TagAzure

Azure Tags

Azure tags is an important tool of marking your resources with some additional information. 

This information can be what your business requires and is not set by any templates or so. 

Keep in mind that when you start with tagging it must give you some sort of value in some reasons this is cost-related that meaning you can tag resources with a costcenter tag like 

CostCenter : BusinessApplication 
CostCenter : Human Resources 

Other departments can also be in use of tags and then i`m thinking of the Security department and their Incidence and Respond team. By adding additional information to your Azure resources, you can set an value on resources and with that also prioritize what resources to mitigate first if there is an security incident.  

Setting tags can be done at creation of the resource in the Azure Portal but also within ARM templates or you can use Azure Policy to add tags after deployments aswell.  

When adding tags to a existing resource navigate to the resource and hit the Tags pane in the menu then add a TagName and a Value of the tag. 

Going forward this can also be done when creating a new resource within the Wizard and also by ARM temlates by adding this to the “Parameter” section of your ARM temlate:

"resourceTags": {  
      "type": "object",
      "defaultValue": {
      "CostCenter": "BusinessApplication"}
      }

And this to the actual resource 

"tags": "[parameters('resourceTags')]", 

If using Azure Policy to remidiate existing resources you can use a built in policy named “Add a tag to resource” and deploy that to your subscription.  

By using Azure Policies you can also block creation of new resources without having a Tag set to the resources upon creation.  

All of these methods are powerfull methods but i like the Azure Policy methods the most as these policies can be givven a logic to it – but more on Azure Policies in another blog post. 

Keep tagging all your resources and grow your value of your assets in Azure!  

Azure AD Connect sync issues

Now and then we get errors in our Azure AD Connect syncronization, or that said – my customers get errors.

And every now and then there is a error wich are not easy to spot what can be wrong.

In this case the sollution was not that easy – but when you think of it, it makes kind of sense sort of.

So this is the Error i got.

Other Error 
onmicrosoft.com 
Description 
Error Details 
pro perty 
Error Type 
Last Attem pted At 
Related Articles: 
Attribute 
o 
x 
The object failed synchronization. For more information, please see the error details. If the problem continues and 
cannot be fixed, please contact Microsoft Support. 
Value 
WorkflowException 
12/17/2019, PM 
1. Azure AD Connect: Troubleshooting Synchronization Errors 
user Principal Name 
Object GUID 
Synchronization Status 
Details 
Attribute Value 
0625<71 
On premises AD only 
52fde7d7eab1

Looking into Azure AD Connect it throwed a error on syncronization.

After some investigation back and forth i with the GUID who did not match the Azure AD Sync error – i found out that a deleted group was configured as a licensing group within Azure AD. Therefor when it was deleted from On-prem AD it could not be deleted in Azure AD since it still was in use.

By removing it from the license sku it removed it self on next sync.

Sensitivity labels available in Outlook Web

The first step into enabling the use of Unified labels in Office Web apps is here! Today i got the “Sensitivity” bar enabled in my tenants.

Sorry for the Norwegian text in the picture, as “Følsomhet” is the Norwegian word for “Sensitivity”

To get started with Sensitivity labels – head over to Microsoft 365 Security portal and open the “classification” menu.

From there head in to “Sensitivity” and create a label.

Next – choose the tab for Label Policies and publish the label you created.

When testing the feature, remember to only publish the label to your self so that you not enable all users in your company to use and test it. 🙂

© 2020 IdefixWiki

Theme by Anders NorénUp ↑