Author: Thomas Kurth

AzureAD Joined Device and Kerberos???

If you join a device to Azure AD, then you get SSO to cloud resources protected by Azure AD. If you are using a Hybrid User (Synchronized from your on-premise Domain), you get an additional hidden gimmick. In general, it allows a lot of use cases where a company would

Read More »

Attending MMSMOA as a newbie

This year, it was the first time, I attended the MMSMOA (Midwest Management Summit Minnesota). And I was thrilled to see, that this user group event is something special. Not only do you get the chance to meet many important persons (product group including developers, MVP’s, consultants, ConfigMgr and EMS

Read More »

Enhanced OS deployment end message

Since I’m working with ConfigMgr there was always the question of the staging team or end users if the staging of a device has really completed. Many years ago, I created a script which solved this question. Now I got again a few requests of customer and also discussions at

Read More »

Assign AzureAD/O365 Roles based on groups

In nearly every engagement I get the question why it’s not possible to assign Azure AD roles based on Azure AD or synced AD groups. Also, in my opinion this would be a nice feature to have in a productive environment. I started building a solution based on Azure Automation,

Read More »

Implementing Azure AD Privilege Management for Azure IaaS

Two years ago, we implemented AzureAD PIM in our baseVISION infrastructure to rise the security level. But after some time, we recognized, that it has too many drawbacks because the activation of the requested role took sometimes longer than a few hours. Especially in Exchange, Skype or Intune this was

Read More »

Test connectivity to various Azure and O365 services

When starting the journey to the cloud, then connectivity is the most important point. Azure consist of thousands of endpoints which also can change daily. Therefore, Microsoft build a webservice to provide you always with an up to date list, which is used by a lot of firewall/proxy vendors to

Read More »