Office 365 – Your end-users will received communications from Microsoft with trainings and tips

An update is being deployed on Office 365 which will send notifications to your end-users with trainings and tips for using Office 365 services. While this comes from a good intention, it is clear this will obsessed some end-users, administrators and/or training person as it is going to bypass the ‘traditional’ training path. End-users will receive trainings and tips information only for the service they have been enabled/licensed for. Thankfully…

Read More

Office 365 – Microsoft is NO LONGER enforcing TLS 1.2

As you may have been aware as there has been quite lot of communication, Microsoft was planning to disable TLS 1.0 and 1.1 support for Office 365 services. Well, it seems this is longer the plan as per the updated KB 4057306 (https://support.microsoft.com/en-gb/help/4057306/preparing-for-tls-1-2-in-office-365) – as per the extract below: Note This doesn’t mean Office 365 will block TLS 1.0 and 1.1 connections. There is no official date for disabling or…

Read More

Azure – DevOps can now use ExpressRoute

You may be already aware that ExpressRoute implements a dedicated connection between your on-premises environment and Microsoft cloud services – Office 365 or Azure. While most of the Azure services (SQL instance,storage, VM…) were already able to be accessed using ExpressRoute, this was not the case for DevOps (https://dev.azure.com/ or https://{organization}.visualstudio.com). Well, this is not the case anymore; since Oct 23rd 2018, you can access your DevOps services through ExpressRoute.…

Read More

Office 365 – Privileged Access Management is available to Office 365

As announced at the Ignite 2018 conference, a new access management capability is now available to Office 365. This new feature, called Privileged Access Management (PAM), will help you granting on a ‘just in time’ basis high level privileges to Office 365 services. PAM is currently limited to Exchange Online scope. To set it up, you will need to use a security group for the PAM access (if you are…

Read More

Azure MFA – Support for hardware OAth token and multiple MFA devices coming on Azure MFA

You may be already aware of the Azure Multi Factor Authentication (MFA) solution which has been available for quite some time. Well, good news as Azure MFA is now going to support hardware tokens (OATH-TOTP SHA-1). As you may already know Azure MFA requires end-user to have a phone available (either mobile or desk phone) to be able to challenge the MFA request – either with a call (desk/mobile), text…

Read More

Azure – You can now enable Customer Lockbox for Azure VM (preview)

For those who already work with Office 365, you may be aware of the Customer Lockbox capability. In a nutshell, this feature (available with E5 or as add-on) allows Office 365 administrators to control how Microsoft engineers access your data – particularly during support. Now, you can take advantage of it also with Azure. To enable Customer Lockbox for Azure VM, you need to use Azure PowerShell (at least version…

Read More

Skype for Business – The new Skype for Business version is now available

Microsoft has released the latest version of Skype for Business (SfB 2019). You can get it from MSDN or Volume License. It gives support for Windows Server 2019, as well as cloud voice mail support or Cloud Data Connector. You can check all the new here https://docs.microsoft.com/en-us/SkypeForBusiness/skype-for-business-server-2019 and removed features here https://docs.microsoft.com/en-us/SkypeForBusiness/deprecated

Read More

Exchange – The latest Exchange version is now available

Good news, today Microsoft has released the latest Exchange version – Exchange 2019. It is being available through the Volume License or MSDN. That said, you can deploy Exchange on Windows Server 2016 or Windows Server 2019, but it is highly recommended to deploy Exchange 2019 with Windows Server 2019. Exchange 2019 also supports installation on Windows Server 2019 Core. To know more about what’s new and what’s removed with…

Read More

Azure AD – You can now send your Azure AD logs to Log Analytics

You may already know that you can have Azure AD Diagnostic logs; but do you know you can now send these logs to Log Analytics for consolidation and better analysis? To do so, just logon to your Azure AD administration portal (https://aad.portal.azure.com) or Azure portal (https://portal.azure.com) and reach out the Azure AD configuration blade. From there, scroll down to reach the Monitoring section and click on the Diagnostic settings –…

Read More

Windows Server 2019 – You can now easily redirect HTTP requests to HTTPS

With Windows Server 2019 (and Windows 10 1809), IIS 10 comes with a new capability called HTTP Strict Transport Security (HSTS). This capability is simplifying the implementation of HTTP to HTTPS redirect. With previous version of IIS, you had to implement either HTTP Redirect Module (with the down side of 2 separate IIS website) or using URL Rewrite Module to get any HTTP request being redirected to HTTPS. Now, by…

Read More

Azure – You can enable analytics for Azure Information Protection

This is a new capability being added to Azure Information Protection (AIP), currently in preview. You can now enable analytics for AIP. To do logon to your Azure portal (https://portal.azure.com) and reach out the Azure Information Protection configuration blade From there you should see  Configure analytics (preview) under the Manage section From this configuration blade you can use an existing Log analytics workspace or create a new one; if you…

Read More

Azure AD – New capabilities for identity governance on Azure AD

You can now define policies to let your end-users requesting access to your corporate resources – from group membership to role permissions – either with automated or manual approval. At this stage, this is currently available only through private preview. You can register your interest here https://aka.ms/azureadidentitygovernancepreview

Read More

Intune – You can now assign Windows Autopilot profile to already registered clients

As you may already know Windows Autopilot simplifies Windows 10 device enrollment to Azure Active Directory (AAD) and providing seamless user experience. One of the problem with Windows Autopilot was if your already have Windows 10 devices registered to your Azure AD, you were not able to assign an Autopilot profile. With the latest update on Intune, you can now update your Autopilot policy to apply the policy also on…

Read More

Office 365 – A new administration portal is on his way and you can try it

A new Office 365 administration portal is on his way and you can enable the preview to start using it. When you logon to your Office 365 administration portal (https://admin.microsoft.com/) you will see a a “Try the preview” toggle on the top right After turning on the preview, the administration portal will switch to the preview mode As always, this is a preview which means there will probably few glitches…

Read More

Intune – Display an enrollment status page

With the latest Intune update, you can now display an enrollment status page after a Windows 10 device has been registered. The page will let your end-users know what is happening while their device is finalizing the registration process. To do so, you first need to enable the feature in Intune Connect to your Azure portal and reach out the Intune configuration blade Then reach out the Device Enrollment\Windows Enrollment…

Read More