Browsed by
Category: Conditional Access

The book of Non-Managed Shared Devices

The book of Non-Managed Shared Devices

This blog will be about what options you have when you got a lot of non-managed shared devices that need to run the Teams desktop app. Imagine the next scenario:  Just right before the first Covid19 wave, a company made the decision to transform their organization to a modern zero trust company. Before this decision was made, everyone was working on a remote desktop cluster which was placed inside a datacentre and none of their (shared) on-premise devices were managed….

Read More Read More

The Conditional Access Experiment

The Conditional Access Experiment

This blog will be about me experimenting with Conditional Access and with experimenting, I mean to change the JSON myself and uploading it! Why? Just for fun and to include some stuff that isn’t available in the GUI. Some time ago I was inspired to check something out.  Of course, almost all schools are working with Teams nowadays and so is my son’s school. After installing teams and logging in with my son’s office365 account, I was asked the famous…

Read More Read More

Fantastic PowerShell and where to find the CA Rules

Fantastic PowerShell and where to find the CA Rules

Automating your tenant deployment is crucial in preventing human mistakes. This is one example from my own experience when working in the field with PowerShell and JSON. When automating your conditional access deployments as I did, you can run into some very weird situations… So, what did I do? I fired up a PowerShell session from a special Win10 VM (created for deployments) and logged in with my admin user within the customer (test)tenant WVDCLOUD: admin@wvdcloud.nl. I checked once again…

Read More Read More

Continuous Access Evaluation: Rise of the Claim challenge

Continuous Access Evaluation: Rise of the Claim challenge

Hi, Refresh tokens, Hi lag when Terminating users or setting a new password. Welcome continuous access evaluation (CAE), bye lag (1 hour refresh token) Continuous access evaluation is implemented by enabling services, like Exchange Online, SharePoint Online, and Teams, to subscribe to critical events in Azure AD, like: *Enabling MFA *Disabling or deleting a User *Changing a user his/her password This process enables the scenario where users lose access to organizational SharePoint Online files, email, calendar, or tasks, and Teams…

Read More Read More