You are browsing archives for
For Tuesday, October 27th we are proud to announce that Erik Loef, CTO and Microsoft MVP at Proxsys, and Kenneth van Surksum, Modern Workplace consultant at Insight24 will host a session about: “What is this Modern Authentication everyone is talking about, and why you should phase out Legacy authentication?”
Read MoreWith Microsoft Intune, there is a lot of focus on the Mobile Device Management (MDM) aspects of the product. This is logical because from a management perspective, if you manage a device using MDM, you can configure almost all settings remotely, something we as System Administrators have been doing for many years.
In many situations, just managing the Apps which you use to access your company data hosted in Office 365 is a more suitable solution, there are a couple of reasons for that.
Mobile Application Management (MAM) in some cases is a perfect way to let your end-users use their device the way they are used to, but also implement security measures which protect your company’s most valuable asset: The data.
In this article I will go into more detail of the MAM without enrollment (MAM-WE) functionality provided by Microsoft Intune/Microsoft Endpoint Manager.
Disclaimer: This post reflects the status of assigning groups to Azure AD roles as of October 10, 2020. Functionality may change, even right after this post has been published.
Read MoreIn April 2020 Alex Weinert, Director of Identity Security at Microsoft announced that Microsoft was working on moving towards real time policy and security enforcement. The first implementation for this move is now available as an option you can enabled within Azure AD, called Continuous access evaluation (CAE). The functionality released in April was only applicable for customers using the Azure AD Security defaults, on which I wrote a blogpost in January this year. Yesterday (October 9th 2020) though, Alex Simons announced that the CAE functionality is now also available for customers using Conditional Access policies. Keep in mind though that at time of writing this functionality is still in preview, and works with Exchange Online, SharePoint Online and Teams for now.
Continuous access evaluation allows for a quicker response by forcing an access token refresh in case of a certain events taking place. In this version of the preview the following events will be supported:
In December 2019 Microsoft included support for Plus Addressing in their roadmap (ID 59441) for Office 365. In the meantime this feature is released but needs to be enabled before it can be used.
Plus addressing has been available for a while now in other email services like Google Gmail. It allows you to extend your email address in front of the @ sign with a + and a tag of your choice. By doing so, you can easily distinct between where you used that email address and use the tagging to handle the message once it arrives in your mailbox.
Read MoreDue to the COVID-19 crisis, we (the Windows Management User Group Netherlands) were forced to move our activities to virtual events, which we call WMUG_NL Tuesdays Webinars.
For next week Tuesday, September 29th we are proud to announce that Tim Hermie, senior Modern Workplace architect at Synergics and Enterprise Mobility MVP & Jasper Bernaers, Modern Workplace lead at Synergics will host a session titled: “MDATP & Chocolatey! We Belgians love our Chocolate(y)’s”
Session abstract:
Avoid exploits in Microsoft Defender Advanced Threat Protection by setting up an auto-updating framework for your standard apps with Chocolatey & Intune. This will keep your software vulnerabilities low. Session full of tips & tricks
The webinar will start at 16:00 CEST (Amsterdam time zone), please click here to find out how late the webinar will start in your time zone. You can join the webinar by signing up at our Meetup page, where after registration you will find the link for the webinar.
Due to the COVID-19 crisis, we (the Windows Management User Group Netherlands) were forced to move our activities to virtual events, which we call WMUG_NL Tuesdays Webinars.
We hope you enjoyed your holiday even in these strange times, we from the WMUG_NL did and are looking forward to organize meetings again for our still growing community.
For tomorrow, September 15th we are proud to announce that Ronny de Jong, lead consultant and Enterprise Mobility & Security MVP at InSpark will host a session about: “Improve the user experience of your workplace with “Insight-driven IT” Endpoint Analytics, a first impression!”
Session abstract:
Read MoreMicrosoft 365 changes regularly, changes are implemented almost on a daily basis and as an Admin responsible for the service you must be aware of which changes are coming to your tenant.
In order to inform administrators Microsoft uses the Message Center. From within the message center administrative users are also automatically subscribed to weekly digest and major update emails. Within the message center message are categorized in the following categories:
Read MoreIf your goal is to restrict the usage of Office applications on non-managed devices and only allow Web access in limited mode (as explained in my article: Limit Access to Outlook Web Access, SharePoint Online and OneDrive using Conditional Access App Enforced Restrictions) you might ask yourself if you want the Office applications to be downloadable from the different portals.
You should ask yourself, do I want my users to able to download the Office Apps on devices on which they have rights to install software and use Office Apps on those devices consuming one of the licenses the user has? Of no keep reading.
Read MoreOn August 13th 2020, Alex Simons (Microsoft Identity PM) announced that assigning groups to Azure AD roles in now in public preview. This feature is one of the most requested features to be found in the Azure AD feedback forum.
I have been following this feature request for a while now, and up until recently Microsoft stated that implementing Azure AD role assignment for Azure AD groups wasn’t the issue, the issue was more related to who is able to manage those groups. For example, if enabled how can we circumvent that someone with the “User Administrator” role (capable of adding users to groups) is capable of adding someone to the group used to assign Global Administrator rights. When implemented incorrectly, this new “feature” could then introduce a new security risk in your environment.
Assigning groups to Azure AD roles requires an Azure AD Premium P1 license at minimum, for the Privileged Identity Functionality an Azure AD Premium P2 license is needed.
Disclaimer: This post reflects the status of assigning groups to Azure AD roles as of August 20, 2020. Functionality may change, even right after this post has been published.
So, let’s walk through on what was announced and see..
Read MoreIn October 2019, Microsoft announced that it would enable end users to buy and manage their own licenses within their corporate account. At that time this “feature” was announced for the Power Platform: PowerApps, Flow (now Power Automate) and Power BI.
After that announcement Microsoft received critical feedback from tenant administrators where eventually Microsoft allowed tenant administrators to disable this functionality using PowerShell, the self-service feature is enabled by default in every tenant though.
Last week, on August 12th Microsoft announced that they will expand this functionality and also allow end users to buy Visio and Project licenses in the same way starting September 15th 2020 (at time of writing in less than a month).
Read More