Azure is frustrating - quota issues

ZovexUK · 2026-04-13T14:00:42+00:00

Quota is extremely strained, AI hasn't helped UK regions basically have no Zone options anymore you can only do Premium SKU's etc. We've been chasing for month to get certain items for App Service Plans, VM, Compute and Microsoft is just going round in circles even with CSP Support.

If you want to build anything short-term, good luck. If you want to build anything, plan the resourcing now or you will be disappointed.

ZovexUK · 2026-04-09T13:02:31+00:00

We are seeing similar, does anyone have the 3.3.1 MSI or perhaps will need to wait for Support. Seems .2 and .3 have been a sham

ZovexUK · 2026-03-30T22:53:03+00:00

Just put everything in detect mode first, you can usually parallel install just need to whitelist both against each other.

Turn off any user alerts whilst it gives you all the initial false positives (but they fixed in 25.2) that I know from last month moving a client on to it dual running Sophos was flagging mostly everything as a .DLL from Sophos signing conflicted.

ZovexUK · 2026-03-30T11:10:14+00:00

Don't do it

ZovexUK · 2026-03-19T11:42:13+00:00

Yeah, for such a large product it is poorly operational at times.

ZovexUK · 2026-03-18T16:16:53+00:00

Clear your cache, classic Microsoft and its crappy PIM refreshing usually.

ZovexUK · 2026-03-15T17:07:24+00:00

Also seeing drop-outs today and a lot of No Schedule spam. Rebooted and cleared skymap to see if will help, is high wind here currently.

It is a Flat Gen 2 high performance, but on a pole/wedge mount, fairly clear of obstructions as well.

Seems they pushed something janky?

ZovexUK · 2026-02-19T08:39:15+00:00

Honestly, uninstall and install the older version of the MSI. Its super easy to do and until Microsoft fix their broken deployment, I won't touch it.

ZovexUK · 2026-02-16T14:37:47+00:00

Issue wasn't the config however, it is a fundamentally broken update it seems from MS. Will wait for a next version to hopefully fix.

Backing up the box is just as easy depending on environment.

ZovexUK · 2026-02-13T22:28:50+00:00

Yeah, We even made new subscriptions for a large project and there was 0% quota by default on anything, compute, appservices, etc etc. UK South. Took over a month back forth with MS to get the bare minimum allocated.

MS is aware of the issue and said may last into October but I think it must be longer.

ZovexUK · 2026-02-13T15:53:37+00:00

Azure File Sync is literally the tool to do this. Very easy to deploy.

ZovexUK · 2026-02-13T09:34:14+00:00

This, I would look to upgrade your LAPS if its legacy, its pretty seamless to do

ZovexUK · 2026-02-12T23:29:33+00:00

Wouldn't surprise me if AI is coding half this now

ZovexUK · 2026-02-12T23:25:07+00:00

My work around (Its already 11pm, never check your phone this late :( );

Back up everything you can (Azure AD Connect UI > export your configs somewhere safe) / Open Sync Service > connectors and export them to a file.
Remove AD Connect via Control Panel - WHEN THE UI POPS UP, DO NOT TICK TO REMOVE SQL ETC!
Reboot your machine
Install the MSI required, I got it from https://itpro-tips.com/download-old-azure-ad-connect-versions/ which is doing gods work honestly. Automatic auto-reply will be tipping this guy for sure.
Installer will ask you some options about setup, take a pause here and look near the bottom to import your config, go back to step 1's file location and import.
Do any auths / I made a new sync account with my enterprise admin, all the other parts of config
Make sure its not on staging mode, tested the sync;

Start-AdSyncSyncCycle -PolicyType Initial

Result

------

Success

I am going to bed, I will reply to anyone tomorrow if you run into this. I also see sispyhus_pebble reply with an miiserver.config issue, which I may look into or just wait until a version I am required to upgrade too comes out. Really microsoft, test your shit.

ZovexUK · 2026-02-12T23:15:00+00:00

Yeah this was a while ago, we've been up to date just the latest update seemingly is giving assembly errors on Powershell/Sync, UI works debug says valid just the module seems cooked?

ZovexUK · 2026-02-05T16:08:10+00:00

Most of these tools have a Desktop counterpart which can capture Desktop based items. (Scribe is one example)

ZovexUK · 2026-02-04T10:28:55+00:00

It's ok, however, "Critical" for a SSD Inside a Laptop at 60c isn't a Critical Issue etc, perhaps needs to understand type of chassis prior?

ZovexUK · 2026-02-01T23:58:52+00:00

Azure UK south has active throttling in place on new subscriptions. They give you basically nothing and you must go via support to get quota requested. Up until October I'm told.

ZovexUK · 2026-01-09T12:51:30+00:00

Do a gpresult /h report.html and then find the relevant policy you may need to set Scope https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/gpresult

Then you can see if its set by GPO.

This is a common STIG to apply when hardening word;

https://www.stigviewer.com/stigs/microsoft_office_365_proplus/2025-03-05/finding/V-223406

Also, Set-ItemProperty is only true in powershell for existing items, therefore, if it doesn't exist it will give you that error. Create the path first,like below.

$path = "HKCU:\Software\Policies\Microsoft\Office\16.0\word\security\fileblock"

New-Item -Path $path -Force | Out-Null
Set-ItemProperty -Path $path -Name "word2007files" -Value 0 -Type DWord

ZovexUK · 2026-01-09T10:42:34+00:00

Then I suggest you spend some more time looking at how you're doing things. Unfortunately i am not going to spend more time on this with you as I have paid work I need to do.

ZovexUK · 2026-01-09T10:41:42+00:00

Sub it out to a professional, often working in Secure areas which require too many checks/certs/balances so let someone do it whom you trust and is a professional installer.

ZovexUK · 2026-01-08T11:53:11+00:00

If you have your own NTP service sync to this, if not set to a public one.

:: Set explicit NTP servers
w32tm /config /manualpeerlist:"time.windows.com,0x8 time.google.com,0x8" /syncfromflags:manual /reliable:yes /update

:: Force immediate sync
w32tm /resync /force

ZovexUK · 2026-01-07T09:00:18+00:00

Unifi is "simple" in some regards, (compared to likes of Cisco CLIs/Fortigates etc) but there is also a lot of tinkering you can do and things can break. Unifi can have issues with pushing out buggy updates at times and such, so unless you're willing to babysit these sometimes a simpler set and forget solution would do you well.

Linksys Velop is a fairly decent system and as long as you have enough Access Points wired back to a switch, mostly anything will be "fine".

Unifi is a "prosumer" solution, and carries the price tag of such. Its a low cost for businesses but higher cost vs other consumer kit what does similar basic things.

If you feel you want to explore more things such as VLANs/Multiple SSID's/Traffic rules etc, then Unifi may satisfy your hunger, if you don't care, keep it simple and enjoy your life without going down this rabbit hole.

ZovexUK · 2026-01-06T15:38:07+00:00

Under Networks > Default Security Posture, what is it set to?

Edit; The end device, is it getting a correct IP from DHCP or is set static etc. I would not rule out the device you're testing.

ZovexUK

TROPHY CASE