Practical 365

Practical Protection: Limiting the Damage from Local Admin Accounts

Post author:By Paul Robichaux

Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!

Azure Active Directory

May 3, 2023

8 Comments

Adding an Expiration Date for Entra ID Guest Accounts

Post author:By Tony Redmond

Microsoft has long been asked to support guest account expiration, just like the functionality available for on-premises Active Directory accounts. Engineering priorities have not allowed the developers to work on the feature, but it's possible to do the job with PowerShell as we explain here.

Azure Active Directory

May 2, 2023

InfoSec tips from TEC Europe, Copilot in Viva, SharePoint Adds Ads? – plus new Intune and Teams features: Practical 365 Podcast S3 E26

Post author:By Steve Goodman

On this weeks' show, Steve and Paul review the TEC European Roadshow, new Microsoft Teams features, new Intune security features, in-product ads in SharePoint Online, and more!

Blog

April 28, 2023

One comment

Why Active Directory Remains The Achilles Heel For Many

Post author:By Michael Van Horenbeeck

Active Directory has been around for almost 25 years. As such, one might expect that – by now – we would have figured out to keep it safe against attacks. Yet, it remains a weak point in many organizations' cybersecurity defenses. When coupled with the challenges mentioned above, this can be a recipe for disaster. Why is this the case?

Active Directory

April 25, 2023

How to Update Entra ID Guest Accounts With Thumbnail Photos

Post author:By Tony Redmond

It's good to put a face on Azure AD Guest Accounts by updating the accounts with thumbnail photos. This article explains how to approach the process of gathering suitable photos and uploading them to Azure AD. We also discuss how to speed up the process by finding guest accounts that are missing photos so that the script can focus on those accounts.

Azure Active Directory

April 24, 2023

11 Comments

Practical Graph: Using the Extract Sensitivity Labels Graph API

Post author:By Tony Redmond

A Graph API is available to extract details of the sensitivity labels assigned to SharePoint Online documents. This article explores how to extract the information from files in a document library and use it to create a report. The nice thing is that once you have the data, you can slice and dice it any way you wish in Excel, Power BI, or whatever tool you prefer.

PowerShell

April 20, 2023

Practical Protection: Baby Steps Towards Zero Trust

Post author:By Paul Robichaux

Implementing zero trust in the world is a big hassle, often uncomfortable, and frequently dorky—plus, it can be expensive. At the same time, moving closer to a zero trust model helps harden your network significantly, and you may already have many of the tools and techniques you need available without much extra cost. In this article, we discuss how to take baby steps toward Zero Trust.

Blog

April 19, 2023

2 Comments

Using ‘Untitled Goose’ to Investigate Account Compromise in the Microsoft Cloud

Post author:By Thijs Lecomte

At the end of March 2023, CISA released a new tool called ‘Untitled Goose.’ It is a post-incident hunting tool to help security practitioners sift through security logs in the Microsoft Cloud. In this blog, we discuss the tool, its uses, and our opinion on it.

Microsoft 365

April 18, 2023

Using PowerShell to Get Exchange Mailbox Database Size and Available New Mailbox Space

Post author:By Jaap Wesselius

Unfortunately, Exchange mailbox databases don’t shrink, and the last thing you want is your server running out of disk space. In this blog, we explore how to monitor your Exchange mailbox database size and available new mailbox space through PowerShell.

Blog

April 17, 2023

Azure AD Connect Cyber attacks, New AI features for industry, Fun Teams Features & more: Practical 365 Podcast S3 E25

Post author:By Steve Goodman

In the show this week, Paul and Steve discuss a cyber attack reported against Azure AD Connect that inflicted a vast amount of damage to a business, Snapchat filters in Teams, two new changes to the Graph API and Microsoft Teams Rooms on Android, and more!

Blog

April 14, 2023

27 Comments

Migrating Exchange Online Mail Contacts to Entra ID Guest Accounts

Post author:By Tony Redmond

Microsoft actively develops Azure AD external identities and doesn't do much with mail contacts. Maybe it's a good idea to migrate mail contacts to Azure AD guest accounts. This article explores what's involved in moving mail contacts over to Azure AD guest accounts using PowerShell.

Azure Active Directory

April 12, 2023

3 Comments

Microsoft 365 Exchange Online Domain Transfers: Validation Phase Part I

Post author:By Richard Dean

In this edition of our series on the "Top 5 Best Practices for Exchange Online Domain Transfers," we delve deeper into the importance of validating your plan prior to implementation. Implementing a well-tested and practiced process will help prevent mistakes and encountering unknowns during the migration. Join us as we explore the key considerations for a successful validation phase.

Microsoft 365

April 11, 2023

Group Writeback with Microsoft Entra Cloud Sync

Microsoft’s Simple Message: Prepare to Move to Exchange Server Subscription Edition

Practical Graph: Working with Microsoft Lists using the Microsoft Graph PowerShell SDK

The Future of Windows and Copilot: Paul Thurrott on Practical 365 S4 E7