Hi All, Recently i came across an interessting Project. Now i had some Time to check it out.
Microsoft Azure AD Assessment
https://github.com/AzureAD/AzureADAssessment ## Install Module
Install-Module AzureADAssessment
## Authenticate using a Global Admin or Global Reader account.
Connect-AADAssessment
## Export data to "C:\AzureADAssessment" into a single output package.
Invoke-AADAssessmentDataCollection
It's important to say, that you have to use PowerShell 7. Seems to be that you need to have an Azure Active Directory P2 License to gather all the Logs.
Hi All, I've seen some Posts about the new Microsoft Authenticator settings in AzureAD. Here is how you get there. Go to the Azure Active Directory Portal https://aad.portal.azure.com and select "Security"
On the Security Page open "Authentication methods"
On Authentication methods select "Microsoft Authenticator"
On Microsoft Authenticator Settings select "Configure"
Here you can change some settings that are already available quite for a while, but now you have a GUI to it.
Hi All,
VMware has released a Security Advisory to address the CVE-2022-31676. You need to upgrade to VMware Tools 12.1.0 to fix the Issue.
VMSA-2022-0024.html VMware Tools 12.1.0 Download After you have downloaded the ZIP file mount the vmwaretools.iso and run the Setup64.exe (or setup.exe on x86 Processors)
On my Server i had to restart and relaunch the Setup
Looks good after the Reboot and again launched setup64.exe
Let’s check in VCSA
Hi All,
With the August 2022 Updates for ExchangeServer 2013/2016/2019 there is a new Feature called Windows Server Extended Protection. This will help against authentication relay or “man in the middle” (MitM) attacks.
Exchange Server Support for Windows Extended Protection Restrictions
does not work with hybrid servers using Modern Hybrid configuration SSL Offloading scenarios are not supported Automated Archiving with Archive Policy is not suported TLS configuration must be consistent across all Exchange servers Access to Public Folders on Exchange 2013 not supported The newest version of HealthChecker.
Hi All, The M365 Defender for Office Safe Links Block list have been moved to Tenant Allow Block List (TABL) If you click on "Global Settings"
https://security.microsoft.com/safelinksv2
you can see that the Block List have been Migrated
Let's check the Tenant Allow/Block List https://security.microsoft.com/tenantAllowBlockList
You can view the TenantAllowBlockList Items with the following Exchange command
Get-TenantAllowBlockListItems
https://docs.microsoft.com/en-us/powershell/module/exchange/get-tenantallowblocklistitems?view=exchange-ps
Get-TenantAllowBlockListItems -ListType URL Get-TenantAllowBlockListItems -ListType URL | where {$_.Notes -match "Migrated"}
I came across the "
Hi All, There has been a change in the Defender for Office 365 Anti-Malware Policy notifications. Summary: internal and external Notifications are gone and Action is changed only to "Quarantine" or "Reject" (with NDR).
Not much to see on the M365 Roadmap But there are more Details in the M365 Admin Portal in Message Center
In the M365 Defender Portal you can review the Settings
https://security.microsoft.com/antimalwarev2 Internal- and ExternalSendernotifcations are gone.
Hi All, Azure Active Directory Sign-in Logs is really helpful, when analyzing Sign-in Problems. But it also can be very helpful, when analyzing the overall Sign-ins or looking out for strange behavior. One of the Tips would be th Filter for Location and use the CountryCode and Status of Sucess
I have set up Azure Active Directory Diagnostics to save the Sign-In Logs to a LogAnalytics Workspace. Here you can Query the Logs with KQL.
Hi All, I've been using Windows Hello for Busindess with Face recocnition since a long time on my Surface Laptop 3. This week it stopped working suddently with the Message "Couldn't turn on the Camera". Even the Driver and Firmware Update did not help. The Camera App is working just fine. Also in Teams the Camera works fine.
In the End i remved the two Cameras in the Device Manager (devmgmt.
Hi All, In this Blog Article, i want to talk about how to protect your Azure SQL Databases with Firewall Rules at Server or Database level. Azure SQL Database and Azure Synapse IP firewall rules
https://docs.microsoft.com/en-us/azure/azure-sql/database/firewall-configure
The Server Level you can find on your Server Object
You can also find this when query the master Database --Database: master
SELECT * FROM sys.firewall_rules
At the Database level use this sp_set_firewall_rule (Azure SQL Database)
Hi All, In mid January Microsoft Announced, that the Microsoft Defender for Endpoint Plan 1 will be now Included in M365 E3/A3 Licenses.
Microsoft Defender for Endpoint Plan 1 Now Included in M365 E3/A3 Licenses
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639
My Account has a M365 E3 License and i can see "Microsoft Defender for Endpoint Plan 1" has been assigned.
Overview of Microsoft Defender for Endpoint Plan 1
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-worldwide
I went for the Documentation and Set it up in Micrsosoft Endpoint Manager.
