Posts about:
Part #1: Introduction Microsoft Graph PowerShell SDK
As mentioned in a previous article about Azure AD custom roles for Exchange Online administrators here, Microsoft has planned retirement of their PowerShell modules. You can read more about this in your Message Center in MC281145:
Microsoft’s identity portfolio consists of many products, like Active Directory, AD FS, Azure AD Connect, Defender for Identity, Microsoft Identity Manager and Azure AD. Many organizations utilize these products and services in a Hybrid Identity setup. While it looks like Azure AD sees 3 changes per day on average, Microsoft’s on-premises products also see changes. More than 3, actually, this month:
It doesn’t matter whether you refer to it as Kerberos Armoring, Flexible Authentication Secure Tunneling (FAST), RFC4581, RFC6113, or Kerberos pre-authentication… it is time to deploy it in your Active Directory environments.
Microsoft’s identity portfolio is huge and includes products and services like Active Directory, AD FS, Azure AD Connect, Defender for Identity, Microsoft Identity Manager and Azure AD. Contrary to what some belief, Active Directory on-premises is supported, alive and kicking and here to stay for most organizations. This became abundantly clear in August 2022, as Microsoft improved things for Identity admins in the following ways:
Exchange admins have enjoyed the Group writeback optional feature in Azure AD Connect for a long time. It offers add-on functionality to Microsoft 365 Groups in Azure AD for organizations that use both Active Directory and Azure AD in a Hybrid Exchange setup.
Using Microsoft Graph PowerShell SDK
In my previous article about creating custom roles for Exchange Online administrators here, I described how to grant a specific team of administrators permissions to grant admin consent ONLY for specific OAuth2.0 application permissions.
Hybrid Identity, the relationship between Active Directory and Azure AD, has benefitted from many improvements in Azure AD Connect. For the vast majority of organizations with Hybrid Identity, Azure AD Connect provides the synchronization part of the Hybrid Identity story and can also play a vital role in the authentication part of it.
Microsoft 365, formally Office 365, is maturing. It has been more than 10 years since the launch of Office 365, and the type of migrations I see as a consultant are changing.
Recently I had to upgrade my Azure AD Connect server from version 1.x to version 2.x, and I blogged about in my December 2021 blog article "Upgrade Azure AD Connect from 1.x to 2.x". After the upgrade I had to upgrade my Azure Active Directory Password Protection services as well since I installed a new server and decommissioned the old one.
When you’re in your own data center and your security model is based on perimeter security and passwords, you’re not cloud ready. Security models that only leverage firewalls and passwords, leave organizations exposed as soon as cloud services start to be consumed. However, many organizations don’t realize just how exposed they are.
