All posts tagged Azure AD

Microsoft released a new version of the Azure Active Directory Application Proxy connector. This updated version uses now SHA2 for signing. Until now only SHA1 signing was used but since SHA1 is deprecated since it is not considered secure anymore. Be sure to update to the latest version if you are using the Azure AD Application Proxy Connector.

If you do not know what the Azure AD application proxy is all about, see the figure below. With the Azure AD Application Proxy you are able to publish internal resources in a secure way via the proxy without needing to publish the resources via an on-premises firewall/proxy and without needing to open ports to your services on premises. The Azure AD Application Proxy is part of Azure AD Premium and therefor part of the Enterprise Mobility +Security suite.

The Azure AD Application Connector

You can download the new connector here. Besides SHA2, the connector is now also supported on Windows Server 2016 and the following;

  • Outbound traffic limited to 443, ports 9350, 9352 and 5671 can be closed now
  • Support for DNS based whitelisting to Azure for on outbound firewalls
  • Better user experience with improved network connection resiliency
  • Custom updates do disappear after updates

capolaad00Due to an incident (IT85607) while moving the Conditional Access policies from “Preview phase” to “general availability” in Azure Active Directory, the Conditional Access policies in Microsoft Intune might be disabled.

Since the two are basically the same you need to check your Conditional Access policies are still configured correctly. Read more

msemsbook-ver1The last year my buddy Kent Agerlund and me have been working on a brand new book about the Microsoft Enterprise Mobility Suite.

After hard work we were able to finally present our new book at the Midwest Management Summit earlier this week! So proud to be able to hold my third book finally in the hand 🙂

Luckily we were able to give away books to the attendees of the EMS Hands On Labs and several other attendees of the conference! I hope you will all like the book and that it helps you to successfully implement a standalone or hybrid EMS environment..

 

Read more

briforumlondonLast week I was invited to present one session at BriForum London. BriForum is all about end-user computing as they on the website: “We live, eat and breathe at the point where end users intersect with enterprise IT technology”. A very nice conference and setup about virtualization, VDI, enterprise mobility, DaaS platforms and much more, held for the 17th time.

BriForum gives you an opportunity to interact with the speakers and fellow IT Pro’s that are attending the 30+ sessions during the two days that BriForum is happening.

Read more

dirsync-upgrade-aadconnect-00

In an earlier blog I showed you that Azure Active Directory Connect is the successor of DirSync and AADSync, both are still supported but will be replaced in the future. So while being in the process of preparing my Microsoft Enterprise Mobility Suite session at BriForum this month I wanted to upgrade to the latest and greatest. So how do we upgrade DirSync to AAD Connect?

Let’s have a look, the Product Group made it so easy that it is almost Next, Next Finish. 🙂

Read more

msemsWhen setting up an Enterprise Mobility Suite (EMS) environment and you want to use your own Active Directory domain you definitely need to setup synchronization services with Azure AD. Where we needed to setup DirSync in the past we now need to install and configure the successor Azure AD Sync or the Azure AD Connect synchronization service. You can do this by downloading this tool or by downloading Microsoft Azure Active Directory Connect which is still in preview but does a really great job in simplifying the setup process. Let’s have a look.

Read more