September 2017 – The journey to the Microsoft cloud

Office 365 / Azure AD: Block sign in for accounts with password hash sync

September 18, 2017 Peter Selch Dahl Leave a comment

Expired Active Directory users are still able to sign into Microsoft Office 365 / Azure Active Directory when using password Synchronization If you have made the move from ADFS / PTA to using Azure AD Password Synchronization with SSO you will soon realize that former / terminated employees are still able

iOS 11 provides support for OAuth 2.0 (Modern Auth) in the native mail app

September 12, 2017 Peter Selch Dahl 4 comments

With the release of iOS 11.0, the native mail client has now support for OAuth 2.0. OAuth 2.0 is often mentioned as modern authentication and provides some new capabilities like Microsoft Azure Multi-factor Authentication support and allows to using certificates for authentications. Modern Authentication uses a secure token instead of

login.windows.net still needs to be added to trusted sites in Internet Explorer

September 12, 2017 Peter Selch Dahl Leave a comment

During some troubleshooting it was discovered that for some reason “https://login.windows.net” needs to added to “IE trusted site” else you wouldn’t get a PRT (Primary Refresh Token) issued in some scenarios. Microsoft have been working on merging the Azure AD Authentication Flows since March 2015, but this still doesn’t seem to

Credential Roaming vs. Device Registration Certificate for Conditional Access

September 10, 2017 Peter Selch Dahl Leave a comment

During the last couple of weeks I have been asked from a couple of my customers on how to get Azure device registration to work in environments using either Windows Credential Roaming or Roaming User Profile (with Certificates included). After doing some research on the subject I found the answer

Speaking: Everything Windows User Group Meeting, September 2017

September 6, 2017 Peter Selch Dahl Leave a comment

I’m proud to announce that I’ve been invited to speak at the Everything Windows User Group event held at Edgemo in Aarhus on Tuesday the 12th of September. Bridging the legacy gap in modern workplaces Microsoft is rapidly providing a strong platform for running Azure AD joined devices in the

Upgrading Azure Virtual Machine from Windows Server 2012 R2 to Windows Server 2016

September 6, 2017 Peter Selch Dahl 2 comments

Microsoft currently doesn’t support in-place upgrade of Windows operating systems running on virtual machines in Microsoft Azure. I have successfully performed several upgrades for customers throughout the last couple of years. Microsoft and other community blog post would recommend that you either create and new server or download the VHD from