August 14, 2025 • 36 mins
Welcome to Episode 408 of the Microsoft Cloud IT Pro Podcast. Part two of our exploration into Model Context Protocol (MCP) servers continues our hands-on discussion about finding, implementing, and getting the most out of MCP servers in your daily workflows.
Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options.
Show Notes
Silicon Valley: Gilfoyle Made A Bot (Season 6 Episode 1 Clip) | HBO
Lokka
What is the Azure MCP Server (Preview)?
Microsoft Learn Docs MCP Server overview
Notion MCP
Introducing Slack MCP Support
Model Context Protocol servers
Docker MCP Catalog
About the sponsors
Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
(00:03):
Welcome to episode 408
of the Microsoft Cloud IT Pro podcast recorded
live on 07/25/2025.
This is a show about Microsoft three sixty
five and Azure from the perspective of IT
pros and end users, where we discuss a
topic or recent news and how it relates
to you. In this episode, we'll move on
to topics around where you can go to
(00:24):
find various MCPs,
what some of our favorite MCPs are, and
how we've used these MCPs and tied them
into various LLMs to help us get our
work done.
We are back. Part two
of MCPs
and the glorious
functionality.
It's just beautiful. Can I turn this into
(00:46):
an Apple event and talk about how beautiful
it is and magical and either that or
Disney? Beautiful, magical, glorious.
One big beautiful MCP?
Sorry. I had to go there. Yes. You
just had to. Can I ask it? Scott,
no politics. We avoid politics on the podcast.
Politics aside, if people are into comedy, the
latest episode of South Park is absolutely glorious.
(01:07):
Absolutely, like, pure One big beautiful South Park
episode? Absolutely.
Plex friend that you are. You know where
to find such things if you want them.
Alright. We're not appropriate for kids, but if
you're in a mood and a vibe, oh.
Speaking of TV shows, have you ever gone
back and watched some of the old Silicon
Valley episodes now that AI is becoming more
mainstream and how much funnier some of them
(01:28):
are? I just started revisiting that a couple
months ago, so it's been good to go
through.
Yes. The Guilfoyle bot, like, the Guilfoyle bot
is, like, actually could be a real thing
now.
Absolutely, it could. Alright. Should we build an
m c we should build an MCP server
for
TV shows. Old if you could do that,
(01:49):
like, build an MCP server as that ties
into IMDB or something or
speaking of use cases for MCP servers.
Speaking of?
Movie quotes, an MCP server for, like, pulling
out good movie quotes. Write an entire story
or an entire book pulling movie quotes from
so many different movies. Yeah. You could probably
do it. Should we talk about more practical
(02:10):
use cases for MCP servers or how you
get started? Like, our last episode, we kinda
talked about what MCP servers are, touched on
different ways you can integrate them,
touched on some security stuff a little bit.
We thought now it'd be fun. I know
you use MCP servers. I've been using some
MCP servers here in
regular
day to day life business use cases, and
(02:33):
we're starting to see more and more MCP
servers pop up from different companies as well,
different services that allow you to start bringing
that data in and bringing it together is
kinda talking about what MCP servers maybe we
use, how we've played with them, maybe even
a little bit how you get them installed
because different ones vary there and diving into
(02:53):
more of the practical
use of these MCP servers. Absolutely. So I
think this conversation
probably centers on our experimentation
and kinda our experiences here. Like we closed
last episode, I'd be very interested in hearing
what others are doing, what they're finding interesting,
and what they're finding helps, like, augment their
workflows and kinda get going with some of
(03:14):
this stuff because everything's moving very fast. There's
new implementations.
There's new updates, functionality changes
from day to day kinda thing. So I'd
be very keen to hear kinda others' experiences
here and just what they've run into
along the way. So I think step one,
and you've kinda got it up on the
screen here, is
(03:35):
you hear about MCP and you're like, oh,
this all sounds great. Like, how do I
go and find out what servers are out
there? Well, there's no, like, one stop shopping,
like, definitive catalog for these things, but there
are a couple catalogs out there that can
help you get going. So the first one
that you've got up on your screen, so
this is from Anthropic.
(03:55):
They kinda maintain a GitHub repo
of
active MCP servers. Funny enough, over time, these
things haven't been around that long, and they're
already hitting the point where they have an
archived directory in there because some have come
and gone already. But if you're looking for
a specific thing, often, like, one of these
directories
is a good place to start. I think
(04:17):
Anthropic's got a good one for that. I
think the other one that's out there that
might be interesting to folks,
especially the more kinda security focused isolated ones,
is Docker's
MCP
catalog.
So Docker has an MCP catalog and they
have an MCP toolkit. We'll kind of ignore
the toolkit for now. But their catalog is
(04:37):
really cool because it's integrated into the Docker
desktop client.
So now you get this whole world of
containerization,
super easy, like, one click install, like, if
you're just, like, a gooey person kind of
thing, but you also get the added benefit
of container isolation for these things. So like
we talked about in the last episode, you
know, the these need to run either on
(04:59):
a service as an HTTP endpoint
or they need to run locally with an
HTTP endpoint. If they're running locally with an
HTTP endpoint, well, that means they're often running
through, like, an NPM server, so you'll see,
like, a lot of, like, the server definitions
or, like, MPX and this thing kind of
thing. So you're running all those web servers
locally, so you do have to kind of
make this call about, like, do I wanna
(05:19):
do that in isolation in something of the
form of a container, or do I want
to
just, like, go and start spinning these things
up all over the place and have
multiple npm instances running with multiple servers, things
like that? That's a, like, you do you
kinda thing, but I think it is a
consideration.
And
the Docker folks here, like, to their credit,
(05:40):
they've done an amazing job with just, like,
integrating this into the Docker desktop client, making
it super turnkey,
and providing some more of that, like, abstraction
isolation that containers
give you in that world. So if you're
running a local server, specifically a local MCP
server, I really encourage folks to probably look
at the Docker catalog first. And then if
(06:01):
your thing isn't in the Docker catalog or
even if you found it in some other
catalog, go see if it's in Docker. And
then if you really have to and you
really wanna get hands on with it, then
do that in a way that's safe for
you to do. Yeah. And there's a lot
of them here. I don't know how many
there are in Docker. I should someone should
ask AI how many there are here. One,
two, three, four, six pages with,
like, one, two I think there's a couple
(06:22):
100 in there today already. Yeah. And that
list grows over time. Maybe one of the
nice things about the Docker one too is
it's not just like GitHub and a pull
request away. So there's a little bit of
a, hey. I want to submit my MCP
server to your catalog kind of thing.
I don't know, like, on the back end
if that comes with any kind of agreements
(06:42):
or anything of saying, like, hey. You'll maintain
it or you'll let Docker know when it
goes away, blah blah blah. But I imagine
because all these spin up in in containers
and things like that and isolated that you're
kinda also using Docker Hub, and folks can
go out and look at the Docker files
and see what all these are doing. Yeah.
Look at here's a LinkedIn MCP server, Scott.
(07:02):
I might have to go try a new
one. I've not played with this one yet.
But a couple episodes ago, I talked about
how I had used Researcher to go look
up people that I may be meeting with
or connecting with and have it looked at
LinkedIn. It would be interesting to try some
of that with this LinkedIn MCP server, see
what kind of fun details I can pull
out. So, yeah, these are, again, great resources
(07:24):
when you're looking for MCP servers. You can
also just go out and search for them.
Like, when I started playing with them, there
were some certain MCP servers. I was like,
oh, are there some MCP servers for this
and for ClickUp, for Microsoft Sentinel for some
of those? So some of those, I just
did a search for and found GitHub repos.
Obviously, word of caution, if you're just going
out to some random GitHub repo to grab
(07:45):
an MCP server, proceed with caution. Like we
mentioned in the last episode,
MCP servers being the USB ports of AI,
you don't necessarily wanna just plug in a
random GitHub MCP server to your environment.
But there are lots and lots of options
out here. I would say the other thing
I found before we get into some of
(08:05):
those use cases when I was looking for
MCP servers is
I struggled a little bit where and this
was ClickUp in particular.
ClickUp has AI built into ClickUp, and they
are building in support for MCP servers
to be able to
have ClickUp
AI go connect to whatever MCP server. And
(08:26):
I was like, no. I don't want ClickUp
to connect to an MCP server. I want
an MCP server to connect to ClickUp.
And some of the search engine right. Like,
some of the search engines were having problems,
and I kept running into, here's how you
add an MCP server into monday.com. Here's how
you add an MCP server into ClickUp. Here's
how you add an MCP server into Notion.
Here's how you it's like, no. I want
(08:48):
an MCP server for them to pull that
data somewhere else. So,
yeah, that's it's new. Everybody is trying to
figure it out, and everybody wants you in
their AI platform.
So they're trying to get you to go
use theirs. I had the same struggle with
Notion going down that path the first time.
So I was very interested in
I I think I talked about the use
case before. Like, I use, like, chat GPT
(09:09):
and things like that or, like, Claude to
create a recipe.
And I was very interested in this, like,
hey. Just pump it into my recipes database
because I knew they had an MCP server
that allowed for the ability to, like, create
databases,
update databases, all these things. And it took
me a while to find the right path
to get there. And then once you find
the right path to get there, you also
sometimes have to find, like, the right incantation
(09:31):
of, hey, this is how I'm going to
make it work kind of thing.
So, like, for Notion, like, it's got an
update database thing. Well, databases have columns, they
have fields, they might have fixed data types,
things like that. So just figuring out even,
like, what's the raw input you need from
the LLM to push the LLM to the
next step of insert into my Notion database
can be a little bit weird. But if
(09:52):
you're a tinkerer, I think these things are,
like, really fun. And then once you figure
them out, like, boom, the light goes off,
and you kinda get to
the next step from there. I I think
they are really fun kind of things. So
there's tons of them on the consumer side.
I've been using
mostly
Azure focused things in my day to day.
Like, I spend a lot of time in
(10:12):
Versus Code, either writing documentation for our platform,
generating sample scripts, running
running through and doing test cases and things
for SDKs, clients, all that. So that's a
place that I was already living. So having
that as a client
Versus code that is
MCP capable and with the ability to integrate
with MCP servers as client,
(10:34):
access to all the chat models that are
out there, things like that. And being that
I work for Microsoft and, I mean, Azure,
I found a couple that are helpful to
me. So the two that I probably use
the most are the Microsoft learn MCP server
and then the Azure
MCP server. And
this is, I I think, two good ones
to talk about because they also bring us
(10:55):
back to that distinction
of
remote server versus local server and some of
the things that go on with setting them
up and kinda how they wire up and
how they come together. So the Microsoft Learn
MCP server is
a remote server. So the folks at Microsoft
Learn actually have an API endpoint that's available
(11:16):
to you as a customer that you can
integrate with your MCP client,
and you it's a very simple definition.
They've made this super turnkey for, like, Versus
Code. Like, if you scroll down a little
bit on this page, like, installing these things,
or maybe it's on this page, maybe it's
on another page for it. Yeah. Maybe get
started or something like that. That's probably it.
Yeah. So, like, right there, they've got configure
(11:37):
Versus Code. It's literally like a button, and
it just opens Versus Code for you automatically,
and it wires it up along the way.
Very similar
to maybe installing extensions and things like that.
Oh, I guess we should have mentioned that,
like, Versus Code. Visual Studio Marketplace, they actually
have an MCP catalog as well that's out
there ready, raring to go, available, all that.
Yeah. So so this is a remote one.
(11:59):
You install it, and you're kinda ready to
go. You do have to start MCP servers,
particularly in Versus code. I found this to
confuse me. Every time I close Versus code
down and then reopen it, and I go
back into my agent
or my chat view, and I turn it
to agent mode, and then it goes, oh,
I don't know what to do because this
thing isn't on. Darn it. I forgot. Maybe
there's a button or something I just haven't
(12:20):
found yet linked to Versus Code configuration to
to do that. But, yeah, once once you
got it up and running, then you just
start chatting with it and ask it, like,
hey. How do I create an Azure VM
based on docs? And then just based on
the context of having Azure and docs in
the prompt, it knows to use that agent
to reach out and do that. You can
even ground it, like I talked a little
bit before, and I think we talked about
this in the previous episode about grounding these
(12:42):
things with instructions
and kind of base prompts to start. So
in the case of Versus Code, you go
in and basically you say, here's my instruction
file. And in your instruction file, you can
tell your instruction file. And I think if
you scroll down in here to the bottom
of this page, it's actually got a section
here for set instructions.
Yeah. Perfect.
So you can actually just tell it and
ground it. Like, anytime I ask a question
(13:02):
about a Microsoft product, use this MCP server.
Like like, go out and use me to
to get that information and pull it back.
So that that's one that I use all
the time. Like, it's just there, ready to
go and available. And then the other one
that I use a bunch, which is a
local server,
is the Azure MCP
server.
So this one is
(13:24):
a single MCP server with a whole bunch
of agents inside of it. So when you're
chatting with the Microsoft Learn MCP server, it's
really just one agent that's going across all
the learn docs and figuring things out. The
Azure MCP server has well, as of a
couple days ago, it had, like, 72 or
73 agents in it. They just collapsed it
down to 28 because it was just, like,
(13:45):
so a big list and gnarly to get
a hold of. But this one offers you
a bunch of domain specific functionality around Azure.
So, like, list all my resource groups, list
all my virtual machines, list my storage accounts.
And then it has even more domain specific
functionality
given the resource that you are interacting with.
So I work in Azure storage. That's the
(14:06):
place I've been playing around the most. So
that'll be, like, my example here. They have
the ability to go in and say, like,
list all the containers in my storage account.
Give me the properties of my containers in
my storage account. Things like that. And the
docs for this one are pretty good. Like,
if you click through like, you've got on
the side there, like, if you go into,
like, the Azure storage one or the resource
group one, either one of those, it'll tell
(14:27):
you, like, hey. Here's the types of domain
specific knowledge that
this MCP implementation and this particular agent can
offer back to you
as a customer.
There's a big distinction here between that whole
local and remote server thing and what it
goes to to get these things wired up
and get them installed and get them all
(14:48):
working. So, like, the learn one, super easy.
Right? Because it's a remote MCP server. You're
just pointing it at a resource and you
go. This one's local. So you gotta run
it. It requires
if you're running it locally on your desktop,
it requires Node. If you're, like, a Windows
customer and you're just doing Node for the
first time and you just next, next, next
to your way through the installation,
Node does some weird stuff. Like, it'll install
(15:09):
Chocolatey and some other stuff along the way,
but there's definitely like this dependency chain that
isn't always clear until you start using it.
Thankfully, like the agent walks you through it
pretty clearly, so like once you get the
server started and you go run your first
thing, like, hey, list my resource groups, then
it'll say, oh, I wanna list your resource
groups with the Azure CLI. Do you have
the Azure CLI installed? Is it in your
(15:31):
path? Yes. I'll go run that. Oh, I
see Azure CLI is not installed. Let's go
install that kind of thing. So there can
be a little bit more of, like, hurry
up and wait,
particularly when you're installing local servers that have
dependencies
on other tools or other tool chains
that are out there along the way. But
once you get it all going, super turnkey.
Right? Super easy. You just kinda light it
(15:51):
up and go.
Yeah. Do you feel overwhelmed by trying to
manage your Office three sixty five environment? Are
you facing unexpected issues that disrupt your company's
productivity? Intelligink is here to help. Much like
you take your car to the mechanic that
has specialized knowledge on how to best keep
your car running, Intelligink helps you with your
(16:13):
Microsoft cloud environment because that's their expertise. Intelligink
keeps up with the latest updates in the
Microsoft cloud to help keep your business running
smoothly and ahead of the curve. Whether you
are a small organization with just a few
users up to an organization of several thousand
employees,
they want to partner with you to implement
and administer your Microsoft cloud technology.
(16:34):
Visit them at inteliginc.com/podcast.
That's intelligink.com/podcast
for more information or to schedule a thirty
minute call to get started with them today.
Intelligent focuses on the Microsoft cloud so you
can focus on your business.
(16:56):
And I've been playing with this one too.
The other thing I would say is, well,
the difference between
Learn and Azure is, like, Learn is all
just open to the public documentation. Right? Like,
you don't need to authenticate to Learn to
go pull stuff from it, so MCP server's
there. With the Azure one, you are connecting
to your subscription, so there are dependencies
there on you actually have access to your
(17:18):
Azure subscription and your permissions to Azure and
setting up that authentication
piece between
your local instance and Azure. I've started playing
with the learn one. I've not used the
learn one as much yet, but I do
like it, and I have actually been using
Claude for all my MCPs. I went out
and set up Claude locally. I've been setting
up a bunch of my MCPs in Claude.
(17:39):
I do not have the problem of having
to start it. I just go in and
start chatting with Claude, and it pulls it
all back. But I like Have you been
able to get the Azure MCP server going
in, Claude? I had a bunch of fits
and starts there, particularly on my Mac. Like,
there was something so the Azure MCP server
relies heavily on default Azure credential, which is,
like, this internal class within things, and I've
just had, like, a bear of a time
(17:59):
get it going. I could only get it
going in Versus Code. I could never get
it going in I think it is. Let
me go ask in a minute. Let's see
if it can fix my spell check. We'll
let that go while we keep talking, but
it wants a CLI.
Always allow. But I like the fact, like,
with learn,
before if you would go out and
do a if you're gonna go out and
(18:20):
do a search, right, or if you're just
using Claude or OpenAI or something to ask
about certain Microsoft documentation,
you do tend
to I think I would say it can
you don't always know that it's gonna pull
it straight from learn. Right? It may pull
up from some forums where people are giving
incorrect answers.
It may pull it from all kinds of
different places, blogs, YouTube. You never really know
(18:43):
where when you start doing the MCP, you're
like, okay. It's probably gonna tend to pull
at least a little bit more accurate information
from learn. We could argue that learn always
isn't accurate, but that's a whole another discussion.
Absolutely.
Discussion for another time. In regard to that,
so
Claude presents it a little bit differently in
the UI. I think I'm, like, more immersed
in that Versus Code world
(19:05):
today for this stuff, at least for, like,
my day to day job and role.
You can actually tell
when it's reaching out to an agent, at
least in, like, the internal, like, GitHub Copilot
chat window. So you do have that, like,
that grounding that like, hey, this response is
coming back from this MCP agent.
It's not coming back from, like you said,
just the base LLM and what that's been
(19:26):
trained on or anything like that along the
way. I'm gonna have to go revisit this.
Maybe they updated something in Claude because I
just had a
weird time getting it going
last time. But So this is fascinating
too. I don't know.
This is not pulling it
from
my subscription. This is using another client's
(19:48):
Azure account that I'm signed into somewhere. So
I don't know how it picked which credentials
it was going to use
when it went out and connected to Azure.
If it's the latest one that I've connected
to with Azure CLI
or
how it shows which credentials it was gonna
authenticate, but it did not use my my
internal company credentials. It used some credentials I'm
(20:10):
signed into with the client subscription. But it
was at least able to connect and go
pull all the resource groups across all the
subscriptions
that I'm currently signed into somewhere. Oh, there
you go. Yeah. That's
another interesting thing too, like, Claude and Microsoft
documentation for both Learn and the Azure MCP.
PurePoint gets a global just a click to
(20:31):
install from the Visual Studio
directory. If you go use Claude, they do
have guides for the directory install
wherein opening a configuration policy,
pasting in some JSON, you need to ensure
you keep your JSON formatted because what I
have found all this documentation
assumes this is the only MCP you're installing
in your configuration file. If you take the
(20:53):
raw JSON from all of these, you end
up with malformed JSONs. You have to figure
out these all go inside of the servers
with the commas in the right places and
squiggly brackets and all of that. Claude for
me was a little bit trickier, and every
once in a while, I'll see weird
errors pop up in Claude with formatting issues.
It seems to work.
We talked about it last episode. MCPs are
(21:14):
new. There's still some WIMM every once in
a while, but I've got both Learn and
the Azure one working well in my instance
of Claude locally. Claude's been a bit of
a weird one. You kinda get into
that world
of editing JSON and all that stuff locally.
So,
yeah, it's kinda hit or miss. And it
depends on your level of, I think, like,
(21:36):
just not, like, technical acumen, like your ability
to, I think, deal with some of the
friction that Yes.
That comes with these things. So
Versus Code, I like I said, like, they've
made it super turnkey.
Like, I I would have to guess the
folks at Anthropic aren't really happy. Like, Microsoft's
out here with, like, this whole ecosystem as
(21:56):
well that's disintegrating and doing these things, but
I will say, like, the folks at GitHub
have done a very good job with that.
So for the learn one, does that still
require you to have GitHub Copilot as well
in Visual Studio Code or because it's using
the web version?
I didn't look at that. I don't believe
so. I I haven't tried to integrate that
one with Cloud yet, but it should have
to stay a local
(22:17):
definition as well. Do you wanna talk about
learn or Azure anymore? Let's get into
some of your list. This is the one
I've been playing with a lot lately is
Loca, and this is from our good friend,
Merrill, who we've had on the podcast before.
He went out and created a Loca agent
tool. And did you read? He posted the
story because everybody asked him why he named
(22:38):
this MCP Loca. I did not. Yeah. I
don't know the background there. It was because
he was in front of a food truck
or a coffee truck, and the name of
the food truck was named Loca when he
came up with the idea. So he named
the MCP after that. He has a little
bit of that backstory out on LinkedIn. But
this is an MCP
(22:59):
that runs locally
using Node, so
you need to have and he guides you
through the Cloud desktop. He also has instructions
on here for doing it with Visual Studio
Code, but MCP
that runs in Node, so Node is also
a prerequisite there, to connect
to the Microsoft
three sixty five
graph. So this will go in in query
(23:22):
whatever
graph access
you care to
give it. So part of the configuration
here, going into a little bit more of
the JSON and development
aspect of it, is not only do you
have to put the JSON in there to
configure the MCP, but you need to make
sure you authenticate
to Microsoft three sixty five Graph with an
(23:44):
originally,
this again, these are all new. It was
by putting your client ID and your app
ID and your app secret in the JSON
file, like, in plain text so anybody could
have seen it. It has since been updated,
so there's a few different methods now that
you can use to connect to Microsoft three
sixty five graph. But then with those app
permissions, you do have to go in and,
(24:05):
grant that app the
appropriate
access to the Microsoft three sixty five graph.
If you want it to be able to
go look at SharePoint sites, files,
audit logs, Purview,
there's not a specific Purview endpoint, but all
those graph endpoints,
you can kinda control the access. You give
this MCP to the graph by going in
(24:25):
and configuring those endpoints.
This one for me, Scott, has been it's
been really interesting, and I think one aspect
of it that's been fascinating for me is
comparing it with the the Security Copilot.
So, like, Security Copilot, we've talked about before,
Copilot for security. If you give it the
wrong name, Microsoft gets mad at you. We've
talked about it. The base entry point for
(24:47):
that is, like, $3
a month, $30 a year. I can go
out and pay for Claude for, like, $20
a month, connect this MCP server,
and get to a lot of the same
stuff. There's differences, and I'm actually working on
some sessions for some conferences this fall where
I might highlight some of those differences and
where,
Copilot for security excels or security Copilot excels
(25:09):
versus
this MCP.
But once you connect it to the graph,
I've done things like go pull I've gone
in, asked it to go pull sign in
logs, analyze the sign in logs for a
particular user, or give me all the users
and what licenses they have in my tenant
and pull back reports on
users and
(25:30):
licenses
or
sign in logs. Are there any anomalies
in the sign in logs? Go look at
the this UPN and look at where they've
signed in from and what IP addresses they've
signed in from. As long as you open
it up to that data for the Graph
API, it's able to go pull all of
that. I was playing with one where I
(25:50):
asked it to, like, go look at my
conditional access policies,
go analyze conditional access policies in Entra and
how those are configured or who those are
applied to. Another use case was the Defender.
Like, you get your incidents in Defender. You
get incidents and alerts. I actually went in
and found looked at my security dashboard,
(26:11):
grabbed the incident ID, and asked
Claude to go in and look at that
particular incident
and analyze that incident and give me a
full incident
response. You were showing me this report earlier.
Like, it was actually pretty cool. Like, you
need some formatting help and, like, less
AI driven emoji happiness
BS that they tend to
(26:32):
spin up. But outside of that, yeah, like,
pretty cool. Yeah. It wrote, like, an entire
document with the incident details. It gave me
a a table with the attack timeline
of in this particular one, it was an
email delivered to two different email addresses.
Then Defender created an incident. Then alerts were
generated
for unremoved messages.
(26:53):
Then some emails were automatically removed to quarantine.
Then it found alerts for malicious URL detection.
And then there was the last incident update.
And it gave me that whole timeline,
gave me a technical analysis of it, what
the URLs were that were in the email,
different risk factors,
gave me an highlight of investigation
(27:13):
findings and what those containment and eradication steps
should be. It, yeah, it wrote up the
whole thing and then recommendations for the next
twenty four hours, the next seven days, the
next thirty days based on this incident. You
should show it on your screen over here.
Yeah. I can throw it up here. I
was trying to avoid some of the user
details in there. I saw you, like, eye
scrolling.
So, yeah, it has
(27:35):
I can get up partway here,
like, up in here, but it has,
frankly, a lot more details
than what Security Copilot gave me when I
asked it about the same incident.
Where I found some of the niceties with
Security Copilot is some of the integrations. But,
again, you're looking for, like, a poor man's,
not even a poor man's, a whole lot
(27:55):
cheaper version of AI to be able to
ask about some of these things
as long as you're okay giving those graph
permissions
to
Claude or to
if you wanna use GitHub Copilot
still using Claude or one of the other
AI engines on the background or one of
the other LLMs on the background, you can
get a lot of information,
(28:16):
and get really close to a lot of
the Security Copilot stuff just using this particular
MCP from Merrill. Super
nifty.
Like, I think this stuff is just, like,
so turnkey.
I don't know. I feel like it's gonna
drive me down a path of trying to
build one of these things on my own,
and I'm just gonna turn into, like, one
of
the Vibe coders or something. We should create
an MCP for the podcast.
(28:37):
Should we, though?
Ben and Scott's podcast
brain MCP or something like that.
I did tie an agent to it. Not
an MCP, but I did tie a Copilot
agent in the tenant. If you wanna go
play with it in our tenant. I did
create one that I pointed it at the
podcast website for a podcast agent. Yeah. So
I've been playing around with the Claude Azure
(28:58):
thing because it was annoying me that it
was working for you and not for me.
Yep. Where I had given up is
when you're in Versus Code, the first time
you install this and you start it, it
will authenticate you.
So it'll actually drive you through, like, the
device login flow, like pop up a web
browser, things like that. Cloud doesn't do that
by default, so you have to go and
you have to actually
(29:20):
log in to, to, like, Azure CLI, which
is what it's using under the hood. And
then once you've pre authenticated to Azure CLI,
then you go back, run your prompt, and
it works just perfectly. So that must be
what it was picking up as I must
have logged into a client's tenant with Azure
CLI, or I wonder if it would even
pick up Azure
Graph or
PowerShell
connections.
Yeah. Re reuse any of those things. That
(29:41):
was my issue. So if anybody else using
Claude on the desktop and you're like, oh,
I can't use an Azure thing. Yeah. You
can. Alright. Any other MCPs you wanna talk
about? I know we kinda hinted at some.
There's a bunch out there.
There's a whole bunch out there. So, like,
I would encourage folks, I think, to
and I've been thinking about this more,
how you combine
(30:01):
the local tools you use day to day
or the parts of the stack that you
use day to day along with your other
tasks. So these things, like, go and list
my resource groups, list my configuration for these
resources, things like that. Like, it doesn't have
to be a stop there kinda thing. It
could also be a, hey. Take that and
then pump it out here over to this
(30:21):
other thing or format it in this way.
Right? Like, you have to create a report
for your boss that says, here's the current
configuration
of all our VMs and which ones are
using
straight public IPs, which ones are behind bash
and things like that. Like, you could totally
output that report, have it formatted, and put
into a great format for, like, an email
(30:42):
for you. Right? Or go save it as
a CSV because maybe you install
an MCP agent that
or an MCP server that allows you for,
like, local file system access, things like that.
There there's a whole ton, I think, of
chained interactions that you can do. Like, if
you start to think about having multiple of
these things and being able to tie them
(31:03):
together and then integrate them back because they're
all integrated in that, like, overarching
LLM ecosystem.
So I think that's, like, the next step
or next thing to think about or kinda
where I'm going with it. Yeah. And this
is where it would be interesting too. Like,
I would love to see MCPs tied into
Copilot. And I think I mentioned that on
the last episode because when I'm maybe when
(31:25):
I'm querying all my graph data, if I
give this MCP access to a whole bunch
of Microsoft three sixty five graph data where
it's looking at users and conditional access policies
and IP addresses
and incident reports. If I'm being honest, I
would prefer all of that to stay
inside the Microsoft three sixty five tenant, not
necessarily come all the way out into my
(31:47):
local machine
and come out to MCP servers that
I'm
again, we know Merrill. I trust Merrill, but
it's his code that he wrote for this
local MCP server. Having it live in my
Microsoft three sixty five bubble would make me
a little bit more comfortable with it. Then
I could also do things like take this
incident report and create a PowerPoint presentation from
(32:08):
it a little bit easier or a Word
document because of some of those other Microsoft
three sixty five integrations with the Office tools
and some of that. So I am. I'm
really hoping that even if it's inside and
I know you can do it in Visual
Studio Code today or not Visual Studio Code.
Sorry. Copilot Studio, it's not nearly as simple
(32:28):
and straightforward
as it is integrating it into Code or
Visuals
Claude or Visual Studio Code or some of
those. I wanna see this a whole lot
simpler in Copilot. I think that would be
really cool from my perspective. Yeah. I think
over time, it probably gets there.
I can also see a world where you
might end up with
either
specific forks of these tools,
(32:50):
or things that bring those integrations together. So,
like, if you think about like Cursor and
all the popularity of Cursor and using it
for like AI coding with LLMs
and all that, Cursor's just a fork of
Versus Code, right? And I mean, at the
end of the day, like, it's got a
bunch of, like, domain specific functionality,
but ultimately, it's built on that base of
(33:11):
Versus Code. So there's this world where somebody
could just totally take, like, a prepackaged Versus
Code with a bunch of MCPs already installed
in it, already ready to go, think things
like that. Over time, you might see people,
like, spin up, like, super do do do.
Like, we've got these one clicks for these
installs.
I over time, those probably turned into, like,
bundled installers
and other kinds of things. So
(33:33):
it's all moving rapidly. Like I said, I
I kinda like it because at least I
don't know about you, but, like, for my
day to day job, like, sometimes some of
the things I work on take, like, years
to manifest and come to fruition. And this
is one of those places where I can
just, like, oh, kid in a candy shop,
go be super inquisitive, play around,
stuff breaks all the time, and you're like,
(33:53):
oh, yep. That that that broke. I'm okay
with it. Move on to the next step
kind of thing. Awesome. Well, thanks, Scott. Excited
to see where these MCP servers go.
Fun to talk about how you're using them.
Would love to hear about other MCPs,
again, that all the listeners have used, that
you all have installed, how you're using MCPs,
concerns you have about MCPs from some of
(34:14):
that security standpoint. So feel free to reach
out. Let us know your thoughts on MCPs,
how you're using them. If you wanna come
talk on the podcast about how you're using
MCPs. We'd love to have you. Yeah. Contact
us through the website.
Reach out via
LinkedIn,
come find me at a conference, Scott. I
got a bunch of conferences. I was looking
down. I'm, like, at a conference a month
(34:35):
now through the end of the year. So
if you're gonna be Atlanta, I'm gonna be
at TechCon three sixty five in Atlanta here
in a couple weeks. That'll actually probably be
before this podcast episode even airs. Going out
to Branson again to the North American collaboration
summit out in Branson.
That's
September.
October
might be
(34:56):
dev
intersections,
cybersecurity
intersections in Orlando.
November,
hopefully,
we'll both be out
at Ignite.
And then December, I'm doing Workplace
Ninjas, which is a security conference
in Dallas, Texas. You've got, like, quite the
list. Yeah. I might be at storage developer
(35:17):
conference in September. That's about it for me.
And then like you said Hopefully, night. Hopefully,
podcast stuff out at Ignite again this year
in San Francisco.
Could be fun. Could be fun. Will be
fun. Assuming we get to go. Yes. Absolutely.
Alright. So, yes, if you're gonna be at
a conference, reach out. Love to chat with
you. If you wanna be on the podcast,
talk about MCP servers, let us know. But
for now, enjoy your weekend, Scott. Enjoy the
(35:39):
100 and whatever degree weather we're gonna be
having these next few days. As I said,
it's only a 106 now. It it it
can only get hotter is what it feels
like. And it's 5PM. A 106 at 5PM
is just not right.
It's got me all ready to go back
to the Pacific Northwest.
70 degrees, like I said, it just it
it hit a little bit different without the
humidity too. That was the key part in
(36:01):
there. Alright. Well, as always, Ben, thanks for
the conversation. Much appreciated, it, and we'll see
you for the next one. Alright. Thank you.
If you enjoyed the podcast, go leave us
a five star rating in iTunes. It helps
to get the word out so more IT
pros can learn about Office three sixty five
and Azure.
If you have any questions you want us
to address on the show, or feedback about
(36:23):
the show, feel free to reach out via
our website, Twitter, or Facebook. Thanks again for
listening, and have a great day.
Welcome to episode 408
of the Microsoft Cloud IT Pro podcast recorded
live on 07/25/2025.
This is a show about Microsoft three sixty
five and Azure from the perspective of IT
pros and end users, where we discuss a
topic or recent news and how it relates
to you. In this episode, we'll move on
to topics around where you can go to
(00:24):
find various MCPs,
what some of our favorite MCPs are, and
how we've used these MCPs and tied them
into various LLMs to help us get our
work done.
We are back. Part two
of MCPs
and the glorious
functionality.
It's just beautiful. Can I turn this into
(00:46):
an Apple event and talk about how beautiful
it is and magical and either that or
Disney? Beautiful, magical, glorious.
One big beautiful MCP?
Sorry. I had to go there. Yes. You
just had to. Can I ask it? Scott,
no politics. We avoid politics on the podcast.
Politics aside, if people are into comedy, the
latest episode of South Park is absolutely glorious.
(01:07):
Absolutely, like, pure One big beautiful South Park
episode? Absolutely.
Plex friend that you are. You know where
to find such things if you want them.
Alright. We're not appropriate for kids, but if
you're in a mood and a vibe, oh.
Speaking of TV shows, have you ever gone
back and watched some of the old Silicon
Valley episodes now that AI is becoming more
mainstream and how much funnier some of them
(01:28):
are? I just started revisiting that a couple
months ago, so it's been good to go
through.
Yes. The Guilfoyle bot, like, the Guilfoyle bot
is, like, actually could be a real thing
now.
Absolutely, it could. Alright. Should we build an
m c we should build an MCP server
for
TV shows. Old if you could do that,
(01:49):
like, build an MCP server as that ties
into IMDB or something or
speaking of use cases for MCP servers.
Speaking of?
Movie quotes, an MCP server for, like, pulling
out good movie quotes. Write an entire story
or an entire book pulling movie quotes from
so many different movies. Yeah. You could probably
do it. Should we talk about more practical
(02:10):
use cases for MCP servers or how you
get started? Like, our last episode, we kinda
talked about what MCP servers are, touched on
different ways you can integrate them,
touched on some security stuff a little bit.
We thought now it'd be fun. I know
you use MCP servers. I've been using some
MCP servers here in
regular
day to day life business use cases, and
(02:33):
we're starting to see more and more MCP
servers pop up from different companies as well,
different services that allow you to start bringing
that data in and bringing it together is
kinda talking about what MCP servers maybe we
use, how we've played with them, maybe even
a little bit how you get them installed
because different ones vary there and diving into
(02:53):
more of the practical
use of these MCP servers. Absolutely. So I
think this conversation
probably centers on our experimentation
and kinda our experiences here. Like we closed
last episode, I'd be very interested in hearing
what others are doing, what they're finding interesting,
and what they're finding helps, like, augment their
workflows and kinda get going with some of
(03:14):
this stuff because everything's moving very fast. There's
new implementations.
There's new updates, functionality changes
from day to day kinda thing. So I'd
be very keen to hear kinda others' experiences
here and just what they've run into
along the way. So I think step one,
and you've kinda got it up on the
screen here, is
(03:35):
you hear about MCP and you're like, oh,
this all sounds great. Like, how do I
go and find out what servers are out
there? Well, there's no, like, one stop shopping,
like, definitive catalog for these things, but there
are a couple catalogs out there that can
help you get going. So the first one
that you've got up on your screen, so
this is from Anthropic.
(03:55):
They kinda maintain a GitHub repo
of
active MCP servers. Funny enough, over time, these
things haven't been around that long, and they're
already hitting the point where they have an
archived directory in there because some have come
and gone already. But if you're looking for
a specific thing, often, like, one of these
directories
is a good place to start. I think
(04:17):
Anthropic's got a good one for that. I
think the other one that's out there that
might be interesting to folks,
especially the more kinda security focused isolated ones,
is Docker's
MCP
catalog.
So Docker has an MCP catalog and they
have an MCP toolkit. We'll kind of ignore
the toolkit for now. But their catalog is
(04:37):
really cool because it's integrated into the Docker
desktop client.
So now you get this whole world of
containerization,
super easy, like, one click install, like, if
you're just, like, a gooey person kind of
thing, but you also get the added benefit
of container isolation for these things. So like
we talked about in the last episode, you
know, the these need to run either on
(04:59):
a service as an HTTP endpoint
or they need to run locally with an
HTTP endpoint. If they're running locally with an
HTTP endpoint, well, that means they're often running
through, like, an NPM server, so you'll see,
like, a lot of, like, the server definitions
or, like, MPX and this thing kind of
thing. So you're running all those web servers
locally, so you do have to kind of
make this call about, like, do I wanna
(05:19):
do that in isolation in something of the
form of a container, or do I want
to
just, like, go and start spinning these things
up all over the place and have
multiple npm instances running with multiple servers, things
like that? That's a, like, you do you
kinda thing, but I think it is a
consideration.
And
the Docker folks here, like, to their credit,
(05:40):
they've done an amazing job with just, like,
integrating this into the Docker desktop client, making
it super turnkey,
and providing some more of that, like, abstraction
isolation that containers
give you in that world. So if you're
running a local server, specifically a local MCP
server, I really encourage folks to probably look
at the Docker catalog first. And then if
(06:01):
your thing isn't in the Docker catalog or
even if you found it in some other
catalog, go see if it's in Docker. And
then if you really have to and you
really wanna get hands on with it, then
do that in a way that's safe for
you to do. Yeah. And there's a lot
of them here. I don't know how many
there are in Docker. I should someone should
ask AI how many there are here. One,
two, three, four, six pages with,
like, one, two I think there's a couple
(06:22):
100 in there today already. Yeah. And that
list grows over time. Maybe one of the
nice things about the Docker one too is
it's not just like GitHub and a pull
request away. So there's a little bit of
a, hey. I want to submit my MCP
server to your catalog kind of thing.
I don't know, like, on the back end
if that comes with any kind of agreements
(06:42):
or anything of saying, like, hey. You'll maintain
it or you'll let Docker know when it
goes away, blah blah blah. But I imagine
because all these spin up in in containers
and things like that and isolated that you're
kinda also using Docker Hub, and folks can
go out and look at the Docker files
and see what all these are doing. Yeah.
Look at here's a LinkedIn MCP server, Scott.
(07:02):
I might have to go try a new
one. I've not played with this one yet.
But a couple episodes ago, I talked about
how I had used Researcher to go look
up people that I may be meeting with
or connecting with and have it looked at
LinkedIn. It would be interesting to try some
of that with this LinkedIn MCP server, see
what kind of fun details I can pull
out. So, yeah, these are, again, great resources
(07:24):
when you're looking for MCP servers. You can
also just go out and search for them.
Like, when I started playing with them, there
were some certain MCP servers. I was like,
oh, are there some MCP servers for this
and for ClickUp, for Microsoft Sentinel for some
of those? So some of those, I just
did a search for and found GitHub repos.
Obviously, word of caution, if you're just going
out to some random GitHub repo to grab
(07:45):
an MCP server, proceed with caution. Like we
mentioned in the last episode,
MCP servers being the USB ports of AI,
you don't necessarily wanna just plug in a
random GitHub MCP server to your environment.
But there are lots and lots of options
out here. I would say the other thing
I found before we get into some of
(08:05):
those use cases when I was looking for
MCP servers is
I struggled a little bit where and this
was ClickUp in particular.
ClickUp has AI built into ClickUp, and they
are building in support for MCP servers
to be able to
have ClickUp
AI go connect to whatever MCP server. And
(08:26):
I was like, no. I don't want ClickUp
to connect to an MCP server. I want
an MCP server to connect to ClickUp.
And some of the search engine right. Like,
some of the search engines were having problems,
and I kept running into, here's how you
add an MCP server into monday.com. Here's how
you add an MCP server into ClickUp. Here's
how you add an MCP server into Notion.
Here's how you it's like, no. I want
(08:48):
an MCP server for them to pull that
data somewhere else. So,
yeah, that's it's new. Everybody is trying to
figure it out, and everybody wants you in
their AI platform.
So they're trying to get you to go
use theirs. I had the same struggle with
Notion going down that path the first time.
So I was very interested in
I I think I talked about the use
case before. Like, I use, like, chat GPT
(09:09):
and things like that or, like, Claude to
create a recipe.
And I was very interested in this, like,
hey. Just pump it into my recipes database
because I knew they had an MCP server
that allowed for the ability to, like, create
databases,
update databases, all these things. And it took
me a while to find the right path
to get there. And then once you find
the right path to get there, you also
sometimes have to find, like, the right incantation
(09:31):
of, hey, this is how I'm going to
make it work kind of thing.
So, like, for Notion, like, it's got an
update database thing. Well, databases have columns, they
have fields, they might have fixed data types,
things like that. So just figuring out even,
like, what's the raw input you need from
the LLM to push the LLM to the
next step of insert into my Notion database
can be a little bit weird. But if
(09:52):
you're a tinkerer, I think these things are,
like, really fun. And then once you figure
them out, like, boom, the light goes off,
and you kinda get to
the next step from there. I I think
they are really fun kind of things. So
there's tons of them on the consumer side.
I've been using
mostly
Azure focused things in my day to day.
Like, I spend a lot of time in
(10:12):
Versus Code, either writing documentation for our platform,
generating sample scripts, running
running through and doing test cases and things
for SDKs, clients, all that. So that's a
place that I was already living. So having
that as a client
Versus code that is
MCP capable and with the ability to integrate
with MCP servers as client,
(10:34):
access to all the chat models that are
out there, things like that. And being that
I work for Microsoft and, I mean, Azure,
I found a couple that are helpful to
me. So the two that I probably use
the most are the Microsoft learn MCP server
and then the Azure
MCP server. And
this is, I I think, two good ones
to talk about because they also bring us
(10:55):
back to that distinction
of
remote server versus local server and some of
the things that go on with setting them
up and kinda how they wire up and
how they come together. So the Microsoft Learn
MCP server is
a remote server. So the folks at Microsoft
Learn actually have an API endpoint that's available
(11:16):
to you as a customer that you can
integrate with your MCP client,
and you it's a very simple definition.
They've made this super turnkey for, like, Versus
Code. Like, if you scroll down a little
bit on this page, like, installing these things,
or maybe it's on this page, maybe it's
on another page for it. Yeah. Maybe get
started or something like that. That's probably it.
Yeah. So, like, right there, they've got configure
(11:37):
Versus Code. It's literally like a button, and
it just opens Versus Code for you automatically,
and it wires it up along the way.
Very similar
to maybe installing extensions and things like that.
Oh, I guess we should have mentioned that,
like, Versus Code. Visual Studio Marketplace, they actually
have an MCP catalog as well that's out
there ready, raring to go, available, all that.
Yeah. So so this is a remote one.
(11:59):
You install it, and you're kinda ready to
go. You do have to start MCP servers,
particularly in Versus code. I found this to
confuse me. Every time I close Versus code
down and then reopen it, and I go
back into my agent
or my chat view, and I turn it
to agent mode, and then it goes, oh,
I don't know what to do because this
thing isn't on. Darn it. I forgot. Maybe
there's a button or something I just haven't
(12:20):
found yet linked to Versus Code configuration to
to do that. But, yeah, once once you
got it up and running, then you just
start chatting with it and ask it, like,
hey. How do I create an Azure VM
based on docs? And then just based on
the context of having Azure and docs in
the prompt, it knows to use that agent
to reach out and do that. You can
even ground it, like I talked a little
bit before, and I think we talked about
this in the previous episode about grounding these
(12:42):
things with instructions
and kind of base prompts to start. So
in the case of Versus Code, you go
in and basically you say, here's my instruction
file. And in your instruction file, you can
tell your instruction file. And I think if
you scroll down in here to the bottom
of this page, it's actually got a section
here for set instructions.
Yeah. Perfect.
So you can actually just tell it and
ground it. Like, anytime I ask a question
(13:02):
about a Microsoft product, use this MCP server.
Like like, go out and use me to
to get that information and pull it back.
So that that's one that I use all
the time. Like, it's just there, ready to
go and available. And then the other one
that I use a bunch, which is a
local server,
is the Azure MCP
server.
So this one is
(13:24):
a single MCP server with a whole bunch
of agents inside of it. So when you're
chatting with the Microsoft Learn MCP server, it's
really just one agent that's going across all
the learn docs and figuring things out. The
Azure MCP server has well, as of a
couple days ago, it had, like, 72 or
73 agents in it. They just collapsed it
down to 28 because it was just, like,
(13:45):
so a big list and gnarly to get
a hold of. But this one offers you
a bunch of domain specific functionality around Azure.
So, like, list all my resource groups, list
all my virtual machines, list my storage accounts.
And then it has even more domain specific
functionality
given the resource that you are interacting with.
So I work in Azure storage. That's the
(14:06):
place I've been playing around the most. So
that'll be, like, my example here. They have
the ability to go in and say, like,
list all the containers in my storage account.
Give me the properties of my containers in
my storage account. Things like that. And the
docs for this one are pretty good. Like,
if you click through like, you've got on
the side there, like, if you go into,
like, the Azure storage one or the resource
group one, either one of those, it'll tell
(14:27):
you, like, hey. Here's the types of domain
specific knowledge that
this MCP implementation and this particular agent can
offer back to you
as a customer.
There's a big distinction here between that whole
local and remote server thing and what it
goes to to get these things wired up
and get them installed and get them all
(14:48):
working. So, like, the learn one, super easy.
Right? Because it's a remote MCP server. You're
just pointing it at a resource and you
go. This one's local. So you gotta run
it. It requires
if you're running it locally on your desktop,
it requires Node. If you're, like, a Windows
customer and you're just doing Node for the
first time and you just next, next, next
to your way through the installation,
Node does some weird stuff. Like, it'll install
(15:09):
Chocolatey and some other stuff along the way,
but there's definitely like this dependency chain that
isn't always clear until you start using it.
Thankfully, like the agent walks you through it
pretty clearly, so like once you get the
server started and you go run your first
thing, like, hey, list my resource groups, then
it'll say, oh, I wanna list your resource
groups with the Azure CLI. Do you have
the Azure CLI installed? Is it in your
(15:31):
path? Yes. I'll go run that. Oh, I
see Azure CLI is not installed. Let's go
install that kind of thing. So there can
be a little bit more of, like, hurry
up and wait,
particularly when you're installing local servers that have
dependencies
on other tools or other tool chains
that are out there along the way. But
once you get it all going, super turnkey.
Right? Super easy. You just kinda light it
(15:51):
up and go.
Yeah. Do you feel overwhelmed by trying to
manage your Office three sixty five environment? Are
you facing unexpected issues that disrupt your company's
productivity? Intelligink is here to help. Much like
you take your car to the mechanic that
has specialized knowledge on how to best keep
your car running, Intelligink helps you with your
(16:13):
Microsoft cloud environment because that's their expertise. Intelligink
keeps up with the latest updates in the
Microsoft cloud to help keep your business running
smoothly and ahead of the curve. Whether you
are a small organization with just a few
users up to an organization of several thousand
employees,
they want to partner with you to implement
and administer your Microsoft cloud technology.
(16:34):
Visit them at inteliginc.com/podcast.
That's intelligink.com/podcast
for more information or to schedule a thirty
minute call to get started with them today.
Intelligent focuses on the Microsoft cloud so you
can focus on your business.
(16:56):
And I've been playing with this one too.
The other thing I would say is, well,
the difference between
Learn and Azure is, like, Learn is all
just open to the public documentation. Right? Like,
you don't need to authenticate to Learn to
go pull stuff from it, so MCP server's
there. With the Azure one, you are connecting
to your subscription, so there are dependencies
there on you actually have access to your
(17:18):
Azure subscription and your permissions to Azure and
setting up that authentication
piece between
your local instance and Azure. I've started playing
with the learn one. I've not used the
learn one as much yet, but I do
like it, and I have actually been using
Claude for all my MCPs. I went out
and set up Claude locally. I've been setting
up a bunch of my MCPs in Claude.
(17:39):
I do not have the problem of having
to start it. I just go in and
start chatting with Claude, and it pulls it
all back. But I like Have you been
able to get the Azure MCP server going
in, Claude? I had a bunch of fits
and starts there, particularly on my Mac. Like,
there was something so the Azure MCP server
relies heavily on default Azure credential, which is,
like, this internal class within things, and I've
just had, like, a bear of a time
(17:59):
get it going. I could only get it
going in Versus Code. I could never get
it going in I think it is. Let
me go ask in a minute. Let's see
if it can fix my spell check. We'll
let that go while we keep talking, but
it wants a CLI.
Always allow. But I like the fact, like,
with learn,
before if you would go out and
do a if you're gonna go out and
(18:20):
do a search, right, or if you're just
using Claude or OpenAI or something to ask
about certain Microsoft documentation,
you do tend
to I think I would say it can
you don't always know that it's gonna pull
it straight from learn. Right? It may pull
up from some forums where people are giving
incorrect answers.
It may pull it from all kinds of
different places, blogs, YouTube. You never really know
(18:43):
where when you start doing the MCP, you're
like, okay. It's probably gonna tend to pull
at least a little bit more accurate information
from learn. We could argue that learn always
isn't accurate, but that's a whole another discussion.
Absolutely.
Discussion for another time. In regard to that,
so
Claude presents it a little bit differently in
the UI. I think I'm, like, more immersed
in that Versus Code world
(19:05):
today for this stuff, at least for, like,
my day to day job and role.
You can actually tell
when it's reaching out to an agent, at
least in, like, the internal, like, GitHub Copilot
chat window. So you do have that, like,
that grounding that like, hey, this response is
coming back from this MCP agent.
It's not coming back from, like you said,
just the base LLM and what that's been
(19:26):
trained on or anything like that along the
way. I'm gonna have to go revisit this.
Maybe they updated something in Claude because I
just had a
weird time getting it going
last time. But So this is fascinating
too. I don't know.
This is not pulling it
from
my subscription. This is using another client's
(19:48):
Azure account that I'm signed into somewhere. So
I don't know how it picked which credentials
it was going to use
when it went out and connected to Azure.
If it's the latest one that I've connected
to with Azure CLI
or
how it shows which credentials it was gonna
authenticate, but it did not use my my
internal company credentials. It used some credentials I'm
(20:10):
signed into with the client subscription. But it
was at least able to connect and go
pull all the resource groups across all the
subscriptions
that I'm currently signed into somewhere. Oh, there
you go. Yeah. That's
another interesting thing too, like, Claude and Microsoft
documentation for both Learn and the Azure MCP.
PurePoint gets a global just a click to
(20:31):
install from the Visual Studio
directory. If you go use Claude, they do
have guides for the directory install
wherein opening a configuration policy,
pasting in some JSON, you need to ensure
you keep your JSON formatted because what I
have found all this documentation
assumes this is the only MCP you're installing
in your configuration file. If you take the
(20:53):
raw JSON from all of these, you end
up with malformed JSONs. You have to figure
out these all go inside of the servers
with the commas in the right places and
squiggly brackets and all of that. Claude for
me was a little bit trickier, and every
once in a while, I'll see weird
errors pop up in Claude with formatting issues.
It seems to work.
We talked about it last episode. MCPs are
(21:14):
new. There's still some WIMM every once in
a while, but I've got both Learn and
the Azure one working well in my instance
of Claude locally. Claude's been a bit of
a weird one. You kinda get into
that world
of editing JSON and all that stuff locally.
So,
yeah, it's kinda hit or miss. And it
depends on your level of, I think, like,
(21:36):
just not, like, technical acumen, like your ability
to, I think, deal with some of the
friction that Yes.
That comes with these things. So
Versus Code, I like I said, like, they've
made it super turnkey.
Like, I I would have to guess the
folks at Anthropic aren't really happy. Like, Microsoft's
out here with, like, this whole ecosystem as
(21:56):
well that's disintegrating and doing these things, but
I will say, like, the folks at GitHub
have done a very good job with that.
So for the learn one, does that still
require you to have GitHub Copilot as well
in Visual Studio Code or because it's using
the web version?
I didn't look at that. I don't believe
so. I I haven't tried to integrate that
one with Cloud yet, but it should have
to stay a local
(22:17):
definition as well. Do you wanna talk about
learn or Azure anymore? Let's get into
some of your list. This is the one
I've been playing with a lot lately is
Loca, and this is from our good friend,
Merrill, who we've had on the podcast before.
He went out and created a Loca agent
tool. And did you read? He posted the
story because everybody asked him why he named
(22:38):
this MCP Loca. I did not. Yeah. I
don't know the background there. It was because
he was in front of a food truck
or a coffee truck, and the name of
the food truck was named Loca when he
came up with the idea. So he named
the MCP after that. He has a little
bit of that backstory out on LinkedIn. But
this is an MCP
(22:59):
that runs locally
using Node, so
you need to have and he guides you
through the Cloud desktop. He also has instructions
on here for doing it with Visual Studio
Code, but MCP
that runs in Node, so Node is also
a prerequisite there, to connect
to the Microsoft
three sixty five
graph. So this will go in in query
(23:22):
whatever
graph access
you care to
give it. So part of the configuration
here, going into a little bit more of
the JSON and development
aspect of it, is not only do you
have to put the JSON in there to
configure the MCP, but you need to make
sure you authenticate
to Microsoft three sixty five Graph with an
(23:44):
originally,
this again, these are all new. It was
by putting your client ID and your app
ID and your app secret in the JSON
file, like, in plain text so anybody could
have seen it. It has since been updated,
so there's a few different methods now that
you can use to connect to Microsoft three
sixty five graph. But then with those app
permissions, you do have to go in and,
(24:05):
grant that app the
appropriate
access to the Microsoft three sixty five graph.
If you want it to be able to
go look at SharePoint sites, files,
audit logs, Purview,
there's not a specific Purview endpoint, but all
those graph endpoints,
you can kinda control the access. You give
this MCP to the graph by going in
(24:25):
and configuring those endpoints.
This one for me, Scott, has been it's
been really interesting, and I think one aspect
of it that's been fascinating for me is
comparing it with the the Security Copilot.
So, like, Security Copilot, we've talked about before,
Copilot for security. If you give it the
wrong name, Microsoft gets mad at you. We've
talked about it. The base entry point for
(24:47):
that is, like, $3
a month, $30 a year. I can go
out and pay for Claude for, like, $20
a month, connect this MCP server,
and get to a lot of the same
stuff. There's differences, and I'm actually working on
some sessions for some conferences this fall where
I might highlight some of those differences and
where,
Copilot for security excels or security Copilot excels
(25:09):
versus
this MCP.
But once you connect it to the graph,
I've done things like go pull I've gone
in, asked it to go pull sign in
logs, analyze the sign in logs for a
particular user, or give me all the users
and what licenses they have in my tenant
and pull back reports on
users and
(25:30):
licenses
or
sign in logs. Are there any anomalies
in the sign in logs? Go look at
the this UPN and look at where they've
signed in from and what IP addresses they've
signed in from. As long as you open
it up to that data for the Graph
API, it's able to go pull all of
that. I was playing with one where I
(25:50):
asked it to, like, go look at my
conditional access policies,
go analyze conditional access policies in Entra and
how those are configured or who those are
applied to. Another use case was the Defender.
Like, you get your incidents in Defender. You
get incidents and alerts. I actually went in
and found looked at my security dashboard,
(26:11):
grabbed the incident ID, and asked
Claude to go in and look at that
particular incident
and analyze that incident and give me a
full incident
response. You were showing me this report earlier.
Like, it was actually pretty cool. Like, you
need some formatting help and, like, less
AI driven emoji happiness
BS that they tend to
(26:32):
spin up. But outside of that, yeah, like,
pretty cool. Yeah. It wrote, like, an entire
document with the incident details. It gave me
a a table with the attack timeline
of in this particular one, it was an
email delivered to two different email addresses.
Then Defender created an incident. Then alerts were
generated
for unremoved messages.
(26:53):
Then some emails were automatically removed to quarantine.
Then it found alerts for malicious URL detection.
And then there was the last incident update.
And it gave me that whole timeline,
gave me a technical analysis of it, what
the URLs were that were in the email,
different risk factors,
gave me an highlight of investigation
(27:13):
findings and what those containment and eradication steps
should be. It, yeah, it wrote up the
whole thing and then recommendations for the next
twenty four hours, the next seven days, the
next thirty days based on this incident. You
should show it on your screen over here.
Yeah. I can throw it up here. I
was trying to avoid some of the user
details in there. I saw you, like, eye
scrolling.
So, yeah, it has
(27:35):
I can get up partway here,
like, up in here, but it has,
frankly, a lot more details
than what Security Copilot gave me when I
asked it about the same incident.
Where I found some of the niceties with
Security Copilot is some of the integrations. But,
again, you're looking for, like, a poor man's,
not even a poor man's, a whole lot
(27:55):
cheaper version of AI to be able to
ask about some of these things
as long as you're okay giving those graph
permissions
to
Claude or to
if you wanna use GitHub Copilot
still using Claude or one of the other
AI engines on the background or one of
the other LLMs on the background, you can
get a lot of information,
(28:16):
and get really close to a lot of
the Security Copilot stuff just using this particular
MCP from Merrill. Super
nifty.
Like, I think this stuff is just, like,
so turnkey.
I don't know. I feel like it's gonna
drive me down a path of trying to
build one of these things on my own,
and I'm just gonna turn into, like, one
of
the Vibe coders or something. We should create
an MCP for the podcast.
(28:37):
Should we, though?
Ben and Scott's podcast
brain MCP or something like that.
I did tie an agent to it. Not
an MCP, but I did tie a Copilot
agent in the tenant. If you wanna go
play with it in our tenant. I did
create one that I pointed it at the
podcast website for a podcast agent. Yeah. So
I've been playing around with the Claude Azure
(28:58):
thing because it was annoying me that it
was working for you and not for me.
Yep. Where I had given up is
when you're in Versus Code, the first time
you install this and you start it, it
will authenticate you.
So it'll actually drive you through, like, the
device login flow, like pop up a web
browser, things like that. Cloud doesn't do that
by default, so you have to go and
you have to actually
(29:20):
log in to, to, like, Azure CLI, which
is what it's using under the hood. And
then once you've pre authenticated to Azure CLI,
then you go back, run your prompt, and
it works just perfectly. So that must be
what it was picking up as I must
have logged into a client's tenant with Azure
CLI, or I wonder if it would even
pick up Azure
Graph or
PowerShell
connections.
Yeah. Re reuse any of those things. That
(29:41):
was my issue. So if anybody else using
Claude on the desktop and you're like, oh,
I can't use an Azure thing. Yeah. You
can. Alright. Any other MCPs you wanna talk
about? I know we kinda hinted at some.
There's a bunch out there.
There's a whole bunch out there. So, like,
I would encourage folks, I think, to
and I've been thinking about this more,
how you combine
(30:01):
the local tools you use day to day
or the parts of the stack that you
use day to day along with your other
tasks. So these things, like, go and list
my resource groups, list my configuration for these
resources, things like that. Like, it doesn't have
to be a stop there kinda thing. It
could also be a, hey. Take that and
then pump it out here over to this
(30:21):
other thing or format it in this way.
Right? Like, you have to create a report
for your boss that says, here's the current
configuration
of all our VMs and which ones are
using
straight public IPs, which ones are behind bash
and things like that. Like, you could totally
output that report, have it formatted, and put
into a great format for, like, an email
(30:42):
for you. Right? Or go save it as
a CSV because maybe you install
an MCP agent that
or an MCP server that allows you for,
like, local file system access, things like that.
There there's a whole ton, I think, of
chained interactions that you can do. Like, if
you start to think about having multiple of
these things and being able to tie them
(31:03):
together and then integrate them back because they're
all integrated in that, like, overarching
LLM ecosystem.
So I think that's, like, the next step
or next thing to think about or kinda
where I'm going with it. Yeah. And this
is where it would be interesting too. Like,
I would love to see MCPs tied into
Copilot. And I think I mentioned that on
the last episode because when I'm maybe when
(31:25):
I'm querying all my graph data, if I
give this MCP access to a whole bunch
of Microsoft three sixty five graph data where
it's looking at users and conditional access policies
and IP addresses
and incident reports. If I'm being honest, I
would prefer all of that to stay
inside the Microsoft three sixty five tenant, not
necessarily come all the way out into my
(31:47):
local machine
and come out to MCP servers that
I'm
again, we know Merrill. I trust Merrill, but
it's his code that he wrote for this
local MCP server. Having it live in my
Microsoft three sixty five bubble would make me
a little bit more comfortable with it. Then
I could also do things like take this
incident report and create a PowerPoint presentation from
(32:08):
it a little bit easier or a Word
document because of some of those other Microsoft
three sixty five integrations with the Office tools
and some of that. So I am. I'm
really hoping that even if it's inside and
I know you can do it in Visual
Studio Code today or not Visual Studio Code.
Sorry. Copilot Studio, it's not nearly as simple
(32:28):
and straightforward
as it is integrating it into Code or
Visuals
Claude or Visual Studio Code or some of
those. I wanna see this a whole lot
simpler in Copilot. I think that would be
really cool from my perspective. Yeah. I think
over time, it probably gets there.
I can also see a world where you
might end up with
either
specific forks of these tools,
(32:50):
or things that bring those integrations together. So,
like, if you think about like Cursor and
all the popularity of Cursor and using it
for like AI coding with LLMs
and all that, Cursor's just a fork of
Versus Code, right? And I mean, at the
end of the day, like, it's got a
bunch of, like, domain specific functionality,
but ultimately, it's built on that base of
(33:11):
Versus Code. So there's this world where somebody
could just totally take, like, a prepackaged Versus
Code with a bunch of MCPs already installed
in it, already ready to go, think things
like that. Over time, you might see people,
like, spin up, like, super do do do.
Like, we've got these one clicks for these
installs.
I over time, those probably turned into, like,
bundled installers
and other kinds of things. So
(33:33):
it's all moving rapidly. Like I said, I
I kinda like it because at least I
don't know about you, but, like, for my
day to day job, like, sometimes some of
the things I work on take, like, years
to manifest and come to fruition. And this
is one of those places where I can
just, like, oh, kid in a candy shop,
go be super inquisitive, play around,
stuff breaks all the time, and you're like,
(33:53):
oh, yep. That that that broke. I'm okay
with it. Move on to the next step
kind of thing. Awesome. Well, thanks, Scott. Excited
to see where these MCP servers go.
Fun to talk about how you're using them.
Would love to hear about other MCPs,
again, that all the listeners have used, that
you all have installed, how you're using MCPs,
concerns you have about MCPs from some of
(34:14):
that security standpoint. So feel free to reach
out. Let us know your thoughts on MCPs,
how you're using them. If you wanna come
talk on the podcast about how you're using
MCPs. We'd love to have you. Yeah. Contact
us through the website.
Reach out via
LinkedIn,
come find me at a conference, Scott. I
got a bunch of conferences. I was looking
down. I'm, like, at a conference a month
(34:35):
now through the end of the year. So
if you're gonna be Atlanta, I'm gonna be
at TechCon three sixty five in Atlanta here
in a couple weeks. That'll actually probably be
before this podcast episode even airs. Going out
to Branson again to the North American collaboration
summit out in Branson.
That's
September.
October
might be
(34:56):
dev
intersections,
cybersecurity
intersections in Orlando.
November,
hopefully,
we'll both be out
at Ignite.
And then December, I'm doing Workplace
Ninjas, which is a security conference
in Dallas, Texas. You've got, like, quite the
list. Yeah. I might be at storage developer
(35:17):
conference in September. That's about it for me.
And then like you said Hopefully, night. Hopefully,
podcast stuff out at Ignite again this year
in San Francisco.
Could be fun. Could be fun. Will be
fun. Assuming we get to go. Yes. Absolutely.
Alright. So, yes, if you're gonna be at
a conference, reach out. Love to chat with
you. If you wanna be on the podcast,
talk about MCP servers, let us know. But
for now, enjoy your weekend, Scott. Enjoy the
(35:39):
100 and whatever degree weather we're gonna be
having these next few days. As I said,
it's only a 106 now. It it it
can only get hotter is what it feels
like. And it's 5PM. A 106 at 5PM
is just not right.
It's got me all ready to go back
to the Pacific Northwest.
70 degrees, like I said, it just it
it hit a little bit different without the
humidity too. That was the key part in
(36:01):
there. Alright. Well, as always, Ben, thanks for
the conversation. Much appreciated, it, and we'll see
you for the next one. Alright. Thank you.
If you enjoyed the podcast, go leave us
a five star rating in iTunes. It helps
to get the word out so more IT
pros can learn about Office three sixty five
and Azure.
If you have any questions you want us
to address on the show, or feedback about
(36:23):
the show, feel free to reach out via
our website, Twitter, or Facebook. Thanks again for
listening, and have a great day.
Popular Podcasts
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
Crime Junkie
Does hearing about a true crime case always leave you scouring the internet for the truth behind the story? Dive into your next mystery with Crime Junkie. Every Monday, join your host Ashley Flowers as she unravels all the details of infamous and underreported true crime cases with her best friend Brit Prawat. From cold cases to missing persons and heroes in our community who seek justice, Crime Junkie is your destination for theories and stories you won’t hear anywhere else. Whether you're a seasoned true crime enthusiast or new to the genre, you'll find yourself on the edge of your seat awaiting a new episode every Monday. If you can never get enough true crime... Congratulations, you’ve found your people. Follow to join a community of Crime Junkies! Crime Junkie is presented by audiochuck Media Company.
NFL Daily with Gregg Rosenthal
Gregg Rosenthal and a rotating crew of elite NFL Media co-hosts, including Patrick Claybon, Colleen Wolfe, Steve Wyche, Nick Shook and Jourdan Rodrigue of The Athletic get you caught up daily on all the NFL news and analysis you need to be smarter and funnier than your friends.