Staled Azure AD users

Table of contentBackgroundPre-requisiteScript contentConclution Background Have you ever thought “Do we have full controll over our offboarding routine?” then this script is perfect in your toolbox for checking for inactive users in Azure Active Directory. I am stumbling across several Azure Active Directories where there are one or more user account enable and active without…

Continue reading

Azure AD – Keep it clean and tidy

There are several reasons for keeping your Azure AD nice and tidy. Locking down features, removing unused objects and applications and so on – all this keep the the attack surface of your environment lower and makes it easier for you to manage your Azure AD, do access reviews on access groups, roles and so…

Continue reading

How to keep up-to-date

So how do you keep yourself up to date on tech? This is a question I get a lot and it`s a bit tricky question if you think about it. Technology and of course Cloud solutions are in a rapid change at all times and to be able to be on top of all the…

Continue reading

FIDO2 on break-the-glass = smart move!

We now have a new capability for choosing different MFA methods for a set of users using Conditional Access policies. And with that we can ensure that our most important users uses the most secure method for authenticating to our services. Out of the box you can choose from these three MFA methods, but there…

Continue reading

Multifactor usage

In this short blog I will show you how to look into if users are using Multifactor Authentication based on earlier posts on how to monitor and collect logging for your Azure AD. So first of all – You need to setup Azure AD logging. Have a look at this blogpost to se how easy…

Continue reading

Monitor sensitive accounts

Pre-requisitesQueryAction GroupAlertConclusion and result Pre-requisites A pre-requisites for monitoring sensitive accounts in Azure AD is to have setup a Log Analytics Workspace and your Azure AD logs sent to Log Analytics. If you want to know how that`s done then have a look at this blog post to se how easy it is to enable…

Continue reading

Secure your accounts

So now a days many have enabled MFA for their accounts. And that’s great!It show`s that what we have been working on the last years is working. According to Microsoft, MFA can prevent 99,9% of attacks to your accounts. But there is a attack vector that not many think of. Do you have full control…

Continue reading

Monitor Azure AD

Main goalLog AnalyticsAzure AD configurationTest query in Log Analytics Main goal Main goal for this blogpost is to gain more knowledge on how to collect logs from Azure AD. By default you`ll get 30 days audit and sign-in logs stored within Azure AD. To be able to interact / automate on the logs we need…

Continue reading

MFA settings

In order to optain a secure infrastructure you need to have controll over your MFA settings. There are several settings you need to configure and know how it works. In this post I`ll go through all settings like NotificationsFraud AlertAccount LockoutBlock/Unblock users Notifications Maybe the easiest setting but yet som important.You need to configure who…

Continue reading

New MFA capabilities in Azure AD

So these day`s we all uses MFA right? But not all MFA methods are as good as we think. There have been several cases where “SIM Swapping” or “SIM Hijacking” has been the case and therefor – can we trust using SMS for Multi-Factor Authentication? In short notes this is how SIM Swapping is done….

Continue reading

Elevation prompt for std. users

Ever thought about your end-users really think before clicking? How often does your end users (who have local administrator rights in some way) just install stuff without thinking? To start with, your end-users should not be local administrators on their machines, but many still are. If they are not all the time lot`s of companies…

Continue reading

Reset sign-in information on guest accounts

Ever stubled over the need of changing a guest`s sign-in information on one or more guest accounts?Well, this has been a issue for several companies and the way forward was to delete the guest accounts and re-invite them. When doing this all access to Teams, SharePoint Online and OneDrive for business for that guest account…

Continue reading

A new year! Welcome 2022

After two years of “blog silence” from me, i`m no working on several new blog posts and are accelerating my community work again! 2020 and 2021 was two years where the work presure was very very high and automaticaly community work was not prioritized due to high prio on family life on all ours available…

Continue reading

CosmosDB access keys

From when ever there is need to rotate access keys to your CosmosDB or any other storage service using Access keys this is the best practis method to do so. So for CosmosDB these are the steps needed to be used. Head into Azure portal and navigate to your CosmosDB and select “keys” from the…

Continue reading

Windows365 – So easy!

Windows365Let`s first talk about licenses.Provisioning the beauty! De-provisioning and cleanup Windows365 Windows365 is a Cloud pc for all users and it`s so easy to start using! In this post I will go through a setup of Windows365 Business in a cloud only tenant and show you how fantasticly easy this is! There are some pre-requisites…

Continue reading