If you want to get an email Alert, if a specific Account is used for Login within Azure Active Directory, you will currently be required to use Cloud App Security. The feature Cloud App Security is included within the Enterprise Mobility & Security Suite E5 (EMS E5; source).
Today would shed some light on the cmdlet “Enable-ADSyncExportDeletionThreshold” which comes with the Azure AD Connect. If you are using Azure AD Connect to synchronize your On-Premise Active Directory to Azure Active Directory, Azure AD Connect will never execute a batch of more than 500 objects to delete. You can check the current value by using “Get-ADSyncExportDeletionThreshold”:
Since pass-through Authentication is GA and the major limitations are gone, I decided to change my Azure AD authentication against my local AD from ADFS to pass-through provided with Azure AD Connect.
For those who are not that familiar with the concept of pass-through authentication, on this Microsoft Article “How it works”, you will find all the information. The picture below is from this article as well.
Today I would like to share my experience when it comes to add a User Agent (e.g. Browser) to the list of Single Sign On capable applications. There is quite a good Article from Microsoft that describes how to add a User agent to the ADFS Configuration, you will find this Article here:
Currently many customers are looking for a solution to protect their content, and finding themself within the Microsoft Office 365 and Azure Ecosystem, and realizing, that they might already been able to use a solution for Information Protection. But this leads often to the Question, how can I, and more important, how can my users take advantage of Azure Information Protection (AIP)?
I will try to answer those questions within this Blog Post.
Since Microsoft has Released Azure AD Domain Services, many questions are coming up, and the top one of them might be: Can I join my Windows 10 Client through the internet to my Domain and receive Group Policies? No, you can’t.
But besides this, there are other questions that remains to be answered, and I will try to do so.
The first thing is to explain, what is required to get the Azure AD Domain Services (AAD DS) up and running:
1. Create a group in Azure AD called “AAD DC Administrators”
2. Create a VNET in Azure if not already existent
3. Activate the AAD DS in the Azure Portal:
4. Update DNS Settings for the specific VNET
And now, you are ready to go, for a more detailed explanation refer to this Microsoft Article.
Today I was asked how to remove a registered Device from the Azure Active Directory, for all of those asking, what is a registered Device, see this Azure Article, and you can automate this step for your users, if you are following this Azure Article. But what if you would like to remove the registered Device of a User? You can do that through the Portal:
Or you can use PowerShell to do that! Continue reading