Browsing: Azure AD

All sessions from the CoLabora December 2021 was recorded, and is now available on our YouTube channel.Migrate between Office 365 tenants (Peter Schmidt)Speaker: Peter SchmidtLink to video: https://youtu.be/YvEPT7DkO7UWindows Hello for Business – SSO til on-prem fileshares uden hybrid-joinSpeaker: Michael MardahlLink to Video: https://youtu.be/ZuSZwy3-160/Enjoy

Read More

If an organization uses Jamf Pro to manage Mac computers, they can use Microsoft Intune compliance policies with Azure Active Directory conditional access to ensure that devices in your organization are compliant. This blogpost will explain how to setup the basic configuration if you need to integrate Jamf Pro with Microsoft Intune.To connect Microsoft Intune with Jamf Pro we need to complete the following 3 steps:Create a new application in Azure ADEnable Intune to integrate with Jamf ProConfigure Conditional Access in Jamf ProStep 1: Create an application in Azure Active DirectoryIn the Azure Portal, navigate to Azure Active Directory >…

Read More

Microsoft has released a few new Administrator roles in Azure AD, one of them is the Authentication Administrator, that allows delegation of MFA reset in Azure Active Directory without building custom solutions.The Authentication Administrator roles is allowed to view, set and reset authentication method information for any non-admin user.Authentication Administrators can require users to re-register against existing non-password credential (for example, MFA or FIDO) and revoke “remember MFA on the device”, which prompts for MFA on the next sign-in.More information: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#authentication-administrator/Enjoy+Ronni Pedersen

Read More

Update: This feature still requires Global Admin rights! You can change and configure all the settings as “Intune Administrator” but you can’t click “Save”… This is by design!As a consultant I do a lot of Intune and Windows Autopilot projects for both small and large enterprise customers. Most of the small customers will most likely just provide me with Global Admin rights, but normally that’s not the case for large customers.If I’m there to work with Microsoft Intune, then the Intune Administrator role should be just fine. But one of the first steps we need to do, is to enable…

Read More

Two weeks ago, at Microsoft Ignite in Orlando, Microsoft announced the public preview of Password-less phone sign-in. We enabled this feature right after the session in our company tenant, and we have all been super excited about this cool way of signing in. One big step closer to a more secure and password less world. This blog post will explain how to configure password-less phone sign-in and how to enable this feature for your users. Please note that this is still a pre-release feature. Prepare the Tenant First we need to install the latest version the of Azure Active Directory…

Read More

Over the years, I’ve created multiple labs, so that I can test different scenarios. One of my first “cloud only” Azure AD labs was created back in 2012. Two weeks ago, I wanted to use this lab to test a new Conditional Access scenario that one of my customers needed.Long time ago, I also created an “All Users” group, that was based on direct membership, so I thought it was a good idea to replace that group with a new and “shiny” dynamic group based on the “UserType” attribute.So, I created the following group, and started to redeploy all my…

Read More

Introduction For most organizations, Office 365 (mailboxes) can contain both high business impact and personally identifiable information, so it’s important that we track who logs on to the mailboxes in the organization and what actions are taken. By default, mailbox auditing in Office 365 isn’t turned on, so this guide will help you to setup and verify mailbox auditing in Office 365. This guide will walk you through the following steps: Step 1: Connect to Exchange Online Step 2: Get the current state of audit logging Step 3: Enable mailbox audit logging Step 4: Set the age limit for mailbox…

Read More

Over the last 12 months, I’ve been involved in more than 25 projects with customers that wanted to enable one or more Azure AD Premium and Enterprise Mobility + Security (EMS) features that’s only available in the Classic Azure Portal. And every time I get the same questions about how to access and configure this feature.During this period Microsoft has already announced the GA for Azure Active Directory, but there are still a few features that you need to configure in the classic Azure Portal. When you navigate to the Azure Active Directory node in the Azure Portal, you’ll find…

Read More

What’s new in Windows 10 Enterprise: Increasing Security, Predictability, and Compatibility Experience the most innovative and reliable Windows yet! Windows 10 brings increased stability and predictability to your organization, while minimizing risk. Attend this free one-day training event to explore new servicing, security, and management features that enable corporate data access across devices and platforms while allowing you to maintain control over those devices. Join Microsoft MVP Ronni Pedersen and learn to: Help ensure application compatibility with new and legacy LOB apps with Microsoft Edge and IE 11. Implement security and identity capabilities through Microsoft Azure Active Directory, Hello/Passport, Device…

Read More

Thanks to all attending the Microsoft IT Camps on Windows 10 Enterprise features and management. Here are some pictures and notes/links that we used during the workshop. Additional Resources: Here is a list of resources that was used during the IT Camps: Innovation Series Training for Windows 10: https://channel9.msdn.com/Blogs/Innovation-Series-Training-for-Windows-10/ TechNet Evaluation Center: https://www.microsoft.com/en-us/evalcenter/ Active Directory Based Activation: https://www.ronnipedersen.com/2015/11/active-directory-based-activation-in-an-multi-domain-environment/ Office 365 Deployment Guide: https://gallery.technet.microsoft.com/How-to-Deploying-Office-e9f296fb Office 2016 Deployment Guide: https://gallery.technet.microsoft.com/How-to-Deploying-Office-dc4e6d04 Johan’s Hydration Kit for System Center 2012 R2: http://www.deploymentresearch.com/Research/tabid/62/EntryId/149/The-Hydration-Kit-for-System-Center-2012-R2-is-available-for-download.aspx Blocking built-in apps in Windows 10 using Applocker: http://ccmexec.com/2015/08/blocking-built-in-apps-in-windows-10-using-applocker/ Manage Office mobile apps without MDM with Microsoft Intune: https://www.youtube.com/watch?v=4YPIGdAj8hc Enhancing managed mobile productivity:…

Read More