How to configure Single Sign On (SSO) from Azure AD to CyberArk

When using Azure AD as your identity provider (IDP) and when you are extending your on-premise High privileged accounts to different Cloud destinations. It may come on handy to configure CyberArk (when you have this in place) to use Azure AD as your IDP for access to your managed Password Vaults. The biggest reason to … Continue reading How to configure Single Sign On (SSO) from Azure AD to CyberArk

How to disable basic authentication using Conditional Access

As you might have read on some other blogs Microsoft basic authentication for Microsoft Exchange online is almost out of support. The date 13th of October is getting closer and closer. Basic authentication in Exchange Online uses a username and a password for client access requests. Blocking Basic auth can help protect your Exchange Online … Continue reading How to disable basic authentication using Conditional Access

How to use a trusted location for MFA and Self Service Password Reset

It has been a long time since my last blogpost. This week we have configured something new and very useful. Self Service Password Reset. Many companies have a integrated process on how to reset the passwords for there end users. But why use a process that claims a lot of tickets and asks a lot … Continue reading How to use a trusted location for MFA and Self Service Password Reset

Password less sign in to Office 365

Today i was busy hardening my Office 365 Security and i came to the topic about Password less sign-in. I have heard this at some recent events like Experts Live an Ignite. So it was time to configure this. What is Password less sign in Password less sign in is a different way of login … Continue reading Password less sign in to Office 365

Single Label Domain (SLD) and Azure AD Connect

The SLD Azure AD case Some time ago I was at this customer where I needed to setup Azure AD from 2 forests and 7 domains. Essentially this customer wanted to move to Office 365 Exchange Online. When I was making an inventory of these domains I came across a Single Label Domain (SLD). And … Continue reading Single Label Domain (SLD) and Azure AD Connect

An easy way to manage your organization with Intune

Next up Intune Since some time Microsoft has been promoting lots of companies to go with Intune. Most of these companies want to use a solution like Intune but sometime already have a system in place which takes care of their mobile devices. Think about Airwatch or Mobile Iron. Most of the time Intune gets … Continue reading An easy way to manage your organization with Intune

How to disable Office Groups and Teams creation the right way.

Why disable groups/ teams creation Some companies want to permit access to group and our teams creation. There can be many reasons for this. For instance you want to disable the creation of groups and teams to be more in control over these features. To do this the right way it is recommended that only … Continue reading How to disable Office Groups and Teams creation the right way.

Monitor Windows AD and Azure AD Health with Microsoft OMS

What is Microsoft Operation Management Suite (OMS) Oms (Microsoft Operations Management Suite) is Microsoft's cloud-based IT management solution that helps you manage and protect your on-premises and cloud infrastructure. In this case we will use OMS to monitor and sort of "manage" Azure AD connect and Azure AD identities. Before we start with OMS Bore … Continue reading Monitor Windows AD and Azure AD Health with Microsoft OMS

Where is the Bitlocker Key stored within Microsoft Azure AD

Storing your Bitlocker key When you enroll your  Windows 10 devices with  Microsoft Intune, you have the posibility to store your Bitlocker recovery keys in Azure AD. There are two ways to store the Bitlocker key the proper way Store the Bitlocker key into Active Directory (on-premise) Store the Key Into Azure AD (Cloud) When … Continue reading Where is the Bitlocker Key stored within Microsoft Azure AD

Co-management with Intune and System Center (SCCM)

What is Co-management Since a couple of weeks Microsoft has introduced Co-management with Intune and System Center Configuration manager. So what does co management means?  Co-management enables the device to be managed by both ConfigMgr agent and Intune MDM. This allows organizations to move parts or workloads to the cloud. Where they first used sccm. … Continue reading Co-management with Intune and System Center (SCCM)