Azure ad

How to configure Windows 365 Enterprise Azure AD join

Windows 365 Enterprise Azure AD join – Microsoft Hosted Network.   Introduction Many of us have been waiting for native Azure AD join for Windows 365 Enterprise since its release in August 2021. But wait no longer! The native Azure AD join support has finally become a reality. In this

Continue to read »

How to secure Windows 365 using a FIDO2 security key

Secure your Windows 365 Cloud PC(s) with Conditional Access and FIDO2 security keys. Introduction We have already written about FIDO2 security keys on several occasions (I will add the links below), which has inspired me to see how I could secure Windows 365 using Conditional Access and a FIDO2 security

Continue to read »

Manage local administrator rights on Windows 365 Cloud PCs.

Managing local administrator rights on Windows 365 Cloud PCs. Introduction I’ve been writing about Windows 365 over the past few months, and in the original Windows 365 blog post I quickly mentioned that users by default doesn’t have local admin rights on their Cloud PC(s), and how to grant users

Continue to read »

Identity Protection and guests

This time we will have a closer look at Identity Protection and possible impact for guest users (B2B collaboration users).   So in order to test this out we will create a Identity protection user risk policy requiring all users to change password if there risk is calculated to medium

Continue to read »

Passwordless using FIDO2 security key with HoloLens 2

Introduction Some time ago I was asked by FEITIAN if I would like to test their FIDO2 key. I said yes, because I am in a project where we will onboard Microsoft HoloLens’s in production, in that journey, we will make use of FIDO2 keys + Windows Hello for Business

Continue to read »

Intune multi app kiosk mode using the new Microsoft edge

Introduction This is my notes while playing around with kiosk. I was testing the brand-new Kiosk setting for the new Microsoft Edge and the only result I got out of that was a non-working device. Eventlog saying MDM Session: Failed to get AAD Token for sync session User Token: (Unknown

Continue to read »

Manage security polices directly from the cloud without co-management

Introduction When you use the Configuration Manager tenant attach scenario, you can deploy endpoint security policies from Intune to devices you manage with Configuration Manager. Prerequisites Tenant attach CMG (only if you need it to apply policies to internet based devices) Configuration Manager current branch version 2006 or later, with

Continue to read »

Windows and Office deployment lab kit

Introduction Microsoft just introduced an updated kit for IT pros to plan, test and validate deployment and management of desktops running Windows 10 Enterprise and Microsoft 365 Apps for enterprise. This was earlier known as “Windows insider lab for Enterprise” or “Olympia”.   The lab will cover technologies: Microsoft Endpoint

Continue to read »

Modern Roaming Profile – Enterprise State Roaming (ESR) + UE-V

     Introduction Enterprise State Roaming is available to any organization with an Azure AD Premium or Enterprise Mobility + Security (EMS) license. It enables users to sync user- and application settings across devices. It is an upgraded version of what you probably know as Roaming profile, but with no

Continue to read »

How to activate app lock on Microsoft Authenticator app

Microsoft Authenticator app has been around for a long time, originally released as beta in 2016. It has served us well with easier and safer access to our resources using Microsoft accounts as well as Azure AD accounts. By using the app, we can do two-factor authentication without the need

Continue to read »

Step by step Autopilot scenarios

Last updated 14.08.2020 Introduction I have written the following blog to share some of the valuable sources of information I have discovered while developing my knowledge related to the rollout of Modern Workplace clients using Microsoft365 Intune and Autopilot. Instead of a standard how to guide I have decided to

Continue to read »

Windows Virtual Desktop and Azure File Shares

In our original series on Windows Virtual Desktop we used a standard file server to host the FSLogix Profiles, this was the only option at the time – if used together with our on-premises Active Directory. Now it’s possible to use Azure file shares and on-premises Active Directory together (Preview

Continue to read »

Azure AD support for FIDO2 in hybrid environments

Last year we wrote about Azure AD and password-less sign-in http://blog.mindcore.dk/2019/07/azure-ad-and-password-less-sign-in.html Now we also have support (Public preview) for this in hybrid environments, so let’s try it out. We will use the same Yubico security NFC as last time. First thing we need to be aware of is that we

Continue to read »

Windows Virtual Desktop – Part 5

This is part 5 of our posts regarding Windows Virtual Desktop, until now we have covered: Part 1 – Created a Windows Virtual Desktop tenant – Part 1 Part 2 – Created a service principal and some customization of our on-premises AD – Part 2 Part 3 – Provisioning a

Continue to read »

Windows Virtual Desktop – Part 4

This is part 4 of our posts regarding Windows Virtual Desktop, until now we have covered: Part 1 – Created a Windows Virtual Desktop tenant – Part 1 Part 2 – Created a service principal and some customization of our on-premises AD – Part 2 Part 3 – Provisioning a

Continue to read »

Windows Virtual Desktop – Part 3

This is part 3 of our posts regarding Windows Virtual Desktop, until now we have covered: Part 1 – Created a Windows Virtual Desktop tenant – Part 1 Part 2 – Created a service principal and some customization of our on-premises AD – Part 2 In this part we will

Continue to read »

Windows Virtual Desktop – Part 2

This is part 2 of our posts regarding Windows Virtual Desktop, until now we have covered: Part 1 – Created a Windows Virtual Desktop tenant – http://blog.mindcore.dk/2019/11/windows-virtual-desktop-part-1.html Now let’s continue and create a service principal. We will create the service principal with PowerShell, in order to do that you will

Continue to read »

Windows Virtual Desktop – Part 1

This time we will take a look at Windows Virtual Desktop in Azure. We will connect this cloud solution to our own infrastructure so that we can use on-premises services as well. In order to make this work we already have a Site-to-Site VPN gateway connection setup to connect our

Continue to read »

Access to Teams based on our own extension attributes – PowerShell

In the last two post we looked at extending Azure AD with our own attributes http://blog.mindcore.dk/2019/10/azure-ad-extension-attributes.html and how to use this attribute to dynamically grant access to a Microsoft team http://blog.mindcore.dk/2019/10/access-to-teams-based-on-our-own.html. This time we will create the team and dynamic group using PowerShell instead. In order to do this we

Continue to read »

Access to Teams based on our own extension attributes

In our last post we looked at extending Azure AD with our own attributes http://blog.mindcore.dk/2019/10/azure-ad-extension-attributes.html Now let’s try to dynamically allow access to a Microsoft team based on the attribute. First we create a Team in Microsoft teams. In teams we create a new private team called TestTeam. We will

Continue to read »

Azure AD extension attributes

This time we will try to extend our Azure AD directory with a new attribute, we will in a later post use this attribute for dynamic groups and team access. But let’s get started, we will in this test attach the extension attribute to users, but it can be assigned

Continue to read »

Azure Sentinel

Since we have Azure Sentinel in preview, let’s give it a test spin. Azure Sentinel is a cloud-native security information and event manager (SIEM) platform that uses built-in AI to help analyze large volumes of data across the enterprise. Azure Sentinel aggregates data from a lot of sources, including users,

Continue to read »
Search blog posts
Authors
Modern Workplace consultant and a Microsoft MVP in Enterprise Mobility.
Modern Workplace consultant and a Microsoft MVP in Windows and Devices for IT.

Infrastructure architect with focus on Windows Client management & security.

Cloud & security specialist with focus on Microsoft backend products and cloud technologies.

Infrastructure architect with focus on design, implementation, migration and consolidation.

Infrastructure consultant with focus on cloud solutions in Office365 and Azure.

follow us in feedly
Categories

Follow on SoMe