Copy Active Directory Group Membership Script The following Script Copies members from one Active Directory Group to another Active Directory Group. To start the Script run: .\CopyGroupMembership.ps1 You will be prompted to enter the Group whose membership you need to copy. The you will be prompted to add the group name where you want to…
Leave a CommentLet users rest their Passwords in Office 365 Office 365 and Azure AD allows users to reset their own passwords, this reduces the calls to helpdesk for password resets. Once you enable this setting users will be able to navigate to https://passwordreset.microsoftonline.com/ and reset their own passwords. To get started Launch the Office 365 Admin…
Leave a CommentConfigure Azure AD Connect Pass Through Authentication Azure pass-through authentication allows user to login to cloud and on-premise applications by using the same passwords. Pass-through authentication validated the password against the on-premise active directory. Prerequisite needed: Global Admin account Azure AD Connect 1.1.750.0 or later Windows Server 2012 R2 or later with TLS 1.2 enabled…
Leave a CommentHow to enable Active Directory recycle bin In this post we will look at two ways of how to enable Active Directory recycle bin. The first option will be via the GUI and second using PowerShell. Open Server Manager then click on Tool >> Active Directory Administrative Centre. From the Administrative Centre on the left-hand…
Leave a CommentEnable MFA for All Office 365 Users using Azure Active Directory Identity Protection. “Azure Active Directory Identity Protection provides a consolidated view of at risk users, risk events and vulnerabilities, with the ability to remediate risk immediately, and set policies to auto-remediate future events. The service is built on Microsoft’s experience protecting consumer identities and…
Leave a CommentGet-AzureADDirectorySettingTemplate : The term ‘Get-AzureADDirectorySettingTemplate’ is not recognized. You receive the following error when trying to execute the following cmdlet: Get-AzureADDirectorySettingTemplate. To resolve this error, you need to install the following PowerShell Module AzureADPreview. But you will find that users have installed the PowerShell Module AzureAD and this Module does not have the cmdlets for…
2 CommentsChange Office 365 Synced Users UPN Name. Every now and then we get a user request to have their Office 365 Signin name to be change. This is typically when someone gets married . So how do we change the Signin name. We start with the Active Directory Rename the AD User (to match the…
Leave a CommentHow to Allow Guest Access to Microsoft Teams This post is just to show case how to provide Guest access for Microsoft Teams, As the Office 365 admin, you must enable the guest feature before you or your organization’s users (specifically, team owners) can add guests. The guest access settings are a feature set of…
1 CommentProtect your Office 365 Tenant with Azure AD Risky Sign-Ins Microsoft Office 365 and Azure Active Directory provides some very Powerful tools related to security. These tools are what I call the CLOUD GEMS. (pot of gold under the rainbow) They are very useful when it comes to finding compromised accounts within your Office 365…
1 CommentBlock Office 365 Sign-In based on On-premise Active Directory Security Group. The purpose of this guide is the assist support staff to block access to multiple accounts that has been compromised. To get started, login to Azure Active Directory Portal. https://portal.azure.com 1 From the Main menu, click on Azure Active Directory on the left-hand side.…
Leave a CommentHow to Configure ADFS Web Application Proxy for ADFS This post will cover the steps needed to configure the ADFS Web Application proxy. What is an ADFS Web Application Proxy? WAP provides reverse proxy functionality for web applications in the corporate network which allows users on most devices to access internal web applications from external…
1 CommentConfigure ADFS for Office 365 Requirements: External DNS records for example: fs.o365cloudlab.co.za Internal DNS records for example: fs.thatcloud.com Valid SSL Certificate Service Account with Domain Admin rights More about the requirement can be found here at the Microsoft blog. To get started we need to install the ADSF roles and features. Run Windows PowerShell as…
2 Comments
