At our last Mindcore Tech event, we took a closer look at Self-service Password reset in Azure AD. One question we did not have the time to pursue, was how to only allow entering security information from a trusted location. We have SSPR setup and users are required to setup
Yesterday at our Mindcore Tech meeting, one of our test sceneries did not work as expected. We did not get the reset password option on the Windows 10 insider build. https://blog.mindcore.dk/2019/03/azure-ad-password-reset-on-login-screen.html The reason behind was “just” some missing configuration in the lab we build during the meeting In order to
This time let’s try to connect Store for Business with Intune and deploy the Company Portal to all users. First thing to do is to register Store for Business, so sign in to https://businessstore.microsoft.com using the same tenant account you use to sign into Intune. Select Manage: Click Settings –
This is a quick post about a question I often get – How do we install extra Proofing tools together with Office 365 ProPlus? In the early days of Office 365 C2R we did not have the option to install individual Proofing tools with Office Deployment Tool (ODT). But if
Back in March we wrote a post about using PowerShell to create Naming policies for Office 365 groups and teams. https://bit.ly/2W9hMlK Now this feature is available in the Azure portal. Go to Azure Active Directory and Groups: Naming Policy: Since we already added custom blocked words with PowerShell, we can
We are able to use multiple custom email templates in Office 365. This will allow us to use customized logos and text when sending encrypted emails. By default Office 365 will use the following layout when an external recipient receives an encrypted email: Let’s try to change this, first
We now have an Azure portal application available on Windows, I haven’t found a lot of information but you can download the Application here: https://ms.portal.azure.com/App/Download It will install in your user profile in C:Users[user]AppDataLocalMicrosoftAzurePortalProduction At the time of writing the downloaded version is 1.0.18.0, but just a hour ago it
In two of the latest we tested Azure Self-service password reset and integrated the feature with Windows 10: https://blog.mindcore.dk/2019/03/azure-active-directory-azure-ad-self.html https://blog.mindcore.dk/2019/03/azure-ad-password-reset-on-login-screen.html This time let’s use the same user, and enable it to use Password-less phone sign-in with the Microsoft Authenticator app. This feature is in public preview and you need to
We now have Azure AD Password Protection generally available, this will allow us to eliminate easily guessed passwords. By using it we can lower the risk of password spray attacks. Password spraying is using a large number of usernames and loops them with a single password, this will give a
In one of the last posts we enabled SSPR in our hybrid environment. https://blog.mindcore.dk/2019/03/azure-active-directory-azure-ad-self.html This time let’s enable password reset on the Windows 10 clients login screen. Before we start we need to be aware of the following: Supported on Windows 10, version April 2018 Update (1803). Device must be
We can now enforce a Naming Policy for Office 365 Groups, lets give it a test drive. With the Naming Policy feature we can define prefix or suffix that can be automatically added to group names and at the same time we can define words that are blocked from use
This time let’s try out SSPR with the new MFA combined registration in a hybrid environment. Before passwords can be changed on our local AD, Azure AD Connect must be configured with password writeback. Self-Service Password Reset/Change/Unlock with on-premises writeback is a premium feature of Azure AD, so license is
You might find yourself in a situation where you want all your computers to activate using Active Directory based activation except for your Azure VM’s, they should use the Azure KMS server. By default, when Active Directory based activation is enabled all computers on your domain will use Active Directory
Let take one more look at the Windows Defender Application Guard. You can find the previous posts about WDAG here: Testing Windows Defender Application Guard on a VM Windows Defender Application Guard In the last post we saw that by default we were not allowed to do copy and paste
This time let’s give Windows Defender Application Guard a very simple test: You can test this on a physical client or a Hyper-v client, take a look here for the requirements: Testing Windows Defender Application Guard on a VM The test will be done in an enterprise Active Directory domain
If you want to test Windows Defender Application Guard your test environment must meet the requirements: A 64-bit computer with minimum 4 cores (logical processors) with CPU virtualization extension, minimum 8GB RAM and 5 GB free space. But what if we want to test this on a virtual Windows 10
Microsoft has made the new Office Client Policy Service available as preview, and this is looking promising. The solution is a cloud-based service that can enforce policy settings for Office 365 ProPlus on the office client. This is possible even if the device isn’t domain joined or otherwise managed. The
This time I will have a quick test-drive of the Enterprise State Roaming Feature (ESR) with a hybrid Azure AD joined device, for those of us still using our own AD. Enterprise State Roaming will offer a secure synchronization of user settings from Windows and applications to the cloud. You
Starting in December 2018, the Azure PowerShell Az module is in general release and now the intended PowerShell module for interacting with Azure. Az offers shorter commands, improved stability, and cross-platform support. Az also offers feature parity and an easy migration path from AzureRM. Az uses the .NET Standard library,
Let’s have a quick look at the new Windows Sandbox feature. Windows Sandbox is a feature of Windows 10 Pro and Enterprise (right now only in insider builds). Virtualization must be enabled in the BIOS. If you are using a physical machine, it depends on the hardware but something like
When running the prerequisite check before upgrading SCCM to the newest releases you might see the following warning (this is taken from 1812): Warning details: SQL Server Native Client version [Completed with warning]:Verifies that the version of Microsoft SQL Server Native Client installed on the site server meets the minimum
Citrix has released a new version of Citrix Receiver for Windows, new version is 4.5.10018: You will find ADMX/ADML files in the installation folder (C:Program Files (x86)CitrixICA ClientConfiguration) or here https://www.citrix.com/downloads/citrix-receiver/windows/receiver-for-windows-latest.html Starting with Version 4.5, all Citrix Receiver for Windows template files are merged into a single file called receiver.adm
You might see that your WSUS server will crash after KB3159706 is installed. The event log will report event ID 507 Update Services failed its initialization and stopped. In the support article you will se that manual intervention is required, but since the update is pushed from Windows Update and
Microsoft has released a new update for the SCCM cmdlet Library 5.0.8373.1189 Release History: 6/6/2016 – Update Release, version 5.0.8373.1189. Contains bug fixes5/16/2016 – Update Release, version 5.0.8373.1182. Contains bug fixes and support for Configuration Manager (current branch – version 1602)1/25/2016 – Update Release, version 5.0.8328.1155. Contains bug fixes and
You might se this error when deploying Windows from a SCCM 1511 task Sequence: Task Sequence: xxx has failed with the error code (0x80070002) If we take a closer look at the smsts.log file, you will in this specific case find the message No credential information in environment. The reason
Modern Workplace consultant and a Microsoft MVP in Windows and Devices.
Infrastructure architect with focus on Modern Workplace and Microsoft 365 security.
Cloud & security specialist with focus on Microsoft backend products and cloud technologies.
Cloud & security specialist with focus on Microsoft 365.
Cloud & Security Specialist, with a passion for all things Cybersecurity
Cloud and infrastructure security specialist with background in networking.
Infrastructure architect with focus on design, implementation, migration and consolidation.
Infrastructure consultant with focus on cloud solutions in Office365 and Azure.
Modern workplace and infrastructure architect with a focus on Microsoft 365 and security.
