Over the past six months, I’ve shown you ways to get to know the devices that people in your organization use App Passwords on, set an alert to notify when an additional person is assigned the Azure AD Global Administrator role and set an alert to notify when an Azure AD emergency access account is … Continue reading "TODO: Stream additional logs from Azure AD for optimal visibility"
In September 2018, Microsoft introduced the concept of Conditional Access baseline policies. Baseline policies were superseded by Security Defaults, and starting February 2020 the Baseline Conditional Access policies were disabled in all Azure AD tenants. However, these lingering baseline policies are all Off and cannot be turned on. They can also not be removed from … Continue reading "HOWTO: Get rid of the Conditional Access Baseline Policies in your Azure AD tenant"
As part of MC224734, Microsoft has communicated publicly that they are requiring multi-factor authentication (MFA) from four more Azure AD privileged roles through the Security Defaults functionality. Organizations leveraging Conditional Access to require MFA from privileged accounts should take note. About Security Defaults Security Defaults is an Identity security feature. When enabled, it requires … Continue reading "TODO: Require MFA from four more Azure AD Roles through your Conditional Access Policies"
During Microsoft’s Ignite event in September 2020, the Conditional Access Application Programming Interfaces (APIs) were announced as Generally Available. We’ve covered this change in our recap of Identity-related Announcements from Microsoft Ignite 2020. Barbara Forbes and I are in the process of creating several solutions for Conditional Access administrators, that rely on the Conditional Access … Continue reading "KnowledgeBase: The Conditional Access APIs do not currently support Preview conditions"
The European SharePoint, Office 365 & Azure Conference (ESPC) is Europe’s leading online community, providing educational resources and encouraging collaboration. Therefore, I was more than happy to announce that I was returning as a speaker for the European SharePoint, Office 365 and Azure Conference (ESPC) 2020. On October 15th, while my pre-recorded presentation was playing, … Continue reading "The video of my talk at the European SharePoint Office 365 and Azure Conference is now available"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for October 2020: What’s Planned Azure AD On-Premises Hybrid Agents Impacted by … Continue reading "What's New in Azure Active Directory for October 2020"
As announced as part of the Azure AD Connect Version Release History page and shared here earlier, yesterday marked the end of Azure AD Connect version 18.104.22.168 and older versions of Azure AD Connect. This way, Microsoft starts enforcing its 18-month support policy for Azure AD Connect versions. For Azure AD Connect admins, running an … Continue reading "Azure AD Connect version 22.214.171.124 and older versions are no longer supported"
After being in Public Preview since February 2020, Microsoft made the Office 365 app in Azure AD Conditional Access Generally Available. The below image sums up what is in the Office 365 app: The Office 365 app helps with common challenges Microsoft 365 admins have: All the individual services in the Office 365 Suite are … Continue reading "Five things to know about the Office 365 app in Azure AD Conditional Access"
Yesterday, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing Service Center. This version is also known as Windows 10 ‘October 2020 Update’. It’s time to look at the new Identity-related features in this version of Windows 10: … Continue reading "Identity-related new features in Windows 10, version 20H2 build 19042"
An Administrative Unit (AU) is an Azure AD resource that can be a container for other Azure AD resources. Administrative units allow an organization to grant admin permissions that are restricted to a department, region, or other segment of the organization. Admins can use Administrative Units to delegate permissions to regional administrators or to set … Continue reading "Ten things you should know about Azure AD Administrative Units"