The last few weeks I had to create a few PowerShell scripts where I had to combine certain information from several sources. The way I used to do it was to do a where-object on an ID in an array. This works well, but I noticed that on large datasets it takes a lot of time. A where-object on a dataset of 30.000 items it takes on average between 1 and 2 seconds.
Let’s kick this post of what I mean with a break glass account. What is a break glass account? A break glass account is a non-personal in case of an emergency account that is never used and is stored in a vault where only a few people have access too. This account is a global admin on your tenant and in some sense is the top-level account of your environment.
Today I had the privilege to speak at SharePoint Saturday Genève. I did a session about security in a cloud environment when you are moving from an on-premises environment to the cloud. The security then moves from your perimeter network to the user’s identity. The session gave an overview of the tools in Azure AD to secure the cloud identity. [slideshare id=125157044&doc=20181206-spsgenevewearemovingtothecloudwhataboutsecurity-181206131838]
This weekend I had the privilege to speak at SharePoint Saturday in Leicester. Here I did a session on Protecting your data in office 365. I talked about how we did security before the cloud and what Microsoft provides to keep your data safe in Office 365. I showed Multifactor authentication with Conditional Access, disabling legacy authentication, Privileged Identity Management, Identity Secure Score and Password less Authentication. See my deck below
In this post, I want to take you with me how you can use app credentials in an Azure Automation script to connect to SharePoint Online. Many PowerShell scripts use a username and password, but these are less secure than using an app credential and can also be used to login to SharePoint Online in the browser. By default, connecting to SharePoint uses basic authentication and many companies are on route to disable this to make use of conditional Access and MFA.
When setting up a hybrid environment we usually first setup hybrid search and do not that much on hybrid profiles. I have noticed that there are some quirks in the hybrid profiles what might not get noticed while setting it up. At the moment of setting up hybrid profiles, there is not that much to configure. Only none, all in Office 365 or based on a group. As many of you know a good user profile consists of some basic data like a photo, name, contact details, manager and location.
A year ago, I wrote a post about Azure AD conditional access, with the change to the new portal a lot has changed. This post will show what is changed since then and what is coming. The biggest change in conditional access is that last year you had to configure this per application in the old portal, there was no reference in the new portal (current one) back then. Now you can create policies that apply to one or multiple applications or even tenant wide.
Within Office 365 a user can set his or her language preferences on several ways, this post will show several ways on setting this and how this can be managed as an administrator for your users. Let’s start with the places that a user can set this. Office 365 “My Account” When you are in Office 365 you can click on your name and select My Account. Underneath Settings part you can set the language of Office 365
This week I needed to create a demo environment for my presentation at SharePoint Saturday in the Netherlands and I Installed the latest version of Azure Active Directory Connect (1.1.524.0) and to my surprise it supported modern authentication when I connected to Azure Active Directory. I created an account where MFA was disabled to make the connection but that was not necessary to my surprise. See the screenshot below asking Azure Active Directory Connect for sign into my tenant.