Tag: azure ad

  • Azure AD Conditional access rules, how I design the secure way.

    Azure AD Conditional access rules, how I design the secure way.

    Azure Active Directory with Conditional Access Rules have been available for a several years, and every customer have activated some kind of rule during these years. We see multiple ways customer have started this journey, and if not done right you might not be as secure as you thought. And recent years, conditional access have […]

    Read more
  • From PowerShell to Azure AD License Assignment

    Starting a new Azure AD tenant today, it is easy to take in Azure AD License Assignment, perhaps even using dynamic groups to automate license assignment for different Roles in your organization. But before we had License Assignment in Azure AD, the method of choice was a PowerShell Script running in a Schedule Task. This […]

    Read more
  • Why does ADFS, WIA and Kerbeos work togethere?

    Google search for ADFS and Kerberos, will tell you ADFS uses Kerberos Constrained Delegation, in order to validate your credentials, so there is kerberos authentication between ADFS and your Domain Controllers. Windows Integrated Authentication (WIA) or true SSO, is when you sign-in without entering your credentials. But why does it only work from inside your local […]

    Read more
  • Set HomePage for Azure AD Application Proxy applications

    Set HomePage for Azure AD Application Proxy applications

    I want to address the situation when you would like to publish a web service, but the endpoint isn’t at the top level of the web site or the endpoint you publish uses sources from other subsites at the same, but different level as your endpoint. So if you try to publish the endpoint, the […]

    Read more
  • Who has admin roles?

    Who has admin roles?

    Sadly, there is still (not yet) an easy graphical way of listing who in your organization is enjoying administrator roles in Office 365, but there is a way using PowerShell. I had my hopes up when we received an Azure AD Content package for PowerBI, but not yet, so I asked for it and it […]

    Read more
  • Publishing RDWeb/RDGateway with Azure AD App Proxy Error in Firefox

    Publishing RDWeb/RDGateway with Azure AD App Proxy Error in Firefox

    Everyone working with Azure Active Directory are used to have multiple browsers opened, in order to simulate mutiple users. And I often find myself even using In-Cognito or In-Private mode in my browsers to. At the moment I am running Edge, IE11, Firefox and Chrome. So today I was working on Publishing my RD Web […]

    Read more
  • AD User mismatch Azure AD User – Duplicate Anchor

    AD User mismatch Azure AD User – Duplicate Anchor

    Need to match an Active Directory User with an allready created Azure Active Directory User? Standard practice is soft-match where UserPrincipalName and Email are matching. Which requires Domain to be verified in Azure AD and if the AD Forest Name isn’t the same, we need to add the Domain as an Alternate UPN Suffix: And […]

    Read more
  • AADsync is GA, can we retire DirSync?

    AADsync is GA, can we retire DirSync?

    Last week Azure AD Sync was made Globaly Available, and can be downloaded here. Before summer kicked in we heard the News of Azure AD Sync beeing developed for multiforest synchronization to single Azure AD tenant. Meanwhile DirSync was also developed further and gained the feature Password Write-back, but there wasn’t a reason for two […]

    Read more

Ehlo!

I am Roy Apalnes, a Microsoft Cloud Evangelist working av Sopra Steria. Main focus in Microsoft Security and Endpoint Management, with a bigger picture in mind.

Featured Posts