Enforce
Are you looking for information about force configurations in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about force configuration.
Microsoft Authenticator App: Improve security with app and location information
Multi-Factor Authentication improves security of every identity. Microsoft is working constantly to improve the security of their Microsoft 365 and Microsoft Azure accounts. A new feature has been added to the Microsoft Authenticator App, which displays additional information in multi-factor authentication approval requests:
Microsoft Entra: Roll Over Kerberos Decryption Key
With Seamless Single Sign-On (Seamless SSO), users can leverage the same credentials for both on-premises and cloud-based services. Repeated authentication prompts between these environments are eliminated, as authentication data is automatically exchanged between Active Directory and Microsoft Entra. As part of the Seamless SSO configuration, a computer account named AZUREADSSOACC is created in the on-premises Active Directory. For security reasons, Microsoft recommends rotating the associated Kerberos decryption key every 30 days.
Azure AD Connect: Enforcing TLS 1.2
Azure AD Connect no longer supports the following protocols because they are considered insecure. the following services may be affected by the deactivation of the protocols: With TLS 1.2, Azure AD Connect remains executable.
Enforce Multi-Factor Authentication (MFA)
Multi-Factor Authentication (MFA) provides a high level of protection for identities in the cloud. The user must identify himself with a second factor in addition to the password. Without this second factor, access to cloud apps are prevented. The feature “Azure AD Conditional Access” can be used to enforce multi-factor authentication. At least two of the following authentication methods then become mandatory: