Azure

Back to Basics – Use Dynamic Groups Wherever Possible

This is a short holiday week for me, so this post is quick and basic. It’s surprising to me how many tenants I encounter that have no dynamic groups configured. Many IT teams are still manually adding/removing devices or users from assigned groups. For anyone not using dynamic groups, you need to start using them. […]

Back to Basics – Use Dynamic Groups Wherever Possible Read More »

Managing Azure AD Authentication Methods, adding a FIDO2 Security Key, and Configuring Conditional Access Authentication Strength 

Microsoft’s new authentication strength options for Conditional Access is awesome, and I encourage you to start using this feature. This post will add some clarification on using Conditional Access for MFA, how to add a FIDO2 security key as an authentication method, and then how to use conditional access to protect certain applications with different levels

Managing Azure AD Authentication Methods, adding a FIDO2 Security Key, and Configuring Conditional Access Authentication Strength  Read More »

Move from per-user MFA to Conditional Access MFA in Azure AD

More often than not, I see both per-user MFA and Conditional Access MFA enabled in Azure AD tenants. There seems to be a misconception amongst IT admins that by disabling per-user MFA, users will need to re-register their MFA authentication methods. So, admins end up leaving per-user MFA enabled and also creating a Conditional Access

Move from per-user MFA to Conditional Access MFA in Azure AD Read More »

BitLocker state of encrypted, but no Key Protectors and Protection off. Resolving with Intune.

This post describes a recent issue I had with BitLocker drive encryption. It started with Hybrid AAD joined devices showing successfully encrypted, but keys are not uploading to Azure AD, and the encryption settings were not really being deployed. Further investigation revealed a strange BitLocker state on most of the machines. If you find yourself in

BitLocker state of encrypted, but no Key Protectors and Protection off. Resolving with Intune. Read More »

Why your business needs Azure AD & Microsoft Endpoint Manager, and How to Plan your Migration

As organizations continue to expand their remote workforces, those refusing to adopt modern cloud solutions are neglecting tools that enhance mobility and productivity. They’re also putting corporate data at higher risk of compromise by not taking advantage of modern cloud security solutions. It wasn’t that long ago where nearly all employees were reporting to an

Why your business needs Azure AD & Microsoft Endpoint Manager, and How to Plan your Migration Read More »

Find successful basic authentications quickly with PowerShell

This is a quick post, but useful for anyone who has not stamped out basic authentication in their environment. Or perhaps you’ve inherited several new clients, or need to identify this across many clients. In any case, you can always use the manual method of signing into the Azure GUI and filtering sign-in logs, which

Find successful basic authentications quickly with PowerShell Read More »

Win365 Cloud PC review – Benchmarking, RDP Short path, and Mobile device Experience

Microsoft recently brought back the Windows 365 Cloud PC trial, and with limited Windows 365 experience, this was my chance to get some hand-on experience for free. With AVD and Windows 365 really looking like the future of large scale VDI, I wanted to do some benchmarking on the hardware, test RDP Short path for

Win365 Cloud PC review – Benchmarking, RDP Short path, and Mobile device Experience Read More »