Conditional Access policy for Guest and External Accounts In post, I will go through the steps of setting up a Conditional Access Policy which will enforce MFA for Guest and External Accounts. This will add another layer of protection if guest account credentials were compromised. To get started we need to sign into the Azure…
Clear Inactive Devices in Microsoft Intune In this short post, we will look at the options available in Intune to remove inactive devices. The feature is called “Device clean-up rules.” To get started with enabling this feature, lets first have a look at what is Device Clean up rules. With Intune device clean=up rules you…
Securing Azure Active Directory from PowerShell abuse Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a…
Create Office 365 Dynamic Distribution Group In this short post we will look at how to create Dynamic Distribution Groups in Office 365 using Azure AD, Exchange Online PowerShell. To get started we will look at how to create a Dynamic Distribution group using Azure AD. Navigate to Azure Active Directory > Mange >> Groups…
Configure Azure AD Connect Pass Through Authentication Azure pass-through authentication allows user to login to cloud and on-premise applications by using the same passwords. Pass-through authentication validated the password against the on-premise active directory. Prerequisite needed: Global Admin account Azure AD Connect 1.1.750.0 or later Windows Server 2012 R2 or later with TLS 1.2 enabled…
Enable MFA for All Office 365 Users using Azure Active Directory Identity Protection. “Azure Active Directory Identity Protection provides a consolidated view of at risk users, risk events and vulnerabilities, with the ability to remediate risk immediately, and set policies to auto-remediate future events. The service is built on Microsoft’s experience protecting consumer identities and…
Get-AzureADDirectorySettingTemplate : The term ‘Get-AzureADDirectorySettingTemplate’ is not recognized. You receive the following error when trying to execute the following cmdlet: Get-AzureADDirectorySettingTemplate. To resolve this error, you need to install the following PowerShell Module AzureADPreview. But you will find that users have installed the PowerShell Module AzureAD and this Module does not have the cmdlets for…
Change Office 365 Synced Users UPN Name. Every now and then we get a user request to have their Office 365 Signin name to be change. This is typically when someone gets married . So how do we change the Signin name. We start with the Active Directory Rename the AD User (to match the…
How to Allow Guest Access to Microsoft Teams This post is just to show case how to provide Guest access for Microsoft Teams, As the Office 365 admin, you must enable the guest feature before you or your organization’s users (specifically, team owners) can add guests. The guest access settings are a feature set of…
Protect your Office 365 Tenant with Azure AD Risky Sign-Ins Microsoft Office 365 and Azure Active Directory provides some very Powerful tools related to security. These tools are what I call the CLOUD GEMS. (pot of gold under the rainbow) They are very useful when it comes to finding compromised accounts within your Office 365…