Back in October I wrote a blog about Conditional Access, Exchange Online and session controls. With Conditional Access in Azure AD you are able to “make” Outlook on the web (aka OWA) selectively read only or block access to attachments. In this video we will look unrestricted access to Outlook on the Web, Read Only […]
READ MOREAs I already have mentioned during the first episode of the Enterprise Mobility Tips I have another short video ready where I will be showing a new preview feature of Azure AD. This new feature is all about securing and protecting the MFA registration service. This short video will show you how to enable the […]
READ MOREAs from now on I will try to share regularly tips and tricks via short videos on YouTube. Today I posted Episode #001 where I will show that you can use a portal from Microsoft to review your sign ins. Have a look for yourself https://mysignins.microsoft.com and make sure you subscribe to my new Enterprise […]
READ MOREI have had and still have customers that want to restrict access via Outlook Web App (OWA) to Exchange Online. For instance, they want to block download of attachments when users access their mailbox via OWA. Until recently this could be done via the OWA Mailbox Policy in Exchange (Online), by setting the DirectFileAccessOnPublicComputersEnabled and […]
READ MOREMicrosoft Intune has a pretty good RBAC model to allow you to give permissions to users who need to be able to perform an administrative task or role within Intune. A role can be for instance a predefined role in Intune or a custom role. Before digging into the Intune roles, there are also Intune […]
READ MOREYesterday I was triggered by a colleague of mine that administrators of services in Azure or Office 365 are automatically required to login via Multi-Factor Authentication (MFA) when accessing the service in the future. When logging in to one of my tenants indeed a new conditional access policy listed in the conditional access blade of […]
READ MORELast year Microsoft was planning to mark devices that were not evaluated by a compliance policy as non-compliant. The default behavior is that if a device is not evaluated by a compliance policy that it is being marked as compliant and therefor the user has access to services controlled by Conditional Access in Azure AD, […]
READ MOREMicrosoft released almost two weeks ago Conditional Access for Macos operating systems as part of Azure AD, which allows you to control that you only allow access from devices that are managed by Microsoft Intune and that are compliant. At the same time Microsoft released the preview of the Company Portal for the same device […]
READ MOREMicrosoft released a new version of the Azure Active Directory Application Proxy connector. This updated version uses now SHA2 for signing. Until now only SHA1 signing was used but since SHA1 is deprecated since it is not considered secure anymore. Be sure to update to the latest version if you are using the Azure AD […]
READ MOREDue to an incident (IT85607) while moving the Conditional Access policies from “Preview phase” to “general availability” in Azure Active Directory, the Conditional Access policies in Microsoft Intune might be disabled. Since the two are basically the same you need to check your Conditional Access policies are still configured correctly.
READ MOREThe last year my buddy Kent Agerlund and me have been working on a brand new book about the Microsoft Enterprise Mobility Suite. After hard work we were able to finally present our new book at the Midwest Management Summit earlier this week! So proud to be able to hold my third book finally in […]
READ MORE