Making use of Azure B2B in a Citrix deployment – Citrix DaaS

Citrix DaaS with Entra ID b2b accounts.
Interested in learing how to let your external partner and users access your environment with their own credentials while still maintaining your wanted security. Want the users to be able to SSO from their own credentials into your environment? Then you will be interested in this post going through Entra ID b2b mixed with Citrix Cloud (DaaS)

Making use of Azure B2B in a Citrix deployment – OnPrem

Interested in learing how to let your external partner and users access your environment with their own credentials while still maintaining your wanted security. Want the users to be able to SSO from their own credentials into your environment? Then you will be interested in this post going through Entra ID b2b mixed with Citrix.

Hacking Windows kiosk mode – Single Intune config for multiple devices needing unique URL’s, with self-provisioning autopilot.

This writeup will show you how to hack the windows kiosk mode so you can use one config to target a multitude of devices requiring their own unique url. Unique kiosk device URL’s normally means unique configuration profiles in intune – or does it?

E-mail flow.

Using Valimail to help with SPF,DKIM,DMARC monitoring with Microsoft 365

This post revolves around the e-mail concepts for SPF/DKIM and DMARC to increase your e-mail reputation as well as protecting your domain from being misused by others i.e impersonation. We will also go through the tool provided by Valimail to have this monitored, all integrated with your Azure AD for SSO.

Enabling Microsoft “Cloud enabled LAPS” (Local Admin Password Solution)

LAPS – Local Admin Password Solution, has for a long time been one of those great tools to have in the toolbox when it comes to securing your devices from lateral movement from a potential attacker. And Microsoft LAPS have been around for quite some time already.

This tool was orginally available for deployment to server/desktop devices connected to a traditional domain (on-prem) setup.

This changed as of April 2023, and Microsoft have now introduced Microsoft LAPS (Preview) with support for configuration with Intune, and saving the passwords to Azure AD, giving us – once again – a native LAPS solution to handle the local admin account.

Microsoft Teams Banner

Microsoft Teams unable to send and receive calls after update to 1.5.x

Users are currently experiencing outage to expected functions inside Microsoft Teams. Vital functions inside the apps like the ability to do calls, video, meetings etc, are broken for a random group of users across a multitude of user groups.
Around where I am based the discussion started to show itself at the end of january. Troubleshoothing has been ongoing since then, with limited results to an acualt fix.
The temporary fix have been around rolling back to version 1.4 for users that have experienced the issues. But, as Teams gets updated automatically, this is very temporary.
There has also not been very clear as to why only some users have been affected.
During the last week or so, this has become more clear.

Read on for details and a temporary workaround until this gets resolved

How to configure screensaver settings on non-enterprise editions of Windows with Intune

his is another post to deal with one of thelimitations of the various licensing editions of Windows.
To be specific, there are certain features that are only available if you have an Enterprise or Education edition of Windows.
This post beeing around the limitation of controlling the settings around enforcing and controlling the screen saver on devices via intune.
As always, every problem has a solution, or a viable workaround.

pointing

Manageability – Part 1: Naming Conventions

When it comes to managing anything within IT, it will always be a good thing to keep things organized, in one way or another. You should also make sure that the way you organize things, is made understandable for others as well (maybe you share the responsibility of management with a group, or may do so in the future).
Make it a habit to creating an organizational model that others can jump in or out of over time, that is logical and understandable by others than yourself. Document the logic/model that is defined, and make sure not to deviate from the actual definition as time goes by.

Office 365 Splash

Security: O365 – did you remember to disable legacy authentication before October 13, 2020?

If you have kept up to date with the many announcements around 365 – spesifically Exchange Online, from Microsoft, you may remember that they announced that end of support for basic authentication were coming to various parts of Exchange Online in 365.
Subscribers of O/M365 should move to using modern authentication, as this is more secure and gives alot of other benefits.
The said date for this change was set to October 13 2020,

Security: How to enable sign-in with FIDO2 security keys on Windows 10 Devices and Azure AD

FIDO2 security keys are an unphishable standards-based passwordless authentication method that can come in any form factor. Fast Identity Online (FIDO) is an open standard for passwordless authentication. FIDO allows users and organizations to leverage the standard to sign in to their resources without a username or password using an external security key or a platform key built into a device. Read the post to see how you can enable this for your Azure ad and windows 10 devices.

%d bloggers like this:
Explore Yubico