Defender – Assess Secure Boot certification expiration status Defender

Leave a Comment / Security, Windows / / / , , , ,

With the Secure Boot certificate expiration date fast approaching (June 2026), Microsoft has released a new recommendation in Microsoft Defender to assist assessing the readiness of your environment. Off course, this means devices (either client or server) must be onboarded onto Microsoft Defender, which can be done either with Intune for clients or scripts or […]

Defender – Assess Secure Boot certification expiration status Defender Read More »

Entra ID – Prepare to migrate from Entra Connect Sync to Entra Cloud Sync

Leave a Comment / Azure Active Directory, Microsoft Entra / / / , , , , , , , ,

  If you are still relying on on-premises Active Directory for your identity management, especially because you still need to access applications or resources on-premises relying on Windows authentication, you are probably synchronizing your AD with Entra ID.   Most likely, you are using Entra Connect Sync to sync your on-premises directory with Entra.  

Entra ID – Prepare to migrate from Entra Connect Sync to Entra Cloud Sync Read More »

Entra ID – You can now synchronize groups with cross-tenant capability

Leave a Comment / Microsoft Entra / / / , , ,

As you probably already know, you can synchronize users from one Entra ID tenant to another one, simplifying user management when in multiple tenant configuration (see Configure cross-tenant synchronization – Microsoft Entra ID | Microsoft Learn). Until now you could only synchronize user objects between tenants, with the error EntityTypeNotSupported. Well, good news as now

Entra ID – You can now synchronize groups with cross-tenant capability Read More »

Intune – Hotpatch will be enabled by default

Leave a Comment / Microsoft Intune / / / , , , ,

As you probably already know, Microsoft has introduce a feature to reduce the number of device restart after updates deployment on Windows, called Hotpatch (see Hotpatch updates | Microsoft Learn). Well, starting May 2026, Hotpatch will now be enabled by default for eligible devices. If your organization is not ready for Hotpatch, Intune administrators can

Intune – Hotpatch will be enabled by default Read More »

Entra ID – Manage multi-tenant at scale in security (preview)

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Entra / / / , , , ,

Managing identity across multiple tenants is a growing challenge for organizations of all sizes. Mergers, acquisitions, and the rise of shadow IT often lead to a fragmented tenant landscape—creating security and compliance blind spots that attackers are quick to exploit. Even a single poorly secured tenant can put your entire organization at risk. This poses

Entra ID – Manage multi-tenant at scale in security (preview) Read More »

Entra ID – You can now backup and recover your Entra tenant (preview)

Leave a Comment / Azure Active Directory, Beta / Preview, Microsoft Entra / / / , , , , ,

As we rely more and more to Entra ID for authentication and access control, a key requirements is the ability to recover from attacks and/or accidental changes. While there has been few improvements in Entra for quickly recovering (recycle bin for security groups (Entra ID – You can now recover deleted cloud security groups (preview))

Entra ID – You can now backup and recover your Entra tenant (preview) Read More »

Entra ID – Entra ID Connect/Cloud Sync going to block hard match for privileged roles

Leave a Comment / Azure Active Directory, Microsoft Entra / / / , , , , , ,

If you work in an hybrid environment with Active Directory being synchronized with Entra ID using either Entra ID Connect or Cloud Sync, you probably already the best practice and recommendation to use cloud-based account only when assigning administration privileges. This helps mitigating potential account compromission to be extended to other environment and elevated privileges.

Entra ID – Entra ID Connect/Cloud Sync going to block hard match for privileged roles Read More »

Intune – Block automatic mobile device management enrollment (preview)

Leave a Comment / Microsoft Intune / / / , , ,

If you are allowing/supporting Bring Your Own Device (BYPO), you may already have experienced unintentional mobile device management (MDM) enrolment for Entra registered devices because end-users does not really understand the prompt (“Allow my organization to manage my device”) they may receive when sign-in on applications. To avoid such unintentional enrollment, Intune now allows administrators

Intune – Block automatic mobile device management enrollment (preview) Read More »

Windows – Enable Secure Boot certificate updates

Leave a Comment / Windows / / / , , , ,

As you know, Microsoft has introduced Secure Boot with Windows 8 (2011) and has become more important with Windows 10 and Windows 11 (this is even a prerequisites). Well, in June 2026 (as announced in November 2025 Secure Boot playbook for certificates expiring in 2026) certificates used by Secure Boot are going to expire. You

Windows – Enable Secure Boot certificate updates Read More »

Entra ID – New Entra Connect version is available for download

Leave a Comment / Azure Active Directory, Microsoft Entra / / / , , , , , ,

If you are synching your on-premises Active Directory to Entra ID using Entra Connect, you need to plan to upgrade to the latest version 2.6.1.0 This new version does not provide any new capabilities, rather bugs fixes or improving existing features. This new version: introduces a change in managed certificate lifetime when using the application

Entra ID – New Entra Connect version is available for download Read More »