PowerShell
Are you looking for information about PowerShell in Microsoft Azure and Microsoft 365? In this archive you will find all our posts about PowerShell.
-
Soft Delete in Microsoft Entra Conditional Access: Easily Restore Deleted Policies
Thanks to Soft Delete, a deleted policy in Microsoft Entra Conditional Access remains available for up to 30 days and can be fully restored during this retention period. This enables the complete recovery of deleted policies without significant effort, including all conditions, assignments, and access controls. A variety of scenarios can lead to policies being deleted: accidental removal, faulty automations, tenant clean-ups or malicious changes. Soft Delete ensures rapid recovery and prevents the permanent loss of critical access rules as well as time-consuming rebuilds.
-
Kerberos Cloud Trust and Windows Hello for Business: Secure and Seamless Authentication in Hybrid Environments
Kerberos Cloud Trust is a hybrid authentication protocol developed by Microsoft to enable secure and passwordless sign-ins. Kerberos Cloud Trust combines the strengths of Kerberos and Windows Hello for Business to offer a modern, secure, and user-friendly authentication solution. It is particularly useful in hybrid environments where both cloud and on-premises resources are utilized. Users authenticate securely and seamlessly both locally and in the cloud.
-
Microsoft Entra ID: Automatically Roll Over Kerberos Decryption Key
The regular roll over of the Kerberos decryption key is crucial to ensure the security and integrity of seamless Single Sign-On (SSO) in hybrid IT environments. Microsoft recommends rolling over this key every 30 days to close potential security gaps and ensure smooth integration between on-premises Active Directory and Microsoft Entra ID. This process can be automated to minimize administrative effort and ensure continuous security.
-
Microsoft Entra Conditional Access: Block Authentication Flows
The Microsoft Entra Conditional Access for authentication flows regulates the use of the device code flow and authentication transfer. The device code flow is used to authenticate devices that do not have a browser or whose input is restricted, such as smart TVs, IoT devices, or printers. The device code flow represents a high-risk authentication flow, which could be exploited in phishing attacks or to gain access to corporate resources on unmanaged devices. The authentication transfer is a new flow that provides a seamless way to transfer the authenticated state from one device to another. In the desktop version of Outlook, users might be presented with a QR code. When…
-
SMB over QUIC and Azure Server: empowering secure and lightning fast file sharing
SMB over QUIC is a network protocol used by Windows. It allows secure, shared use of resources such as files on the network. To use SMB (Server Message Block) without QUIC, TCP port 445 is required. Some Internet providers block TCP port 445 for security reasons. Therefore, it is not possible to connect to a file share on Azure by SMB successfully. To bypass the blocking of TCP port 445, there are several options to choose from, including the following: