Use Conditional Access Policies to Securely Register Security Information for MFA and SSPR

Hello there! This week I thought I will write one more article on Conditional Access Policies. As you know setting up an access policy is easy and it is basically mandatory to have one or more polices now, but you may have internal polices where anyone who is registering for MFA must do that in … Continue reading Use Conditional Access Policies to Securely Register Security Information for MFA and SSPR

How to Migrate Group Policies to Microsoft Endpoint Manager using Group Policy Analytics

Hello again. Today I'm writing about the MEM Group Policy Analytics feature which is still in preview, and how you can inspect your local GPOs and migrate them to MEM. Why you ask? Organizations whether the are big or small, if they are managed by Active Directory domain service, chances are there are Group Policies … Continue reading How to Migrate Group Policies to Microsoft Endpoint Manager using Group Policy Analytics

How to Use KQL and Azure Log Analytics to Inspect Azure AD Sign-in Logs?

As you may already know KQL has become the standard for querying large data sets in Azure Log Analytics space. When you have thousands of users who are in Azure AD and when you have MFA and other Conditional Access Policies setup, next thing you will see is tons of sign in logs, activity logs, … Continue reading How to Use KQL and Azure Log Analytics to Inspect Azure AD Sign-in Logs?

How to configure Remote Help using Microsoft Endpoint Manager

I think its too soon to compare Remote Help with a tool like TeamViewer because Remote Help feature with Microsoft Endpoint Manager just went on GA this week. I was looking at this option for quite a while and finally got time to test and write about it. Remote Help app and Quick Assist app … Continue reading How to configure Remote Help using Microsoft Endpoint Manager

How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters

MEM device filters finally came out of preview to General Availability (GA) and lets see why we need to use device filters. What Device Filters Does? This helps the Endpoint Manager policies to apply in a more targeted manner. This feature is similar to the setting up targeted GPO assignments or probably GPO loopback processing. … Continue reading How To Create and Usages of Microsoft Endpoint Manager (MEM) Device Filters

How To Set Defender For Endpoint To Work In Parallel When Defender Is Not The Primary A/V In The Workstation/ Server

EDR in Block Mode EDR stands for Endpoint Detection and Response. MDE has the capability to work in parallel to the 3rd party A/V running in the device. While this will not provide 100% of the tasks done by an A/V which includes real-time protection, it will help to report malicious activities.Because there is a … Continue reading How To Set Defender For Endpoint To Work In Parallel When Defender Is Not The Primary A/V In The Workstation/ Server

I’ve completed the MDE Ninja Training and it was great! (my thoughts and experience)

It took me sometime, but finally completed the MDE Ninja training. I got to know about this course from a local user group meetup and it hit me. This certificate is not a standard Microsoft certificate, but I would say more of an achievement celebration from Microsoft for the effort we put to learn the … Continue reading I’ve completed the MDE Ninja Training and it was great! (my thoughts and experience)

FIX: Windows 2019 CIS Benchmark Image Stopping the Azure VM Becoming the NTP Server After Transferring the PDC Emulator

In a Windows Domain environment the time is always working in a hierarchical manner. Server that holds the PDC emulator role holds the NTP Server and the other DCs will sync time from it and the members will sync time from those domain controllers. At times you have to change the FSMO Roles to a … Continue reading FIX: Windows 2019 CIS Benchmark Image Stopping the Azure VM Becoming the NTP Server After Transferring the PDC Emulator

Effective use of Azure AD Administrative Units [Azure AD AUs]

I look at the Azure AD portal with curiosity to see what are the new features and then want to play around with them to better understand it’s usage. This is not a latest feature, but it’s out of the preview mode and this is me writing the effective use of Azure AD AUs. How … Continue reading Effective use of Azure AD Administrative Units [Azure AD AUs]

Quick Guide: Exchange Online Add-in to Report Phishing Emails to Microsoft

Why not use when Microsoft has free tools to make everyone's lives easier? Even though all the protection has been added to the Exchange Online environment with Exchange Online Protection, Exchange Online Advanced Threat Protection or any any other 3rd part SPAM gateway or BEC detection (Business Email Compromise) setup, chances are a well crafted … Continue reading Quick Guide: Exchange Online Add-in to Report Phishing Emails to Microsoft

Preparing workstations for the Cloud Journey with Hybrid Azure AD Join

In almost all the cases, the organization is not in a position to get away from the local domain as its tightly connected with other services that are running on-premises and maintaining the on-premises identity is vital. Further, you have the on-premises domain and the workstations are joined to it, GPOs being pushed across and … Continue reading Preparing workstations for the Cloud Journey with Hybrid Azure AD Join

Azure AD Connect Cloud Provisioning. The new feature that may come in handy!

Microsoft have finally answered the prayers of the IT admins! Long story short, gone of the days where the IT admins had to make sure 2 AD forests can see each other and the ports are opened, before it adds to the Azure AD Sync tool as another directory, so the users from that directory … Continue reading Azure AD Connect Cloud Provisioning. The new feature that may come in handy!