Tag: Azure AD

Powershell in the Cloud – Part 1 – Azure Automation – Managing your Infrastructure from the Cloud

I recently held a talk about Powershell in the Cloud in Powershell User Group Sweden, this 3 part series is an attempt to refine and expand on that talk. The series will focus on the functionality rather than the code behind it as I want the content to be accessible for not anyone, whether you…



Azure AD authentication methods, MFA and SSPR insights and reports

We’ve been rolling out MFA (Multi-Factor authentication) and SSPR (Self-Service Password Reset) for many customers last couple of years. It often takes time and requires preparations but done right it will succeed and once finished they users get used to it just as they get used logging in using MFA to their bank. During the…



Granting permissions for single users to Azure AD connector in Flow and PowerApps

The Flow and PowerApps connector for Azure AD is great when you want to build an app that read and writes to Azure AD. Or to automate Azure AD tasks like editing groups or users. However, I quickly noticed that the user that wanted to use this connector in Flow was met by the following…



Office Cloud Policy Service – Preview Feature

Earlier this year Microsoft announced a new cloud based service that allows administrators to create and manage policies for Office ProPlus users in your tenant, this service is called “Office Cloud Policy Service” or “OCPS” for short. These policies are created and managed via an internet based portal and are then enforced upon members of…



New baseline policies available in Conditional Access

Last week Microsoft starting to rollout three new baseline policies in Conditional Access. Baseline policy: Block legacy authentication (Preview) Baseline policy: Require MFA for Service Management (Preview) Baseline policy: End user protection (Preview) Baseline Policy in Conditional Access are part of Baseline Protection in Azure Active Directory (Azure AD) and the goal of these policies…



Querying Microsoft Graph with Powershell, the easy way

Microsoft Graph is a very powerful tool to query organization data, and it’s also really easy to do using Graph explorer but it’s not built for automation. While the concept I’m presenting in this blogpost isn’t something entirely new, I believe my take on it is more elegant and efficient than what I’ve seen other…



OpenID Connect token validation in Citrix ADC

I’ve previously written about how to use OpenID Connect in NetScaler and a way to use callouts to validate tokens. You can also use the function JWT_VERIFY_CERTKEY() but that requires that you (for now) keep the issuing certificate updated locally. Another way is to setup an OpenID Connect client (OAuth Action) on Citrix ADC and…



Azure AD Connect and .NET Framework 4.7.2

Introduction Last week a discussion erupted on Microsoft forums regarding Azure AD Connect due to it’s Monitoring Agent using all free resources of CPU on the servers. These issues were caused by a .NET Framework update and a lot of administrators spent time uninstalling and blocking these patches to resolve the CPU usage issues on…



Device cleanup rules for Microsoft Intune

As an IT Administrator you want to keep your IT environment clean and tidy and the same goes for Microsoft Intune. By default all devices that has been inactive or stale and hasn’t checked in for over 270 days will automatically been removed from the console. In the latest update for Microsoft Intune dated July…



Block external access for Service Accounts using Conditional Access in Azure AD

Conditional Access in Azure Active Directory is normally used for users and administrators to secure and control company data in Office 365 and Azure, but what about Service Accounts? Aren’t they a potential security risk? Using Service Accounts for scripts and other tasks related to Office 365, Azure and Azure AD is a normal practice…