Tutorials
Looking for tutorials for Microsoft Azure and Microsoft 365? You can find all our tutorials in this archive.
-
Microsoft Entra Access Reviews: Governance for User and Guest Access
In Microsoft Entra ID, user and guest access evolves incrementally over time, for example as a result of role changes, project assignments or temporary external collaboration. Access rights that are granted once often remain in place, even when the original business or organizational requirement no longer exists. As a result, common countermeasures such as manual access reviews, follow-ups with group owners or occasional spot checks provide only limited, point-in-time transparency and do not enable a consistent and regular review of access. Decisions are often not documented consistently and are therefore difficult to audit retrospectively.
-
Soft Delete in Microsoft Entra Conditional Access: Easily Restore Deleted Policies
Thanks to Soft Delete, a deleted policy in Microsoft Entra Conditional Access remains available for up to 30 days and can be fully restored during this retention period. This enables the complete recovery of deleted policies without significant effort, including all conditions, assignments, and access controls. A variety of scenarios can lead to policies being deleted: accidental removal, faulty automations, tenant clean-ups or malicious changes. Soft Delete ensures rapid recovery and prevents the permanent loss of critical access rules as well as time-consuming rebuilds.
-
Microsoft Intune Multi Admin Approval: Securing Device Actions such as Wipe, Retire and Delete
Multi Admin Approval (MAA) in Microsoft Intune is a security feature that requires a second user’s approval before critical changes can be executed. This four-eyes principle significantly increases security by ensuring that administrative actions are jointly performed by two users. Initially, the use of Multi Admin Approval in Microsoft Intune focused primarily on configuration objects such as app deployments or scripts. With the latest enhancement, Microsoft has significantly elevated the feature by extending the approval process to include device actions. This now covers highly sensitive operations such as Wipe, Retire and Delete, which have a direct impact on managed endpoints. Multi Admin Approval in Microsoft Intune actively protects against misconfigurations…
-
Disable Entra Connect Seamless SSO – Step-by-Step Guide
Seamless Single Sign-On (Seamless SSO) is an optional feature in Microsoft Entra Connect that enables domain-joined Windows devices on the internal network to automatically sign in to Microsoft Entra ID without requiring users to re-enter their credentials. Seamless SSO extends Active Directory by providing a single sign-on mechanism for cloud services such as Microsoft 365 and connected SaaS applications. During configuration, Active Directory uses the Kerberos authentication protocol and creates a dedicated computer account named AZUREADSSOACC in the on-premises directory. This account links the local identity to Entra ID and is used exclusively for seamless SSO operations.
-
Microsoft Defender for Endpoint: Getting Started with Deployment Using Intune
Devices today are diverse, mobile and therefore exposed to a wide range of threats. Traditional antivirus solutions detect known patterns but leave gaps when facing new techniques and stealthy attacks. What is needed is a solution that provides visibility into activities, detects attacks early and enables centralized and largely automated response. One such approach is to deploy Microsoft Defender for Endpoint with Intune. Microsoft Defender for Endpoint (MDE) provides this coverage: the Endpoint Detection and Response (EDR) sensor collects device signals, Threat and Vulnerability Management (TVM) identifies vulnerabilities and misconfigurations, Attack Surface Reduction (ASR) rules minimize the attack surface, Web and Network Protection block risky connections and Automated Investigation and…