Tracker Approval Process
After seemingly ignoring the situation for years, Microsoft delivered modern authentication for Exchange Server (for pure on-premises organizations) in Exchange 2019 CU13. The solution uses ADFS to issue and manage the OAuth 2.0 tokens and is supported by the latest version of Outlook for Windows. Support for other clients is in the works.
Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!
Microsoft has long been asked to support guest account expiration, just like the functionality available for on-premises Active Directory accounts. Engineering priorities have not allowed the developers to work on the feature, but it's possible to do the job with PowerShell as we explain here.
On this weeks' show, Steve and Paul review the TEC European Roadshow, new Microsoft Teams features, new Intune security features, in-product ads in SharePoint Online, and more!
Active Directory has been around for almost 25 years. As such, one might expect that – by now – we would have figured out to keep it safe against attacks. Yet, it remains a weak point in many organizations' cybersecurity defenses. When coupled with the challenges mentioned above, this can be a recipe for disaster. Why is this the case?
It's good to put a face on Azure AD Guest Accounts by updating the accounts with thumbnail photos. This article explains how to approach the process of gathering suitable photos and uploading them to Azure AD. We also discuss how to speed up the process by finding guest accounts that are missing photos so that the script can focus on those accounts.
A Graph API is available to extract details of the sensitivity labels assigned to SharePoint Online documents. This article explores how to extract the information from files in a document library and use it to create a report. The nice thing is that once you have the data, you can slice and dice it any way you wish in Excel, Power BI, or whatever tool you prefer.
Implementing zero trust in the world is a big hassle, often uncomfortable, and frequently dorky—plus, it can be expensive. At the same time, moving closer to a zero trust model helps harden your network significantly, and you may already have many of the tools and techniques you need available without much extra cost. In this article, we discuss how to take baby steps toward Zero Trust.
At the end of March 2023, CISA released a new tool called ‘Untitled Goose.’ It is a post-incident hunting tool to help security practitioners sift through security logs in the Microsoft Cloud. In this blog, we discuss the tool, its uses, and our opinion on it.
Unfortunately, Exchange mailbox databases don’t shrink, and the last thing you want is your server running out of disk space. In this blog, we explore how to monitor your Exchange mailbox database size and available new mailbox space through PowerShell.
In the show this week, Paul and Steve discuss a cyber attack reported against Azure AD Connect that inflicted a vast amount of damage to a business, Snapchat filters in Teams, two new changes to the Graph API and Microsoft Teams Rooms on Android, and more!
Microsoft actively develops Azure AD external identities and doesn't do much with mail contacts. Maybe it's a good idea to migrate mail contacts to Azure AD guest accounts. This article explores what's involved in moving mail contacts over to Azure AD guest accounts using PowerShell.
