Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Core Infrastructure and Security Blog
Microsoft Entra Suite Tech Accelerator
Aug 14 2024, 07:00 AM - 09:30 AM (PDT)
Microsoft Tech Community
Find out more
Options
1,639

Microsoft Virtualization Migration Options

BrandonWilson on Jul 10 2024 07:59 PM
We are seeing a HUGE change in landscape that is bringing virtualization, System Center, and Azure Arc front and center ...
1,068

Workspace & DCR Transformation Simplified

absharan on Jul 08 2024 08:54 PM
Let's delve into most common yet important use case - Workspace and DCR transformation.
1,928

Introduction to Network Trace Analysis 5: SMB? Sounds good to me!

WillAftring on Jul 01 2024 05:53 AM
Let's start off with the question, what is this whole SMB thing anyway? SMB is a network file system protocol. This mean...
24.7K

Update on MFA requirements for Azure sign-in

Naj Shahid on Jun 27 2024 01:25 PM
An update regarding the required multi-factor authentication (MFA) for users signing into Azure. In this post, we share ...
2,142

Simplifying Azure Diagnostics with Category Groups and the New Built-In Policies

Heinrich_Gantenbein on Jun 24 2024 09:00 AM
Microsoft released six Azure Initiatives in late May. These Initiatives simplify creating resource diagnostics settings.
3,160

Dynamically Updating Azure IP Ranges with PowerShell and DevOps

wernerrall on Jun 17 2024 12:00 AM
Keeping your Azure IP ranges up-to-date is crucial for maintaining the security and efficiency of your cloud environment...
2,421

Seamless Recovery: How to Automate Azure VM Evictions Start Ups with Azure Functions

wernerrall on Jun 10 2024 12:00 AM
Seamless Recovery: How to Automate Azure VM Evictions Start Ups with Azure Functions
6,055

Check This Out! (CTO!) Guide (May 2024)

BrandonWilson on Jun 01 2024 02:19 PM
Welcome to the May 2024 Check This Out! (CTO!) guide: Helping you to expand your horizons!
3,452

Addressing Common Entra ID Protection Deployment and Maintenance Issues

Chad Cox on May 30 2024 09:00 AM
Entra ID Protection is crucial for safeguarding against password attacks, phishing and other attacks. It's important to ...
5,289

Microsoft Entra ID Tenant Starters Guide: Understanding Identity Management and Licensing

GregorWohlfarter on May 29 2024 04:23 AM
A brief introduction to the key concepts and features of Microsoft Entra ID Tenant.
5,159

Check This Out! (CTO!) Guide (April 2024)

BrandonWilson on May 27 2024 09:16 PM
Welcome to the April 2024 Check This Out! (CTO!) guide: Helping you to expand your horizons!
2,568

Optimizing Cloud Management: Leveraging Azure Update Manager with Pre and Post Events

wernerrall on May 20 2024 01:19 AM
Optimizing Cloud Management: Leveraging Azure Update Manager with Pre and Post Events
3,203

Enable Zero Touch Enrollment of MDE on macOS devices managed by Microsoft Intune

Arnab Mitra on May 17 2024 07:27 AM
A guide for IT administrators to Zero Touch (silently) deploy and activate Microsoft Defender for Endpoint on Intune man...
127K

Microsoft will require MFA for all Azure users

Erin Chapple (BOURKE-DUNPHY) on May 14 2024 03:47 PM
Multi-factor authentication makes you, your company and your cloud investments safer
3,132

Revisiting Enterprise Policy as Code v10

Heinrich_Gantenbein on May 01 2024 08:47 AM
As EPAC has reached version 10, it is time to revisit Enterprise Policy as Code (EPAC for short). We look into Release F...
3,599

Building Your Own Copilot for Credit Card Selection

fbinotto on Apr 28 2024 11:45 PM
Let's create a personalized Copilot to guide us through the sea of credit card offerings.
2,567

Controlling AKS egress using an HTTP Proxy

HoussemDellai on Apr 22 2024 09:00 AM
This is how to put your AKS cluster behind a proxy.  
18.2K

Active Directory Hardening Series - Part 4 – Enforcing AES for Kerberos

JerryDevore on Apr 15 2024 03:01 PM
Disabling Kerberos RC4 is a top priority for many organizations today but identifying devices that don't support AES has...
5,736

Proxies, proxies everywhere but still no Internet. Overview of the Windows Proxies

WillAftring on Apr 08 2024 06:41 AM
Howdy everyone, a quick tangent from our regularly scheduled Introduction to Network Trace Analysis series to talk about...
7,839

Check This Out! (CTO!) Guide (February AND March 2024)

BrandonWilson on Apr 06 2024 07:24 PM
Welcome to the February AND March 2024 Check This Out! (CTO!) guide: Helping you to expand your horizons!
2,932

ConfigMgr: Avoiding Remote Management Point Pitfalls

PavelYurenev on Apr 04 2024 09:00 AM
ConfigMgr architect advice: do not install Management Points in the remote locations!
6,822

Get Azure Reservations and Savings Plans Insights with the Azure Optimization Engine

hspinto on Apr 01 2024 12:00 AM
When adopting Azure commitments, customers face typically two types of challenges: 1) Estimating the quantities or amoun...
3,674

Securing Monitoring Services

khgandhi on Mar 28 2024 09:46 AM
Howdy Readers!
3,197

Azure Monitor: Create Dedicated Clusters Using Any Commitment Tier

Bruno Gabrielli on Mar 21 2024 01:00 AM
Looking for an easy way to create an Azure Monitor Logs Dedicated Cluster using any pricing tier? Here we go with a simp...
19.1K

Archive MDE Data to Event Hubs to ADX

Paul Bergson on Mar 19 2024 04:30 AM
Embark on a journey through the digital landscape as we uncover the secrets of exporting data from Defender for Endpoint...
5,931

Mastering Azure Cost Optimization - A Comprehensive Guide

fbinotto on Mar 14 2024 01:30 AM
A comprehensive guide to Azure cost optimization.
6,428

Azure PowerShell Tips and Tricks

PaulHarrison on Mar 11 2024 03:00 AM
Tips and tricks for using PowerShell and REST APIs in Azure.
4,726

Optimize Your Azure Costs

sairashaik on Mar 06 2024 06:01 PM
This article will provide guidance to the customers who wants to Optimize their Azure costs by providing tools and resou...
20.7K

Active Directory Hardening Series - Part 3 – Enforcing LDAP Signing

JerryDevore on Mar 04 2024 06:38 AM
In this series my goal is to help you understand how to move forward with confidence by better understanding the changes...
26.4K

Zero Trust: Rapid Offboarding with Intune and Microsoft Entra ID

Jason_Cody on Feb 29 2024 07:12 AM
A guide for using Microsoft Entra ID and Microsoft Intune to prevent user authentication on Entra ID joined devices, whi...

Latest Comments

henrymoehsel
in Protecting Tier 0 the Modern Way on Jul 12 2024 05:59 AM
Hi together, just a small update on my further tests, as soon as you have set up a BI-directional trust between the bastion and the resource forest and additionally granted the users the "allow2authenticate" right on the computer objects in the target forest (also necessary if forest-wide authentica...
0 Likes
KiliMuc
in Protecting Tier 0 the Modern Way on Jul 12 2024 12:30 AM
HI @henrymoehsel , Kerberos Authentication Policies do not work cross forest logon. This means you can't get a TGT if you logon to a computer joined to a foreign forest. But you can access to computer in the foreign forest with any connection who doesn't request an interactive logon. e.g. WinRM or P...
1 Likes
henrymoehsel
in Protecting Tier 0 the Modern Way on Jul 12 2024 12:19 AM
Hi @Simone_Oor,for these permissions and applications, where the usage of Shadow Principals is possible, I use SPs. That's the most Hello @Simone_Oor,I use SPs for these authorizations and applications where the usage of shadow principals is possible. In the target scenario, the corresponding SPs ar...
0 Likes
Simone_Oor
in Protecting Tier 0 the Modern Way on Jul 11 2024 12:49 AM
@henrymoehsel Do you use ESAE users into resource domain Domain Local Group nesting, or do you work with Shadow Principals ? (I have a bastion forest set up that may allow me some testing next week)
1 Likes
StefanB570
in Decrypting the Selection of Supported Kerberos Encryption Types on Jul 11 2024 12:40 AM
Hi - Thank you for all the information in this article. I have a strange behavior that I can't explain. I have adjusted the attribute on computer objects from 31 to 28 to remove DES support. On one computer object, the attribute is automatically changed back from 28 to 31. There is no GPO set and no...
0 Likes