Azure AD – a single user is not syncing with Azure AD.
Problem was that a single user was not syncing with Azure AD. In Azure AD the user attribute On-premises sync enabled was “blank”. Normally this setting is set to True. …
Intune – sync all devices in Intune using Powershell
Install Micrsofot Graph IntuneMore information : PowerShell Gallery | Microsoft.Graph.Intune 6.1907.1.0 IMport and Connect to MS Graph Sync One device via POwershall MS Graph Sync all devices. If you have …
Turning off Basic authentication in the Microsoft 365 admin center does not turn off two legacy services.
Turning off Basic authentication in the Microsoft 365 admin center does not turn off two legacy services. AllowBasicAuthOutlookService AllowBasicAuthReportingWebServices These two settings can only be turned off via Exchange Online PowerShell. Get-AuthenticationPolicy Set-AuthenticationPolicy -Identity “policy name …
Restore deleted MS Teams/Microsoft 365 group
Connect to Azure AD display a list of all soft-deleted Microsoft 365 groups that are still within the 30-day retention period Find the group to restore and copy the IdRun …
Autopilot HWID online – direct WindowsAutopilotinfo into Intune
With autopilot HWID -online switch it’s possible to inject the HWID directly into Intune so there is no need to down and upload civ files. Start laptop, in the OOBE bootscreen …
Azure AD Set password to never expire
Check user account or set password never expires for a cloud managed user account. This is not possible for on-premises synced accounts. In this case you control the setting in …
AAD connect migrate / upgrade to AAD Connect 2.0 with Server 2022
More information of AAD connect can be found here: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/whatis-azure-ad-connect-v2 In this article I describe the migration of AAD connect 1.6.16.0 to AAD connect 2.x. Windows Server 2012 and Windows Server …
Change Azure AD device ownership
When a Windows device is enrolled in Azure AD using an Azure AD join the following security principals will be added to the local administrators group on the device. Azure AD global administrator role Azure AD …
Microsoft 365 Admin portals & handy urls
Portal name Link Description Azure Active Directory portal aad.portal.azure.com View and manage Azure Active Directory Microsoft Endpoint Manager admin center / Intune portal endpoint.microsoft.com Use Microsoft Endpoint Manager to manage and secure devices …
Install AzureAD Powershell module
MS Online is an old module to manage the Azure/Office 365 from PowerShell. Azure Active Directory PowerShell for Graph (AzureAD) is a modern PowerShell module for interacting with Azure infrastructure. The module …
Hybrid AAD domain join without SCP – without AADconnect hybrid setup
To Hybrid domain join a device you have to configure your Azure AD Connect which creates a Service Connection Point (SCP) in your Active Directory. However in some environments it’s not …
Get Windows Autopilot from OOBE – Register Device in AutoPilot.
If your devices is bought without Autopilot registration you need to register it first by using Get-WIndowsAUtoPilotInfo.ps1.Normally to achieve this you would boot into Windows and run the script and …
Google Chrome (always sign-in issue) & Azure Conditional Access
Azure does not see that your device is Azure AD joined via the Google Chrome browser. Because of this the user needs to sing in to Office 365 (& MFA) …
Office 365 disable the Keep me signed in (KMSI) displays a “Stay signed in? ” prompt
Sign in to the Azure portal using the Global administrator account . Select Azure Active Directory, select Company branding, and then select Configure. In the Advanced settings section, Switch the “Show option to remain signed in” setting to No. …
Staged ADFS Migration to Cloud Authentication (Azure AD)
This feature allows you to test cloud authentication and migrate gradually from federated authentication. When using high available cloud services you don’t want to rely on your on premises ADFS …