How to federate Google (Gmail) accounts with Azure AD to access resources without a Microsoft account

My DIY project for this weekend is to try and implement a method to set Google as an identity provider for Azure AD resource access requirements. If someone can access apps or services on a different platform without having to create an account of the resource owner's end, that makes lives more easier and simply … Continue reading How to federate Google (Gmail) accounts with Azure AD to access resources without a Microsoft account

Microsoft 365 Groups Cheat Sheet

This is my compilation of the something out of everything you need to know about the M365 Groups. Over the course of time Microsoft brought different types of groups to manage users and computers. In all those scenarios, the group was capable of performing one task or 2 maximum.Act as a Security Group or an … Continue reading Microsoft 365 Groups Cheat Sheet

Quick Guide: Exchange Online Add-in to Report Phishing Emails to Microsoft

Why not use when Microsoft has free tools to make everyone's lives easier? Even though all the protection has been added to the Exchange Online environment with Exchange Online Protection, Exchange Online Advanced Threat Protection or any any other 3rd part SPAM gateway or BEC detection (Business Email Compromise) setup, chances are a well crafted … Continue reading Quick Guide: Exchange Online Add-in to Report Phishing Emails to Microsoft

A Step-by Step Guide to a PST Free Environment

Limited mailbox size due to limited mailbox database size due to on-premises server's disk space due to the number of users. Sound familiar?On-premises Exchange servers always dictates the server disk space and that always comes down to proper user profiling and limiting the per user mailbox capacities. Result of this? Archive the emails in to … Continue reading A Step-by Step Guide to a PST Free Environment

Azure AD User Automation For Better Identity And Access Management

Why automate such a workload? Few reasons though Better Identity and access managementNot having to update too many locations for these type of requestsMeet demands/ less stress on the frontline IT This is the age of automation and everyone is in the automation bandwagon to automate the tech workloads in the cloud or on-premises. If … Continue reading Azure AD User Automation For Better Identity And Access Management

Preparing workstations for the Cloud Journey with Hybrid Azure AD Join

In almost all the cases, the organization is not in a position to get away from the local domain as its tightly connected with other services that are running on-premises and maintaining the on-premises identity is vital. Further, you have the on-premises domain and the workstations are joined to it, GPOs being pushed across and … Continue reading Preparing workstations for the Cloud Journey with Hybrid Azure AD Join

Blocking Basic Auth – Personal Thoughts

Sometime a go I wrote on How to Disable Basic auth to make way to Modern Authentication. The procedure is manageable and with a bit of effort, you can achieve it with less or no noise in your Organization. Either you block Basic Auth via an Azure AD Conditional Access policy or creating an EXO … Continue reading Blocking Basic Auth – Personal Thoughts

Block Sign-in from Shared Mailboxes

I Found something very interesting in the Microsoft 365 Admin Center related to Shared Mailboxes recently and was inquisitive to check more on that. No explanations required for Shared Mailboxes and how it operates and the limitations. As long as a licensed user has got the delegation rights, that said user can open the mailbox … Continue reading Block Sign-in from Shared Mailboxes

Azure AD Connect Cloud Provisioning. The new feature that may come in handy!

Microsoft have finally answered the prayers of the IT admins! Long story short, gone of the days where the IT admins had to make sure 2 AD forests can see each other and the ports are opened, before it adds to the Azure AD Sync tool as another directory, so the users from that directory … Continue reading Azure AD Connect Cloud Provisioning. The new feature that may come in handy!

Microsoft is retiring Basic Authentication, because Modern Authentication is here to stay!

Microsoft have announced that they will retire the Basic Authentication method from Office 365 Exchange Online and make Modern Authentication method the standard way of authenticating going forward.There are continues updates in the M365 Admin Center messages and what admins need to do to prepare for the change. Companies now have to prepare for the … Continue reading Microsoft is retiring Basic Authentication, because Modern Authentication is here to stay!

Azure Files – Create File Shares in Azure and Authenticate via Azure AD Domain Services

Almost everyone is familiar with the traditional Windows file servers/ shared drives concepts and its a heavily used Windows Service. Users are very familiar with how to access those directories, request access to certain files and folders and request for file recovery if it's deleted.So far this mechanism has been used/ still using with on-premises … Continue reading Azure Files – Create File Shares in Azure and Authenticate via Azure AD Domain Services

How to Extract Organization Hierarchy from Office 365 and represent in MS Visio Org Charts

While the Office apps are capable of showing the reporting structure of the staff, if you need to extract that data into a Visio Diagram, that's easy and just few click away. Pre-requisites If you are in a Hybrid Environment, the Manager field of the On-prem AD account should be pre-populatedIf you are in a … Continue reading How to Extract Organization Hierarchy from Office 365 and represent in MS Visio Org Charts

Azure AD Group Based Licensing

As opposed to adding cloud based licenses per user basis or via PowerShell to automate license assignment with a security group, Azure's group based licensing is easy to do and will save a lot of time.This setup is ideal for the organizations which has a number of licenses for different types of users. Also will … Continue reading Azure AD Group Based Licensing

Windows Server 2019 Time zone issues with Daylight Savings option on/off?

Issue:Domain Controller A is sitting in a different time zone and Domain Controller B that holds the PDC Emulator FSMO role is sitting in another time-zone.DC A is on WS2019  - does not use Daylight saving settingsDC B is on WS2012R2 - uses Daylight savingIdeally DC A should run 1 hour behind as they are … Continue reading Windows Server 2019 Time zone issues with Daylight Savings option on/off?

Known Folder Move With OneDrive for Business

As Microsoft 365 evolves, to store user data and sync them easily across the devices, apply security, collaborate easily, OneDrive for Business (ODB) is the way. This article explains some basic operations you can perform to manage ODB drives in your tenant. This is my approach on making OneDrive for Business to replace user's traditional … Continue reading Known Folder Move With OneDrive for Business

The Hybrid Exchange Server Dilemma

This article is for anyone who is struggling and thinking how to get rid of the On Premises Exchange Server now all the mailboxes have been migrated to the cloud and no need of coexistence, federation and mail flow required. As you may already know (maybe) Microsoft recommends us to keep the last Exchange Server … Continue reading The Hybrid Exchange Server Dilemma

TLS 1.0 and TLS 1.1 End is Near!

If you are an Office 365 admin like myself, you may have received many notifications from Microsoft regarding the TLS 1.0 being deprecated in their infrastructure which in result will affect their customers if they don't move to TLS 1.2 in time. They've 1st informed this will be valid from 31st Oct 2018, but have … Continue reading TLS 1.0 and TLS 1.1 End is Near!

Search and Destroy by using Office 365 Security and Compliance Center with Powershell Commands

What if your users' mailbox got compromised and it was used to send few hundred emails out to internal staff and external addresses with an attachment and you don't have ATP (E5) licenses or any other 3rd party solution to avert the damage being further happening? - INVOICE.pdf - Your password has been expired, please … Continue reading Search and Destroy by using Office 365 Security and Compliance Center with Powershell Commands

Sync Now, Consolidate Later

Companies acquiring other companies as they grow. For IT, it's a never ending nightmare to bring the systems in-line. Projects that involves setting up new company's systems according to the mother company and what not. Among them, Active Directory Domain migration/ have domains in trust mode takes priority.If you have Office 365 running, that makes … Continue reading Sync Now, Consolidate Later

Stop MS Teams Auto Starting

Teams installation with no auto start switch has issues in many levels where it’s not honoring the switch. Even though it installs and won’t auto launch for the first time, when the user logs off and log back in, it auto launches and creating the below registry key in the HKEY User hive.  Location: Computer\HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run String … Continue reading Stop MS Teams Auto Starting