Setup a good password policy in Azure AD
A good password policy is the first step on securing your environment and company data. Without a password policy in place you can be sure that a lot of users will take a password that can be easily guessed and/or brute forced in less than 5 minutes. Default Azure...
Continuous Access Evaluation (CAE) in Azure AD (GA)
Microsoft has just announced (January 2022) the General Availability of Continuous Access Evaluation as part of the Azure AD Zero Trust management portfolio. What is Continuous Access Evaluation? In short: continuous access evaluation allows for a quicker response by forcing an access token refresh in case of a certain...
Change Office 365 & SharePoint default domain name (Manual)
When a company changes it name, it would be nice if the SharePoint url can be changed to reflect the new company name. When you first signed up for Microsoft 365 you created an onmicrosoft.com domain. Even if you add custom domains, this domain will be used for SharePoint...
Azure Administrative Unit, what is it? And how to use it!
Remember the good old days with Active Directory Organizational Units? We where missing this in Azure AD, but it has finally arrived in Azure AD. Especially in bigger organizations you want to divide the organization in different units. Within each administrative unit you can delegate permissions to administrators of...
Exchange Online, Basic Authentication end is near…
Microsoft is proactively working on securing their Exchange Online environment. Making your and indirectly other customers environments safer. For now Microsoft is going over all tenants and they will start disabling Basic Authentication. This will include all of the following services: Exchange Web Services (EWS), Exchange ActiveSync (EAS), POP,...
Office 365 implement Safe Links Policy (Manual)
Safe links is part of Defender for Office 365 that scans and rewrites URL’s in inbound email messages, Teams and other locations. Safe Links is an additional security layer on top of anti-spam and anti-malware protection. Safe Links scanning can help protect your organization from malicious links that are...
Anti-Spoofing Exchange Online rule (Manual)
Fraudulent emails are becoming a common cyber threat. Anti-spoofing mail rules set up in Office 365 can help. In these phishing schemes, scammers research internal company names and send emails that look like they are coming from the CEO or someone else in the company. Typically the scam emails...
Exchange Server fix logon error
In Exchange 2013 and 2016 after an upgrade you might get the following error after logging in. The URL with the error will look like this: owa/auth/errorFE.aspx?httpCode=500 Cause This issue occurs if the Exchange Server Open Authentication (OAuth) certificate is expired, not present, or not configured correctly....
Upgrade to Windows 11 with Microsoft Endpoint Manager (Manual)
Microsoft has officially released Windows 11. With this manual you should be able to update all your devices within your company to Windows 11!...
Azure OMI Vulnerability
Microsoft has released multiple security updates in last Patch Tuesday. One off them fixes a high risk vulnerability (CVE-2021-38647) Also know as OMIGOD. This vulnerability can be used remotely, so exploitation is expected soon. This flaw doesn’t directly affect Windows at all, because it’s a bug in Microsoft’s open...
Renewed my Azure Solutions Architect Expert certification
Today I had to renew my Azure Solutions Expert certification. This was a first time I had to do that. By going to your certification profile you can do a online exam with just 26 questions with numerous things that have been changed in the past year. I have...
New fluent Azure icon
Some people might have noticed it, but Microsoft has released a new Azure Icon in its portal. By changing the icon Microsoft wants to match the style with their Fluent Design System making it more familiar for their customers. Source: https://azure.microsoft.com/en-us/blog/a-fluent-new-look-for-the-azure-icon/...
Automate Azure SQL Size using Azure Automation (Manual)
Recently a customer asked me how to save cost on their Azure SQL database without moving away from DTU based subscription model. In this case this customer knows exactly at what time their database is heavily utilized, and when it’s idling. So with a script its easy to automate....
How to re-enable inactive mailbox from litigation hold in exchange online using Power Shell(Manual)
When users leave the company you might want to retain the email for a longer period than the default 30 days. By enabling litigation hold you can retain mailboxes longer than 30 days, before you disable a user you can set the litigation hold to any value you would...
Azure Automation: Run SQL command on Azure SQL (Manual)
How cool would it be to automate your daily SQL tasks using Azure Automation? Well, really cool off course! Lets start using Azure Automation! Go ahead, if you don’t have an automation account yet, create one by going to Automation Accounts. Give your automation account a name, choose a...
Microsoft announces Endpoint Data Loss Prevention (DLP) available in Preview
Microsoft has released its Data Loss Prevention tools for endpoint clients. Customers with Microsoft 365 subscriptions can now protect data on physical devices next to online services and apps. This new feature it is possible to enable Microsoft 365 policies that have been configured for apps, to be active...
Retrieve hybrid Azure Active Directory join status
With the modern workplace getting more and more into the businesses, you might want to verify if your devices have been joined to both your local on-premises AD and Azure AD. Just one simple command is all you need to verify the status. On the (hybrid) domain joined device...
How to use Azure Automation to maintain SQL indexes and statistics
When you migrate to Azure SQL, you might think that Azure does all SQL maintenance, including the maintenance of your database… But the truth is, you will need to setup some maintenance yourself for your databases. Microsoft doesn’t know what is best for your application or database. With this...
Setup Azure File Share with AD authentication (Manual)
With the traditional file server coming to a end, it is time to move along with Azure File Share and AD authentication. Pre-requisites: Office 365 Tenant with an Office 365 Admin account Active Directory on-premise environment AD Connect PowerShell AzFilesHybrid: https://github.com/Azure-Samples/azure-files-samples/releases STEP 1: First, let’s create a new storage...
How to install and setup AD Connect (Manual)
In this manual I am going to explain how to install and setup a connection between on-premise Active Directory and Azure AD. Pre-requisites: Office 365 Tenant with an Office 365 Admin account Active Directory Server with AD Enterprise administrator permissions AD Connect tool, download link: https://www.microsoft.com/en-us/download/details.aspx?id=47594 STEP 1: First...