Tag: Entra

Control Device Code Flow With Entra ID Conditional Access Policies

With the latest developments in Entra ID Protection space, Conditional Access Policies got a bit of a facelift with the Authentication Flow control feature. Still, in Preview, Device Code Flow and Authentication Transfer are the features introduced with the Authentication Flows. I want to cover the Authentication Transfer process in a different article so this … Continue reading Control Device Code Flow With Entra ID Conditional Access Policies

5 Practical Usages of PIM for Groups Explained

I have always been a huge advocate of Entra ID Governance and its usage. It is paramount to make sure the Identity Governance health is in a good position while applying the best practices because Identity is an attack vector, period. Once a bad actor gets hold of the identity, accessing confidential data, Azure resources, … Continue reading 5 Practical Usages of PIM for Groups Explained

How a Synthetic Registration in Entra ID Can Protect the Devices ASAP with Defender for Endpoint?

One of the popular queries I have got by working with many customers for their Defender for Endpoint deployment projects is We need the Defender Security Policies to be assigned and working as soon as the device is onboarded to MDE.Having Onboarded to MDE, if and when Intune enrollment and Device Registration in Entra ID … Continue reading How a Synthetic Registration in Entra ID Can Protect the Devices ASAP with Defender for Endpoint?

Device Hardening with Intune Security Baseline for Windows Policy

The word on the street is not "If I get hacked" but "when I will get hacked" and securing your infrastructure starts from your end users and devices and hardening those devices that the users use every day has never been so important. Security Baseline policy for Windows 10 and later. This is one of … Continue reading Device Hardening with Intune Security Baseline for Windows Policy

Adopting Microsoft Entra ID Governance – A Deep Dive

Lately, there has been a lot happened/ changed/ introduced in the Microsoft Entra ID Governance space and this is one of my favorite topics to write and explain as well. The main reason is that Entra ID Governance features are all interconnected and organizations can easily create an eco-system and start using its features. Not … Continue reading Adopting Microsoft Entra ID Governance – A Deep Dive

Login to M365 Services Using Email As An Alternate Login ID

One of the decisions you may have taken when you first planned on your Azure AD/ Entra ID sync was the UPN and what it will be. The recommendation from Microsoft is to always align the Entra ID UPN with the user's email address. Why you ask? It is mainly to avoid confusion among the … Continue reading Login to M365 Services Using Email As An Alternate Login ID

Don’t Mess Around with MDM User Scopes – A Different Take to “Something Went Wrong 8004005” and “OOBEAADV10” Errors

Something went horribly wrong. Not the policies. Not the deployment profiles, Not the ODJ profile, not the ESP. Let me explain. Setup in a high-level Intune Connector setup Intune Connector account is licensed and the Intune admin role assigned OU delegation done Hybrid Join GPO has setup MDM Auto-enrollment GPO has set Autopilot deployment profiles … Continue reading Don’t Mess Around with MDM User Scopes – A Different Take to “Something Went Wrong 8004005” and “OOBEAADV10” Errors

How to Use the Conditional Access Policy Gap Analyzer Workbook?

Did you know that like in all other Azure services, workbooks are available in Azure AD too? And the good thing about this is, there are a lot of good workbooks ready to be opened and no need to write your KQL queries again. Well, if you fancy your KQL, you can start a new … Continue reading How to Use the Conditional Access Policy Gap Analyzer Workbook?

🎙️MS EMS Community Podcast EP04

https://www.youtube.com/watch?v=XWvXVCIUm2c In this episode, myself along with Jonas Bøgvad , Andrew Taylor MVP, Lewis Barry and Eric Woodruff, CIDPRO discusses about,⚡️Intunemaps.com and the thought process behind that⚡️An in-depth look at AAD App Registration⚡️An in-depth look at the PRT⚡️MFA Number matching⚡️FIDO and Security

Configure Intune Built-In Roles Using Azure AD PIM for Groups

The perfect Azure AD, Intune combo does not exi..... Some time ago I wrote about Azure AD PIM for groups and its usages. This came to light a few days ago in Microsoft Tech Community as an article and I thought I will give my touch to it. What is it and Why Does This … Continue reading Configure Intune Built-In Roles Using Azure AD PIM for Groups

Protected Actions in Azure AD

At the time of writing this is still in Preview, but I was curious to find out more about this as anything Security and Azure AD-related is good 🙂 What are Protected Actions? Protected Actions feature is an added layer of security in Azure AD for certain actions you perform What Licenses You Require? Azure … Continue reading Protected Actions in Azure AD

4 Steps to Configure Azure AD PIM for Groups

Few uses of PIM-managed groupsChallengeSolutionFew NotesPrerequisites - LicensesStep 1 - Group CreationStep 2 - Onboard the group for PIMStep 3 - Add PIM AssignmentsStep 4 - Setup Role SettingsUser ActivationUse Access ReviewsWrapping Up When I 1st posted the below infographic in my Socials, I thought I made myself clear that this is not an Azure … Continue reading 4 Steps to Configure Azure AD PIM for Groups

Setup Prerequisites for Windows LAPS in Azure AD

By now you may have seen a lot of updates and posts on how to configure Windows LAPS in Azure AD. Credit goes to all the wonderful gurus out there who really contribute to the community in different ways. My approach in this post is to prepare for the Windows LAPS in Azure AD so … Continue reading Setup Prerequisites for Windows LAPS in Azure AD

Intune Policy Conflicts

When dealing with day-to-day Intune activities, setting up and maintaining profiles are standard activities. And dealing with Policy Conflicts is also part of everyday activities. You will hopefully not get to deal with them every day, but every once in a while? Or maybe when too many admins try to set up policies. This article … Continue reading Intune Policy Conflicts

Mergers, Acquisitions and Day 1 – Azure AD Cross-Tenant Synchronization

I would like to dedicate this post to writing something on a much-needed topic that personally got me to try a lot of methods and to be creative because this is one of the main tasks that an organization/ management is looking to get done from an IT Specialist. The Day 1. More precisely the … Continue reading Mergers, Acquisitions and Day 1 – Azure AD Cross-Tenant Synchronization

Use Authentication Context with Strong Auth on PIM Role Activation

What is Authentication Context? Authentication Contexts are being used to further secure your application data and actions. You may already have enabled Multi-Factor Authebtaion in your Azure AD tenant and everyone is using the MFA in the same way. However, imagine you have an application where you need to maintain confidential data that only a … Continue reading Use Authentication Context with Strong Auth on PIM Role Activation

[Nugget Post] How to Check All Intune Filter Related Associated Assignments?

You implement more and more filters in policies, but how to go back and see all the associated assignments? Rather than remembering or noting down all the filters you have created and checking manually, you can now see this in the Associated Assignments tab in the required filter. To check the created filter, go to … Continue reading [Nugget Post] How to Check All Intune Filter Related Associated Assignments?