Currently many customers are looking for a solution to protect their content, and finding themself within the Microsoft Office 365 and Azure Ecosystem, and realizing, that they might already been able to use a solution for Information Protection. But this leads often to the Question, how can I, and more important, how can my users take advantage of Azure Information Protection (AIP)?
I will try to answer those questions within this Blog Post.
Continue reading
Azure AD
Azure AD Domain Services – What you can do, and what you can’t do
Since Microsoft has Released Azure AD Domain Services, many questions are coming up, and the top one of them might be: Can I join my Windows 10 Client through the internet to my Domain and receive Group Policies? No, you can’t.
But besides this, there are other questions that remains to be answered, and I will try to do so.
The first thing is to explain, what is required to get the Azure AD Domain Services (AAD DS) up and running:
1. Create a group in Azure AD called “AAD DC Administrators”
2. Create a VNET in Azure if not already existent
3. Activate the AAD DS in the Azure Portal:
4. Update DNS Settings for the specific VNET
And now, you are ready to go, for a more detailed explanation refer to this Microsoft Article.
Azure AD – Remove Registered Device
Today I was asked how to remove a registered Device from the Azure Active Directory, for all of those asking, what is a registered Device, see this Azure Article, and you can automate this step for your users, if you are following this Azure Article. But what if you would like to remove the registered Device of a User? You can do that through the Portal:
Or you can use PowerShell to do that! Continue reading
Windows 10 – Deploy Profile Picture to Logon Screen
In my current deployment I wanted to get our fancy pictures from Active Directory to our Windows 10 Machines where it can be used for the logon screen and other places like start menu:
First, I want to let you know, how I add the Picture to my user accounts. Well this is quite simple, I just use those two lines of Powershell:
$userphoto = [byte[]](Get-Content "C:\temp\MYUserPic.jpg" -Encoding byte)
Set-ADUser -Identity MYUserPic -Replace @{thumbnailPhoto=$userphoto}
If this is done, and you have also Azure AD Connect in Place, your picture will be synced to Azure AD as well, and therefore the picture will show up in Office365. Mind that there are different recommendations for specific systems (Exchange, Office365, Skype for Business), but you can also use high-resolution images. See also this Microsoft Knowledgebase article for issues with pictures larger than 100kb: Technet Article Exchange Online Hybrid Image size
Continue reading
ADFS – Install Web Application Proxy fails with 401: Unauthorized
Hi,
today I faced the issue, that when I tried to install my Web Application Proxy for ADFS, it permanently fails with the Event ID 422:
With Text:
Unable to retrieve proxy configuration data from the Federation Service.
Additional Data
Trust Certificate Thumbprint:
3CD8F7C4697ED510546F74C25B4FD4F8C183CE34
Status Code:
Unauthorized
Exception details:
System.Net.WebException: The remote server returned an error: (401) Unauthorized.
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.IdentityServer.Management.Proxy.StsConfigurationProvider.GetStsProxyConfiguration()
—- End Snip—
I was quite sure, that I had everything quite well configured, and that I was using the correct certificate. Continue reading
Azure AD Connect 1.1.105.0 – Missing Scheduled Task
Hi,
today I have upgraded my Azure AD Connect to the newest Version available (Download here).
Everything seemed to be fine, except that I was missing the Scheduled Task:
Continue reading
Azure AD – Alternate Email Address
Today I was looking for a Best practice or a recommendation how to use the Option alternate Email Address which is available on Accounts with administrative permissions. You can find this information when you go to myapps.microsoft.com and click on profile:
Continue reading
blog.hosebei.ch 