Security – The latest Threat Modeling tool is now in GA

The latest version of Microsoft Threat Modeling Tool (TMT) is now available in general availability (GA). If you were using the preview, you will be prompted to upgrade – NOTE it will mandatory to upgrade after Oct 15th. The 2016 version is still supported until Oct 1st, 2019. If you want to start using the tool go there. For those who do not know what MTM is, this is a…

Read More

Azure – Azure AD delegated application management roles are in preview

Good news, new Azure AD delegated management roles are available in preview: Application Administrator: This role provides the ability to manage all applications in the directory, including registrations, SSO settings, user and group assignments and licensing, Application Proxy settings, and consent. It does not grant the ability to manage conditional access. Cloud Application Administrator: This role grants all the abilities of the Application Administrator, except it does not grant access…

Read More

Azure / Office 365 – Change is coming for Azure Information Protection on Office 365

An important change is coming (on July 1st) for Azure Information Protection which may affect users on Office 365 (more specifically the Exchange Online Message Encryption capabilities) If you are using AD RMS (the on-premises digital rights management solution) to protect your data (including for users on Office 365) you must opt out for this change as soon as possible as the change may impact you negatively (this scenario is…

Read More

Azure – New version of Azure MFA Server

A new version of the Azure MFA Server (8.0.0.3) is available for download here https://aka.ms/mfadownload?download=mfa&clcid=0x9 This new version includes few improvements, like: Improved interaction with AD Sync Support for TLS 1.2 for LDAP, User Portal to Web Service SDK, and SChannel replication Accessibility improvements to User Portal, MFA Server management, and installation Compliance with General Data Protection Regulation The GDPR tool (MultiFactorAuthGdpr.exe) is available in the C:\Program Files\Multi-Factor Authentication Server…

Read More

Azure – Azure File Sync preview has been updated

If you are using Azure File Sync preview (or planning to use it), the service has been updated. You can get the update Azure File sync agent either by running WindowsUpdate (or getting it from the WindowsUpdate catalog here http://www.catalog.update.microsoft.com/Search.aspx?q=4130942) or by downloading the updated agents from here https://www.microsoft.com/en-us/download/details.aspx?id=55988 If you are updating an existing agent the KB 4130942 is required; if this is not installed it will be installed…

Read More

Azure – New Azure Information Protection Client released

A new version (1.27.48.0) of the Azure Information Protection (Azure AIP) client has been released and available for download at https://www.microsoft.com/en-us/download/details.aspx?id=53018 (as usual one as self install executable and one as MSI package for enterprise wide deployment). The main updates focus on the AIP Scanner: You can define (add/remove) specific file extension using the Add-AIPScannerScannedFileTypes/Remove-AIPScannerScannedFileTypes commands Set a default label (without inspecting the content) using the MatchPolicy of the Set-AIPScannerRepository…

Read More

Azure – You can now use Azure AD authentication to grant access to Azure Storage

As you know Azure Storage is providing storage capabilities on Azure (either for files, blobs, queues or tables). Until then, when you needed to grant access to a storage space on Azure you had to use shared keys or SAS tokens. Now you can also use your Azure AD to grant access to Azure storage, making things simpler when you have to provide access to your organization users using the…

Read More

Azure AD – Conditional Access now supports legacy clients

Azure AD Conditional Access has been updated and is now supporting legacy clients like POP, IMAP or SMTP. If you wish to implement conditional access for these legacy clients/protocols, you need to choose the Other clients – available after click on the Advanced link – when configuring the conditional access EWS (Exchange Web Service) will be identified as Other clients when it uses Basic authentication, otherwise will be identified as…

Read More

Azure – Data classification and protection now available for SQL

SQL Information Protection now includes new capabilities to help identify, classify or monitor data stored in your SQL databases.   Use on Azure SQL To start using these new capabilities, go to your Azure ARM portal (https://portal.azure.com) and reach your SQL Server blade. Then access the SQL database you want to Advanced Threat Protection configuration blade to turn on the feature Once enabled you will be able to access the…

Read More

Intune – The Intune Silverlight portal is going to be removed

About 18 months ago, Microsoft has announced the integration of Intune service into the Azure ARM portal. Now, the Intune Silverlight portal is going to be removed (starting August 31st, 2018) with all Intune capabilities moved to the Azure ARM portal. If you are still using the Intune agent to manage Window 7 (and later), the Silverlight portal will remain available.  This will be the only workload remaining in this…

Read More

Azure – You can use your Azure AD credentials to logon to Linux VM

If you use Azure to run Linux virtual machines, you can now use your Azure AD (aka corporate) credentials to logon to your Linux session (in preview). By enabling this feature, you can also take advantage of requesting MFA or enable RBAC role. The following Linux distribution are supported for this capability: CentOS 6.9 or 7.4 RedHat Enterprise 7.x Ubuntu Server 14.04, 16.04 or 17.10   Enable the feature during…

Read More

Azure – Azure Storage Explorer is now GA

After being in preview for quite some time, Azure Storage Explorer is now available in general availability (GA). You can get it from (the released version at the time of writing this post is 1.1.0): For Windows https://go.microsoft.com/fwlink/?LinkId=708343&clcid=0x409 For MacOs https://go.microsoft.com/fwlink/?LinkId=708342&clcid=0x409 For Linux https://go.microsoft.com/fwlink/?LinkId=722418&clcid=0x409 With Azure Storage Explorer you can directly access you Azure Storage from your preferred client to download/upload content, manage you blobs, files, queues, tables or even…

Read More

Azure – New version of Azure AD Connect with quite new capabilities

A new version (1.1.819.0) of Azure AD Connect (the directory synchronization tool for Office 365 / Azure AD) has been released. You can get it from http://go.microsoft.com/fwlink/?LinkId=615771 This new version includes new capabilities like: Integration with PingFederate (in preview), allowing you to use Azure AD Connect to configure PingFederate for federation with Office 365/Azure AD An updated troubleshooting utility to assist in troubleshooting in Linked Mailboxes or AD Dynamic Group…

Read More