One feature that was requested for a really long time by many of my customers was the ability to control access to portal.office.com. Until now this was a big miss since users could open this portal regardless of your conditional access policies created for your other Office 365 services. Off course the services accessible via […]READ MORE
Office 365 Portal, and more now controllable by Azure AD Conditional Access
Back in October I wrote a blog about Conditional Access, Exchange Online and session controls. With Conditional Access in Azure AD you are able to “make” Outlook on the web (aka OWA) selectively read only or block access to attachments. In this video we will look unrestricted access to Outlook on the Web, Read Only […]READ MORE
As I already have mentioned during the first episode of the Enterprise Mobility Tips I have another short video ready where I will be showing a new preview feature of Azure AD. This new feature is all about securing and protecting the MFA registration service. This short video will show you how to enable the […]READ MORE
As from now on I will try to share regularly tips and tricks via short videos on YouTube. Today I posted Episode #001 where I will show that you can use a portal from Microsoft to review your sign ins. Have a look for yourself https://mysignins.microsoft.com and make sure you subscribe to my new Enterprise […]READ MORE
Session controls in Conditional Access now also controlling Exchange Online
I have had and still have customers that want to restrict access via Outlook Web App (OWA) to Exchange Online. For instance, they want to block download of attachments when users access their mailbox via OWA. Until recently this could be done via the OWA Mailbox Policy in Exchange (Online), by setting the DirectFileAccessOnPublicComputersEnabled and […]READ MORE
RBAC in Azure AD, Intune and scope tags explained
Microsoft Intune has a pretty good RBAC model to allow you to give permissions to users who need to be able to perform an administrative task or role within Intune. A role can be for instance a predefined role in Intune or a custom role. Before digging into the Intune roles, there are also Intune […]READ MORE
Global- , Exchange-, SharePoint-, Conditional Access Admins -> action required!
Yesterday I was triggered by a colleague of mine that administrators of services in Azure or Office 365 are automatically required to login via Multi-Factor Authentication (MFA) when accessing the service in the future. When logging in to one of my tenants indeed a new conditional access policy listed in the conditional access blade of […]READ MORE
Tune your Microsoft Intune device compliance behavior
Last year Microsoft was planning to mark devices that were not evaluated by a compliance policy as non-compliant. The default behavior is that if a device is not evaluated by a compliance policy that it is being marked as compliant and therefor the user has access to services controlled by Conditional Access in Azure AD, […]READ MORE
Intune Company Portal for Macos in preview
Microsoft released almost two weeks ago Conditional Access for Macos operating systems as part of Azure AD, which allows you to control that you only allow access from devices that are managed by Microsoft Intune and that are compliant. At the same time Microsoft released the preview of the Company Portal for the same device […]READ MORE
New Azure AD Application Proxy Connector Available – action required
Microsoft released a new version of the Azure Active Directory Application Proxy connector. This updated version uses now SHA2 for signing. Until now only SHA1 signing was used but since SHA1 is deprecated since it is not considered secure anymore. Be sure to update to the latest version if you are using the Azure AD […]READ MORE
Action required: Check your Conditional Access policies!
Due to an incident (IT85607) while moving the Conditional Access policies from “Preview phase” to “general availability” in Azure Active Directory, the Conditional Access policies in Microsoft Intune might be disabled. Since the two are basically the same you need to check your Conditional Access policies are still configured correctly.READ MORE
Subscribe to my YouTube channel!
About Peter Daalmans
Peter tries to speak every year on several events like TechDays Netherlands, ExpertsLive, IT/Dev Connections, BriForum, Midwest Management Summit, TechEd Australia, TechEd New Zealand and in 2017 Peter had the honor to speak at Microsoft Ignite. See more here.
Author of four books about Configurtion Manager and Microsoft Enterprise Mobility +Security