All pages referring or tutorials for Microsoft Entra.
As we want to secure our Break Glass Accounts as good as possible, we cloud want to get alerts when break glass admins are used to login. Maybe they are used on a daily basis, or are being attacked. When we configure notifications, we instantly know when the accounts are Read more…
In our environment, we will do everything to secure it as much as possible. We give users only the permissions they need and only at given times, we enable Conditional Access to limit access to our data as much as possible. But we also create Break Glass administrator accounts as Read more…
Sometimes, the ADSync service stops without further notice. You will see that the service has been stopped in the Services panel: In this guide I will explain how I solved this problem using a simple PowerShell script. The Check ADSync script The PowerShell script that fixes this problem is on Read more…
Sometimes, it is necessary to match an existing local Active Directory (AD) user through Entra Connect with an existing Entra ID user (formerly known as Azure AD). This process ensures that the account in both environments is aligned and maintains the same underlying configurations and settings across systems. What is Read more…
When using Entra ID, we can automate a lot of different tasks. We can use a script processing server for this task but doing that normally means we have to save credentials or secrets in our scripts. Something we don’t want. Today I will show how to implement certificate-based authentication Read more…
Today I have a relatively short blog post. I have created a script that exports all Entra ID user role assignments with Microsoft Graph. This can come in handy when auditing your users, but then realizing the portals doesn’t always show you the information in the most efficient way. Therefore, Read more…
In Microsoft Entra ID it’s possible to create App registrations and Enterprise applications who can get high privileges if not managed and monitored regularly. We do our best with Identities to be secure, with security processes like MFA, access reviews and such, but most of the companies don’t care that Read more…
Since the beginning of Azure Virtual Desktop, it is mandatory to run it with an Active Directory. This because when using pooled session hosts, there has to be some sort of NTFS permission for FSLogix to reach the users’ profile disks. This permission is done using NTFS with Kerberos authentication. Read more…
The Zero Trust model is a security model to enhance your security posture by using 3 basic principles, and segmenting aspects of your IT environment into pillars. The 3 primary principles are: At first, those terms seem very unclear to me. To further clarify the principles, i have added some Read more…
Now and then we come across a problem with Entra Connect Sync which states “DeletingCloudOnlyObjectNotAllowed”. This error looks like this: This error will be shown if opening the Syncronization Service and email messages of this error will aso be sent to your tenant’s technical contact. In this guide, I will Read more…