Control Access to SharePoint Online/OneDrive from unmanaged devices

In a mobile-first cloud first world the need of accessing corporate resources on unmanaged devices is rising. This is the cutting edge of managing your corporate data (keeping it safe) and give your users the freedom to be productive on any device.

With Conditional Access we can control access to corporate data (such as Exchange Online, SharePoint Online, Yammer, Delve, Teams, etc.) based on a device (health) status such as being managed or complaint. These scenarios (conditions) are based on devices being managed by your company (MDM managed). With the introduction of Session Controls, organizations are enabled to grant limited access to corporate resources without losing control on unmanaged devices.

Conditional Access Session Controls

Continue reading “Control Access to SharePoint Online/OneDrive from unmanaged devices”

New version of Azure MFA Server available (7.0.0)

image

For those who are using Azure Multi-Factor Authentication Server (on-premises) hereby a quick post to inform you there is a new version of Azure MFA Server available. The new version of Azure MFA Server (7.0.0.9) can be downloaded through the Azure Management Portal or MFA Management Portal.

Continue reading “New version of Azure MFA Server available (7.0.0)”

Use Custom Attributes for automatically populate Azure AD Dynamic Group Memberships

March this year the Active Directory team announced Attribute Based Dynamic Group Membership for Azure AD. Until then, group membership was a manual thing that had to be done for each user. With this feature you can specify a rule on an Azure AD security group that will automatically manage the membership of that group based on user’s attribute values. Dynamic Group Membership is supporting by default a subset of user attributes which can be used.

image

But what if you use in your organization custom attributes for various applications-, business- and provisioning processes? In this blog post we go further and will explain how to use custom AD attributes, extend your Azure AD tenant and use these custom attributes to automatically populating a security group.

Continue reading “Use Custom Attributes for automatically populate Azure AD Dynamic Group Memberships”

Get Started with the Enterprise Mobility Suite

undefinedOver the next six weeks I’ll provide along with my colleagues Valerie Siroux and Arjan Vroege several webinars on Microsoft Enterprise Mobility Suite. If you want to know more about for instance Azure Active Directory Premium, Microsoft Intune, Azure Rights Management Services, you can not miss these webinars.

Learn more about EMS in 6 webinars

On the following dates will take place the Enterprise Mobility Suite webinars. Please note that these webinars are taught in English. Through the links below you can register free of charge.

Continue reading “Get Started with the Enterprise Mobility Suite”

Integrate your Microsoft Intune device enrollment with Azure AD!

May this year Microsoft announced a new capability of automatically enroll devices in Microsoft Intune as part of joining devices in to Azure AD (Premium). By joining a Windows 10 device to Azure AD it is extremely easy for end users to get the benefits of single sign-on, OS state roaming, and management capabilities.

image

This will work with both Microsoft Intune and with 3rd party MDM solutions. In this blog post I’ll show you how ease and transparent this process is and how powerful the integration is of Microsoft Online Services and Windows 10!

Continue reading “Integrate your Microsoft Intune device enrollment with Azure AD!”

The Enterprise Mobility Suite Portal Survival Guide

survival-guide I’m more than happy being your tour guide for today and walkthrough the various portals that the Microsoft Enterprise Mobility Suite (EMS) houses. For those who are involved with EMS, this might be a handy overview of all current available portals. I often heard  that it is not always clear which portal you need and where you can find it. In this blog I’ll do my best to cover all the portals including their purpose.

Continue reading “The Enterprise Mobility Suite Portal Survival Guide”

How Azure AD Premium & Office 365 improves Collaboration

So you’ve always wondered what it takes to improve both collaboration and business processes in your organization, which results in employees being more productive? Do I’ve your attention…read on!

With Microsoft Azure and Office 365, Microsoft offers you a (cloud) platform with a huge potential to optimize and boost your business. In this blog I’ll illustrate this with a simple example of how you can use these cloud services to improve collaboration within your organization.

Coming together is a beginning; keeping together is a progress; working together is a success.

Continue reading “How Azure AD Premium & Office 365 improves Collaboration”

Azure AD Premium Public Preview Features…a closer look

image

Microsoft is continuously improving their Azure cloud services while new features get introduced in rapid pace. In this blog I want to consider some new Azure Active Directory Premium features which are currently in public preview. ’These features are:

  • Dynamic Groups
  • Azure Application Custom Domain publishing
  • Azure Conditional Application Access

Continue reading “Azure AD Premium Public Preview Features…a closer look”

Assign EMS licenses based on Local Active Directory Group Membership

 

 

As all roads lead to Rome there are many ways to assign Enterprise Mobility Suite (EMS) licenses to end-users. This can be a manual process or automated by using PowerShell. Both options have in common that you must be a global administrator of your Azure subscription to assign these licenses.

The majority of the available public resources and publications describes the (manual) process bassed on per user- or group assignment through the Azure Management Portal. Downside of assigning EMS licenses through the Azure Management Portal or by PowerShell is that you must be a member of the global administrator user role. A right you want to keep to a limited number of accounts, further these accounts are often not responsible for such tasks as assigning licenses.

Continue reading “Assign EMS licenses based on Local Active Directory Group Membership”

Making hybrid identity simple with Azure AD Connect

As mentioned in my previous post I’m in Redmond (WA) to join the Enterprise Mobility deep dive airlift. During my three-day stay I’ll listen, learn and getting inspired of all cool stuff Enterprise Mobility has to offer. On the first day we covered the hybrid identity part of EMS which means – Azure AD Connect, Azure AD Premium – which provided a lot of new insights and key takeaways.

image

Continue reading “Making hybrid identity simple with Azure AD Connect”