Azure AI Foundry Multi‑Agent Systems: Planning, Collaboration, Tooling That Don’t Nuke Prod

(00:00:00) The Power of Multi-Agent Systems (00:00:32) The Limitations of Single-Agent Systems (00:02:32) Introducing Multi-Agent Systems (00:03:55) Roles and Responsibilities in Multi-Agent Systems (00:04:47) Building with Azure AI Foundry and Semantic Kernel (00:09:50) Demo Scenario 1: Device Cleanup in Intune (00:13:38) Demo Scenario 2: Zero-Touch Onboarding (00:17:17) Demo Scenario 3: Automated Security Hardening (00:22:58) Best Practices for Multi-Agent Systems (00:25:06) Closing Thoughts and Call to Action In this episode of M365.fm, Mirko Peters builds a real multi‑agent system with Azure AI Foundry and Semantic Kernel that can plan, execute, and verify changes across Intune, Entra ID, and Microsoft Graph — without turning your tenant into a lab experiment.WHAT YOU WILL LEARNWhy a single “do‑everything” agent breaks down in real enterprise environmentsHow to design Planner, Operator, Reviewer, and Messenger agents with clear roles and boundariesHow to wire agents into real tools: Intune, Entra ID, Graph API, Azure Automation, and Log AnalyticsHow a multi‑agent workflow can cut time‑to‑fix from 12 minutes to 3 minutes on real incidentsHow to treat tools as “hands” and memory as a budget, not a magic black boxHow to use Azure AI Foundry to define agents, tools, knowledge, and safety policiesHow to keep RBAC, PIM, logging, and Zero Trust intact while agents do the workTHE CORE INSIGHTMost “AI agent” demos collapse the entire help desk, change board, and postmortem into one over‑prompted bot — and then act surprised when context, cost, and safety fall apart.Multi‑agent systems fix this by splitting work into roles: one agent plans, one executes with tools, one reviews changes, and one talks to humans.Instead of a single giant prompt, you get small, deterministic loops where each agent sees only what it needs and every risky action goes through tools with RBAC and logging.This episode argues that real enterprise AI is not about a smarter chatbot — it is about building a digital team that behaves like a disciplined operations crew.WHY MULTI‑AGENT SYSTEMS WITH AZURE FOUNDRY WORKPlanner focuses on intent and constraints; Operator focuses on tools and execution; Reviewer focuses on safety and compliance; Messenger handles approvals and communicationTools are explicit: Graph, Intune, Automation runbooks, Functions, Logic Apps, and RAG via Azure AI SearchAzure AI Foundry manages threads, safety, evaluations, and tool wiring so you don’t hand‑roll orchestrationSemantic Kernel gives you planners, skills, function catalogs, retries, and cancellation baked into codeManaged Identities, split RBAC, and PIM keep permissions tight and auditableLog Analytics, Application Insights, and content safety give you full traceability of every tool callKEY TAKEAWAYSOne giant agent is a gas‑station Swiss Army knife: looks capable, bends on the first serious jobMulti‑agent design = roles, boundaries, and parallelism mapped to real operational responsibilitiesKeep prompts short and move real power into well‑designed tools with strict schemasTreat memory as a constrained resource and externalize state into Search, state stores, and thread metadataDesign safety in from the start: managed identities per agent, read vs manage RBAC, PIM for destructive actions, full loggingUse reasoning models for planning and small models for extraction, classification, and parameter shapingWHO THIS EPISODE IS FORThis episode is ideal for cloud architects, platform engineers, SREs, and Microsoft 365 / Azure admins who are under pressure to “do something with AI” without blowing up production.If you’ve tried to make a single chatbot run Intune, Entra, and Graph and ended up terrified, this conversation will show you how to ship a governed, multi‑agent pattern that ops and security can both live with.TOPICS COVEREDSingle‑agent vs multi‑agent patterns in enterprise environmentsDesigning Planner, Operator, Reviewer, and Messenger roles with Semantic KernelConnecting agents to Intune, Entra ID, Microsoft Graph, Azure Automation, and Log AnalyticsUsing Azure AI Foundry for agent definitions, tools, knowledge, and safetyModel strategy: reasoning models vs small models in one systemGovernance: RBAC, PIM, logging, and Zero Trust for AI‑driven automationABOUT THE HOSTMirko Peters is a Microsoft 365 consultant and digital workplace architect who helps organizations build safe, observable automation on the Microsoft cloud.Through M365.fm, Mirko shares practical patterns, real incident walk‑throughs, and governance approaches that make AI agents an operational asset — not a new risk surfaceBecome a supporter of this podcast: https://www.spreaker.com/podcast/m365-fm-modern-work-security-and-productivity-with-microsoft-365--6704921/support.