Category: Certificates

Section 4 – Mitigate identity threats part 2 of 2

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/03/2023 0 Comments on Section 4 – Mitigate identity threats part 2 of 2
Posted in Active Directory, ADFS, Authentication methods, Azure, Azure AD, Certificates, Conditional access, Cross-tenant, Defender, Entra, Hybrid, Identity, On-premises, SC-200, Security, Zero trust

Identity protecting is challenging if you don’t know what you should protect and when you do, you should know how to protect it. In the second part we will be discovering more on Conditional Access as a dynamic boundary in…

Continue Reading Section 4 – Mitigate identity threats part 2 of 2

Do’s and don’ts concerning security for Identity part 8

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/11/2022 0 Comments on Do’s and don’ts concerning security for Identity part 8
Posted in Active Directory, ADFS, Authentication methods, Azure, Azure AD, Azure ARC, Certificates, Hybrid, IAM, Identity, Identity Platform, Key vault, Security, Storage

Continuing from last post with the same topic but now from the negative side of things. What could go wrong if you don’t do it right. This post will assume that you are still having on-premises AD with ADCS and…

Continue Reading Do’s and don’ts concerning security for Identity part 8

Conditional access and authentication strength (preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 09/10/2022 0 Comments on Conditional access and authentication strength (preview)
Posted in Active Directory, Azure, Certificates, Conditional access, Entra, Hybrid, Identity, Security

First I wanted to mention the link problems inside Azure Portals. For a while and for some people portal.azure.com didn’t show the Authentication strengths in their portal, this has now been fixed in normal Azure portal. Entra portal on the…

Continue Reading Conditional access and authentication strength (preview)

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/08/2022 0 Comments on Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints
Posted in AAD Connect, Active Directory, ADFS, Azure, Azure AD, Azure Policy, Certificates, Key vault, Security, Zero trust

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Section 5 – Implement platform protection – Implement advanced network security – Configure a resource firewall and network isolation

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 25/02/2022 0 Comments on Section 5 – Implement platform protection – Implement advanced network security – Configure a resource firewall and network isolation
Posted in Azure, Azure Firewall, Azure Front Door, Certificates, Identity, Security

In this part I cover: Configure a resource firewall, including storage account, Azure SQL, Azure Key Vault or Azure App Service Configure network isolation for Web Apps and Azure Functions Why to isolate resources inside Azure? If You enable every…

Continue Reading Section 5 – Implement platform protection – Implement advanced network security – Configure a resource firewall and network isolation

Section 5 – Implement platform protection – Implement advanced network security – Azure Firewall

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 18/02/2022 0 Comments on Section 5 – Implement platform protection – Implement advanced network security – Azure Firewall
Posted in Azure, Azure Firewall, Certificates, Identity, Security

Time for the next part in the AZ-500 study preparation guide. This time were looking at: Create and configure Azure Firewall Create and configure Azure Firewall Manager What is Azure Firewall? Azure Firewall is a cloud-native and intelligent network firewall…

Continue Reading Section 5 – Implement platform protection – Implement advanced network security – Azure Firewall

Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 15/02/2022 0 Comments on Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy
Posted in Azure, Azure AD, Certificates, Identity, Onpremise, Security

Azure AD CBA allows user to sign-in with a certificate. Microsoft has removed the need for external ADFS federation. You can see the situation before this change from Sami Lamppu’s post. Feature highlights Facilitates onboarding to Azure quickly without being…

Continue Reading Azure AD certificate-based authentication (Preview) + Publishing CRL with Application Proxy

Key auto-rotation in Azure Key Vault (preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/12/2021 0 Comments on Key auto-rotation in Azure Key Vault (preview)
Posted in Azure, Certificates, Identity, Security

Key rotation is Azure Key Vault is crucial for the safety of the keys stored in vault. You can store encryption keys, SAS-keys, user credentials, API keys and other secret then you can call them with in your queries. What…

Continue Reading Key auto-rotation in Azure Key Vault (preview)

Enterprise applications SSO with custom manifest configuration

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/09/2021 0 Comments on Enterprise applications SSO with custom manifest configuration
Posted in Active Directory, ADFS, Azure, Azure AD, Certificates, Compliance, Identity, Security

Hi, Didn’t find an article about this, so I decided to gather the pieces and put them in one place. First little bit of background. You have Azure AD and  on-premises or cloud-based application that you want to allow SSO…

Continue Reading Enterprise applications SSO with custom manifest configuration

Lync/SfB Server: Event 41026, LS Data MCU after May 2017 .NET Framework update

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 14/09/2017 0 Comments on Lync/SfB Server: Event 41026, LS Data MCU after May 2017 .NET Framework update
Posted in Certificates, Lync, Onpremise, Powershell, Skype for Business, Windows Updates

Hi, Today a customer call me and said that they cannot connect to meeting. In the Blog below is the fix. https://blogs.technet.microsoft.com/uclobby/2017/05/24/lyncsfb-server-event-41026-ls-data-mcu-after-may-2017-net-framework-update/ And script that does this for You. https://gallery.technet.microsoft.com/LyncSfB-Server-Disable-EKU-dab6cb88

Continue Reading Lync/SfB Server: Event 41026, LS Data MCU after May 2017 .NET Framework update