Heard about Shielded VMs? Looking to learn more?

Then you should definitely check out this post by Dean Wells.. https://blogs.technet.microsoft.com/datacentersecurity/2017/03/14/shielded-vms-a-conceptual-review-of-the-components-and-steps-necessary-to-deploy-a-guarded-fabric/ it’s full of great information about building a guarded fabric.. well worth the read. (side note – if you ever get a chance to see him speak, do it, you won’t regret it)


AD ACL Scanner

<<Updated link to new GitHub location>> Just in case you haven’t seen it yet our colleagues in PFE Sweden have put together an excellent post detailing the usage of AD ACL Scanner, a CodePlex PowerShell based GUI for reporting on AD permissions. Check it out here – https://blogs.technet.microsoft.com/pfesweplat/2017/01/28/forensics-active-directory-acl-investigation/ Grab the tool here – https://github.com/canix1/ADACLScanner    


Azure AD V2 PowerShell Modules - Public Preview

ICYMI – Over the past few weeks we’ve been releasing public preview builds of the new AAD V2 PowerShell Module. <cliff notes version> Grab the latest bits here:  https://www.powershellgallery.com/packages/AzureADPreview/ Read a bit more about it here: https://blogs.technet.microsoft.com/enterprisemobility/2016/10/13/in-case-you-missed-it-azuread-powershell-v2-0-is-now-in-public-preview/ CMDLET reference list: https://docs.microsoft.com/en-us/powershell/azuread/v2/azureactivedirectory?redirectedfrom=msdn (bookmark me!)   </cliff notes>  


New Azure AD / EMS content!

Hi all, Some big announcements this week around conditional access and device connectivity w/ Azure AD – be sure to check out the link below for details! Controlling Access to Office 365 and Protecting Content on Devices (Whitepaper)  


Azure AD Connect Health w/ On-Prem AD

Hi all, For those not yet familiar with Azure AD Connect Health we’ve pushed yet another super cool feature into preview – connect health monitoring of on-prem AD from Azure.  Hit the link below for more info.   Introducing #AzureAD Connect Health for Windows Server AD


AzureAD cert based auth for iOS and Android

In case you missed this one earlier today, cert based auth for AzureAD on mobile just hit preview.  Check out the post here for more info: https://blogs.technet.microsoft.com/enterprisemobility/2016/07/18/azuread-certificate-based-authentication-for-ios-and-android-now-in-preview/


Config drift for the PowerShell noob - AD Edition

Well, maybe not just for noobs 😉 One of the most common scenarios we get questions around is managing configuration drift in enterprise scale environments, especially given the high rate of change in the cloud connected world.  Generally speaking desired configuration management hasn’t been as prevalent in the identity space – most have treated DCs as special;…


MS16-072 - Wait.. you broke my GPO!

Hi all – just taking a minute to link a couple of great posts from my colleagues in the Directory Services team, and PFE related to the MS16-072 release and some great general info about GPO in general. Ask the Directory Services Team – Deploying Group Policy Security Update MS16-072 \ KB316362 https://blogs.technet.microsoft.com/askds/2016/06/22/deploying-group-policy-security-update-ms16-072-kb3163622/ Ask PFE…


RSAT for Windows 10 released!

Hi all, Been awfully quiet around here lately; I'll look to change that over the next few weeks 🙂 In case you missed it, the RSAT (Remote Server Administration Tools) for Win10 just released..  grab them here: https://www.microsoft.com/en-us/download/details.aspx?id=45520


Bitlocker on the Surface Pro 3 (and other tablets..)

Hi all, I just wanted to take a quick minute and share a post from the guys over on the ASK PFE blog regarding tablet devices and pre-boot protection.  Check it out http://blogs.technet.com/b/askpfeplat/archive/2014/07/14/bitlocker-pin-on-surface-pro-3-and-other-tablets.aspx – J