Tutorials
Looking for tutorials for Microsoft Azure and Microsoft 365? You can find all our tutorials in this archive.
Review and remove inactive users from Microsoft 365 groups with Access Review
Permissions for Microsoft 365 groups or applications can change constantly. This makes the effort of checking permissions time-consuming and inefficient. With the Azure Active Directory feature “Access Review”, this task can be largely automated and inactive users and guests can be removed from the Microsoft 365 groups and applications with just a few clicks.
Passwordless Sign In with Microsoft Authenticator App
Passwordless sign in with the Microsoft Authenticator App makes sign in to Azure and Microsoft 365 cloud services more secure and convenient for the user. The typing of a password is replaced by a modern method, e.g. the Microsoft Authenticator app. Passwordless sign-in to cloud apps can be achieved using various methods: For a significant increase of identities security, the cost-effective variant with the Microsoft Authenticator App is the best choice.
Backup and Restore Microsoft Authenticator App
The Microsoft Authenticator App is a key component of Multi-Factor Authentication (MFA) in Microsoft Azure and Microsoft 365. When switching to a new smartphone or in the event of device loss, the question often arises: how can the Microsoft Authenticator App, including all configured accounts, be reliably restored without having to set up each login from scratch?This article provides a step-by-step guide on how to securely back up the Microsoft Authenticator App and seamlessly transfer it to a new device, whether running iOS or Android. This ensures continued access to protected applications without disruption.
Microsoft Entra: Roll Over Kerberos Decryption Key
With Seamless Single Sign-On (Seamless SSO), users can leverage the same credentials for both on-premises and cloud-based services. Repeated authentication prompts between these environments are eliminated, as authentication data is automatically exchanged between Active Directory and Microsoft Entra. As part of the Seamless SSO configuration, a computer account named AZUREADSSOACC is created in the on-premises Active Directory. For security reasons, Microsoft recommends rotating the associated Kerberos decryption key every 30 days.
Microsoft Entra Privileged Identity Management (PIM): Request Microsoft Entra roles or Microsoft Azure roles by User
Microsoft Entra Privileged Identity Management (PIM) optimizes the management of privileged roles to Microsoft Azure and Microsoft 365 resources. This contributes to the improvement of the security standards of cloud services. An additional feature is the Just-in-Time authorization, where a user is granted elevated privileges only for the period in which they are actually needed. This minimizes the risk of misuse and unauthorized access. This guide explains how a user can apply for a Microsoft Entra role or Microsoft Azure role for a specific period of time and how an administrator can efficiently manage this requests.