Azure AD Hidden Gems. Azure AD Temporary Access Pass

Temporary Access Pass or TAP, is a cool Azure AD feature which is still in Preview, but I see huge wins if Microsoft put this in to general availability so that the IT admins can provide uninterupted security over user accounts.

In real life, users may forget to bring the mobile phone to office or maybe out of battery so they can’t get in to the Authenticator app to complete the MFA challange.

When a user fails to complete a strong authentication step such as FIDO2 or Multi Factor, Temporary Access Pass can deply to save the day.

In this way if the user doesnt have the ability to complete the strong authentication, IT doesn’t need to take them out from the MFA Conditinal Access Policy for an example. Users have the option of entering the re-usable or one-time TAP to get in.

Continue reading “Azure AD Hidden Gems. Azure AD Temporary Access Pass”

Another Reason Why The AVD Session Hosts Are Failing To Load FSLogix User Profiles

Azure Files plays a big role in the Azure Virtual Desktop depolyments and for FSLogix to work in the intended way, the storage account needs to be joined to the domain. It can be either extending the on-premises domain to Azure by setting up a domain controller in the respective region or by setting up Azure AD Domain Services feature.

In my case, I setup a Windows Server 2019 domain controller in the same region that I setup the Azure Virtual Desktop environment.

Continue reading “Another Reason Why The AVD Session Hosts Are Failing To Load FSLogix User Profiles”

How to analyze Conditional Access Policies with ‘Report Only’ Mode?

Conditional Access Polices can be setup in 3 main modes. On/ Off/ Report Only.

On and Off modes are self explanatory where “Report Only” mode needs additional work. This post will go in detail on how to use the Report Only mode before you actually switch to ON.

Continue reading “How to analyze Conditional Access Policies with ‘Report Only’ Mode?”

Edge Browser Apps – A simple solution for managing multiple Outlook accounts for Teams meetings and multiple Teams sessions!

With the current upraise of Teams usage for collaboration meetings have been simplified and gone up to the next level of features.

However, Microsoft still haven’t addressed the use case where users having multiple Mailboxes in Outlook added with delegation permissions (Shared mailboxes or User mailboxes) and to use the specific account’s Teams features when it comes to organizing meetings.

Noticed everyone is trying their own DIY methods to get around this challenge. Opening number of browsers for each profile and maybe incognito sessions etc.

These multiple browsers will hog the memory and often confusing users when they have to toggle between few different browsers.

I’m really hopeful that Microsoft will provide a solution for this soon, but until then, Edge browser apps along with the Edge profiles will do the needful

Continue reading “Edge Browser Apps – A simple solution for managing multiple Outlook accounts for Teams meetings and multiple Teams sessions!”

Microsoft 365 Groups Cheat Sheet

This is my compilation of the something out of everything you need to know about the M365 Groups.

Over the course of time Microsoft brought different types of groups to manage users and computers. In all those scenarios, the group was capable of performing one task or 2 maximum.
Act as a Security Group or an Exchange Distribution List or both at once.

Continue reading “Microsoft 365 Groups Cheat Sheet”

Preparing workstations for the Cloud Journey with Hybrid Azure AD Join

In almost all the cases, the organization is not in a position to get away from the local domain as its tightly connected with other services that are running on-premises and maintaining the on-premises identity is vital.

Further, you have the on-premises domain and the workstations are joined to it, GPOs being pushed across and everything is being managed centrally with the ACLs/ security groups and etc.

Enter Azure AD Connect Sync that combines the on-premises with the Cloud world.
In most cases, the journey to cloud will start by migrating the Exchange workloads to Exchange Online and by installing Office 365 suite and consuming the benefits that comes with the cloud license, and with this way the hybrid identity is made and will be a part of a much bigger universe.

Continue reading “Preparing workstations for the Cloud Journey with Hybrid Azure AD Join”

Stop MS Teams Auto Starting

Teams installation with no auto start switch has issues in many levels where it’s not honoring the switch. Even though it installs and won’t auto launch for the first time, when the user logs off and log back in, it auto launches and creating the below registry key in the HKEY User hive. 

Continue reading “Stop MS Teams Auto Starting”