Use Azure Backup for Active Directory forest recovery requirements | Part 1

In this series I will demonstrate how to configure Azure Backup to protect a Domain Controller deployed in Azure. An initial backup will be performed which will then be used to restore the Azure Virtual Machine (VM) to an isolated Virtual Network. The VM restore will be tested by signing into the Domain Controller with the built-in Administrator account. This validates the successful backup and restore of the Domain Controller VM. Part 1 covers the configuration of Azure Backup and creation of backups for two Domain Controllers in Azure. I will configure backup for a Domain Controller in the forest root domain and a Domain Controller in the child domain.

How to Use the Advanced Commenting Editor for Azure Sentinel

Some may have noticed this week a few new capabilities have shown up in Azure Sentinel Incidents on the Comments tab. It's still early days for this enhanced functionality, but there's enough here now to get a good head-start on developing some team policies around better commenting. The following, shows the current interface of the … Continue reading How to Use the Advanced Commenting Editor for Azure Sentinel

How to Create a Backup Notification System in the Event an Unauthorized User Shuts Down Azure Sentinel

A request was made recently about how to prevent an unauthorized and elevated user account from getting access to Azure Sentinel. Essentially, the scenario is this: An environment was compromised.A compromised user account had elevated access.The compromised user account shut down monitoring (Azure Sentinel) so as not to be detected. I'm still working the full … Continue reading How to Create a Backup Notification System in the Event an Unauthorized User Shuts Down Azure Sentinel

Enabling MIM Portal with Azure AD App Proxy

Enabling MIM Portal to work with Azure AD App Proxy is not new.  There are certainly numerous articles out on the Internet that talk about the topic.  At the same time, MIM Portal on App Proxy is not as easy to configure as other web-based applications are. My reasons for documenting this was to solve … Continue reading Enabling MIM Portal with Azure AD App Proxy

How to connect AlienVault OTX to Azure Sentinel

I am excited to announce an updated AlienVault OTX playbook for Azure Sentinel. Inspired by Matt Eagan’s Sentinel Ingestion article. This is a Logic App (playbook) to import threat indicators from AlienVault into Azure Sentinel using the Graph Security API. Sentinel GitHub Link Here My goal was to expand on Matt’s example to create an … Continue reading How to connect AlienVault OTX to Azure Sentinel

Intune – Query Azure AD Bitlocker Keys using Graph API

The Issue If you have recently started using the BitLocker Encryption options out of Intune whether its device configuration or the endpoint protection encryption portion you will see there are many great reports like the encryption below. The problem is its quite hard to see if your machines have backed up their keys to Azure … Continue reading Intune – Query Azure AD Bitlocker Keys using Graph API

Azure – “Executing Runbooks with Power Platform and Webhooks”

The Question In a recent Workshop I wanted to explain how you could use webhooks in clever ways to kick off specific tasks in Azure Automation. Specifically I wanted to create a Power App where I could just click a button and all my Az Modules in my Azure Automation Account gets updated. You can … Continue reading Azure – “Executing Runbooks with Power Platform and Webhooks”

Intune – “Conditional Access, Terms of Use and The Company Portal”

The Issue We recently had an issue where we tried to use the Conditional Access setting and only granting Terms of Use for an Android Device Enrollment. The Investigation What happens now is as described in our docs article Terms of use - Azure Active Directory | Microsoft Docs - The authenticator app installs... Why … Continue reading Intune – “Conditional Access, Terms of Use and The Company Portal”

Publish Custom PowerShell Workflows to Azure Automation

Introduction Writing Runbooks in Az Automation is possible in the following languages: PowerShell and Python, in PowerShell it is also possible to write PowerShell Workflow. In this blog post, I will walk through some highlights in writing 'PowerShell Workflow' and how to upload it to 'Runbook gallery' in Azure Automation. The pros and cons of using Workflow The … Continue reading Publish Custom PowerShell Workflows to Azure Automation