Azure Data Share in Preview

Microsoft has announced a new service: Azure Data Share. It is a new data service for sharing data across organizations. This can be used to easily share big files and data with external organisations instead of using FTP or other data sharing services.

Azure Data Share, view of sent shares in the Azure portal

Read the Microsoft official announcement for more information:
https://azure.microsoft.com/en-us/blog/announcing-preview-of-azure-data-share/

Watch the video to learn more about Azure data share:
https://channel9.msdn.com/Shows/Azure-Friday/Share-data-simply-and-securely-using-Azure-Data-Share/player?format=ny

Security & Ethical Hacking hands-on labs

Today I have given a hands on lab with Erik Loef on security and ethical hacking. We had created 5 different labs for the 21 participants to learn them more about security. This way we allowed them to think as a hacker, find out weaknesses in the system, and how to take measures against hackers. We did create the following 5 labs:

  • Wifi hacking (retrieve logindetails from end users by using a roque access point)
  • Create your own virus
  • Exploit a backdoor in Windows
  • Hack a webserver
  • From user to domain admin in 15 minutes

All sessions where created to learn about security. With Azure and Office 365 we do our outmost best to secure your environment. I hope to give you more information in the near future how to improve security in Azure and Office 365.

Azure AD Domain Services an option or not?

Frequently I get the question, how are we going to manage our legacy Azure IaaS servers? Should we deploy domain controllers? or should we setup a VPN connection with our on-premise environment?

Before we can start answering these questions we will need to learn more about AD DS.

Azure AD Domain Services provides managed domain services such as domain join, group policy, LDAP, Kerberos/NTLM authentication that are the same as traditional domain controllers. You can consume these domain services without the need for you to deploy, manage, and patch domain controllers in the cloud. Azure AD Domain Services integrates with your existing Azure AD tenant, thus making it possible for users to log in using their corporate credentials. The AD DS is available in a VNet of your choice.

Azure AD Domain Services Overview

AD DS works with cloud-only or synced with on-premise AD. Important to know is that Password hash synchronization is mandatory for hybrid organizations to use Azure AD domain services. This requirements is because users credentials are needed in the managed domain to authenticate using NTML or Kerberos.

Continue reading “Azure AD Domain Services an option or not?”

Outlook 2016 search not working

Recently I was notified by a customer that Outlook search wasn’t working anymore as expected (Search not working at all, or missing results). After some searching I found out that this was caused by a Windows 10 Update where a shared DLL was updated: KB4467684

In the the end there is a quick fix by running a simple command that repairs the effected MSWB7.dll file.: sfc/scannow (run as administrator)

Continue reading “Outlook 2016 search not working”

Azure AD exclude user from password experation policy

Connect to Azure AD with PowerShell:

Connect-azuread

Now we would like to get an overview of all users, run the following command:

Get-azureAduser

If you have the UserPrincipalName or email address we might shorten the list to just that single user bij adding a filter:

Get-AzureADUser -ObjectId <UserPrincipleName> 

Next task is to link the default password policy without a password expiration to this user. Run the following command:

Set-AzureADUser -ObjectId <UserPrincipalName> -PasswordPolicies DisablePasswordExpiration

Once this has been completed, verify if the policy has been set correctly with the following command:

Get-AzureADUser -ObjectId <UserPrincipalName> | fl UserPrincipalName,passwordpolicies