Blogging about Microsoft 365, Azure and Automation!
Microsoft Endpoint Manager (Intune) currently supports fours different Android Enterprise enrollment methods: Work Profile Dedicated Device Fully Managed Fully Managed Devices with Work Profile (Corporate Owned – Personally Enabled (COPE)) … Continue Reading Android Enterprise Dynamic Groups for Intune
Every Microsoft 365 Security engineer has the same struggle: maintaining corporate IP-address range needs to be done in two places. Once in trusted named locations in Azure AD and once … Continue Reading Sync Named Locations to MCAS IP Ranges using Azure Automation
Link to the ARM template for the full playbook can be found on Github. Microsoft cloud SIEM, Azure Sentinel, is an amazing product which can provide central logging and reporting … Continue Reading Saving corporate IPs to Log Analytics with Logic Apps
As a lot of organizations are picking up Power Apps, I have seen more and more use for them. Some organizations are now developing Power Apps and having their end … Continue Reading Deploy Power App to a Managed Home Screen through MEM
A lot of companies want all their employees to have all calendars open by default. That way any employee can view the calendar of a colleague to check if he/she … Continue Reading Setting up calendar sharing in a multilingual company
Break The Glass or emergency accounts are a necessity in the cloud world we live today. Every year Azure AD goes down for a few hours because of some Multifactor … Continue Reading Best Practices for Emergency Accounts
Dynamic Groups in Azure AD are truly an amazing feature. It lets you manage a large group of users without the need to manually add every one of them in … Continue Reading Creating a dynamic group with all AAD Premium licensed users
I was recently involved in a Exchange Migration that also involved an Enterprise Vault migration. The company in question currently had about 2000 archived that needed to be moved into … Continue Reading Updating the flag status of an Exchange email through Powershell EWS
Patch My PC is probably the most known product for Automated Third Party Application Patch Management with SCCM integration. This is an amazing product that simplifies your Third Party Application … Continue Reading Automating 3rd Party application deployment in Intune with PatchMyPc
During recent weeks, an increase in OAuth phishing attacks has been spotted. OAuth Phishing attacks are an evolution of the old phishing attacks we all know and hate. During a … Continue Reading Protecting against OAuth attacks: Setting-up Admin Consent Workflow
Last Thursday a new preview feature in Azure was announced for which I was very excited about: AAD Authentication to Windows/Linux VM’s on Azure. What? What does this mean exactly? … Continue Reading Azure AD Sign-in to an Azure VM
Almost every Office 365 migration has the same step involved every time: changing the UPN suffix of all the users from a non-routable (local) domain to a routable, public domain. … Continue Reading Changing AD UPN in bulk using Powershell GUI
Google offers a few online certification classes around Android Enterprise. Last week, I decide to broaden my knowledge about Android Enterprise and tackle them all. During this blog post I … Continue Reading Android Enterprise Certifications
A while back Azure AD has announced Azure AD Security Defaults. Azure AD Security defaults is positioned as a baseline to harden the security of your Azure AD Tenant. Conditional … Continue Reading What is Azure AD Security Defaults & should you be using it?
Passwordless has been one of those buzzwords in 2019. So many articles and announcements have been made around it recently. First there was passwordless through the Microsoft Authenticator app. I … Continue Reading My thoughts on passwordless in AzureAD
I have been doing quite a few projects involving Hybrid Azure AD Join lately and have learnt a lot about it and how you should begin your troubleshooting journey. What … Continue Reading Troubleshooting Hybrid Azure AD Join
