Conditional Access Policy Templates In this post, we will look at Conditional Access Policy Templates a feature which is currently still in Public Preview. These templates are designed to provide a more convenient method of deploying new policies based on Microsoft’s recommendations. If you are new to Conditional access policies or simply just want to…
Leave a CommentConditional Access policy for Guest and External Accounts In post, I will go through the steps of setting up a Conditional Access Policy which will enforce MFA for Guest and External Accounts. This will add another layer of protection if guest account credentials were compromised. To get started we need to sign into the Azure…
Leave a CommentClear Inactive Devices in Microsoft Intune In this short post, we will look at the options available in Intune to remove inactive devices. The feature is called “Device clean-up rules.” To get started with enabling this feature, lets first have a look at what is Device Clean up rules. With Intune device clean=up rules you…
Leave a CommentSecuring Azure Active Directory from PowerShell abuse Malware attacks are evolving and once common tactics are becoming a thing of the past. Attack strategies, like using a third-party hacking program or injecting viruses from external sources, are almost obsolete as they leave a distinct footprint. Most antimalware tools can now detect the presence of a…
Leave a CommentCreate Office 365 Dynamic Distribution Group In this short post we will look at how to create Dynamic Distribution Groups in Office 365 using Azure AD, Exchange Online PowerShell. To get started we will look at how to create a Dynamic Distribution group using Azure AD. Navigate to Azure Active Directory > Mange >> Groups…
Leave a CommentCopy Active Directory Group Membership Script The following Script Copies members from one Active Directory Group to another Active Directory Group. To start the Script run: .\CopyGroupMembership.ps1 You will be prompted to enter the Group whose membership you need to copy. The you will be prompted to add the group name where you want to…
Leave a CommentLet users rest their Passwords in Office 365 Office 365 and Azure AD allows users to reset their own passwords, this reduces the calls to helpdesk for password resets. Once you enable this setting users will be able to navigate to https://passwordreset.microsoftonline.com/ and reset their own passwords. To get started Launch the Office 365 Admin…
Leave a CommentConfigure Azure AD Connect Pass Through Authentication Azure pass-through authentication allows user to login to cloud and on-premise applications by using the same passwords. Pass-through authentication validated the password against the on-premise active directory. Prerequisite needed: Global Admin account Azure AD Connect 1.1.750.0 or later Windows Server 2012 R2 or later with TLS 1.2 enabled…
Leave a CommentHow to enable Active Directory recycle bin In this post we will look at two ways of how to enable Active Directory recycle bin. The first option will be via the GUI and second using PowerShell. Open Server Manager then click on Tool >> Active Directory Administrative Centre. From the Administrative Centre on the left-hand…
Leave a CommentEnable MFA for All Office 365 Users using Azure Active Directory Identity Protection. “Azure Active Directory Identity Protection provides a consolidated view of at risk users, risk events and vulnerabilities, with the ability to remediate risk immediately, and set policies to auto-remediate future events. The service is built on Microsoft’s experience protecting consumer identities and…
Leave a CommentGet-AzureADDirectorySettingTemplate : The term ‘Get-AzureADDirectorySettingTemplate’ is not recognized. You receive the following error when trying to execute the following cmdlet: Get-AzureADDirectorySettingTemplate. To resolve this error, you need to install the following PowerShell Module AzureADPreview. But you will find that users have installed the PowerShell Module AzureAD and this Module does not have the cmdlets for…
2 CommentsChange Office 365 Synced Users UPN Name. Every now and then we get a user request to have their Office 365 Signin name to be change. This is typically when someone gets married . So how do we change the Signin name. We start with the Active Directory Rename the AD User (to match the…
Leave a Comment
