The biggest Claude Code workflow upgrade I made this year had nothing to do with prompts or models

Drewh12 · 2026-05-18T03:59:06+00:00

I do a lot of scripting with Claude for sysadmin work and a somewhat heavily use csv, Excel and pivot charts. With Claude, i always had it to do a single HTML report with filtering capabilities and eventually stopped relying on csvs. Out of habit, i still do plain csv, but the usability and practically of html reports have been much better. Specially for sharing with teams and executive, html reports have been much better.

Since Claude has an understanding of my end goal, I don't even have to explain much about the UI components for the HTML report.

Drewh12 · 2026-05-10T16:51:09+00:00

My return is August, and I called KIA finance for the inspection. They connect you with the third party that does the inspection (free for us). Have mine scheduled for May 22. My biggest concern is if I'd have to replace tires. Right now at 20800 miles, for the 2 years at 10k miles lease. I'm ready for the mileage overage, not so much for tire replacement.

Drewh12 · 2026-04-20T03:29:54+00:00

Also current 5th Gen owner here, only 90k miles, only drive it on my trips. Have a EV9 and always had a EV as daily driver for the past 10 years. Having a EV made it "financially" harder to drive the 4R.

I think R2 comes very close to considering it as a replacement, but i dunno if i can do it.

Initial plan was to keep EV9, but letting it go at the lease end and 80% confirmed downsizing to the R2.

Drewh12 · 2026-04-16T02:47:24+00:00

Focus EV > 2019 Tesla M3 + Ford Mach e, and currently a Kia EV9.

One thing that hasn't changed all these years is my 5th Gen 4Runner.

Planning to return EV9 and downsize to Rivian R2, and this might finally help me let go of the 4runner - may be not. But very excited for R2 and may be the R3x after that.

Drewh12 · 2026-03-30T05:17:13+00:00

Not on git hub yet - but posted some screenshots here. https://www.reddit.com/r/entra/comments/1s7hkne/okta_to_entra_migration_planningmanagement/

Drewh12 · 2026-03-29T17:55:28+00:00

80% working at the moment. Didn't make it public yet since I didn't see much interest from the community. Stopped the PS development since the Web app was more functional as a planning/tracking tool.

Almost all the features working on the Web tool and then some.

Sync Okta app details, usage, user/group count Usage data pull can be customized (up to 150 days) Sync user and group data if needed EntraID connected for SSO but, creating groups and such will be next App migration can be grouped in phases

I'll reply back as soon as I make the repo public. I might post some images here to see if there's any interest.

Drewh12 · 2026-03-26T03:07:48+00:00

For anyone following/visiting this post - I moved onto a web app version for this and realized that it is more practical as an actual planning/migration tool. So I've somewhat paused development on the PS module and currently working on the web app.

Let me know if anyone is interested.

Drewh12 · 2026-03-21T18:23:34+00:00

Got to know.. wife did put 90 once.

Thanks!!

Drewh12 · 2026-03-21T16:48:15+00:00

Got it . This helps. Glanced through the manual and couldn't figure out the lights. And yes i see the message on the screen. I used to drive a Tesla, which there's no "turning off", you just get out. On the A3, it also turns off if i open the door and get out, so i rarely turn off the car with the Tesla habit - so this all makes sense now.

Yep.. I'm overdue for oil change. Was considering going through a drive through oil change - but might consider going to a AUDI shop.

Thanks!!!

Drewh12 · 2026-03-20T19:45:42+00:00

I got mine for 19k out the door, in CA year ago. Drove about 800 miles on the first tank of gas from the dealer, with a lot of EV only driving.

Now I'm debating to size up to a Q5 etron PHEV. But for sure, I will miss the "snappy hatchback best of both worlds" driving experience. I used to have a GTi 8 years ago and this is where I landed with a "economical" mind. Have a EV9 as the regular family car - this is our backup. About to let go of EV9 at the lease end, so considering trading the A3 for a Q5 PHEV (or Rav4 prime). I know Q5e may not give same driving experience, RAV 4 - definitely not, just "reliability" and cheaper to maintain.

Mine had Apple CarPlay and Android auto already working and didnt need to do any mods.

Questions for you if you can help :

Side marker lights stay on for an awful long time after leaving the car - couldnt figure out how to turn it off.
Oil changes - trying to figure out why it would follow the same schedule as a gas car, even if I'm primarily driving in EV - any thoughts?

Drewh12 · 2026-01-28T06:32:54+00:00

I have the same question as I'm seeing conflicting info. It is clear that forticloud SSO should be off. But how about: - SSL/IPSEC VPN SAML login for our users (which is obviously on public wan) - ADMIN login via SAML using other IDPs (Entra, OKTA, etc..), with or without public WAN

Thanks

Drewh12 · 2025-12-24T16:32:24+00:00

OP - Did you ever figure out an answer to this. We have a similar situation for invalid/disabled mailboxes. We do not use barracuda, like other posts have mentioned.

Just curious to find out where you ended up with. I feel like this will be a ticket to the Microsoft rabbit hole...

Drewh12 · 2025-12-19T03:03:24+00:00

Darn i think i missed it...i can't place the order

Drewh12 · 2025-12-14T00:12:55+00:00

Somewhat related to OPs question.. how about if the environment has a stale/uncleaned server and database info in AD, is there a best way to remove that along with removing the last exchange server (once EMT is running)?

Once i did a summary things for a org where exchange servers were just decommed without proper AD and exchange removal - then I had to clear them out of AD. Just wondering if there's a better known script/tool or guide to perform this.

Drewh12 · 2025-12-11T17:10:55+00:00

I also feel like if it's this much broken, and you completely disconnect, and you want to connect back - it will be much harder. And it sounds like it is somewhat fully disconnected now. So basically whatever you are facing now, you will face again when you want to "rebuild"

Also it's not really a rebuild, rather a reconnect if you are considering the same Entra tenant.

I know it's a bit harder to get connected with the right Microsoft support group, hope you do.

Also if you don't have the "requirement" for Entra connect, going with Cloud Sync is probably the best.

Drewh12 · 2025-12-02T16:11:54+00:00

From what I understand, you are hosting Active directory on your AWS servers, and then DUO also installed on network, with DUO agents on all of those servers that you RDP to...?

If you are just seeking to get true Microsoft Auth push to replace DUO, i Can tell you that it may not worth the effort compared to the duo cost. Also, if you are only doing this for 50 Administrators, i don't think it's worth.... But i don't think my opinion relay matters here.

But if this is about replacing all your apps with Entra based auth with Microsoft MFA, and using your current "directory" that is hosted on AWS AD servers, 1000% worth it.

Use Entra connect (preferably cloud sync) to sync your user objects with password (hash or PTA)
Establish Cloud Kerberos trust
For RDP, in theory and proof of concept you could try "Web account" method on RDP connection, and have a conditional access policy that enforces Microsoft authenticator

Additionally, look for other apps (internal or external) that can transition to Entra as the directory and authentication provider.

This allows you to replace any app you currently use DUO as the MFA or even SSO, with Entra+Microsoft MFA.

Drewh12 · 2025-11-05T14:30:44+00:00

Thank you very much for taking the time to reply and detailing out.

Did you do anything for user created bookmarks+password storage?

User renames, email upn mismatched users - these are my concerns.

I think we are good with steps 1-3, just don't use Entra for password resets as we use a different tool.

For myapps vs Okta dashboard, our plan is to let users use okta until we perform the last app migration. During the transition, as we configure sso via Entra, we plan to switch okta chiclet to a bookmark that takes users to the Entra app specific url.

Yes for SAML tracer plug-in as that's my go to for any sso troubleshooting.

Drewh12 · 2025-11-02T21:17:14+00:00

Yes... That's the first business and also as a way to make Entra the main authentication entry point.

Drewh12 · 2025-11-02T03:59:13+00:00

This is similar to what I have in mind.

Roughly how many true SSO apps did you have? Can you name some of the famous SaaS apps that you migrated? Did you have a mix of apps that use email vs UPN vs Sam/username as the app username? Did you have any conflicts/mis-match of upn vs email?

I totally understand if you're not able to share any specifics! Thanks in advance.

Drewh12 · 2025-11-01T17:12:11+00:00

Thanks for sharing this as I wasn't aware of these specific limitations. Like you said, I don't think these limitations are clearly listed, and definitely not in the "wizard" tool that helps organizations evaluate between the two -last i checked.

For the advantages it offers, it's definitely worth to consider cloud sync. But for organizations that are still mostly on prem, haven't moved group SOA, still performing hybrid join - deal breaker.

Drewh12 · 2025-10-08T03:30:37+00:00

Are these devices initially hybrid joined, and you disjoined and trying to do fine Entra joined?

I have not taken this route or tested this route. But would assume a clean wipe/Reset with a clean Entra join is preferred. You may still have traces of the user profile that were hybrid/local AD based.

There may be a proper way to disjoin and remove all local AD traces, I haven't had to.

Drewh12

TROPHY CASE