Provide secure remote access to on-premises applications with Azure AD Application Proxy


Topics Zero Trust controls.Create Kerberos delegation.Enable TLS 1.1 and TLS 1.2 from the registryInstall the application Proxy.Configure the SSO.Prerequisites for SSO. At the beginning this is a part of the Zero Trust Implementation.What is Zero Trust?Zero Trust strategy requires that you verify explicitly, use least privileged access principles, and assume breach. Azure Active Directory can act... Continue Reading →


In this article we will be talking how to protect and secure your information using Microsoft protection suite. We will be more concerning on a new feature in the DLP for endpoint devices We will talk on how the information is created, edited and transferred outside the organization Table of contents What is information life... Continue Reading →

Cloud App security Integrated with defender ATP


This article is related to another article in the integration of MTP products Window Defender ATP (MDATP) integration with Advanced threat protection services And for more configuration you can go to CAS integration with MDATP MDATP (Microsoft defender advanced threat Protection) MCAS (Microsoft Cloud app security) In this article we will talk about MCAS integration... Continue Reading →

Window Defender ATP (MDATP) integration with Advanced threat protection services


This article assumes you know about the threat protection services We are going to talk about the integration for all the services with the Defender ATP First, we must talk about the Microsoft advanced threat protection services Table of contents Microsoft Threat protection services overview What is MDATP Integration between MDATP and the MTP services... Continue Reading →

ATTACK Surface reduction applied with Microsoft Defender ATP


The following article assumes you have windows 10 Windows 10 Pro, version 1709 or later Windows 10 Enterprise, version 1709 or later Windows Server, version 1803 (Semi-Annual Channel) or later Windows Server 2019 Terminologies for this Article ASR (Attack surface reduction) Microsoft Defender advanced threat protection (MDATP) Links MDATP web link Advanced hunting link ASR Reports ASR Definition Vulnerabilities The article... Continue Reading →

Enabling modern authentication and MFA


In this Article We will talk about securing data and information when they are transferred to online systems Ex SharePoint online, teams and exchange. Teams is a hub for work environment it integrates SharePoint, exchange, file transferring and other SAAS platforms So in this project we will secure all the products that integrates with teams... Continue Reading →

Working from home best practice outlines


Blocking legacy authentication Identify then block Monitoring sign Ins from azure AD for any failed log ins This is your only friend for supporting and trouble shooting You must know what is the meaning of every tab, every column in this window specially every protocol Enable Modern authentication (OAUTH With MFA feature) 3 ways to... Continue Reading →


Azure log analytics Query The following are prerequisites before using the log analytics Create workspace It is a data repository configured to store data For collecting resource logs in a workspace, to analyzing logs with queries and filters. Go to the workspace, by default no logs then start configuring log sources You can choose logs... Continue Reading →


Exchange on-prem onlySecurity AdvisoryAn elevation of privilege vulnerability exists in Microsoft Exchange Server. An attacker who successfully exploited this vulnerability could attempt to impersonate any other user of the Exchange server. To exploit the vulnerability, an attacker would need to execute a man-in-the-middle attack to forward an authentication request to a Microsoft Exchange Server, thereby... Continue Reading →


To authorize users, two attributes in Azure AD are used: proxyAddresses and userPrincipalName Your first check is to make sure that the users you want to use with Azure Information Protection are displayed. Then check whether the ProxyAddresses column is populated. If it is, the email values in this column can be used to authorize... Continue Reading →


The following command assigns or remove label to a shared folder Connect to azure online PowerShell Connect-AadrmService Get list of all PDF files only make sure to add the *.PPDF Get-ChildItem \\servername\foldername\*.PPDF -File -Recurse | Get-AIPFileStatus Note: Must add justification Get-ChildItem \\servername\sharename\*.ppdf -File -Recurse | Set-AIPFileLabel -RemoveLabel -JustificationMessage "The previous label no longer applies" Then... Continue Reading →


The following is general view for the Labels Azure portal View This is how it looks like labels on office How to connect to AIP module Connect-AadrmService how to connect to Azure Information protection PowerShell module The PowerShell is Connected This is how you classify the PDF Classify and Protect from explorer View PowerShell for... Continue Reading →


Applies to: Azure Information Protection, Windows 10, Windows 8.1, Windows 8, Windows 7 with SP1, Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 https://docs.microsoft.com/en-us/azure/information-protection/rms-client/client-admin-guide-document-tracking Your subscription must support it https://azure.microsoft.com/en-us/pricing/details/information-protection/ When the document tracking site is enabled, by default, it shows information such as the email addresses of the... Continue Reading →


 How to clear windows credentials Control Panel\All Control Panel Items\Credential Manager        Step 2 Remove connected services from your Office 2013 profile Go to File, and then click Account. Under Connected Services, remove all the services for the existing account.    Step 3 Clear cached credentials on the computer Edit the registry to... Continue Reading →


 How to clear windows credentials Control Panel\All Control Panel Items\Credential Manager       Step 2 Remove connected services from your Office 2013 profile Go to File, and then click Account. Under Connected Services, remove all the services for the existing account.    Step 3 Clear cached credentials on the computer Edit the registry to remove... Continue Reading →


Grant online user delegation to on-premises account Summary: Learn how to assign permissions for mailboxes and groups in Exchange 2016 so other users can open the mailbox, send mail from the mailbox, or send mail from the group. https://docs.microsoft.com/en-us/exchange/recipients/mailbox-permissions The scenario that online exchange users in the hybrid environment were unable to have permission on... Continue Reading →


Windows Server 2016 Update settings  Hi, guys, I noticed that server 2016 doesn't have options to schedule updates and restart but I found that it can be done by 3 scenarios I will share it with you all  First, I found the following useful policy and website  Configure Group Policy Settings for Automatic Updatesthis link is very useful... Continue Reading →

Blog at WordPress.com.

Up ↑

%d bloggers like this: