With the latest developments in Entra ID Protection space, Conditional Access Policies got a bit of a facelift with the Authentication Flow control feature. Still, in Preview, Device Code Flow and Authentication Transfer are the features introduced with the Authentication Flows. I want to cover the Authentication Transfer process in a different article so this … Continue reading Control Device Code Flow With Entra ID Conditional Access Policies
Tag: Entra
5 Practical Usages of PIM for Groups Explained
I have always been a huge advocate of Entra ID Governance and its usage. It is paramount to make sure the Identity Governance health is in a good position while applying the best practices because Identity is an attack vector, period. Once a bad actor gets hold of the identity, accessing confidential data, Azure resources, … Continue reading 5 Practical Usages of PIM for Groups Explained
How a Synthetic Registration in Entra ID Can Protect the Devices ASAP with Defender for Endpoint?
One of the popular queries I have got by working with many customers for their Defender for Endpoint deployment projects is We need the Defender Security Policies to be assigned and working as soon as the device is onboarded to MDE.Having Onboarded to MDE, if and when Intune enrollment and Device Registration in Entra ID … Continue reading How a Synthetic Registration in Entra ID Can Protect the Devices ASAP with Defender for Endpoint?
Device Hardening with Intune Security Baseline for Windows Policy
The word on the street is not "If I get hacked" but "when I will get hacked" and securing your infrastructure starts from your end users and devices and hardening those devices that the users use every day has never been so important. Security Baseline policy for Windows 10 and later. This is one of … Continue reading Device Hardening with Intune Security Baseline for Windows Policy
Infographic – Migrate MFA and SSPR Policies to the Converged Authentication Methods Policy
Some useful URLs apart from the below infographic: ❤ Microsoft Learn doc converged-authentication-methods-policyDownload
Adopting Microsoft Entra ID Governance – A Deep Dive
Lately, there has been a lot happened/ changed/ introduced in the Microsoft Entra ID Governance space and this is one of my favorite topics to write and explain as well. The main reason is that Entra ID Governance features are all interconnected and organizations can easily create an eco-system and start using its features. Not … Continue reading Adopting Microsoft Entra ID Governance – A Deep Dive
Login to M365 Services Using Email As An Alternate Login ID
One of the decisions you may have taken when you first planned on your Azure AD/ Entra ID sync was the UPN and what it will be. The recommendation from Microsoft is to always align the Entra ID UPN with the user's email address. Why you ask? It is mainly to avoid confusion among the … Continue reading Login to M365 Services Using Email As An Alternate Login ID
Don’t Mess Around with MDM User Scopes – A Different Take to “Something Went Wrong 8004005” and “OOBEAADV10” Errors
Something went horribly wrong. Not the policies. Not the deployment profiles, Not the ODJ profile, not the ESP. Let me explain. Setup in a high-level Intune Connector setup Intune Connector account is licensed and the Intune admin role assigned OU delegation done Hybrid Join GPO has setup MDM Auto-enrollment GPO has set Autopilot deployment profiles … Continue reading Don’t Mess Around with MDM User Scopes – A Different Take to “Something Went Wrong 8004005” and “OOBEAADV10” Errors
How to Use the Conditional Access Policy Gap Analyzer Workbook?
Did you know that like in all other Azure services, workbooks are available in Azure AD too? And the good thing about this is, there are a lot of good workbooks ready to be opened and no need to write your KQL queries again. Well, if you fancy your KQL, you can start a new … Continue reading How to Use the Conditional Access Policy Gap Analyzer Workbook?
🎙️MS EMS Community Podcast EP04
https://www.youtube.com/watch?v=XWvXVCIUm2c In this episode, myself along with Jonas Bøgvad , Andrew Taylor MVP, Lewis Barry and Eric Woodruff, CIDPRO discusses about,⚡️Intunemaps.com and the thought process behind that⚡️An in-depth look at AAD App Registration⚡️An in-depth look at the PRT⚡️MFA Number matching⚡️FIDO and Security
Configure Intune Built-In Roles Using Azure AD PIM for Groups
The perfect Azure AD, Intune combo does not exi..... Some time ago I wrote about Azure AD PIM for groups and its usages. This came to light a few days ago in Microsoft Tech Community as an article and I thought I will give my touch to it. What is it and Why Does This … Continue reading Configure Intune Built-In Roles Using Azure AD PIM for Groups
Protected Actions in Azure AD
At the time of writing this is still in Preview, but I was curious to find out more about this as anything Security and Azure AD-related is good 🙂 What are Protected Actions? Protected Actions feature is an added layer of security in Azure AD for certain actions you perform What Licenses You Require? Azure … Continue reading Protected Actions in Azure AD
🎙️MS EMS Community Podcast EP03
4 Steps to Configure Azure AD PIM for Groups
Few uses of PIM-managed groupsChallengeSolutionFew NotesPrerequisites - LicensesStep 1 - Group CreationStep 2 - Onboard the group for PIMStep 3 - Add PIM AssignmentsStep 4 - Setup Role SettingsUser ActivationUse Access ReviewsWrapping Up When I 1st posted the below infographic in my Socials, I thought I made myself clear that this is not an Azure … Continue reading 4 Steps to Configure Azure AD PIM for Groups
Setup Prerequisites for Windows LAPS in Azure AD
By now you may have seen a lot of updates and posts on how to configure Windows LAPS in Azure AD. Credit goes to all the wonderful gurus out there who really contribute to the community in different ways. My approach in this post is to prepare for the Windows LAPS in Azure AD so … Continue reading Setup Prerequisites for Windows LAPS in Azure AD
Intune Policy Conflicts
When dealing with day-to-day Intune activities, setting up and maintaining profiles are standard activities. And dealing with Policy Conflicts is also part of everyday activities. You will hopefully not get to deal with them every day, but every once in a while? Or maybe when too many admins try to set up policies. This article … Continue reading Intune Policy Conflicts
Mergers, Acquisitions and Day 1 – Azure AD Cross-Tenant Synchronization
I would like to dedicate this post to writing something on a much-needed topic that personally got me to try a lot of methods and to be creative because this is one of the main tasks that an organization/ management is looking to get done from an IT Specialist. The Day 1. More precisely the … Continue reading Mergers, Acquisitions and Day 1 – Azure AD Cross-Tenant Synchronization
Use Authentication Context with Strong Auth on PIM Role Activation
What is Authentication Context? Authentication Contexts are being used to further secure your application data and actions. You may already have enabled Multi-Factor Authebtaion in your Azure AD tenant and everyone is using the MFA in the same way. However, imagine you have an application where you need to maintain confidential data that only a … Continue reading Use Authentication Context with Strong Auth on PIM Role Activation
🎙️MS EMS Community Podcast EP02
With no particular agenda other than having a casual chat about recent tech events, this time including: Hybrid IdentitiesSecurity PostureMindset changesAzure AD Cross-Tenant Sync https://www.youtube.com/watch?v=0RAvGTAlDSc
[Nugget Post] How to Check All Intune Filter Related Associated Assignments?
You implement more and more filters in policies, but how to go back and see all the associated assignments? Rather than remembering or noting down all the filters you have created and checking manually, you can now see this in the Associated Assignments tab in the required filter. To check the created filter, go to … Continue reading [Nugget Post] How to Check All Intune Filter Related Associated Assignments?