User Profile
spanougakis
MCT
Joined Sep 13, 2016
User Widgets
Recent Discussions
Conditional Access “limited access” policies for SharePoint are in public preview
Back in December 2016 I blogged about the new conditional access in Azure AD through the new Azure portal, you can read the post here: https://spanougakis.wordpress.com/2016/12/16/conditional-access-in-azuread-in-the-new-azure-portal/ The question is: do you allow your users to connect to cloud services using their personal devices? If the answer is yes, then you should consider using conditional access. Please read the rest of the blog post here. Enjoy!PingAccess for #AzureAD: The public preview is being deployed
Back in September I blogged about a new great partnership of Azure AD and PingAccess, in order to support new kinds of 0n-premises applications. You can take a look at blog post here: https://spanougakis.wordpress.com/2016/09/14/azuread-and-pingaccess-a-new-great-partnership-for-secure-web-app-access/ Starting from March 22nd, the Azure AD team is happy to announce that PingAccess for Azure AD is being deployed across Azure Datacenters around the world. As they say, it should be available by the end of Friday, 24/3/2017. Please read the rest of the article here.DirSync and Azure AD Sync end of support: go for #AzureAD Connect
A few days ago there was an announcement about the new version of Azure AD Connect, version 1.1.484.0 to be exact. On April 13 of last year, Microsoft announced the deprecation of Windows Azure Active Directory Sync (DirSync) and zure Active Directory Sync (Azure AD Sync) tools. And if you think about this... it's today! So you should now get rid off and stop using the old tools, in order to avoid service interruption. Azure AD will stop accepting connections from DirSync and Azure AD Sync after December 31, 2017. Take a look at the documentation here: https://docs.microsoft.com/en-us/azure/active-directory/connect/active-directory-aadconnect-dirsync-deprecated More details about the last version of Azure AD Connect can be found here: https://spanougakis.wordpress.com/2017/04/09/new-azuread-connect-version-1-1-484-0-released-april-2017/Try the new phone sign in for Microsoft accounts!
Now that's really nice. We all hate passwords but we should use them anyway. If you really care about security you should use complex passwords, containing special characters, numbers, symbols, etc. What if you could use your phone to login, without having to use any complex passwords? Now this is possible using the Microsoft Authenticator app for Android or iOS. Just add your account to the Android or iOS Microsoft Authenticator app, then enter your username as usual when signing in somewhere new. Instead of entering your password, you'll get a notification on your phone. Unlock your phone, tap "Approve", and you're in. Please read the rest of the article here.How to stop disabled user accounts from syncing with Azure AD Connect
Hello again, I was experimenting these days using Azure AD Connect, the tool that let's you synchronize your on-premises AD accounts to Azure AD. So I thought: what happens when you have some disabled user accounts in your on-premises AD environment? Do you really need them to synchronize? Probably not. So we'll see what you have to do in case you don't want to bring up to Azure AD your disabled user accounts. Please read the rest of the article here.EMS Conditional Access using #AzureAD: What is all about
We need to find a way to protect our corporate data, while allowing our users to be productive, just using any device, giving them the best possible experience. We should now start exploring what we can do using conditional parameters at the application, user or location layer. Please read the rest of the article here: https://systemplus.gr/ems-conditional-access-using-azuread-what-is-all-about/#AzureAD Connect and the on-premises AD Recycle Bin: What about the sourceAnchor attribute?
Starting from Windows Server 2008 R2, we had the really good option to enable Active Directory Recycle Bin. After all these years you should be familiar with that option, since we talk often about this topic for that last... 8 years. If you just want to refresh your memory and learn about the on-premises AD Recycle Bin, you can take a look at this article. But wait: these days is common to sync our on-premises AD objects to the cloud using AAD Connect, but how this new feature is related to our "local" AD Recycle BIn? Please read the rest of the article here.Re: Has anyone setup a "geofence" to filter/alert when authenticating from "outside the fence"?
Suspicious IPs are already included, as you can read here: "The Microsoft Intelligent Security Graph maintains a list of IP addresses known to have been in contact with a bot server. Devices that attempt to contact resources from these IP addresses are possibly infected with malware and are therefore flagged." Please read more here: https://blogs.technet.microsoft.com/enterprisemobility/2017/05/26/breaking-down-ems-conditional-access-part-3/Re: How to stop disabled user accounts from syncing with Azure AD Connect
Regarding the expired or locked out accounts, it's already there, if you go through the article: "Select useraccountcontrol for the Attribute and then select the ISBITSET operator with a value of 2 (If you want to know what is really this value, take a look here: https://support.microsoft.com/en-us/kb/305144)".
