, but few have done so as long or as well as The Weavers.

Wuthering Heights cast I was unprepared when my friend took me to The Chicago Shakespeare Theatre Friday evening to see "Wuthering Heights."

I knew the Emile Bronte novel from reading it years ago. I remember very little of the 1939 William Wyler movie I saw decades ago. But I knew the story. Adopted Heathcliff, abused by his family and neighbors and haunted by the loss of his love, descends into madness and mistreats his own family in his quest for revenge. It is a dark tragedy that takes place on the depressing moors of northern England.

I was not expecting a musical.

This production by the UK's Wise Children Theatre Company is filled with song and dance. But, while the music entertains, the story retains the darkness of the source material.

Although this night's show elevated several understudies, I witnessed excellent performances! Ricardo Castro was brilliant as Heathcliff. We believe he was consumed by his anger and haunted by his lost love.

Among the regular cast, Georgia Bruce stands out in her portrayal of Heathcliff's abused wife Isabella, their sickly son Linton, and one of a group who portray the 18th-century Yorkshire moors.

In this adaptation, playwright and director Emma Rice omitted the character of Nelly, who served as a housekeeper and narrator of much of the story in the novel. Instead, she opted to bring to life the moors, casting multiple actors to speak, listen, sing, and dance as they advance the narrative. This technique works. The anthropomorphic moors frequently break the fourth wall to make sense of a plethora of characters, subplots, and deaths.


The entire performance exceeded my expectations.

GCast 142:

Security Defaults in Azure Active Directory

Security Defaults are a quick and easy way to set some basic security on an Active Directory tenant until you have time to define the policies appropriate to your organization.

Episode 736

Brian Korzynski on Machine Learning Challenges for a C# Developer

Brian Korzynski describes how write Machine Learning solutions in C# and the challenges creating, deploying, and consuming ML models.

Mavis Staples Mavis Staples is growing old. She turned 83 last year and has neither the energy nor the vocal range that made her famous in her youth.

But she pours into her performance all the energy that she has. She did so Saturday night at a sold-out Symphony Center. The Chicago Symphony Orchestra usually performs at this venue. However, Staples took the stage this night, accompanied only by a drummer, bass, guitarist, and two backing singers.

Inglewood native repeatedly told the delighted audience, "It's good to be home."

Although fans in the crowd cried out for "The Weight" and "I'll Take You There," Mavis skipped those songs. Still, the sold-out crowd loved her musical selection, as she mixed blues, soul, gospel, and R&B. My favourites were "Respect Yourself" and her version of The Talking Heads' "Slippery People."

Between each song, Mavis relaxed, sipped her tea, and gathered her strength before throwing herself into the following number.

There was no encore, but it was an entertaining evening. Even the warmup band (blues singer/guitarist Celisse) was excellent. Mavis Staples is a national treasure, and I am happy I finally had the chance to see her live.



Spafford Spafford has taken a non-traditional approach to building an audience. They self-produce their albums and release them on their own label, tour frequently, and live-stream their concerts. Much like the Grateful Dead and Phish (bands that clearly influenced Spafford), they expand their audience via word of mouth rather than radio airplay.

It works. Spafford has developed a large international following and sells out shows worldwide. Fans packed the Park West concert hall Friday night to see Spafford perform live.

The band's music did not disappoint. They filled two sets and an encore with funky jazz-influenced rock melodies. The musicians are first-rate and extended each song with impressive improvisational solos. Much of the music was hypnotic, intensified by the laser light show behind them. They played only eleven songs, each lasting 10-20 minutes, so the show continued well past midnight. Puzzlingly, their announced "short break" stretched to over a half hour.

Friday night's set consisted almost entirely of originals. The lone exception was a bluesy rendition of the Eagles' "Those Shoes," which bled into an extended instrumental break.

Each band member is a proficient musician. Jordan Fairless on bass, Cory Schechtman on keyboards, and Nick Tkachyk on drums all impress; but Brian Moss's guitar licks stood out. His fingers burned across the stream on solos and provided great rhythm when others took the spotlight.

If you missed this show, do not despair. There is a good chance they will play at a venue close to your home. And if you miss that, you can catch live streams and recordings of their concerts.

Episode 735

Jeffrey Miller on Building a Second Brain

Tiago Forte's book "Building a Second Brain" describes how to manage the flood of information we consume each day. Jeffrey Miller discusses the principles and practical applications of Forte's framework.

https://www.buildingasecondbrain.com/ https://www.skeeterbooks.com/

January 2023 Gratitudes

Comments [0]

Today I am grateful for some time off over the holidays and a chance to work on some non-work things.

Today I am grateful for a new power supply in my computer

Today I am grateful my chiropractor was able to see and treat me on short notice

Today I am grateful to attend an exciting Bulls - Nets game with my son last night.

Today I am grateful to replace the battery in my car key fob

Today I am grateful my replacement CPAP machine arrived

Today I am grateful to see "Improvised Jane Austen" at iO Theater last night.

Today I am grateful my back pain is finally subsiding after two weeks

Today I am grateful to arrive safely in Sandusky, OH.

Today I am grateful to Chris for a place to stay this week.

Today I am grateful to see so many old friends this week.

Today I am grateful for those who say nice things about me in public.

Today I am grateful to the organizers of #Codemash, their willingness to adapt, and their transparency toward the attendees.

Today I am grateful for my new electric kettle.

Today I am grateful to see "The Ripple, The Wave That Carried Me Home" at the Goodman Theatre last night.

Today I am grateful to see the Sheryl Youngblood band perform at SPACE last night.

Today I am grateful for a long conversation with an old friend last night

Today I am grateful:

-for lunch with my team to welcome the new guy

-to Jason for answering my questions about book publishing

Today I am grateful for lunch with Michael yesterday

Today I am grateful that I am still employed.

Today I am grateful to see John Ondrasik, a.k.a. Five for Fighting in concert last night.

Today I am grateful to schedule a bunch of interviews with smart people for my show over the next few weeks

Today I am grateful for a new wireless mouse and keyboard.

Today I am grateful to stay at home when the weather is bad.

Today I am grateful to see Patty Griffin in concert last night.

Today I am grateful for a bunch of minor repairs on my car.

Today I am grateful that the gym in my building is open again after being closed for 3 years.

Today I am grateful to see "Chicago - The Musical" from the front row of the CIBC Theatre yesterday.

Today I am grateful to deliver a virtual presentation at the SpartaHacks hackathon at Michigan State University.

Today I am grateful for exactly 5 years in my current home.

Today I am grateful for drinks with Dan and a group of MVPs last night.

Today I am grateful to see a live recording of "Wait Wait Don't Tell Me" last night at the Studebaker Theatre.

Today I am grateful to see Spafford in concert last night.


Today I am grateful to see Mavis Staples in concert last night.

Chicago in Chicago

Comments [0]

Roxy and Velma "Chicago - the Musical" was excellent! Great music! Great dancing! Great performance! Great seats!

I have seen the 2002 movie adaptation multiple times but had never experienced the live musical until Sunday afternoon at Chicago's CIBC Theatre.

For those few who don't know, "Chicago" is the story of Velma and Roxie - a sexy cabaret singer and a sexy wanna-be cabaret singer, each of whom is arrested for murder. Sleazy lawyer Billy Flynn takes on their cases and manipulates the media to move public opinion in favor of the ladies.

The play contains almost no good people, no lessons learned, and no tale of moral redemption. The only one who shows kindness is Roxie's husband, Amos, who is so mistreated and ignored that he musically refers to himself as "Mr. Cellophane." ("Mr. Cellophane shoulda been my name, 'cause you can look right through me; walk right by me; and never know I'm there!")

The cast of ChicagoBut the story is funny, and the songs are fantastic. And the production by this year's touring company featured great choreography and excellent singing from all the cast members. Logan Floyd and Katie Frieden are perfect as the amoral femme fatales Velma and Kelly Roxie, while Jeff Brooks shines as the sleazy Jeff Brooks. Other standouts included Brian Kainowski as the dimwitted Amos and Christina Wells portraying prison matron "Mama" Morton.

The music recalls the jazz of the 1920s and serves as a backdrop for the wild lives of the characters.

My seats in row 1 were labeled "Obstructed View" because we could not see the performers' feet. But this proximity to the stage made one feel a part of the show. On multiple occasions, the actors directed their lyrics right at us.

"Chicago" was a bucket list show for me. This was one of the most enjoyable performances I have attended.

GCast 141:

Conditional Access Policies in Azure Active Directory

Learn about Azure Active Directory conditional access policies and how to use them to apply policies for users, devices, or applications.

Episode 734

Peter Ritchie on Naming Things in Software Projects

Peter Ritchie discusses the importance of Naming Things consistently in your software development projects.


Patty Griffin There is something about Patty Griffin. It is not her vocal range, which time has diminished from its impressive peak two decades ago. It is not her musicianship. She is an adequate guitar, mandolin, and piano player; but recognizes her limitations enough to bring on tour David Pulkingham, whose instrumental mastery surpasses hers.

First, it is her songwriting. The simplicity of Patty's melodies hide the deepness of the lyrics and arrangements. Second, it is her emotional connection with an audience. When she sings, you can feel what she was feeling when she wrote the song. And when she talks, she connects with the audience as if we were old friends having a conversation.

She reinforced this connection Thursday night at The Old Towne School of Folk Music in Andersonville. A full house enjoyed two hours of music from Ms. Griffin, who captivated us all. She chatted with the audience between songs. She talked about the Chicago snow and reminded us to drive safely. She joked about growing up in Old Town, Maine, and how appropriate it was that she performed at a place with the same name. She told the story of the town's demise when the mills closed. She lamented the changes to her adopted home of Austin, Texas. She railed against Texas politicians, then apologized for talking politics.

Musical highlights included angelic melodies like "Mary" and "Heavenly Day" and the rousing finale, "No Bad News."

The night moved quickly as Griffin transitioned from song to song. Before I knew it, the show was over, and it was time to drive home in the Chicago snow.


When John Ondrasik signed with EMI Records in 1995, the record label convinced him to release his music under the name "Five for Fighting". They were convinced the era of the singer-songwriter had passed and wanted a name that sounded like a band.

EMI's American label folded shortly after the Five for Fighting's first album, but Ondrasik kept the stage name. 

On Saturday night at Evanston's SPACE, Ondrasik appeared under his real name. He was alone on stage, accompanied only by his guitar and piano.

Ondrasik announced that he would take requests and play any song that he could remember. Immediately, multiple audience members shouted for his 2003 hit song "100 Years". He replied, "If I play 100 Years now, it will be the earliest I have ever played it in a concert." He sat down and played it right away. The audience loved it, and Ondrasik joked, "I hope everyone doesn't leave now."

They did not leave, and the singer-songwriter entertained them for over two hours, drawing on his catalog of six studio albums. At 58, his voice still retains the great range that appealed to adult contemporary radio audiences in the 1990s.

In between songs, he told stories of his life. He explained how much he enjoys playing "100 Years," - a song describing changing feelings as one ages. "When I wrote the song," he explained, "I was in the second verse. Now I'm in the bridge."

Ondrasik has a passion for supporting American soldiers. He has performed for the troops many times and written songs about military struggles in Afghanistan and Ukraine. He spoke on this topic for some time during the show. It was an interruption in the music, but his passion held the audience. After his speech, he presented a slideshow of his recent trip to Ukraine while he performed "Can One Man Save the World?" - a tribute to Ukrainian President Volodymyr Zelenskyy, who is currently fighting the Russians invading his country.

His SPACE performance was not part of a tour. Ondrasik was in town to see the premiere of "Last Out" at Chicago's Steppenwolf Theatre - a play about a green beret attempting to rescue those left behind after America withdrew from Afghanistan. He decided to schedule a solo show while in the area. 

Chicagoland was fortunate on this night.


Azure Active Directory (AAD) provides groups as a way to manage multiple users together. After you create a Group, you can add Users to that Group. This article walks you through the process of adding Users to an AAD Group.

Adding a User to a Group

To add Users, first log onto the Azure Portal as an Administrator; then search for Azure Active Directory, as shown in Fig. 1.

Search For Azure Active Directory
Fig. 1

The "Overview" blade of Azure Active Directory displays, as shown in Fig. 2.

Azure Active Directory
Fig. 2

In the left menu, click the [Groups] button (Fig. 3) to open the "All Groups" blade, as shown in Fig. 4.

Groups Button
Fig. 3

All Groups Blade
Fig. 4

Find your Group by entering text in the search text box at the top of the blade, as shown in Fig. 5.

Search For Group
Fig. 5

Click the name of the group to display the group's "Overview" blade, as shown in Fig. 6.

Overview Blade
Fig. 6

Click the [Members] button (Fig. 7) in the left menu to display the "Members" blade, as shown in Fig. 8.

Members Button
Fig. 7

Members Blade
Fig. 8

To add members, click the [Add members] button (Fig. 9) to display the "Add members" dialog, as shown in Fig. 10.

Add Members Button
Fig. 9

Add Members Dialog
Fig. 10

Search for and Select the Users you wish to add to this Group. They will display under the "Selected items" section. You can click the [Remove] button next to a User to remove them from this list. Click the [Select] button to commit these changes. A list of all members of the Group will display, as shown in Fig. 11.

Members List
Fig. 11

NOTE: Click the [Refresh] button if you do not see the Users you just added to the Group.

Now, any permissions you apply to the Group will apply to all Users who are members of this Group.


In this article, you learned how to add Users to an Azure Active Directory Group.

The cast of The Ripple, The Wave that Carried Me Home "The Ripple, The Wave that Carried Me Home" tells of racism, segregation, family, and home, and it does so in barely 90 minutes.

Christian Anderson's play focuses on Janice, a young professional black woman with a career in Ohio, who receives a call requesting her to speak at a dedication ceremony in her hometown of Beacon, Kansas. The folks in Beacon have decided to name the local swimming pool after Janice's father, who was instrumental in integrating the city's pools.

The call brings back memories Janice of growing up in Beacon, the prejudices her family suffered, her parents' fight for social justice, and her strained familial relationships.

Chicago's Goodman Theatre production of "Ripple" was powerful, humorous, and moving. The story is told in flashbacks to the family history. Each actor had to play themself at different ages, and they did so perfectly. Among a small cast, Chrstiana Clar stood out as Janice, as did Ronald L. Conner and Aneisa J. Hicks as Janice's parents, Edwin and Helen.

We saw the passion and pain of growing up in segregated 1960s America. A police officer's assault of Helen during a traffic stop was particularly disturbing. Flashing forward to the "present," we saw the family's reaction to the Rodney King verdict as it played out on national TV.

Through it all, we saw the presence of water. A pool lit with fluorescent blue light was always visible on stage - a reminder of the segregation that existed explicitly for so long in this country - a symbol of every separate but unequal public service in places across America.

This play made me smile. But it also made me sorry for some of my country's history.

GCast 140:

Using the Microsoft Graph API

Learn how to use the Microsoft Graph API to manage resources in Microsoft 365, such as users' OneDrive files and emails.

I will cover how to call the API, as well as the prerequisites required to use this API.


Dealing with and managing individual Users in Azure Active Directory (AAD) can be a challenge - particularly when your organization has many Users. The same can be said for managing many Devices in AAD. To help, AAD allows you to create Groups and add Users and Devices into these Groups. You can then manage many Users or Devices simultaneously by managing the Group or Groups to which they belong. You can add Users or other Groups or Devices to an AAD Group.

Types of Groups

AAD provides two kinds of Groups: Security Groups and Microsoft 365 Groups.

A Security Group allows you to set security permissions on the entire Group. You can allow or deny an entire Group to perform a specific action (e.g., read, create, or update) on a specific asset or set of assets.

A Microsoft 365 (M365) Group is used for communication, allowing you to send email messages to an entire Group of Users at once. This replaces what was once called a Distribution Group.

Membership Types

AAD allows a Group to be either Assigned or Dynamic. You will explicitly add Users and Groups to an Assigned Group. For a Dynamic Group, you will enter a set of criteria. Only Users or Devices matching that criteria are added to the Group.

Creating a Group

To manage AAD Groups, log onto the Azure Portal as an Administrator; then search for Azure Active Directory, as shown in Fig. 1.

Search For Azure Active Directory
Fig. 1

The "Overview" blade of Azure Active Directory displays, as shown in Fig. 2.

Azure Active Directory
Fig. 2

In the left menu, click the [Groups] button (Fig. 3) to open the "All Groups" blade, as shown in Fig. 4.

Groups Button
Fig. 3

All Groups Blade
Fig. 4

Click the [New Group] button (Fig. 5) to display the "New Group" dialog, as shown in Fig. 6.

New Group Button
Fig. 5

New Group Dialog for Security Group Type
Fig. 6

At the "Group type" dropdown, select the Group type ("Security" or "Microsoft 365"). By default, the "Security" Group type is displayed. If you select "Microsoft 365" at the "Group type" dropdown, the dialog prompts change, as shown in Fig. 7.

New Group Dialog for Microsoft 365 Group Type
Fig. 7

As you can see, the Microsoft 365 Group includes one more prompt - for the Group email address.

At the "Group name" field, enter a name that is unique for this Azure Active Directory.

For a Microsoft 365 Group, enter an email address at the "Group email address" field. Every User in the Group will receive any message addressed to this email address. This prompt does not display for Security Groups.

At the "Group description" field, enter a brief description of the Group.

At the "Azure AD roles can be assigned to this Group" prompt, select "Yes" if you would the ability to add Azure Active Directory roles to this Group, in addition to Users and Groups. This setting cannot be changed after the Group is created. If you select "Yes", an extra "Roles" prompt will appear and the "Membership type" prompt will select "Assigned" and will be disabled, so you cannot change its value.

At the "Membership type" dropdown, select "Assigned" or "Dynamic User" or "Dynamic advice". Your selection will determine some proceeding prompts. Assigned membership type tells AAD that you will explicitly select the Users, Groups, and (potentially) roles that belong to this Group. Dynamic User and dynamic Device membership types allow you to define queries. Any User or Device that matches that query is automatically assigned to this Group.

Regardless which Membership Type you selected, you can assign Owners to the Group. A Group Owner is allowed to manage a Group - for example adding and removing Users from the Group. At the "Owners" link, select the Group's Owners, using the dialog shown in Fig. 8.

Add Owners dialog
Fig. 8

If you selected the "Assigned" Membership Type (Fig. 9), click the "Members" link to display the "Add members" dialog (Fig. 10) and select the Users and Groups that will be members of this Group.

Assigned Membership Type
Fig. 9

Add Members dialog
Fig. 10

If you selected the "Dynamic User" Membership Type (Fig. 11), click the "Add dynamic query" link to display the "Dynamic membership rules" dialog (Fig. 12) to build a query. Any User for which this query returns true will be a part of this Group.

Dynamic User Membership Type
Fig. 11

Dynamic Membership Rules dialog
Fig. 12

If you selected the "Dynamic Device" Membership Type (Fig. 13), click the "Add dynamic query" link to display the "Dynamic membership rules" dialog (Fig. 14) to build a query. Any Device for which this query returns true will be a part of this Group.

Dynamic Device Membership Type
Fig. 13

Dynamic Membership Rules dialog
Fig. 14

Click the [Create] button to create the Group.


In this article, you learned how to create an Azure Active Directory Group - a useful way to manage many Users or Devices at once.

2022 in Review

Comments [0]

I was in a dark place in January 2022. It took some time and a lot of effort, but I was able to climb out and retake control of my life.

I will talk more about that later. First, I will list some of the things that happened and that I accomplished these past twelve months.


The big news this year was my son Nick's wedding. After years of dating, he and Adriana were married in Florida in a beautiful Florida ceremony presided over by her brother.

My sons continued success in their careers. Tim completed his second year as a consultant at Microsoft, and Nick began his fourth season as Head Basketball Coach at Kalamazoo College.


As the world began to reopen following the worst of the pandemic, I took advantage by traveling to some exciting places.

I made my annual trek to Sandusky, OH in January to speak at the CodeMash conference. This was a special one because COVID forced the cancellation of the 2021 event.

In March, I visited friends in Naples, Florida. It was a relaxing few days, highlighted by an afternoon bicycling through the Everglades.

Over Labor Day weekend, a group of us flew to Denver, then drove to Vail, CO, for a few days hiking in the mountains.

In October, I visited Portugal for the first time. We spent a week in and around Lisbon, seeing the sights and listening to music; then, we embarked on an organized bike trip across southern Portugal.

The last significant trip of the year was Thanksgiving week when I traveled to Massachusetts, New Hampshire, and Maine. Highlights included attending a Patriots home game, seeing my father's childhood home in Haverhill, and having dinner with my friend Bill and his family in Portland.

I also made several trips throughout the year to Kalamazoo and the Detroit area to visit my son and the rest of my family.

I did not have much travel for work, so I planned trips on my own. (NOTE: It is nicer when someone else pays for the flight). My two work trips were to the San Francisco area in April and to New York / New Jersey in May. I included personal time in each trip to visit friends and family and experience the area. In California, I went on a wine tour with my work team, had coffee with my friend Christine, and met my cousin John for lunch. During my New Jersey trip, I had breakfast with my friend Steve and his wife, attended a New York Islanders game, visited the Museum of Modern Art, and saw a concert at the Village Vanguard.

The Arts

Many artists stopped playing during the pandemic, which built up some demand - in their audiences and in me. I listened to and saw music and theater at a shocking pace in 2022.

At this point, I have to consider myself an Art Patron, as I attend a concert, theatrical performance, or museum nearly every weekend.


I think I saw more concerts this year than any other year in my life. Here is the list:

  • Joanna Connor + Li'l Ed and the Blues Imperials at Kingston Mines in Chicago
  • The Guess Who at The Genesee Theatre in Waukegan
  • Elton John at The United Center in Chicago
  • 10,000 Maniacs at The City Winery in Chicago
  • America at The Genesee Theatre in Waukegan
  • Billy Branch & The Sons of the Blues at SPACE in Evanston
  • Enter the Haggis at The City Winery in Chicago
  • John Paul White at The Old Town School of Folk Music in Chicago
  • Joseph at The Old Town School of Folk Music in Chicago
  • Daryl Hall and Todd Rundgren at The Auditorium Theatre in Chicago
  • The Tom Harrell Quartet at Jazz Showcase in Chicago
  • Joe Lovano at The Village Vanguard in New York City
  • The Indigo Girls at Cahn Auditorium in Evanston
  • The Nitty Gritty Dirt Band at The City Winery in Chicago
  • David Gray at The Huntington Bank Pavillion in Chicago
  • The Psychedelic Furs at The Aragon Ballroom in Chicago
  • Joe Pratt & Source One w/ New Orleans Beau at Willie Dixon's Blues Garden in Chicago
  • The Jim Irsay Band at The Navy Pier in Chicago
  • Howie Day at The City Winery in Chicago
  • The Fabulous Thunderbirds at The City Winery in Chicago
  • The Wallflowers at SPACE in Evanston
  • Al Dimeola at The City Winery in Chicago
  • Roxy Music at The United Center in Chicago
  • Michelle Branch at Park West in Chicago
  • Sergio Mendes at The City Winery in Chicago
  • Matt Maeson at The House of Blues in Chicago
  • The Who at The United Center in Chicago
  • Todd Rundgren and Adrian Belew at The Copernicus Center in Chicago
  • Los Lobos at The City Winery in Chicago
  • Jeff "Skunk" Baxter at SPACE in Evanston


I saw 13 plays in 2022:

  • 'The Virginian' at City Lit Theater Company
  • 'The Moors' at A Red Orchid Theatre
  • 'West Side Story' at Marriott Theatre
  • 'Good Night, Oscar' at Goodman Theatre
  • 'King James' at Steppenwolf Theatre
  • 'Spring Awakening' at Ruth Page Center for the Arts
  • 'Rasheeda Speaking' at Theater Wit
  • 'The Luckiest' at Raven Theatre
  • 'Teatro Zinzannit' at Cambria Hotel
  • 'Cruel Intentions: The Musical' at Chopin Theatre
  • 'Hay Fever' at City Lit Theater Company
  • 'The Island' at Court Theatre
  • 'Dear Evan Hansen' at Nederlander Theatre

Other Performances

In addition to the above performances, I attended a performance by Giordano Dance Chicago at the Auditorium Theater, 'The Signature Show' at the Chicago Magic Lounge, and The Moth Story Hour at Athenaeum Center for Thought and Culture.


I visited the following museums for the first time last year:

Museum Location
Museum of Modern Art New York, NY
Museu De Artes Decorativas Portuguesas Lisbon, Portugal
Castelo de São Jorge Lisbon, Portugal
Sé de Lisboa Lisbon, Portugal
Saint Mary Magdalene Church Lisbon, Portugal
Saint Anthony Church Lisbon, Portugal
Museu Calouste Gulbenkian Lisbon, Portugal
Lisbon Story Center Lisbon, Portugal
Pena Palace Sintra, Portugal
National Palace Sintra, Portugaal
Quinta da Regaleira Sintra, Portugal
Casa Romana Mertola, Portugal
Museum of Fine Arts Boston, MA
Isabella Stewart Gardner Museum Boston, MA

Sporting Events

Some of you know I have a goal to see a home game of every NFL, MLB, NBA, and NHL team. I made progress toward that goal this year by seeing home games for the following teams:

New York Islanders Colorado Rockies Minnesota Vikings New England Patriots

Of course, I also attended many Kalamazoo College basketball games to watch my son Nick coach.

Public Speaking

I had hoped to do more public speaking in 2022, but circumstances conspired against me. I delivered 12 presentations at eight different events - four of which were in-person. I also co-led a Diversity & Inclusion workshop in Chicago for my former team, which involved a lot of presentations.

I would have increased these numbers, but a scheduled company offsite forced me to cancel two in-person events. Sadly, the company canceled the offsite two weeks before I was to fly to Atlanta.

Here are the presentations I delivered in 2022:

Date Title Event Location
01/13 Effective Data Visualization CodeMash Sandusky, OH
01/17 Effective Data Visualization Columbus .NET User Group Columbus, OH
02/23 Diving into Data: Analyzing massive data sets with Azure Data Explorer and Kusto Query Language Southeast Valley .NET User Group Phoenix, AZ
03/02 Diving into Data: Analyzing massive data sets with Azure Data Explorer and Kusto Query Language CodeCamp Romania - The One with Architecture & Design 2022 Online
05/20 Effective Data Visualization CSE Offsite Redmond, WA
06/14 Blood, Sweat, and Code Reviews Hampton Roads .NET User Group Hampton, VA
06/20 Diving into Data: Analyzing massive data sets with Azure Data Explorer and Kusto Query Language CSE Data Champions Roundtable Online
07/14 Blood, Sweat, and Code Reviews Nebraska.Code() Lincoln, NE
07/14 You and Your Technical Community Nebraska.Code() Lincoln, NE
07/15 Effective Data Visualization Nebraska.Code() Lincoln, NE
08/06 Blood, Sweat, and Code Reviews Beer City Code Grand Rapids, MI
12/04 Blood, Sweat, and Code Reviews FestiveTech Online

I hope to do more speaking next year, and I have already discussed this with my manager, who is supportive of the idea.


I volunteered at a Chicago high school to mentor students participating in the Illinois STEM Challenge. This fall marked the fifth consecutive year I have done this.


I completed 43 books in 2022. My most ambitious reading project is to finish Robert Jordan's "The Wheel of Time" series - a 14-volume epic that is so long that Jordan died before completing it, and Brandon Sanderson had to finish the final three books. I am currently on Book #12 of this series.


I continued to blog and produce video content. I have passed 3.5 years of GCast, and I am about to pass 14 years of Technology and Friends. At the close of 2022, these shows had 140 and 733 episodes, respectively.

I continue to blog at davidgiard.com, where I published 220 articles in 2022. This rate accelerated at the end of the year, as my new job allowed me to learn new skills. In October, I accomplished the rare feat of publishing a blog post every day of the month.

I also contributed two articles to the Azure Data Explorer blog.


Despite getting all my vaccinations, I tested positive for COVID twice in 2022. The first time happened after I returned from CodeMash. My symptoms were mild, so I only had to isolate myself for a couple of weeks. COVID struck me much harder in the fall, and I was bedridden for a few days. The good news is that I fully recovered both times.

Early in the year, I had some mental health issues as I dealt with things outside my control. It affected my mood and my sleep. I will talk about this now.

Challenges Overcome

If you have read this far, you must have some interest in my life, so I will talk about the dark times in early 2022 that I mentioned in the first paragraph.

Two major problems plagued me when the year began: a stalker and a toxic work environment.


A few years ago, a friend introduced me to her boyfriend. We spoke for about a half hour, and I gave him some advice on building a website. I never saw him again. A few months later, he convinced himself I was sleeping with his girlfriend. For more than a year, he harassed me with hundreds of texts and phone calls containing false accusations and threats of violence.

I hired an attorney and filed a petition that resulted in a restraining order against my stalker. The fear of arrest and prison seems to have worked to keep him away.


As 2022 began, I found myself trying to navigate a manager who was convinced I was incompetent, lazy, or both. I was frustrated that he would dismiss my accomplishments and focus his attention on areas he felt I was not meeting his expectations. Our conversations were not productive, but I made every effort to work hard, internalize his feedback, and act on it. Sadly, when he ran out of things to criticize, he began making up accusations. I spoke with others who had a similar experience with this manager in the past. It may have been a coincidence that all were within my age range. Eventually, I concluded there was nothing I could do to convince my manager that his preconceived notions were incorrect.

Afer nine years of a successful relationship, I came close to leaving Microsoft.

One advantage of working for a large company is that there are opportunities to move without the stress of changing employers. In June, I moved to a new team within my same company. The move was exactly right for me. I am learning interesting technologies, I am making a significant contribution, my new team is committed to helping one another, and my new manager provides much more support than my old one.

A few months after the move, my former team laid off 10% of their people, so I escaped a significant risk of losing my job.


I face this coming year with far more optimism than last year. I resolved the two major issues that negatively affected my mental health in the first half of 2022.

I am getting a fresh start, which feels good!


Managing users within the Azure Portal can be a tiresome process if you have many users. Creating, inviting, or deleting users one at a time is not practical if you need to manage hundreds or thousands of them. Fortunately, Azure provides a way to manage users in bulk.

The Azure Portal allows you to upload a Comma-separated value (CSV) file with user information so that you can Create, Invite, or Delete many users at once.

In this article, I will show you how to use these bulk operations to create users. The process is nearly identical for inviting and deleting users. Only the CSV template file is different.

Step-By-Step Example: Bulk Create Users

To manage users in bulk, log onto the Azure Portal as an Administrator; then search for Azure Active Directory, as shown in Fig. 1.

Search For Azure Active Directory
Fig. 1

The "Overview" blade of Azure Active Directory displays, as shown in Fig. 2.

Azure Active Directory
Fig. 2

In the left menu, click the [Users] button (Fig. 3) to open the "Users" blade, as shown in Fig. 4.

Users Button
Fig. 3

Users Blade
Fig. 4

Click the [Bulk operations] button (Fig. 5) to expand it, revealing the Bulk Operations menu, as shown in Fig. 6.

Bulk Operations Button
Fig. 5

Bulk Operations Menu
Fig. 6

Click the [Bulk create] menu option to display the "Bulk create users" dialog, as shown in Fig. 7.

Bulk Users Create Dialog
Fig. 7

Azure provides a template that you can use as a starting point for the upload file. Click the [Download] button (Fig. 8) to download a copy of this file.

Download Template Button
Fig. 8

The template is a Comma-Separated-Value (CSV) file. Fig. 9 shows what it looks like when you open it in Excel. I find it useful to rename this document and store it in a well-known place.

User Create Template
Fig. 9

Row 1 indicates the version number of the template. As of this writing, only version 1.0 exists.

Row 2 holds column headings. These headings are self-describing and correspond to the on-screen fields in the Azure Portal when you create a new user. Required fields are identified with the word "Required".

Enter data in rows 3 and above, using the sample row as a guide. You must enter something into each of the required columns, but all other columns are optional.

Save this document as a CSV file. Fig. 10 shows what it looks like in Excel with a few rows added.

Completed Bulk Users File
Fig. 10

Back in the portal's "Bulk create users" dialog, click the "Select a file" icon (Fig. 11) and select the CSV file containing the users to create.

Upload File Icon
Fig. 11

Fig. 12 shows the "Bulk create users" dialog with a file selected.

Bulk Users Create Dialog
Fig. 12

Click the [Submit] button to begin the import.

You can click the confirmation message to view the status of your import, as shown in Fig. 13.

Upload Status
Fig. 13

To see more details, click the hyperlink under "#Success", "#Failure", or "Total requests". Fig. 14 shows the success details.

Status Details
Fig. 14


In this article, I walked you through the process of using a CSV template and the Bulk Create operation to create many users at once. This process is nearly identical for inviting and deleting users - only the template is different.


Azure Active Directory provides the ability to invite users from outside the organization. This saves you the trouble of managing many aspects of the user and frees the user from managing yet another account.

Inviting a User

To invite an external user, first log onto the Azure Portal as an Administrator; then search for Azure Active Directory, as shown in Fig. 1.

Search For Azure Active Directory
Fig. 1

The "Overview" blade of Azure Active Directory displays, as shown in Fig. 2.

Azure Active Directory
Fig. 2

In the left menu, click the [Users] button (Fig. 3) to open the "Users" blade, as shown in Fig. 4.

Users Button
Fig. 3

All Users Blade
Fig. 4

Click and expand the [New User] button and select [Invite external user] from the dropdown menu, as shown in Fig. 5.

Invite External User Button
Fig. 5

The "New user" dialog displays, as shown in Fig. 6.

New User Dialog
Fig. 6

The required fields in this dialog are marked with a red asterisk ("*").

At the "Name" field, enter the full name of the user.

At the "Email address" field, enter the user's email address.

At the "First Name" field, enter the user's first name.

At the "Last Name" field, enter the user's last name.

At the "Personal message" field, enter any extra text you wish to appear in the email invitation.

Click the "Groups" link to select any security or M365 groups to which you wish to add the user as soon as they accept the invitation.

Click the "Roles" link to select any Active Directory Roles to which you wish to add the user as soon as they accept the invitation.

If you do not want to allow the user to sign in immediately (for example, an employee with a future start date), toggle the "Block sign in" radio button to "Yes".

At the "Usage location" dropdown, select the user's home country.

At the "Department" field, enter the user's department.

At the "Company name" field, enter the name of the user's company.

Click the "Manager" link to assign another user as manager of this user.

Click the [Invite] button to generate and send an invitation to the user's email address.

The Invitation

The user will receive an email similar to the one shown in Fig. 7.

Invitation Email
Fig. 7

They can click the "Accept Invitation" link to add themselves as a guest user in your Azure Active Directory.

They may see a dialog requesting permissions required by your AD, as shown in Fig. 8.

Permission Requested dialog
Fig. 8

After the external user accepts the invitation, you will see them listed in the "Users" blade, as shown in Fig. 9.

Users Blade With External User Added
Fig. 9


In this article, you learned how to invite a guest user to your Azure Active Directory.

Robert Jordan knew he was dying when he was writing "Knife of Dreams" - the eleventh book in his epic "Wheel of Time" series. This knowledge undoubtedly gave him a sense of urgency to move to the story as quickly toward the finish line as possible.

Jordan did pick up the pace a bit. He (sort of) resolves the following:

  • Perrin's attempts to rescue his kidnapped wife Faile, while she conspires to escape
  • Mat's relationship with the Daughter of the Nine Moons
  • Rand suffers a serious physical injury
  • Elaine is officially named Queen of Andor

By the end of this book, Egwene remains the only major character without a resolution of a major plot line.

However, true to form, Jordan cannot help himself as he describes unnecessary details that in no way advance the plot. For example, he feels compelled to set a scene by describing the clothing worn by each character.

Before his death, Jordan prepared an outline to finish the saga and solicited others to write the final chapters. Brandon Sanderson ended up taking on this task, although it took him three novels to do so - in contrast to Jordan's prediction that all loose ends could be tied up in one more volume.

Despite its weaknesses, KoD is the strongest WoT novel for some time. I am looking forward to seeing how Sanderson completed the story.

GCast 139:

Creating a JWT Bearer Token with Azure Active Directory

A Bearer Token provides information to an API request about an account from a trusted authority. Azure Active Directory can serve as a trusted authority to authenticate an account and provide a Bearer Token in JSON Web Token (JWT) format. This video shows how to accomplish this.


Azure Active Directory (AAD) Security Defaults allows you a quick and easy way to implement some base level security within your AAD network. Enabling Security Defaults implements the following:

  • Requires every user to register for Multifactor Authentication
  • Blocks legacy authentication protocols, such as SMTP, POP3, and many proprietary protocols used by older applications.
  • Requires Multifactor Authentication before users can access high security areas, such as the Azure Portal and the Azure CLI.

One important limitation of Security Defaults is that you may NOT implement them if you have created any Conditional Access Policies. Conditional Access Policies provide more flexibility and are likely a better choice in the long run for your organization's security; but it may take you some time to determine which policies are appropriate and to implement them. In the meantime, Security Defaults are a good first step.

Configuring AAD Security Defaults

To configure AAD Security Defaults, first log onto the Azure Portal as an Administrator; then search for Azure Active Directory, as shown in Fig. 1.

Search For Azure Active Directory
Fig. 1

The "Overview" blade of Azure Active Directory displays, as shown in Fig. 2.

Azure Active Directory
Fig. 2

In the left menu, click the [Properties] button (Fig. 3) to open the "Properties" blade, as shown in Fig. 4.

Properties Button
Fig. 3

Properties Blade
Fig. 4

Click the "Manage security defaults" link (Fig. 5) to display the "Enable security defaults" dialog, as shown in Fig. 6.

Manage Secuirty Defaults Link
Fig. 5

Enable Security Defaults Dialog
Fig. 6

Toggle, the "Enable security defaults" radio button to "Yes". If you see a warning message like the one shown in Fig. 7, this means that you have configured at least one Conditional Access Policy.

Enable Security Defaults Confirmation with warning
Fig. 7

You may not enable Security Defaults unless you first delete all Conditional Access Policies. If this is what you want, exit this dialog and go to the Conditional Access Policies "Overview" blade: Azure Active Directory | Security | Conditional Access Policies.

After removing all Conditional Access Policies, repeat the above steps. The [Save] button in the "Enable security defaults" dialog will be enabled, as shown in Fig. 8.

Enable Security Defaults Confirmation without warning
Fig. 8

Click the [Save] button to turn on Security Defaults.


In this article, you have learned how to quickly implement some basic security settings in an Azure Active Directory by enabling AAD Security Defaults. When you wish to implement more complex security rules, you may turn off Security Defaults and replace them with Conditional Access Policies and other security measures.


Sometimes it makes sense to apply a security policy to every user in every context. But sometimes you may want to apply to only certain users accessing specific applications in specific ways. For example, you may want to block guest accounts from accessing SharePoint applications. Or you may want to require Multi-Factor Authentication for users in specific countries. Azure Active Directory Conditional Access allows you to implement such security policies.


To implement a Conditional access policy, log onto the Azure Portal as an Administrator; then search for Azure Active Directory, as shown in Fig. 1.

Search For Azure Active Directory
Fig. 1

The "Overview" blade of Azure Active Directory displays, as shown in Fig. 2.

Azure Active Directory
Fig. 2

In the left menu, click the [Security] button (Fig. 3) to open the "Security" blade, as shown in Fig. 4.

Security Button
Fig. 3

Security Blade
Fig. 4

In the "Protect" section of the left menu, click the [Conditional Access] button (Fig. 5) to open the "Conditional Access Policies" blade, as shown in Fig. 6.

Conditional Access Button
Fig. 5

Policies Blade
Fig. 6

To create a new Conditional Access policy, click the [New policy] button (Fig. 7) to display the "New Conditional Access policy" dialog, as shown in Fig. 8.

New Policy Button
Fig. 7

New Conditional Access Policy Page
Fig. 8

At the "Name" field, enter a unique (to this AAD) name for this policy.

This dialog contains five sections. Clicking each of these prompts you for more information. You do not need to configure each section. I will explain each section below.

Users or Work identities

The "Users or Work Identities" section (Fig. 9) allows you to determine which users, groups, and roles are affected by this Conditional Access Policy.

Users or Workload Identities dialog
Fig. 9

By default, this criterion is ignored, but you can include all users or select specific users, roles, or groups. You can also specify that it applies to all users except those you exclude by clicking the "Exclude" tab and selecting users and/or groups to exclude.

Cloud apps or actions

The "Cloud apps or actions" section allows you to include or exclude this policy based on which apps are accessed or actions are taken. Fig. 10 shows the "Cloud apps" options, which allow you to Include or exclude specific applications.

Cloud Apps or Actions dialog - Cloud Apps option
Fig. 10

Fig. 11 shows the "User actions" option, allowing you to apply this policy to when a user self-registers their security information or when they identify a device, such as a phone or laptop, to Active Directory.

Cloud Apps or Actions dialog - User Actions option
Fig. 11


The "Conditions" section (Fig. 12) allows you to specify which conditions trigger the policy.

Conditions dialog
Fig. 12

Conditions are categorized by the following categories:

  • User risk
  • Sign-in risk
  • Device platform
  • Locations
  • Client apps
  • Filter for devices

User risk

This can include known leaked credentials or activity detected that is unusual for the current user

risk

This an include users signing in from an unusual location or from two distant locations in a short period of time or from a suspicious IP address.

Device platform

You can specify policies based on the device used to log in. If you distrust Android security, you may want to force extra login policies when logging in with an Android device.


This allows you to apply policies when a user logs in from a specific location. For example, you may want to restrict users from logging in from Russia. Or you may want to require Multi-Factor Authentication when logging in from outside the United States.

Client apps

Here you can apply the policy based on the application the user is accessing. For example, you can apply different policies for browser apps than for rich client apps.

Filter for devices

This section lets you apply complex queries that identify properties of the device from which the user is accessing the system.


The "Grant" section (Fig. 13) specifies what happens if the user and client meet the criteria specified in the sections above.

Grant or Block Access dialog
Fig. 13

You can choose to block access if they meet the criteria; or you can choose to grant access - but only if they perform some function, such as multifactor authentication or setting a strong password.


If a Conditional Access Policy applies to a user and the user satisfies the login requirements, you can use the "Session" section (Fig. 14) to determine how long they remain signed in. A common use case is to check "sign-in frequency" and require the user to re-authenticate after a given amount of time.

Session dialog
Fig. 14

Enable policy

At the bottom of the page


Conditional Access Policies are a powerful way to either block groups of users or to require additional barriers when users connect in potentialy unsafe ways. In this article, you learned how to configure Conditional Access Policies in Azure Active Directory.

Episode 733

Eric Lawrence on Web Browser Complexity

A web browser is a complex application built on millions of lines of code. Eric Lawrence describes how they work and why you should care.


December 2022 Gratitudes

Comments [0]


Today I am grateful for my slow cooker



Today I am grateful to kick off this year's high school STEM Challenge yesterday at Chicago Tech High School



Today I am grateful to live close to an area with many great places to enjoy tacos



Today I am grateful for naps



Today I am grateful to see the Wild Feathers in concert last night



Today I am grateful for an afternoon in Kalamazoo



Today I am grateful to learn something new every day.



Today I am grateful to see Los Lobos in concert last night



Today I am grateful for my new French Press.



Today I am grateful to coach an IT workshop this week for the first time in years.



Today I am grateful:

-to attend a Microsoft alumni event yesterday organized by Dan

-to see Jeff "Skunk" Baxter in concert last night.



Today I am grateful I can stream movies and TV shows on demand into my home



Today I am grateful to see Miriam Plotkin's cabaret show last night at Davenport's Piano Bar.



Today I am grateful for some exciting NFL games this weekend



Today I am grateful for pizza last night with Tim and Natale



Today I am grateful for the difference a CPAP machine makes in my life



Today I am grateful to begin my vacation watching Nick's team in a convincing victory last night



Today I am grateful for:

- 2 days in Kalamazoo with my son

- arriving home safely after driving through a snowstorm last night



Today I am grateful for a warm home on a cold day



Today I am grateful for:

- Christmas Eve dinner in Chinatown

- Seeing "Avatar: The Way of Water" in 3D last night



Today I am grateful that Amanda and Megan drove hundreds of miles to spend Christmas with me



Today I am grateful for a refrigerator full of tasty leftovers



Today I am grateful for phone calls with old friends Ondrej and Glenn yesterday.



Today I am grateful to see "Dear Evan Hansen" last night with my son



Today I am grateful to see the Zoo Lights at the Lincoln Park Zoo last night


Is it ever ok to lie? What if your lie brings comfort to those around you? And, if so, is it ok to benefit from the lie?

"Dear Evan Hansen" addresses these questions with a clever script and beautiful music.

This moral dilemma faces high school senior Evan Hansen, who writes a letter to himself, which is found in the pocket of Connor Murphy after Connor commits suicide. Connor's family assumes that Evan and Connor were best friends. Evan does not deny it - partly because he sees how much this means to the family, partly because he sees an opportunity for a family he never knew.

Friday evening's performance of DEH at Chicago's brought all the emotion of Evan's predicament. Anthony Norman brings a sensitivity to the title character. The audience believes his painfully shy awkwardness and the pain it causes him. And they believe his transformation as he gains self-confidence with reinforcement from others. And they feel the pain when he suffers the consequences of his actions.

And then, there is the music - a collection of beautiful, often melancholy songs by  Benj Pasek and Justin Paul, who also collaborated on the "La La Land" soundtrack. Norman and the rest of the cast show impressive vocal range and style range in their deliveries.

"Dear Evan Hansen" is a tragic tale of the consequences of well-intentioned lying.

<< Older Posts