Apple Business Manager is a service provided by Apple which helps to deploy Apple devices and apps in your organization. By leveraging Apple Business Manager (ABM) you can automatically enroll devices in Microsoft Endpoint Manager by using Automated Device Enrollment (ADE). You could say it provides similar functionality as to what Windows Autopilot provides for…
Category: AzureAD
Speaking about Conditional Access at the M365 Chicago Virtual Event on January 14th, 2022
On Friday, January 14, 2022 I will be speaking at the M365 Chicago Virtual event. You can attend the event for free, by signing up via the Eventbrite link on the website of M365 Chicago. There are more than 100 session during the day given by great speakers. What is M365Chicago? It is where Microsoft…
Conditional Access announcements from Ignite November 2021 reviewed
During the Microsoft Ignite conference in November 2021 Microsoft made several announcements related to Azure AD conditional access. You can read those announcements in the following article: “Identity at Ignite: Strengthen resilience with identity innovations in Azure AD“. And this morning Thomas Naunheim, tweeted that he saw the announced functionality appear within his tenant. Time…
Azure AD Conditional Access sign-in troubleshooting tip: Flag sign-in errors for review
If you have Conditional Access configured and active within your Azure AD environment, there might be some scenario’s where users are not able to sign-in. If you want to troubleshoot these sign-in failures as an administrator you normally turn to the Azure AD sign-in logging and work from there to determine the cause of these…
Continuous Access Evaluation configuration is now part of Conditional Access
While browsing through the options in my Conditional Access policies I noticed a new session related to Continuous Access Evaluation (CAE). Time for a blogpost on my findings. Continuous access evaluation allows for a quicker response by forcing an access token refresh in case of a certain events taking place. In October last year I…
Announcing #WPNinjasNL Meetup #1, Thursday November 4th – Microsoft Ignite edition
For next week, Thursday November 4th, we are proud to announce that we are hosting our first on-premised event again. The event will be held in the Hollywoud Cinema in Almkerk the Netherlands, kindly hosted by our sponsor Proxsys. The topics on the event will all be about Microsoft Ignite, which is Microsoft’s annual gathering…
October 2021 update of the conditional access demystified whitepaper and workflow cheat sheet
I’m proud to announce the October 2021 update of my Conditional Access demystified whitepaper. With this release, we have reached the fourth iteration of the whitepaper and accompanying files. I released the first version in in August 2019 after writing several blogposts on the subject. In May last year I released the second version containing…
Speaking about Conditional Access at the Centric Craft webinar on Wednesday October 13, 2021
On Wednesday October 13, I will be speaking at the free online webinar hosted by Centric Craft. Craft is a community initiative from the company Centric which wants to contribute to the IT industry by sharing knowledge and helping all IT professionals develop themselves, even if they don’t work at Centric. My session will start…
Control Azure AD Conditional Access policy behavior during an Azure AD outage
In December last year, Microsoft announced that per April 1, 2021 they updated their service level agreement(SLA) for Azure AD user authentication from 99.9% to 99,99%. While this might seem like a small update in reality it makes a difference of 473 minutes (in a year with 365 days). With 99.9% the allowed downtime was…
Using Mozilla Firefox as a browser when using Azure AD Conditional Access on your Modern Workplace
Starting with Firefox version 91, Mozilla is now supporting Single sign-on support (SSO) and device-based Conditional Access as announced by Microsoft in the What’s new in Azure Active Directory for August 2021. The feature is still in Public Preview from a Microsoft point of view, and considered Advanced and experimental from a Mozilla point of…
Preventing account breaches leveraging SIM swapping techniques by nudging your users to start using the Microsoft authenticator app
The last couple of years, Microsoft has been pushing the usage of Multi Factor Authentication for logins to their Cloud Services. MFA, which requires that users authenticate with at least two factors, can reduce the risk of identity compromise by as much as 99.9 percent over passwords alone. Now that more and more companies are…
OneDrive client sign-in issues due to Conditional Access policies in Azure AD tenant where you are a guest user
Today I experienced an interesting issue, for which I thought it was interesting sharing how I figured out what was going on. The issue/challenge The issue I encountered was related to the fact that I couldn’t sign-in into the OneDrive client anymore. When you are not able to sign-in, you cannot open documents which are…
My session about Conditional Access at the Microsoft 365 Security & Compliance User Group on June 30, 2021
On Wednesday June 30, I spoke at the monthly user group meeting of the Microsoft 365 Security & Compliance user group. The Microsoft 365 Security & Compliance user group is based in the UK and UK based user group consists of Alan Eardley (@al_eardley) and Peter Rising (@M365Rising) The meeting will started with a very…
A first look at Azure AD Conditional Access authentication context
During Microsoft Ignite in March this year, Microsoft announced several new upcoming functionalities for Azure Active Directory. One of the announcement was the Azure AD Conditional Access authentication context, for which I that time I already wrote about what it could do in my blog article: Modern Workplace Management key takeaways from the Microsoft Ignite…
Speaking about Conditional Access at the Microsoft 365 Security & Compliance User Group on June 30, 2021
On Wednesday June 30, I will be speaking at the monthly user group meeting of the Microsoft 365 Security & Compliance user group. The Microsoft 365 Security & Compliance user group is based in the UK and UK based user group consists of Alan Eardley (@al_eardley) and Peter Rising (@M365Rising) The meeting starts at 18:00…