Skip to content

ThatLazyAdmin Posts

How to Disable Network Level Authentication (NLA) on an Azure Virtual Machine Using Azure Run Command

How to Disable Network Level Authentication (NLA) on an Azure Virtual Machine Using Azure Run Command In some situations, administrators may need to disable Network Level Authentication (NLA) on Azure Virtual Machines (VMs), especially when troubleshooting Remote Desktop Protocol (RDP) access issues or enabling compatibility with older systems that do not support NLA. While NLA…

Leave a Comment

Understanding Microsoft Azure Virtual Desktop Session Lock: Enhancing Security and User Experience

Understanding Microsoft Azure Virtual Desktop Session Lock: Enhancing Security and User Experience Azure Virtual Desktop (AVD) continues to revolutionize how organizations manage virtual desktops in the cloud, offering flexibility, scalability, and enhanced security. One essential aspect of using AVD effectively is understanding and configuring the Session Lock Behavior. This feature controls what happens when a…

Leave a Comment

Securing Microsoft Teams: Disabling Teams Channel Email Addresses

Securing Microsoft Teams: Disabling Teams Channel Email Addresses Microsoft Teams offers the feature of Teams channel email addresses, allowing users to email content directly to a Teams channel. However, this feature can pose security risks if not managed carefully. Why Disable Teams Channel Email Addresses? The email addresses associated with Teams channels are not within…

Leave a Comment

Step-by-Step Guide to Running the Defender for Identity Sizing Tool

In this post, I’ll walk you through how to run the Microsoft Defender for Identity Sizing Tool on your domain controllers. This tool is essential to ensure that your environment is ready to deploy Microsoft Defender for Identity by analyzing and reporting on key system metrics like CPU, memory, storage, and bandwidth requirements. Here’s a…

Leave a Comment

Optimizing Attack Surface Reduction (ASR) Exclusions on Microsoft Servers: Best Practices with Intune

Optimizing Attack Surface Reduction (ASR) Exclusions on Microsoft Servers: Best Practices with Intune When managing file and process exclusions for Attack Surface Reduction (ASR) rules on Microsoft servers using Intune Security policies, it’s essential to follow best practices to ensure that security is not compromised while maintaining the functionality of necessary applications and services. Here’s…

Leave a Comment

Automate Microsoft Defender for Endpoint Deployment on Windows Server 2012 R2 and 2016

Automate Microsoft Defender for Endpoint Deployment on Windows Server 2012 R2 and 2016 Introduction Ensuring that servers are protected with the latest security measures is crucial for maintaining a secure IT environment. Microsoft Defender for Endpoint is an essential component in this strategy, providing robust protection against a wide range of threats. However, deploying Defender…

Leave a Comment

Efficiently Copy Entra ID Device Group Members with PowerShell

Efficiently Copy Entra ID Device Group Members with PowerShell The Copy-EntraIDDeviceGroupMembers.ps1 script is designed to make your life easier by automating the process of copying members between Entra ID device groups. This script prompts you for the names of the source and destination groups, retrieves all members from the source group, and adds them to…

Leave a Comment

Enhancing Security with Idle Session Timeout in Microsoft 365

Enhancing Security with Idle Session Timeout in Microsoft 365 Idle sessions can pose a significant security risk, especially on unmanaged devices. Configuring idle session timeouts helps mitigate this risk by automatically signing out users after a specified period of inactivity. This blog post will guide you through the process of setting up an idle session…

Leave a Comment

Enabling Defender for Cloud at the Resource Level with PowerShell

Enabling Defender for Cloud at the Resource Level with PowerShell Efficiently managing Azure resources can be challenging, especially in large environments. To help with this, I’ve developed a PowerShell script designed to automate the process of managing Defender for Cloud pricing configurations across various Azure resources, including Virtual Machines (VMs), Virtual Machine Scale Sets (VMSS),…

Leave a Comment

Enhancing Your Security Posture with Entra ID Audit Logs

Enhancing Your Security Posture with Entra ID Audit Logs Ensuring the security of your organization’s identity and access management systems is vital. One of the most effective strategies to enhance your security posture is by regularly reviewing and updating your Entra ID (formerly Azure Active Directory) audit logs. These logs offer a detailed record of…

Leave a Comment

Enhanced Security in Microsoft Teams: New Controls to Block External Access in Trial-Only Tenants

Enhanced Security in Microsoft Teams: New Controls to Block External Access in Trial-Only Tenants Overview Microsoft Teams continues to evolve with enhanced security measures to safeguard communications. A significant update is on the horizon that introduces a new admin control aimed at strengthening defenses against malicious activities through Teams trial-only tenants. Starting from July 29,…

Leave a Comment

Best Practices for Managing Azure Arc-Enabled Servers

Best Practices for Managing Azure Arc-Enabled Servers As the complexity of IT infrastructures expands, so does the need for streamlined management solutions. Azure Arc offers a powerful way to manage servers across diverse environments from a single plane, leveraging Azure’s capabilities. This article discusses the best practices for managing Azure Arc-enabled servers, ensuring they remain…

Leave a Comment