Entra ID

7 Comments

Microsoft Sets March 2025 Date for Retirement of Old Azure AD PowerShell Modules

• Post author:By Tony Redmond

After much humming and hawing, Microsoft reset the retirement date for several old Azure AD modules to March 30, 2024. The nine-month extension is there to help customers convert scripts to use the Microsoft Graph PowerShell SDK or Graph API requests. On the upside, the extra time is good as it creates space to migrate scripts. On the downside, there's still some challenges in converting from the old Azure AD modules.

• Entra ID

June 16, 2023

Practical Protection: Asking the Right Questions to Break the Kill Chain 

• Post author:By Paul Robichaux

You can’t disrupt a chain if you can’t identify the links. In this blog, Paul Robichaux goes over some of the ways you can break a Kill Chain in your environment. And it all starts with asking yourself the right questions.

• Entra ID

June 15, 2023

TEC European Roadshow 2023 – London, Paris, and Frankfurt: Identity and Microsoft 365 Security Tips

• Post author:By Steve Goodman

At the end of March, Practical 365 traveled with the TEC European roadshow, traveling between three cities in Europe over a week, listening to experts talking primarily about security-focused topics aimed at improving your Microsoft 365, Azure AD and Active Directory. Read our whistle-stop tour of the most important points made by expert speakers.

• Active Directory

May 10, 2023

2 Comments

Stop Using Phone-Based Responses for Multifactor Authentication

• Post author:By Thijs Lecomte

While some methods for MFA responses have security issues, people often overlook their practical advantages. Not everyone is ready to dump a valid authentication method. In this article, we take the journey to removing phone-based responses from your tenant while considering some practical implications.

• Microsoft 365

May 9, 2023

7 Comments

Practical Graph: Find Sets of Entra ID User Objects or Mailboxes to Process with PowerShell

• Post author:By Tony Redmond

Many PowerShell scripts written to automate operations in Microsoft 365 tenants fetch Azure AD users or mailboxes to process. In this article, we explain how to fetch user objects effectively by using filters to make sure that scripts process the right set of accounts or mailboxes.

• Entra ID

May 8, 2023

Practical Protection: Limiting the Damage from Local Admin Accounts

• Post author:By Paul Robichaux

Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!

• Active Directory

May 3, 2023

8 Comments

Adding an Expiration Date for Entra ID Guest Accounts

• Post author:By Tony Redmond

Microsoft has long been asked to support guest account expiration, just like the functionality available for on-premises Active Directory accounts. Engineering priorities have not allowed the developers to work on the feature, but it's possible to do the job with PowerShell as we explain here.

• Entra ID

May 2, 2023

How to Update Entra ID Guest Accounts With Thumbnail Photos

• Post author:By Tony Redmond

It's good to put a face on Azure AD Guest Accounts by updating the accounts with thumbnail photos. This article explains how to approach the process of gathering suitable photos and uploading them to Azure AD. We also discuss how to speed up the process by finding guest accounts that are missing photos so that the script can focus on those accounts.

• Entra ID

April 24, 2023

Practical Protection: Baby Steps Towards Zero Trust 

• Post author:By Paul Robichaux

Implementing zero trust in the world is a big hassle, often uncomfortable, and frequently dorky—plus, it can be expensive. At the same time, moving closer to a zero trust model helps harden your network significantly, and you may already have many of the tools and techniques you need available without much extra cost. In this article, we discuss how to take baby steps toward Zero Trust.

• Active Directory

April 19, 2023

27 Comments

Migrating Exchange Online Mail Contacts to Entra ID Guest Accounts

• Post author:By Tony Redmond

Microsoft actively develops Azure AD external identities and doesn't do much with mail contacts. Maybe it's a good idea to migrate mail contacts to Azure AD guest accounts. This article explores what's involved in moving mail contacts over to Azure AD guest accounts using PowerShell.

• Entra ID

April 12, 2023

3 Comments

Microsoft Reports New Attack Using Azure AD Connect

• Post author:By Paul Robichaux

A writeup about the MERCURY attack by the Microsoft Threat Intelligence team reveals how a nation state actor linked to the Iranian government compromised an Azure AD tenant by using the AADConnect tool. In this article, we discuss how the attack developed and what you can do to prevent the same attack techniques being used against your tenant.

• Active Directory

April 10, 2023

One comment

Practical Protection: Azure AD Apps and Tenancy 

• Post author:By Paul Robichaux

In this edition of Practical Protection with Paul Robichaux, we dive into understanding what multi-tenant applications are, what they can do, and how to manage them in order to keep your tenant and users safe.

• Entra ID

April 6, 2023