This article is a continuation – i.e. Part 2 – of the article Recommendation – Microsoft 365 authorization concepts – Part 1. In this article, the following topics are now dealt with to complete the start for understanding an authorization concept: Configuration of Exchange online RBAC at Administrative Units level Configuration of automatic users, guests […]
Microsoft 365 administrators have various roles and tasks that they need to manage to ensure that the organization runs smoothly. Authorization concepts that are familiar from the on-premise world cannot be replicated 1:1 in the Microsoft Cloud. In order to ensure data security, several steps need to be implemented. These are as follows: PIM: […]
Creating a standardized and consistent naming convention for IT infrastructures based on Microsoft 365 and Microsoft Azure is essential for efficient management. The following guidelines should be adhered to: General Principles: Consistency: Maintain consistency across all resources, ensuring a uniform and predictable structure. Readability: Names should be easy to read and understand, avoiding unnecessary abbreviations. […]
From time to time I get requests from customers for the following scenario: The customer basically has a hybrid infrastructure, must (or wants to) continue to operate Exchange on-premise. However, the customer wants to protect the Outlook Web App (OWA) of the on-premise messaging infrastructure with Multi Factor. On the one hand, this can be […]
Some time ago, one of my customers had the problem that after his environment was migrated to the cloud (hybrid with Microsoft 365), some users had sporadic logon problems with Microsoft 365 services. The phenomena can be described as follows: Users can log on to Microsoft 365 Services via the browser without any problems (everything […]
Not every company uses Microsoft Intune or System Center, but this does not mean that tools such as Microsoft Defender for Endpoint cannot be used. Only the distribution of the corresponding onboarding packages is not necessarily as simple as when, for example, Microsoft Intune is in use. Many tasks have to be done manually. To […]
Since I rely heavily on standardization for my clients, I have created a new script that I would like to share with you here. You can find the GitHub link at the end of this article. Why does it make sense to create and manage licence groups in a standardized and automated way? There are […]
In the first parts of the series “.NET Assemblies In PowerShell”, I wrote about managing existing Active Directory groups and user accounts without the PowerShell ActiveDirectory module. This time, I will show you how you can create new Active Directory objects with PowerShell by using the namespace System.DirectoryServices.AccountManagement. This namespace is available on any Windows […]
Cloud services from Microsoft, Amazon, Google and other service providers have been booming not only since the Corona crisis. Of course, the Corona crisis has given these technologies an exponential boost. However, using these technologies is the one thing, one of the new challenges is to have our data, meta data, statistics and reports easily […]
Strong passwords are an important basis for protecting your data. Unfortunately, many users still use the same passwords for all profiles or use simple combinations such as Welcome123 or their name. But how do you make a password really secure and what tricks can you use to professionally enhance the protection of your data? Here […]
Prolog Recently, I have been getting inquiries from customers, who have the following scenario: The environment was originally an on-premises infrastructure. Then the customers have decided to switch to Office 365 and implemented this step as follow: The AAD was configured to sync the user accounts to the cloud, but without the Exchange attributes. […]
In the first part of this series, I described how you can add and remove members to and from Active Directory groups in PowerShell, without using the ActiveDirectory module, but just by using the .Net namespace System.DirectoryServices.AccountManagement. In this part I want to show how you can work with the members of a group, as […]