Category: Microsoft
Category Archives: Microsoft
Calculated Field in Pivot
Hello!
I would like to get some help regarding a Pivot Table error I came across.
So I have the following columns given:
I would like to calculate the DIH column by a calculated field/measure. The formula should be :
– ln(In Stock)/ln(1-Withdraw Rate) = x
– ln(1864)/ln(1-0,15…) = 46
When I type it inside my Pivot Table the results are way different than they should be.
I should get a result of 46 [months] instead I get 2,83.
Now the question is how can I solve this?
Thank you a lot in advance
Hello!I would like to get some help regarding a Pivot Table error I came across.So I have the following columns given: I would like to calculate the DIH column by a calculated field/measure. The formula should be :- ln(In Stock)/ln(1-Withdraw Rate) = x – ln(1864)/ln(1-0,15…) = 46 When I type it inside my Pivot Table the results are way different than they should be.I should get a result of 46 [months] instead I get 2,83.Now the question is how can I solve this?Thank you a lot in advance Read More
Vancouver Power BI and Modern Excel User Group Meet-up
Topic: Tabular Editor for Power BI Users
Session Outline:
First, we’ll learn about some of the newest features and updates in Power BI. Next, we’ll learn about Tabular Editor with Microsoft MVP, Sue Bayes. There is a lot of talk about how as a professional Power BI developer, you should use Tabular Editor. Yet when you open it, it’s daunting. Where do you start, what do these buttons do, how long is it going to take for me to learn this, is it really worth it?
In this session, we will run through the core components of Tabular Editor in normal, non-programming language. We look at how you can utilise this software to save you time in working with Power BI.
Session Objectives:
Understand the Tabular Editor interface and its various elementsLearn how to use Tabular Editor to create and manage Tabular modelsLearn how to use key features of Tabular Editor, including the formula bar, expression editor, and DAX functionsUnderstand the difference between Tabular Editor 2 and 3 including when it’s time to switch.Understand how Tabular Editor 3 can be integrated with Microsoft Analysis Services and Power BI.
Topic: Tabular Editor for Power BI UsersSession Outline:First, we’ll learn about some of the newest features and updates in Power BI. Next, we’ll learn about Tabular Editor with Microsoft MVP, Sue Bayes. There is a lot of talk about how as a professional Power BI developer, you should use Tabular Editor. Yet when you open it, it’s daunting. Where do you start, what do these buttons do, how long is it going to take for me to learn this, is it really worth it?In this session, we will run through the core components of Tabular Editor in normal, non-programming language. We look at how you can utilise this software to save you time in working with Power BI.Session Objectives:Understand the Tabular Editor interface and its various elementsLearn how to use Tabular Editor to create and manage Tabular modelsLearn how to use key features of Tabular Editor, including the formula bar, expression editor, and DAX functionsUnderstand the difference between Tabular Editor 2 and 3 including when it’s time to switch.Understand how Tabular Editor 3 can be integrated with Microsoft Analysis Services and Power BI. Read More
Confusion Regarding Filter Precedence
Here’s the scenario I’m facing (VPP app):
Group A (Required Assignment):
Users: Identical to Group B.
Filter: Include only corporate iPhones.
Purpose: Auto-install the app on corporate-owned iPhones.
Group B (Available Assignment):
Users: Identical to Group A.
Filter: None.
Purpose: Make the app available to all devices (corporate and BYOD) in the Company Portal.
Issue:
BYOD devices are receiving the required install despite the filter.
Filter message: “The app was offered during the last check-in. We couldn’t evaluate the device for matching filters because a conflicting assignment didn’t require filters.”
Filter: (device.model -contains “iPhone”) and (device.deviceOwnership -eq “Corporate”)
Evaluation result: Not evaluated due to a conflicting assignment without filters.
Business Request:
The app should be available to the same list of users.
It should be required (auto-installed) only on corporate devices.
Overlapping groups are used to simplify automation and avoid complicating the process for the Service Desk, which would need to check if devices are BYOD or corporate-owned.
I’ve been looking at:
Filter reports and troubleshooting in Microsoft Intune | Microsoft Learn
Filter reports and troubleshooting in Microsoft Intune | Microsoft Learn
Assign apps to groups in Microsoft Intune | Microsoft Learn
And am admittedly a little smooth-brained. Can anyone explain what’s happening here and how to resolve? Is the “no filter” available group taking precedence over the “include” filter and somehow pushing to all devices?
How can I rectify this? Can I just add a dynamic group to exclude all BYOD devices in the required assignment and leave the rest the same or use an exclude filter for BYOD device in the required assignment? Any help is appreciated.
App Deployment/Packaging Here’s the scenario I’m facing (VPP app):Group A (Required Assignment):Users: Identical to Group B.Filter: Include only corporate iPhones.Purpose: Auto-install the app on corporate-owned iPhones.Group B (Available Assignment):Users: Identical to Group A.Filter: None.Purpose: Make the app available to all devices (corporate and BYOD) in the Company Portal.Issue:BYOD devices are receiving the required install despite the filter.Filter message: “The app was offered during the last check-in. We couldn’t evaluate the device for matching filters because a conflicting assignment didn’t require filters.”Filter: (device.model -contains “iPhone”) and (device.deviceOwnership -eq “Corporate”)Evaluation result: Not evaluated due to a conflicting assignment without filters.Business Request:The app should be available to the same list of users.It should be required (auto-installed) only on corporate devices.Overlapping groups are used to simplify automation and avoid complicating the process for the Service Desk, which would need to check if devices are BYOD or corporate-owned.I’ve been looking at:Filter reports and troubleshooting in Microsoft Intune | Microsoft LearnFilter reports and troubleshooting in Microsoft Intune | Microsoft LearnAssign apps to groups in Microsoft Intune | Microsoft LearnAnd am admittedly a little smooth-brained. Can anyone explain what’s happening here and how to resolve? Is the “no filter” available group taking precedence over the “include” filter and somehow pushing to all devices?How can I rectify this? Can I just add a dynamic group to exclude all BYOD devices in the required assignment and leave the rest the same or use an exclude filter for BYOD device in the required assignment? Any help is appreciated. Read More
Unable to use power query to combine files in folder synced from SharePoint due to system file
I have a library synced locally so that I can analyze portions of the file contents based on a query. Currently there are around 5,000 files in the library, and there will be closer to 10,000 by the end of this week.
I’m unable to use Power Query to combine the files, then edit them, because of a system file. This seems to be a new issue as this is something I’ve done successfully in the past. I’m wondering if there’s a work around. I cannot use SharePoint folder for the data source as there are far too many files on the site, and there’s not an option to filter to only the files in this specific library.
How do I work around this system file issue? If I try to combine & transform or combine & load to, nothing happens. If I try to do either of them, it just returns to this screen.
I have a library synced locally so that I can analyze portions of the file contents based on a query. Currently there are around 5,000 files in the library, and there will be closer to 10,000 by the end of this week.I’m unable to use Power Query to combine the files, then edit them, because of a system file. This seems to be a new issue as this is something I’ve done successfully in the past. I’m wondering if there’s a work around. I cannot use SharePoint folder for the data source as there are far too many files on the site, and there’s not an option to filter to only the files in this specific library. How do I work around this system file issue? If I try to combine & transform or combine & load to, nothing happens. If I try to do either of them, it just returns to this screen. Read More
New Blog | NIST CSF 2.0 – Protect (PR) – Applications for Microsoft 365 (Part 1)
By Shawn Hays
The National Institute of Standards and Technology (NIST) published the first version of its Cybersecurity Framework (CSF) in 2014. Ten years later NIST released the second iteration of CSF, entitled NIST CSF 2.0. Microsoft and its partners have supported organizations in implementing the original CSF guidance, going as far as building and enhancing an assessment in Microsoft Purview Compliance Manager since 2018. This blog and series will look to apply NIST CSF 2.0 to Microsoft 365 and discuss changes from the previous publication.
It is somewhat improper to look at any particular CSF Functions in a vacuum or singular vantage point. NIST CSWP 29 (the primary document) illustrates and describes CSF Functions as “a wheel because all of the Functions relate to one another. For example, an organization will categorize assets under IDENTIFY and take steps to secure those assets under PROTECT. Investments in planning and testing in the GOVERN and IDENTIFY Functions will support timely detection of unexpected events in the DETECT Function, as well as enabling incident response and recovery actions for cybersecurity incidents in the RESPOND and RECOVER Functions. GOVERN is in the center of the wheel because it informs how an organization will implement the other five Functions.”
Read the full post here: NIST CSF 2.0 – Protect (PR) – Applications for Microsoft 365 (Part 1)
By Shawn Hays
The National Institute of Standards and Technology (NIST) published the first version of its Cybersecurity Framework (CSF) in 2014. Ten years later NIST released the second iteration of CSF, entitled NIST CSF 2.0. Microsoft and its partners have supported organizations in implementing the original CSF guidance, going as far as building and enhancing an assessment in Microsoft Purview Compliance Manager since 2018. This blog and series will look to apply NIST CSF 2.0 to Microsoft 365 and discuss changes from the previous publication.
It is somewhat improper to look at any particular CSF Functions in a vacuum or singular vantage point. NIST CSWP 29 (the primary document) illustrates and describes CSF Functions as “a wheel because all of the Functions relate to one another. For example, an organization will categorize assets under IDENTIFY and take steps to secure those assets under PROTECT. Investments in planning and testing in the GOVERN and IDENTIFY Functions will support timely detection of unexpected events in the DETECT Function, as well as enabling incident response and recovery actions for cybersecurity incidents in the RESPOND and RECOVER Functions. GOVERN is in the center of the wheel because it informs how an organization will implement the other five Functions.”
Read the full post here: NIST CSF 2.0 – Protect (PR) – Applications for Microsoft 365 (Part 1) Read More
New Blog | SAP Identity Management to Microsoft Entra ID Migration Guidance Now Available
We’re excited to announce that guidance for SAP Identity Management (IDM) customers planning to migrate their identity management scenarios to Microsoft Entra is now available. In a previous post, we discussed SAP ending maintenance for their identity management solution (SAP IDM) by 2030. We’ve since begun jointly developing documentation to help customers plan a seamless migration to the recommended alternative—Microsoft Entra ID. For many customers, it may be possible to get started immediately, leveraging the subscriptions that they already own with Microsoft 365 suites. Microsoft 365 enterprise suite licenses include Entra ID P1 features that will be the focus of this first round of guidance. In this post, we’ll also outline additional benefits of Microsoft Entra ID and list some key partners who can help you get started.
Continuing collaboration for enterprise security
Microsoft and SAP have a long history of collaborating to keep our customers’ organizations productive and secure—an effort especially important now as more companies have adopted hybrid work arrangements, making it possible to work from office and from home. For example, last year we announced how Microsoft Sentinel is helping organizations bring SOAR threat monitoring capabilities to their SAP environments. We continue to deepen our relationship, and now we’re extending support for SAP customers’ digital transformation and cloud adoption goals with a seamless and secure identity management solution in Microsoft Entra ID.
Read the full post here: SAP Identity Management to Microsoft Entra ID Migration Guidance Now Available
By Irina Nechaeva
We’re excited to announce that guidance for SAP Identity Management (IDM) customers planning to migrate their identity management scenarios to Microsoft Entra is now available. In a previous post, we discussed SAP ending maintenance for their identity management solution (SAP IDM) by 2030. We’ve since begun jointly developing documentation to help customers plan a seamless migration to the recommended alternative—Microsoft Entra ID. For many customers, it may be possible to get started immediately, leveraging the subscriptions that they already own with Microsoft 365 suites. Microsoft 365 enterprise suite licenses include Entra ID P1 features that will be the focus of this first round of guidance. In this post, we’ll also outline additional benefits of Microsoft Entra ID and list some key partners who can help you get started.
Continuing collaboration for enterprise security
Microsoft and SAP have a long history of collaborating to keep our customers’ organizations productive and secure—an effort especially important now as more companies have adopted hybrid work arrangements, making it possible to work from office and from home. For example, last year we announced how Microsoft Sentinel is helping organizations bring SOAR threat monitoring capabilities to their SAP environments. We continue to deepen our relationship, and now we’re extending support for SAP customers’ digital transformation and cloud adoption goals with a seamless and secure identity management solution in Microsoft Entra ID.
Read the full post here: SAP Identity Management to Microsoft Entra ID Migration Guidance Now Available Read More
PARTICIPATE IN THESE CHALLENGES
Ambassador Challenge: Azure essentials- MLSA
Get ready to dive deeper into Azure AI technology. Using AI, you can build solutions, improve your apps, and accelerate business growth. Master the basics of AI and jump-start your career now!https://learn.microsoft.com/en-us/training/challenges?id=d068b11d-4952-4a61-8115-cd674f31ae73&WT.mc_id=cloudskillschallenge_d068b11d-4952-4a61-8115-cd674f31ae73&wt.mc_id=studentamb_291294
Ambassador Challenge: Azure essentials- MLSAGet ready to dive deeper into Azure AI technology. Using AI, you can build solutions, improve your apps, and accelerate business growth. Master the basics of AI and jump-start your career now!https://learn.microsoft.com/en-us/training/challenges?id=d068b11d-4952-4a61-8115-cd674f31ae73&WT.mc_id=cloudskillschallenge_d068b11d-4952-4a61-8115-cd674f31ae73&wt.mc_id=studentamb_291294 https://learn.microsoft.com/en-us/training/challenges?id=d068b11d-4952-4a61-8115-cd674f31ae73&WT.mc_id=cloudskillschallenge_d068b11d-4952-4a61-8115-cd674f31ae73&wt.mc_id=studentamb_291294 Read More
Exchange Online (M365) – create an account that can ONLY see calendar free/busy
Our org is fully using M365 and my boss is looking for me to create an AAD member account that ONLY has access to see organizational users (AAD member) calendar Free/Busy and can do nothing else in M365 (No outlook, SharePoint, OneDrive, access to any apps, etc.). Is there a way to set up such an account? I “think” she might want to have a contractor use this account to see Free/Busy in order to manually notify others of when they can schedule a meeting for certain staff members.
Thank you!
Brian
Our org is fully using M365 and my boss is looking for me to create an AAD member account that ONLY has access to see organizational users (AAD member) calendar Free/Busy and can do nothing else in M365 (No outlook, SharePoint, OneDrive, access to any apps, etc.). Is there a way to set up such an account? I “think” she might want to have a contractor use this account to see Free/Busy in order to manually notify others of when they can schedule a meeting for certain staff members. Thank you!Brian Read More
Ambassador Challenge: Azure Protect against cyber threats
Protect against cyber threats with Microsoft Defender XDR across endpoints, identities, email, and applications. Learning objectives After completing this module, you’ll be able to: Describe the Microsoft Defender XDR service.
Protect against cyber threats with Microsoft Defender XDR across endpoints, identities, email, and applications. Learning objectives After completing this module, you’ll be able to: Describe the Microsoft Defender XDR service. https://learn.microsoft.com/en-us/training/challenges?id=4ed6cfd6-2e7b-4b57-a340-a614060d2636&WT.mc_id=cloudskillschallenge_4ed6cfd6-2e7b-4b57-a340-a614060d2636&wt.mc_id=studentamb_291294 Read More
Page Analytics tab not showing for Wiki type page in SharePoint Online
Hi,
I am not seeing Page Analytics tab for Wiki pages in SharePoint Online, while Page Analytics tab is available for moder page type in SharePoint Online.
How to get Page Analytics for Wiki pages type in SharePoint online.
Please suggest.
Hi,I am not seeing Page Analytics tab for Wiki pages in SharePoint Online, while Page Analytics tab is available for moder page type in SharePoint Online. How to get Page Analytics for Wiki pages type in SharePoint online.Please suggest. Read More
SCVMM vTPM issue
Hello,
Is there any way in SCVMM 2022 to create an unshielded VM with vTPM? I have a small POC environment with SCVMM 2022, don’t want to use HGS services. I could do vTPM in hyper-v manager but can’t find anything in SCVMM console.
Thanks in advance for any work around!
Hari
Hello, Is there any way in SCVMM 2022 to create an unshielded VM with vTPM? I have a small POC environment with SCVMM 2022, don’t want to use HGS services. I could do vTPM in hyper-v manager but can’t find anything in SCVMM console. Thanks in advance for any work around! Hari Read More
MS-ISAC advisories as a threat feed?
This is regarding the MS-ISAC advisories that are pushed out by the Center for Internet Security (CIS) Cyber Threat Intelligence (CTI) team. Basically a listing of IP’s and Domains that have observed maliciousness or attributes thereof.
Are these lists automatically included as a threat feed into Defender proper via Microsoft ingesting it and adding to its databases? Or are these to be manually put in the Defender Endpoint IoC lists on the organizations Defender portal? I ask as I seem to have a limit of 15k for IoC across file hash, IP, URL/Domain, and certificates combined which would go quick considering MS-ISAC Advisories are usually a couple hundred at a time.
This is regarding the MS-ISAC advisories that are pushed out by the Center for Internet Security (CIS) Cyber Threat Intelligence (CTI) team. Basically a listing of IP’s and Domains that have observed maliciousness or attributes thereof. Are these lists automatically included as a threat feed into Defender proper via Microsoft ingesting it and adding to its databases? Or are these to be manually put in the Defender Endpoint IoC lists on the organizations Defender portal? I ask as I seem to have a limit of 15k for IoC across file hash, IP, URL/Domain, and certificates combined which would go quick considering MS-ISAC Advisories are usually a couple hundred at a time. Read More
Microsoft Defender for Cloud Apps’ Shadow IT Discovery Capabilities Now Support MacOS
The rapid growth of SaaS apps makes it challenging to gain visibility across the apps used in an organization’s environment. SaaS apps are often used without the awareness of IT departments, a phenomenon known as Shadow IT. Moreover, the swift adoption of generative AI apps introduces an additional layer of security complexity and risks. Organizations need effective app security solutions more than ever to ensure that employees only access approved and safe apps.
A key aspect of combating Shadow IT is ensuring comprehensive visibility into all the apps used in an organization’s environment, which includes the identification of all SaaS apps used by employees, regardless of the operating system. This broad scope of app discovery is essential in providing a holistic view of your SaaS landscape to help security teams discover and control Shadow IT effectively.
Gain full visibility into your SaaS apps with Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps offers powerful discovery capabilities to help you gain visibility into all SaaS apps, including AI apps, in your organization, assess their risk, and leverage sophisticated analytics to enhance the overall SaaS security. Previously, cloud discovery discovered SaaS apps in Windows devices through the network logs via defender for endpoint integration. To continuously improve our product experience and deliver a broader scope of app discovery, today we are thrilled to announce the public preview of our new comprehensive discovery capabilities within Microsoft Defender for Cloud Apps to help customers:
Discover Shadow IT SaaS apps on macOS devices in addition to windows
Detect and remediate risky/unusual behaviors on SaaS apps on macOS devices
This discovery capabilities on macOS work seamlessly with the native Microsoft Defender for Endpoint. This enhancement not only bolsters the discovery process but also improves the overall discovery comprehensiveness for security administrators, facilitating effective management of SaaS security risks.
For customers who do not use the native Microsoft Defender for Endpoint integration with Defender for Cloud Apps, we have ensured comprehensive discovery coverage by introducing the highly requested enhancements to our log collector. Specifically, we have added two new capabilities to the Defender for Cloud Apps log collector, enabling it to operate on popular container runtimes such as Podman and AKS. With these capabilities, customers can leverage the log collector to thoroughly discover shadow IT apps on other popular distros like RedHat and AKS.
Discovery on macOS via Microsoft Defender for Endpoint
Customers need to enable the network protection component in Defender for Endpoint in order to discover shadow IT on macOS. Here is a quick guide on how to enable network protection.
Once you have the network protection enabled, to access the discovery of shadow IT SaaS apps, navigate to the Cloud discovery tab in the Microsoft Defender portal. Once there, you’ll find Defender – managed endpoints listed under the stream as shown in Figure 1. Selecting this stream presents you with a comprehensive view of discovered applications, resources, IP addresses, users, and devices information for both Windows and macOS devices within your tenant. This unified view facilitates a more complete understanding of Shadow IT across different operating systems.
Podman support for the Defender for Cloud Apps log collector
The log collector, a container image that traditionally operates on Docker runtime, now extends its support to Podman, the container runtime and orchestrator endorsed by Red Hat Enterprise Linux (RHEL) 8 and subsequent versions. This expansion ensures that the Defender for Cloud Apps log collector is compatible with Podman’s runtime, accommodating customers who use RHEL versions 8 or higher.
The Defender for Cloud Apps log collector is extremely useful for organizations not using the integration with Defender for Endpoint, or a direct integration with a built-in network device isn’t available. It helps to integrate logs from various network appliances, such as firewalls, to generate a discovery report that is pivotal for administrators to pinpoint Shadow IT apps and gather usage telemetry.
Log collector in Azure Kubernetes (AKS)
The log collector feature in AKS enhances Defender for Cloud Apps by enabling the collection of logs from network devices that lack built-in integration. This feature is particularly beneficial for customers who prioritize disaster recovery and resilience for their services hosted on AKS.
With the introduction of log collector support for AKS, Defender for Cloud Apps has expanded its capabilities to include support for Syslog-tls receiver types. Once the log collector deploys log collector on AKS, Customers can configure log sources on AKS and get insights into Shadow IT on AKS workloads.
Our latest enhancements to the shadow IT discovery capabilities in Defender for Cloud Apps empower security administrators with comprehensive app discovery across both Windows and macOS and offer better compatibility and flexibility in deployment. Furthermore, Defender for Cloud Apps is a core component of Microsoft Defender XDR, and these new advancements contribute to delivering a more streamlined and easier to deployable XDR platform that enables security teams to more efficiently protect organizations from today’s advanced cyberthreats.
Getting started
Enable discovery on MacOS by integrating with Microsoft Defender for Endpoint
Configure automatic log upload using Podman
Deploy Log Collector on AKS
Microsoft Tech Community – Latest Blogs –Read More
Upcoming Changes to Supported Versions of Visual Studio for Remote Debugging with Azure App Service
You can attach the Visual Studio debugger to any .Net process running on Azure App Service. This allows you to debug the deployed web app as though it’s running locally.
For more information about how to attach Visual Studio debugger for a web app deployed to Azure App Services please refer to:
Remote Debug ASP.NET Core on Azure App Service (Windows)
Troubleshoot with Visual Studio – Azure App Service | Microsoft Learn
Over the past few years, we have received feedback from our customers regarding the opening of ports on local machines to use remote debugging with App Service. This often requires multilevel approvals and leads to configurational & operational complexity.
Based on this feedback we are announcing changes related to supportability of Visual Studio versions for remote debugging of Windows web applications deployed to App Service. These changes will remove the requirements for local ports when using remote debugging with App Service.
Versions of Visual Studio prior to Visual Studio 2022 will no longer work with the updated remote debugging feature on App Service. Visual Studio 2022 will work with the updated remote debugging feature, but customers will need to upgrade to a newer version of Visual Studio 2022 no later than January 31, 2025. The changes to remote debugging on App Service outlined in the table below will be applicable starting June 2024.
The table below provides an overview of these changes.
Visual Studio
Version
Basic Authentication enabled for the specific App Service web app ###
Remote Debugging Supported
Applicable Timeline
Local Ports Required
2017
All
N/A
No
Starting June 2024
N/A
2019
All
N/A
No
Starting June 2024
N/A
2022
17.9 or earlier
Yes
Yes
Until January 31, 2025
Yes. On local machine
2022
17.9 or earlier
N/A
No
After January 31, 2025
N/A
2022***
17.10 or later
N/A
Yes
N/A
No local machine ports required.
Remote debugging no longer uses basic authentication on App Service.
It’s important to note that the contents of this blog post are not applicable for remote debugging experience related to App Service Linux.
*** Please note that starting Jan 2025 remote debugging for Windows web applications deployed to App Service will be available only when using Visual studio 2022 version 17.10 or later. Remote debugger authentication for a web application no longer uses basic authentication on App Service.
### There are no changes to basic authentication publishing on Azure App Service. The table above refers only to basic authentication on App Service used in conjunction with the remote debugging feature. Please refer to Authentication types by deployment methods – Azure App Service | Microsoft Learn and Disable basic authentication for deployment – Azure App Service | Microsoft Learn for details.
In the coming weeks changes will also be made to the Azure portal experience matching the remote debugging support as explained above.
Microsoft Tech Community – Latest Blogs –Read More
Tuning logical replication on Azure Database for PostgreSQL – Flexible Server
Native logical replication is a built-in feature which was introduced in PostgreSQL 10. It is aimed to replicate data between tables in two separate Postgres databases using a replication identity, usually a primary key. It follows a publisher and subscriber model where there can be one or more publishers or subscribers. The publisher and subscriber databases can be on the same Azure Database for Postgres – flexible server or on two different servers.
The typical use-cases for logical replication are:
Sending incremental changes in a single database or a subset of a database to subscribers as they occur.
Sending the change to subscribers could also help in event driven architectures where the subscriber can process and publish the change to, for example, message brokers like Kafka etc.
Consolidating multiple databases into one data source (for analytical purposes).
Replicating data between different major versions of PostgreSQL.
Replicating between PostgreSQL instances on different platforms (for example Linux to Windows)
Replicating data between servers hosted in different clouds or between on-prem and cloud.
A typical flow involves copying the initial data snapshot from the publisher database to subscriber database and, once the data snapshot copy is completed, any incremental changes on the publisher database are sent to the subscriber database in near real-time.
Using a use-case scenario this blog will share tuning techniques that can be used to improve the performance of the initial data snapshot copy from the publisher to the subscriber database.
The blog is further divided into the following sections:
Server parameters
Use-case scenario
Best practices
Server parameters
The parameters that are used to configure and tune logical replication are as follows:
wal_level: Sets the level of information written to the Write Ahead Log (WAL) to logical.
max_worker_processes: Sets the maximum number of background processes that the system can support. The default value is 8. You can set this value to a number which is greater than the number of subscribers and reserve some for-table data synchronization and parallel apply worker.
max_logical_replication_workers: Specifies maximum number of workers to replicate table data between publisher and subscriber. It includes leader apply workers, parallel apply workers, and table synchronization workers. The default value is 4. Logical replication workers are taken from the pool defined by max_worker_processes.
max_replication_slots: The default is 10. You can set this parameter depending on the number of publishers and subscribers. It can be influenced by the value set to parameter max_sync_workers_per_subscription.
max_sync_workers_per_subscription: Controls the amount of parallelism of the initial data copy during the subscription initialization or when new tables are added. Currently, there can be only one synchronization worker per table. The workers are dependent on max_logical_replication_workers. The default value is 2.
The recommended value is generally about 50% – 75% of the number of vCores on the subscriber server. For example, if the subscriber server is an instance of Azure Database for PostgreSQL Flexible Server running on a Memory Optimized tier, and with an SKU of 16 vCores, then the value of the parameter can be set to 8. This indicates 8 tables can be copied parallelly during initial data copy. To make this change you need to set max_replication_slots, max_worker_processes and max_logical_replication_workers parameters also. A good value for max_worker_processes could be 16 (one worker per one core of CPU), max_replication_slots could be 16 (8 for table data synchronization + additional slots for other purposes) and max_logical_replication_workers could be 12 (for table data synchronization + parallel apply worker workers for in-flight transactions).
Note we recommend 50% -75% of total vCores because, if the number of workers doing initial copy is equal to number of vCores, then you could see 100% CPU utilization on the subscriber server. 50%-75% is just a general recommendation, you can set a higher value but making it too aggressive might result in 100% CPU utilization during initial data copy process on subscriber servers.
max_wal_senders: The maximum number of simultaneously running WAL sender processes. Default is 10. It is recommended to set a value equal to or greater than the number of logical replication slots.
Use-case scenario
In the use case scenario, the publisher database has 6+ tables on Postgres version 16, and the goal is to complete the initial snapshot as fast as possible.
The publisher server is 16 vCore General Purpose Azure Database for Postgres – flexible server with 1 TB storage, and the subscriber server is also a 16 vCore General Purpose Azure Database for Postgres – flexible server with 1 TB storage.
Setup On publisher server:
Server parameters:
wal_level: Logical
max_replication_slots: 12
Execute the following statements on the publisher database:
Grant required permissionsALTER ROLE <role name> WITH REPLICATION;
Note: Please make sure the replication user has read permissions on tables you are trying to replicate.
Create a publicationCREATE PUBLICATION publisher1 FOR TABLE member_claims, member_claims_May,member_claims_April,member_claims_March,member_claims_Feb,member_claims_January;
Setup on subscriber server:
Server parameters:
wal_level: Logical
max_logical_replication_workers: 12
max_worker_processes: 16
max_sync_workers_per_subscription: 6
Autovacuum: OFF
max_wal_size: 64 (GB)
checkpoint_timeout: 1(Hour)
Execute the following statements on the subscriber database:
Create a subscriptionCREATE SUBSCRIPTION <subscription name> CONNECTION’host=xx dbname=xx user=xx password=xx’ PUBLICATION <publisher name>;
Monitoring
Publisher database
Execute the following statement SELECT application_name, wait_event_type, wait_event, query, backend_type FROM pg_stat_activity WHERE state=’active’;
The output should look like this where 6 tables are being copied parallelly
Subscriber database
Execute the following statement to monitor the progress of the initial data copy. SELECT * FROM pg_stat_progress_copy;
For more details on pg_stat_progress_copy you can follow the document COPY-PROGRESS-REPORTING.
Best Practices
In general, it is recommended to have a publisher database and subscriber database on two different servers.
Follow the server parameter guidelines described above.
During the initial data copy phase, you can turn OFF autovacuum, increase max_wal_size to 64 GB if you have a storage size of 1 TB or greater than that [Generally recommended for large storage sizes] and have checkpoint_timeout parameter set to 1 Hour. [We would like the checkpoint to happen less frequently as checkpoint process consumes additional server resources for that purpose 1 hour is recommended. This is again a general recommendation value can be less than 1 hour, it depends on data volume being moved and you can also take into consideration time to recover in case there is a crash during initial data copy phase before coming up with a value]
Note: Once the initial copy is completed it is recommended to vacuum analyze the tables and then turn back autovacuum to ON. The checkpoint_timeout and max_wal_size parameters should also be changed back to previous values.
vacuumdb utility can be used to manually vacuum analyze the tables. For more information follow the document – vacuumdb.
Conclusion
Initial data copy after logical replication is set up between publisher and subscriber databases can be time consuming, particularly when the database size is large with hundreds of tables or database size is large with few large tables. With proper tuning of server parameters mentioned in the blog and having the publisher and subscriber databases on separate servers, you can help reduce the time required significantly.
If you have questions, please contact us at ASK Azure DB for PostgreSQL.
Microsoft Tech Community – Latest Blogs –Read More
Wrapping up the school year with Microsoft 365
Hi Microsoft 365 Insiders!
As the school year draws to a close, it’s time to reflect on the tools and strategies that helped us succeed. Our latest blog post dives into how the latest features from Microsoft 365 can help students and educators make a smooth end-of-year transition. From wrapping up final grades to creating memorable year-end projects, see how Microsoft 365 can enhance your academic experience. Read our latest post and get inspired for next year too!
Thanks!
Perry Sjogren
Microsoft 365 Insider Community Manager
Become a Microsoft 365 Insider and gain exclusive access to new features and help shape the future of Microsoft 365. Join Now: Windows | Mac | iOS | Android
Hi Microsoft 365 Insiders!
As the school year draws to a close, it’s time to reflect on the tools and strategies that helped us succeed. Our latest blog post dives into how the latest features from Microsoft 365 can help students and educators make a smooth end-of-year transition. From wrapping up final grades to creating memorable year-end projects, see how Microsoft 365 can enhance your academic experience. Read our latest post and get inspired for next year too!
Thanks!
Perry Sjogren
Microsoft 365 Insider Community Manager
Become a Microsoft 365 Insider and gain exclusive access to new features and help shape the future of Microsoft 365. Join Now: Windows | Mac | iOS | Android Read More
Business Applications Partner News: Week of June 10
Check out this week’s top resources to stay up-to-date on the latest Business Applications Partner News. Remember to sign up for the monthly Dynamics 365 and Power Platform partner pulse newsletters.
What to register for:
THIS WEEK!
June 11 (IST) (BST): Dynamics 365 Supply Chain Management – Demand Planning Workshop
June 14: Partner Activities Office Hours
June 24-27: FY25 Partner Activities deep-dive webinar series
MPPC 2024 Thru-Partner Demand Gen Initiative – Register for unique code for partners to potentially earn a free pass: aka.ms/MPPCPartnerRegRequest
What to download:
New/updated click through demos:
Dynamics 365 Contact Center Demo
Microsoft Copilot for Finance
Traceability in Dynamics 365 Supply Chain Management
Demand Planning
Business Performance Planning
Dynamics 365 product licensing deck
What to review/like/share:
FY25 Business Applications Partner Activities:
Partner Alert
Partner Blog
LinkedIn update
Dynamics 365 Contact Center Announcement
Partner Alert
LinkedIn update
Sizzle video
Pitch deck
Demo video
What to watch:
May 30 Copilot Studio Partner Opportunity webinar (deck here)
May Tech Talks:
May 16: AI Library Creator Kit Module & CoE Starter Kit
May 30 Power Pages EDM and BSv5 Migrations
Reminders: Register for the upcoming partner events!
Events:
Save the date: Join us on July 11 for MCAPS Start for Partners
July 22: Microsoft Partner FY25 GTM Launch Event for Business Applications
Sep 18-20: Microsoft Power Platform Conference
Trainings:
Level Up Copilot Sales Champion training course (access code: MOKC-MCJB)
Check out this week’s top resources to stay up-to-date on the latest Business Applications Partner News. Remember to sign up for the monthly Dynamics 365 and Power Platform partner pulse newsletters.
What to register for:
THIS WEEK!
June 11 (IST) (BST): Dynamics 365 Supply Chain Management – Demand Planning Workshop
June 14: Partner Activities Office Hours
June 24-27: FY25 Partner Activities deep-dive webinar series
MPPC 2024 Thru-Partner Demand Gen Initiative – Register for unique code for partners to potentially earn a free pass: aka.ms/MPPCPartnerRegRequest
What to download:
New/updated click through demos:
Dynamics 365 Contact Center Demo
Microsoft Copilot for Finance
Traceability in Dynamics 365 Supply Chain Management
Demand Planning
Business Performance Planning
Dynamics 365 product licensing deck
What to review/like/share:
FY25 Business Applications Partner Activities:
Partner Alert
Partner Blog
LinkedIn update
Dynamics 365 Contact Center Announcement
Partner Alert
LinkedIn update
Sizzle video
Pitch deck
Demo video
What to watch:
May 30 Copilot Studio Partner Opportunity webinar (deck here)
May Tech Talks:
May 16: AI Library Creator Kit Module & CoE Starter Kit
May 30 Power Pages EDM and BSv5 Migrations
Reminders: Register for the upcoming partner events!
Events:
Save the date: Join us on July 11 for MCAPS Start for Partners
July 22: Microsoft Partner FY25 GTM Launch Event for Business Applications
Sep 18-20: Microsoft Power Platform Conference
Trainings:
Level Up Copilot Sales Champion training course (access code: MOKC-MCJB) Read More
Copilot 365 not Returning a Full Response
We have a user that is using a fairly comprehensive prompt to generate a summary of a long document. When Copilot 365 responds, it looks like it is generating a fairly comprehensive summary, but then stops. So the user expects to have a list of 5 summary topics, but Copilot 365 only returns 2. We don’t believe we are running into a token limit, but is there a way to check in Graph what could be going on?
Thanks,
We have a user that is using a fairly comprehensive prompt to generate a summary of a long document. When Copilot 365 responds, it looks like it is generating a fairly comprehensive summary, but then stops. So the user expects to have a list of 5 summary topics, but Copilot 365 only returns 2. We don’t believe we are running into a token limit, but is there a way to check in Graph what could be going on? Thanks, Read More
LLM Tokens – Copilot Tokens Limit ??
How to check token consumption?
Response got from MS copilot support team: CoPilot has certain limits in place to manage the usage of LLM tokens. These limits help prevent overloading the system and ensure fair resource allocation. Specifically, users are allowed a certain number of LLM tokens per hour. If this limit is reached, they’ll need to wait before continuing their interaction with CoPilot.
It’s important to note that the calculation of LLM tokens isn’t always straightforward—it doesn’t directly correlate with the user’s input prompt. CoPilot employs complex logic to determine token usage. If you encounter any throttling, consider optimizing your prompt and reducing overall token consumption”
How to check token consumption?Response got from MS copilot support team: CoPilot has certain limits in place to manage the usage of LLM tokens. These limits help prevent overloading the system and ensure fair resource allocation. Specifically, users are allowed a certain number of LLM tokens per hour. If this limit is reached, they’ll need to wait before continuing their interaction with CoPilot.It’s important to note that the calculation of LLM tokens isn’t always straightforward—it doesn’t directly correlate with the user’s input prompt. CoPilot employs complex logic to determine token usage. If you encounter any throttling, consider optimizing your prompt and reducing overall token consumption” Read More
Copilot for Microsoft 365 Security and Governance AMA on Wednesday, June 12th, at 9:00 AM PT
Join us for the Copilot for Microsoft 365 Security and Governance AMA on Wednesday, June 12th, from 9:00 AM to 10:00 AM PST. Our experts will cover data protection, compliance, risk management, and security automation. Don’t miss this opportunity to get your technical questions answered.
Date: June 12, 2024
Time: 9:00 AM – 10:00 AM PDT
RSVP and post questions early: aka.ms/365CopilotAMA
Note: If you are unable to attend the live hour, you can ask your question at any time on the event page linked.
Join us for the Copilot for Microsoft 365 Security and Governance AMA on Wednesday, June 12th, from 9:00 AM to 10:00 AM PST. Our experts will cover data protection, compliance, risk management, and security automation. Don’t miss this opportunity to get your technical questions answered.
Date: June 12, 2024
Time: 9:00 AM – 10:00 AM PDT
RSVP and post questions early: aka.ms/365CopilotAMA
Note: If you are unable to attend the live hour, you can ask your question at any time on the event page linked.
Graphic displaying the text “Copilot for Microsoft 365 Security and Governance AMA” with event details: Wednesday, June 12th, from 9:00 AM to 10:00 AM PST, and an RSVP link: aka.ms/365CopilotAMA. Read More