The Microsoft Entra Conditional Access for authentication flows regulates the use of the device code flow and authentication transfer. The device code flow is used to authenticate devices that do not have a browser or whose input is restricted, such as smart TVs, IoT devices, or printers. The device code flow represents a high-risk authentication flow, which could be exploited in phishing attacks or to gain access to corporate resources on unmanaged devices. The authentication transfer is a new flow that provides a seamless way to transfer the authenticated state from one device to another. In the desktop version of Outlook, users might be presented with a QR code. When they scan it on their mobile device, their authenticated state is transferred to the mobile device.
Tag: PowerShell Page 1 of 2
Are you looking for information about PowerShell in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about PowerShell.
SMB over QUIC is a network protocol used by Windows. It allows secure, shared use of resources such as files on the network. To use SMB (Server Message Block) without QUIC, TCP port 445 is required. Some Internet providers block TCP port 445 for security reasons. Therefore, it is not possible to connect to a file share on Azure by SMB successfully.
To bypass the blocking of TCP port 445, there are several options to choose from, including the following:
- VPN (Virtual Private Network), e.g. AlwaysOnVPN
- Third party software, e.g. MyWorkDrive
- SMB over QUIC (Quick UDP Internet Connection)
Microsoft Azure Arc is a solution that enables resources to be centrally managed and monitored across multiple environments. Azure Arc extends the management capabilities of Azure to on-premises resources or other cloud providers such as Amazon Web Services (AWS) or Google Cloud Platform (GCP).
Resources integrated into Azure Arc are administered via the unified Azure Portal. Regardless of where they are physically or geographically located. Overall, Azure Arc provides consistent, centralized and simplified management of resources.
This guide describes how to deploy a Windows Server hosted outside the Azure Cloud step-by-step using the Azure Connected Machine Agent in Azure Arc.
Microsoft Azure supports in-place upgrade to Windows Server 2019 and Windows Server 2022. All data, server roles and settings are taken over in the process. For a successful in-place upgrade there are a few requirements.
This guide shows how to successfully perform a direct upgrade to a newer Windows Server version.
Windows LAPS (Local Administrator Password Solution) provides centralized, simple and secure management of local administrator passwords in Microsoft Intune. Each device receives its own temporary administrator password. Windows LAPS automatically manages the administrator passwords in terms of expiration and rotation. Local administrator passwords are stored in either Azure Active Directory or local Active Directory.
Windows LAPS thus offers, for example, higher protection against pass-the-hash and lateral traversal attacks.