After the implementation of Conditional Access policies, it’s important to monitor the coverage status to check if all sign-ins are covered by a conditional access rule. But it’s important to know that it is highly likely that the coverage in a normal environment will never be 100%. This blog is
When creating solutions in Endpoint Management it’s often the case that you need to execute scripts in SYSTEM context and submit data to a webservice. As long the devices are Active Directory Joined or Azure Active Directory Hybrid Joined this is not an issue as the computer itself has an
One of the biggest pain points of many companies is the documentation of their infrastructure. With the fast changing products/features it’s more important to have an accurate documentation. The Automatic Microsoft 365 Documentation is the successor of the Automatic Intune Documentation which provides many advantages. It’s no longer a simple
I often write script or small applications for devices. Many times I required the AzureAD device ID which can be obtained from registry or by parsing the dsregcmd output. But parsing console output is not really reliable when the output changes for example. Now, I found a solution by using the
Creating configuration documentations is always hassle. Therefore, I extended the Intune documentation with a new option to also document Azure AD Conditional Access policies. The new function Invoke-ConditionalAccessDocumentation will document: Azure AD Conditional Access Policies Translate referenced id’s to real object names (users, groups, roles and applications) Important: The Conditional
One of the biggest challenges with guest/external accounts in Azure AD is to build a governance process to keep your directory clean. Many companies do not like to have old and unused guest accounts forever in their Azure AD. Without a review functionality and information who has invited them this
OATH TOTP tokens can help to use Azure MFA without mobile phones. I highlight what the differences between available types are and how to enroll them.
Azure AD Conditional Access is one of the most named features which customer implement to protect their environments. But as with many cloud features at first glance it looks really simple to implement but then the complexity comes visible during rollout. Many customers activating it without thinking what the impact
I’m using a FIDO security key from Yubico since a year for some of my accounts. Now, I had the chance to get a eWBM Goldengate Security Key and test it. The rollout looks the same as for my Yubico keys, but there is one feature which is in my
In nearly every engagement I get the question why it’s not possible to assign Azure AD roles based on Azure AD or synced AD groups. Also, in my opinion this would be a nice feature to have in a productive environment. I started building a solution based on Azure Automation,
Copyright © 2023 Workplace Ninja’s. All Rights Reserved. – Code of Conduct, Webpage Terms of use and Webpage Privacy Policy