Explore Yubico

Making use of Azure B2B in a Citrix deployment – Citrix DaaS

Citrix DaaS with Entra ID b2b accounts.
Interested in learing how to let your external partner and users access your environment with their own credentials while still maintaining your wanted security. Want the users to be able to SSO from their own credentials into your environment? Then you will be interested in this post going through Entra ID b2b mixed with Citrix Cloud (DaaS)

Making use of Azure B2B in a Citrix deployment – OnPrem

Interested in learing how to let your external partner and users access your environment with their own credentials while still maintaining your wanted security. Want the users to be able to SSO from their own credentials into your environment? Then you will be interested in this post going through Entra ID b2b mixed with Citrix.

Hacking Windows kiosk mode – Single Intune config for multiple devices needing unique URL’s, with self-provisioning autopilot.

This writeup will show you how to hack the windows kiosk mode so you can use one config to target a multitude of devices requiring their own unique url. Unique kiosk device URL’s normally means unique configuration profiles in intune – or does it?

Setting up cloud kerberos trust – passwordless access to on-prem resources.

This post will show you how to set up your environment to support AzureAD joined devices authenticating with your on-prem resources. When devices are setup as pure azure ad joined, and not hybrid joined, devices we need to handle authentication to your on-prem resources in a better way. Your on-prem resources does not in itself understand the authentication from these devices. It will also add support for using Windows Hello for Business/biometrics, FIDO security keys

Using Valimail to help with SPF,DKIM,DMARC monitoring with Microsoft 365

This post revolves around the e-mail concepts for SPF/DKIM and DMARC to increase your e-mail reputation as well as protecting your domain from being misused by others i.e impersonation. We will also go through the tool provided by Valimail to have this monitored, all integrated with your Azure AD for SSO.

Enabling Microsoft “Cloud enabled LAPS” (Local Admin Password Solution)

LAPS – Local Admin Password Solution, has for a long time been one of those great tools to have in the toolbox when it comes to securing your devices from lateral movement from a potential attacker. And Microsoft LAPS have been around for quite some time already.

This tool was orginally available for deployment to server/desktop devices connected to a traditional domain (on-prem) setup.

This changed as of April 2023, and Microsoft have now introduced Microsoft LAPS (Preview) with support for configuration with Intune, and saving the passwords to Azure AD, giving us – once again – a native LAPS solution to handle the local admin account.

Solving terrible performance in application using folders with high filecount

Recently I was troubleshooting terrible application Performance for a windows application.
This application is using files and directories located on a file server.
The file server OS was Windows server 2016 and the clients are Windows Server 2019 Citrix terminal servers.

The application uses seperate client folders containing files pr client, with alot of files inside the various folders – some more than others.
In this specific there were tens of thousands of files in some client folders.
Performance on the application was intermittently slow, and it could take upto 15 minutes to switch between one client and another inside the application Read on to get the solution

How to configure screensaver settings on non-enterprise editions of Windows with Intune

his is another post to deal with one of thelimitations of the various licensing editions of Windows.
To be specific, there are certain features that are only available if you have an Enterprise or Education edition of Windows.
This post beeing around the limitation of controlling the settings around enforcing and controlling the screen saver on devices via intune.
As always, every problem has a solution, or a viable workaround.

Solved: Error opening files from SharePoint / OneDrive

Have been seeing some users getting the following errors when trying to open files from OneDrive for Business.

It doesn’t happen on all files, but for some, no specific event causing the behavior. .
If the user takes a copy of the file giving the error, then opening the copy, works as expected

Holding back the upgrade to Windows 11 with Intune

With Windows 11 pushing its way towards your environment’s devices, you may find the need to hold back this upgrade to some or maybe all your devices, for any reason. Holding back the upgrade can be done via Intune for easy deployment to your devices. Script can be found in the post.