Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This post talks about the Administrative Units in Azure AD. I will also touch upon delegating mail recipients’ task for exchange online for one such similar AU. In an hybrid Exchange scenario where you sync your identities from your on-prem AD to Azure AD its a very important task to achieve to maintain the same level of delegation as you had on-prem for managing exchange mailboxes. You would probably wish to have similar controls delegated to your support staff on Exchange Online as well.…
Author: Eswar Koneti
Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing the content here. This article is about Azure AD integration with Qualys which is not formally documented with Qualys and is not listed as on Azure AD App gallery. That being said, not just Qualys but any SAML aware app can be integrated with Azure AD. I am listing down a few benefits of doing this. Frankly, I don't see a downside to this in anyway because if you are already paying for the Azure AD premium licenses then this is the…
Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing it here. In this blog post, i would like to discuss with you about a peculiar issue that I went through and had couple of reasons. a) Microsoft worked on this case for 2-3 days and they had all necessary logs right in front of them to nail this issue. But could not. (Not criticizing. They are humans too, I get it). b) It may be a rare scenario for the world but will be a very common scenario in Asia. Especially…
Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing it here. This blog has taken long to write as compared to the other blogs I usually write. I was unable to foresee how to write this as the topic is vast and the scenarios can be unlimited. However, I am going to try my best to not confuse you and I hope to meet the objective that I set before writing this blog (which is to share a sample design for Azure AD Conditional Access Policies aka AAD CP). I trust…
Note: This article was first published on www.procloudguru.com by Alpesh .Since the website is down, I am publishing it here. The reason behind writing of this blog is to share my view on how the traditional authentication/authorization can be modernized. Gone are the days of monolithic apps which shared a common security portal or user repository. With the microservices architecture it will be grossly ineffective to have a security firewall at each service level in the microservices architecture and very inefficient to have it tied down to each service. Rather, it should be decoupled from services. The whole rationale behind…
Last week, I was having a discussion with the manager about the User IE Home page/Start page to get a report on, how many users are set to Company intranet Page. I then asked him, what is the process/method that company currently follows to set IE Home page .He then replied, GPO ? my response for this was ,if GPO, then the Home page for IE should be set to the required one for all Domain Users (Domain users: where ever the GPO applied to) and using GPO, will have more control to restrict user to not to change the…
The other day, I was running the ConfigMgr reports in my lab, especially the asset intelligence reports for some hardware information. I tried to run the first report __ Hardware 01A – Summary of computers in a specific collection, it did not run successfully. The following is the error code. The report server cannot process the report or shared dataset. The shared data source 'AutoGen__5C6358F2_4BB6_4a1b_A16E_8D96795D8602_' for the report server or SharePoint site is not valid. Browse to the server or site and select a shared data source. (rsInvalidDataSourceReference) Based on the error code, the issue could be related to the…
Introduction: I was recently involved to setup Microsoft 365 POC (zero trust) and manage the endpoints such as windows, iOS, android using Microsoft Endpoint Manager (Intune).The windows devices were set up using autopilot and are purely azure AD joined with Bitlocker keys in the cloud.To secure the internet web traffic and to enforce the security policies such as tenant restrictions etc, this project uses Zscaler.Though we had zscaler, we still went ahead and configured Windows Information Protection (WIP) to protect enterprise data along with the following configurations.1. Device compliance policies.2. Device configuration policies.3. Endpoint security policies such as AV, defender,…