login.windows.net still needs to be added to trusted sites in Internet Explorer

During some troubleshooting it was discovered that for some reason “https://login.windows.net” needs to added to “IE trusted site” else you wouldn’t get a PRT (Primary Refresh Token) issued in some scenarios. Microsoft have been working on merging the Azure AD Authentication Flows since March 2015, but this still doesn’t seem to be merged end-to-end yet. Source: Simplifying …

Continue reading "login.windows.net still needs to be added to trusted sites in Internet Explorer" »

Credential Roaming vs. Device Registration Certificate for Conditional Access

During the last couple of weeks I have been asked from a couple of my customers on how to get Azure device registration to work in environments using either Windows Credential Roaming or Roaming User Profile (with Certificates included). After doing some research on the subject I found the answer on docs.microsoft.com, Microsoft doesn’t support …

Continue reading "Credential Roaming vs. Device Registration Certificate for Conditional Access" »

Speaking: Everything Windows User Group Meeting, September 2017

I’m proud to announce that I’ve been invited to speak at the Everything Windows User Group event held at Edgemo in Aarhus on Tuesday the 12th of September. Bridging the legacy gap in modern workplaces Microsoft is rapidly providing a strong platform for running Azure AD joined devices in the cloud with modern management (Intune), …

Continue reading "Speaking: Everything Windows User Group Meeting, September 2017" »

Upgrading Azure Virtual Machine from Windows Server 2012 R2 to Windows Server 2016

Microsoft currently doesn’t support in-place upgrade of Windows operating systems running on virtual machines in Microsoft Azure. I have successfully performed several upgrades for customers throughout the last couple of years. Microsoft and other community blog post would recommend that you either create and new server or download the VHD from Microsoft Azure and perform the …

Continue reading "Upgrading Azure Virtual Machine from Windows Server 2012 R2 to Windows Server 2016" »

Microsoft Azure Information Protection app now support CBA

Microsoft just released support for certificate-based authentication (CBA) for the Microsoft Azure Information Protection iOS app. The app integrates with the Microsoft Authenticator app that supports the Apple iOS SafariViewController that enables access to the certificates stored on the iOS device.

Continue reading "Microsoft Azure Information Protection app now support CBA" »

Web Application Proxy 2012 R2 – HTTP to HTTPS redirect

This post applies to Microsoft Web Application Proxy 2012 R2. I recommend that you upgrade to Windows Server 2016 that provides a built-in function within the Web Application Proxy 2016 to perform HTTP to HTTPS direct. See more here Updated post: This post has been updated 07/32/2017. Original post: 25. December 2013 22.15 Performing HTTP …

Continue reading "Web Application Proxy 2012 R2 - HTTP to HTTPS redirect" »

Issue with accessing the DirectAccess console after removing a Domain Controller

Most people don’t know that the DirectAccess servers are tied together with a specific domain controller. In case you decommission the specific domain controller due to upgrade or other reasons the Direct Access console will become inaccessiable. Symptom: Unable to open the DirectAccess configuration in the “Remote Access Management Console” Error message unable to load …

Continue reading "Issue with accessing the DirectAccess console after removing a Domain Controller" »

Microsoft Azure Automation Start and Stop Virtual Machines using Runbooks

This short guide will show you how to use Microsoft Azure Automation for managing the start and stop of your Microsoft Azure Virtual Machines. This guide provides to PowerShell Automation script for Azure Automation: Workflow: Start_My_Azure_VMs – Start_My_Azure_VMs.ps1 (5.26 kb) – Script for starting domain controllers first and than all the rest of the virtual machines on your Azure Subscription Workflow: …

Continue reading "Microsoft Azure Automation Start and Stop Virtual Machines using Runbooks" »

Microsoft Forefront Unified Access Gateway 2010 is discontinued… What now?

Microsoft Forefront Unified Access Gateway 2010 is discontinued! The product will be removed from pricelists on the first of July 2014 and the Mainstream support will continue through April 14, 2015. More information: http://blogs.technet.com/b/server-cloud/archive/2013/12/17/important-changes-to-the-forefront-product-line.aspx  What NOW? Microsoft will continue the develope the Web Application Proxy (WAP) role within Microsoft Windows 2012 R2. Keep come and wait …

Continue reading "Microsoft Forefront Unified Access Gateway 2010 is discontinued... What now?" »