AAD

Azure AD – You can now manage the Azure AD Administrative Units using the portal

You may already know this Azure AD feature, in preview for quite some time already, called Administrative Units (AUs). This feature allows you to create a container to store Azure resources which then can be used to delegate administrative tasks, during this preview period this can contain only users and groups and is only manageable […]

Azure AD – You can now manage the Azure AD Administrative Units using the portal Read More »

Azure AD – Password less with FIDO2 now in preview for hybrid deployments

As you may be already aware, support for password less with FIDO2 keys has been in preview for quite some time already for Azure AD Joined devices and browser sign-ins (see https://t.co/6HfQaQrsuR). Well, good news as you can now also use FIDO2 keys to authenticate against Azure AD Hybrid joined device – aka Windows 10

Azure AD – Password less with FIDO2 now in preview for hybrid deployments Read More »

Azure AD – A new conditional access App for Office 365 suite

You may be well aware about the Azure Active Directory (Azure AD or AAD) Conditional Access features, and you should already have implemented some conditional access rules to improve your security posture. That said, when you have to setup a conditional access rule for Office 365 services access (Exchange Online, Teams, PowerApps…) it may be

Azure AD – A new conditional access App for Office 365 suite Read More »

Azure AD – Don’t forget to exclude the directory synchronization accounts from conditional access

The following issue occurred for one of my customers after enabling MFA for all users. The directory synchronization stopped working. The above situation may not occur often as usually you are excluding trusted locations (aka your corporate network public endpoints) from applying conditional policies – especially when enabling MFA – and your Azure AD Connect

Azure AD – Don’t forget to exclude the directory synchronization accounts from conditional access Read More »

Azure AD / Office 365 – 3 new administration roles available

In the way to limit the need and use of the global administrator role, 3 new administration roles have been made available: Groups administrator to delegate groups (Azure AD security groups, Office 365 Groups, Teams or Yammer) management, covering naming convention, expiration policy or even AAD security group restoration Office apps administrator allows you delegating

Azure AD / Office 365 – 3 new administration roles available Read More »

Azure AD – You can now customize the My Apps portal

As there is more use of Azure AD application integration (either Enterprise Applications or Azure AD App Proxy), it is becoming more complicated for end-users to find their most important applications for their work. Well, good news, Azure AD Administrators can now create a ‘workspace’ grouping all related applications for their job or role. First

Azure AD – You can now customize the My Apps portal Read More »

Azure AD Connect – You can now provision cloud identity from disconnected Active Directory

As you already know Azure Active Directory Connect (AAD Connect) is the easiest and quickest way to provision identities in Azure AD, especially for large organization, while providing simple authentication method to cloud services (password hash sync, Seamless SSO…). That being said, you may find yourself in position you have to quickly provide cloud identities

Azure AD Connect – You can now provision cloud identity from disconnected Active Directory Read More »

Azure AD – The Dynamic Membership configuration blade has been refreshed and looks better

As you may already know, you can create dynamic membership groups in Azure Active Directory (AAD) for quite some time now. Well, the dynamic membership rules configuration blade has been refreshed and looks better and easier to use; you can now see at the same time the defined rules AND the detailed expression of these

Azure AD – The Dynamic Membership configuration blade has been refreshed and looks better Read More »

Azure – You can now use Azure AD authentication support for point to site VPN

As you already know, you can connect to your Azure virtual networks (VNets) from your devices using either Site to Site (S2S) VPN and/or Point to Site (P2S) VPN. The Point to Site VPN connection use to require self-signed certificate for the client to connect to Azure. Well, good news, you can now use your

Azure – You can now use Azure AD authentication support for point to site VPN Read More »

Azure AD – You now use Google ID with Azure B2B

It has been in preview for the past few months, it is now GA (generally available): you can now invite external users (Azure AD B2B – Business to Business) using Google ID as identity provider, supporting @gmail.com and @googlemail.com email address domains. Before enabling support for Google ID, you first need to create a Google

Azure AD – You now use Google ID with Azure B2B Read More »