In this installment of Practical Protection, Paul Robichaux Talks about Password Banning in your Entra ID Tenant and why everyone should implement this extra layer of protection.
License assignment to Entra ID accounts with PowerShell is easy if licenses are available and the account doesn't already have the license. In this article, we explore how to check license availability and make sure that we don't try to assign a license that's already present.
On the show this week, Steve, Paul and Rich are joined by Microsoft's VP Director of Identity Security, Alex Weinert, to discuss almost all things related to securing identities. We hear about what happened behind the scenes during Storm-0558, and we discuss essential steps to protect Microsoft 365. And we discuss the latest news in the world of Microsoft 365 - in particular we discuss the new Teams 2.1 client that recently became GA, and for those still running on-premises or Hybrid Exchange Servers, it is time to get patching.
Microsoft 365 user accounts have user principal names (for sign in) and primary SMTP addresses (to receive email). Is it a good idea to reuse user principal names or SMTP addresses that become available when an employee leaves the organization. It might seem like a good idea, but it's really not and should be avoided. We explain why here.
Group-based licensing is a simple way to automate the distribution of licenses to members of security groups. In this article, we review how the mechanism works and show how to automate operations with PowerShell. Finally, we update the tenant licensing report to include group-based licensing and to highlight duplicate license assignments.
This blog is a recap of Sean Metcalfs TEC session on The Current State of Microsoft Identity Security: Common Security Issues and Misconfigurations.
In this blog, James Yip reviews Microsoft's Entra ID Cross-Tenant Sync feature, and how it can make things a lot easier when deploying a M&A project.
Microsoft Entra administrative units are gaining in popularity. Restricted administrative units are now available and many Purview solutions support administrative units. In this article, we explain how to use Microsoft Graph PowerShell SDK cmdlets to create a report about administrative units, role assignments for their management, and their membership.
Most articles covering how to bulk delete Azure AD accounts use a CSV file to hold the input set of accounts for removal. That approach works, but there are better ways to do the job if the contents of Azure AD are accurate.
Maintaining accurate Azure AD User Account manager links is important because many Microsoft 365 features like the Organization chart in Teams, the user profile card, and Outlook's Org Explorer depend on the information. This article covers how to use PowerShell to maintain the manager-employee links.
After much humming and hawing, Microsoft reset the retirement date for several old Azure AD modules to March 30, 2024. The nine-month extension is there to help customers convert scripts to use the Microsoft Graph PowerShell SDK or Graph API requests. On the upside, the extra time is good as it creates space to migrate scripts. On the downside, there's still some challenges in converting from the old Azure AD modules.
You can’t disrupt a chain if you can’t identify the links. In this blog, Paul Robichaux goes over some of the ways you can break a Kill Chain in your environment. And it all starts with asking yourself the right questions.
