Azure & Active Directory Center

ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.

Posts about:

Office 365 (3)

Office 365 screenshot

Using Multi-Factor Authentication for Office 365

Image of Nathan O'Bryan MCSM
Nathan O'Bryan MCSM

Multi-factor authentication has been available, at least for users with administrator roles assigned, in Office 365 since June 2013. The problem is that there is a confusing warren of options and configurations that greatly affect the MFA experience an Office 365 user will, or will not, see. In this blog post, I will explain what configurations you need and what MFA experience you will get based on those configurations.

The Problem With Office 365 MFA

I find when my customers think about MFA, they are thinking about the experience they have on a VPN, or maybe the experience when using MFA to sign into their workstations in the morning. They are thinking of protecting a “single sign-on” experience with two factor authentication.

Read More
application screenshot

Advanced Security Management in Office 365 — Part 1

Image of Vasil Michev MVP
Vasil Michev MVP

In a series of articles here on ENow’s blog over the past few months, we covered a wide variety of security and compliance-related features in Office 365. Those included improvements in SharePoint Online and OneDrive for Business, the Preservation policies, Azure RMS auditing, Activity Alerts and more. It only seems logical to end the series by reviewing the newest product, one that promises to take care of all your auditing needs. In this article we will take a look at the Advanced Security Management feature and introduce you to the functionalities it brings.

Read More
Azure AD Premium settings box

Finding Real World Value in Azure Active Directory Premium

Image of Justin Harris (MCSM, MCM)
Justin Harris (MCSM, MCM)

When you think about the value proposition for Azure Active Directory Premium, most of the features that are front and center revolve around self-service password reset, multi-factor authentication (MFA), SSO for SaaS-based applications, and enhanced reporting. These features are certainly all great examples of how the value of Azure Active Directory Premium can be demonstrated within the enterprise.

Read More
Azure

Auditing Your Azure RMS Protected Documents

Image of Vasil Michev MVP
Vasil Michev MVP

Azure Rights Management Service (RMS) is an information protection solution, the cloud-based version of AD RMS. The service has been rapidly evolving in the past few months, introducing features such as: the Tracking portal, which gives users the ability to audit the consumption of their protected content and revoke access if needed; full multi-factor authentication support across all RMS clients; the RMS protection tool, which provides PowerShell cmdlets to bulk (un)protect files and replaces the AD RMS Bulk Protection Tool; the Azure RMS usage logs; and more.

Read More
Settings Edit pop up

AD FS Claims Rules and Modern Authentication

Image of Vasil Michev MVP
Vasil Michev MVP

Modern authentication has been around for a while now, and it’s great. It brought support for the latest and greatest in authentication and authorization protocols and made new scenarios available. It gave us simple, unified experience across devices and platforms and improvements to the Alternate Login ID feature. On top of all that, it enabled proper support for two-factor authentication for all clients and put an end to the Office 2013 RTM fiasco (bye-bye rich clients, rest in peace app passwords!).

Read More

Identity and Authentication Management for Office 365

Image of Nathan O'Bryan MCSM
Nathan O'Bryan MCSM

The good people at ENow asked me to do a webinar on Identity and Authentication Management for Office 365, which I presented live on November 18. I’m adding this blog post as a companion piece to that webinar, which can be found at this link.

One of the most important parts of any migration to Office 365 is the identity and authentication management piece. Microsoft wants Office 365 to be a flexible platform that can meet the requirements of any organization. In order to meet wildly varying requirements, Microsoft has had to build quite many options into the identity and authentication management platforms for Office 365.

While options are great, they do mean complexity, and complexity is the enemy of availability. No one should plan a migration to Office 365 without a thorough understanding on the options, and how the choices you make will affect your Office 365 deployment years down the road.

Read More
Microsoft Azure AD Connect

A Closer Look at Azure AD Connect – Part 5

Image of Michael Van Horenbeeck MVP, MCSM
Michael Van Horenbeeck MVP, MCSM

Welcome to the fifth part of this article series about Azure AD Connect. In the previous article, we've taken a look at some of the optional features you can enable for directory synchronization. In this article, we'll cover a few more features -- more specifically the User and Group write-back capabilities.

Before discussing these features, note that they are currently in preview. You can test the features, but should not use them in production unless you have explicit permission by Microsoft.

Now that the disclaimer is out of the way, let's have a look at the User write-back feature.

Read More
Sander-AD-Book-2nd edition copy

Want to learn more about Active Directory?

Active Directory Administration Cookbook, 2nd Edition

In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2022.