As you know when you enable BitLocker with Intune you have the option (highly recommended by the way) to save the recovery key into Azure AD. Well, when you have to get the recovery key for a device and you don’t know the device name (which may happen if you need the recovery during a […]
Azure AD – New way to find the BitLocker recovery key Read More »
As you know, Azure AD comes with administration roles to allow you delegate administration tasks with the least privilege. Well, until now if you wanted to delegate Microsoft Cloud App Security (MCAS) administration tasks you had to use either the Security Administrator or Global Administrator roles. Both granting much more permissions than required for MCAS.
As you know Azure AD comes with a capability to review access to your environment – both Teams/O365 groups and Azure AD Roles assignment. Well, you can now also review the access of service principals with Azure AD role assigned to it. To take advantage of this new review capability, logon to your Azure AD
Azure AD – You can now review the access of service principals Read More »
As you know, Azure AD allows you to integrate with applications to manage authentication, authorization… through Azure AD. As part of this integration, you can (and should have) configure third party application integration review to ensure these third party applications added by users or other admins are intended for your company and do not access
As announced in early November 2020, support for old versions of TLS (TLS 1.0 and TLS 1.1) and ciphers (3DES cipher suite) are going to be deprecated and no longer supported starting June 30, 2021. You have to ensure your on-premises systems interacting with Azure AD – such as Azure AD Connect, Azure AD Application
As you know, you can configure Named Location on Azure AD for use with Conditional Access either based on public IP address or country. Well, when using the country based location, the real location is not always as accurate as it should. Good news, you can now use GPS coordinates to gain better accuracy when
Azure AD – You can now use GPS coordinates for better accuracy on Named Location Read More »
Another step to a passwordless world. As you know, you can signing with no password using a FIDO key or Windows Hello. Well, you can now also use the one time code from your Microsoft Authenticator app. First thing you need to enable this new feature by logging on your Azure AD portal (https://aad.portal.azure.com/) and
As you know, end-users can access the Microsoft My Sign-Ins website (https://mysignins.microsoft.com/) to manage their security information (register MFA authentication method, set the default MFA method…). Well, this can now also be done using the Microsoft Authenticator mobile application. From the Authenticator application, access your account and the select Update security info Then you are
As you know Azure Active Directory Connect (AAD Connect) is used to synchronize your on-premises Active Directory objects (users, groups, devices) to Azure AD with the option to synchronize the user’s hash password (aka password sync, aka password hash sync, aka PHS). Well, with this new version – 1.6.2.4 – available for download here https://go.microsoft.com/fwlink/?LinkId=615771
As you know, Azure Active Directory provides a large list of administration roles to allow delegating administration tasks and reduce the need to grant the more powerful global administrator role. Well, 2 new roles are now available: Authentication policy administrator to delegate the permissions to manage the authentication methods enabled on Azure AD and associated
