Use Splunk to Collect Logs from Office 365 and Azure AD

Microsoft has a lot of options to view Azure log data in one form or another. There is the Security Center, Azure Sentinel, Log Analytics, and Insights.  This is fine for an Azure centric organization, but many organizations already have log collection systems in place such as Splunk, and using multiple logging platforms is not efficient.  This article walks through sending Azure AD and Office 365 logs to Splunk.

Continue reading “Use Splunk to Collect Logs from Office 365 and Azure AD”

CompTIA CTT+ Certification

Why

Over the past couple of years, I have created a sizeable amount of content on YouTube and Blog and have been lucky enough to speak at some wonderful user groups and other events.  The format of this content is based on replicating what I enjoy when I consume similar content.  Imitation is the greatest form of flattery, right?

Continue reading “CompTIA CTT+ Certification”

Azure Privileged Identity Management (PIM) For Beginners

Azure Privileged Identify Management, or PIM, is a Microsoft service that enables management, control and monitoring of privileged access in Azure.  In this video, I give you an introduction to Azure PIM.  We go over the basics of on boarding a user to PIM, adding a user for active and eligible access, activating an eligible role, requiring an activation approval on a role and creating access reviews.

MFA Conditional Access Policy Breaks AD Connect Synchronization

I ran into this issue today and sharing for anyone else that may run into the same problem.  The scenario is fairly simple, Azure AD Connect synchronizing to Azure AD.  All works fine until MFA policies were enabled, and then sync stops working.  Running a Sart-ADSyncSyncCycle returns a lot of red, but the basic are:

Continue reading “MFA Conditional Access Policy Breaks AD Connect Synchronization”

Deploy Azure AD Domain Service and Join a Server to the Domain

In this video, I go over deploying Azure AD and configuring replication with an on-premises Windows Active Directory domain and Azure Active Directory.  I review deployment options and how to synchronize passwords from Windows and Azure directory services.  A server is deployed and joined to the Azure AD Domain Services domain and users source from Azure AD and Windows AD log in using same sign-on credentials.

Continue reading “Deploy Azure AD Domain Service and Join a Server to the Domain”

Proximity Placement Groups and Accelerated Networking

Proximity Placement Group

In this video I go over the benefits of using Azure Proximity Placement Groups and Accelerated networking with Azure IaaS VM’s.  I start by explaining what Proximity Placement Groups are and how they work, then go over the basics of Accelerated Networking.  After that, I deploy a Proximity Placement Group and accelerated networking and compare results with and without the features enabled.

Continue reading “Proximity Placement Groups and Accelerated Networking”

Site-to-Site Azure VPN with a Windows RRAS Server

Azure S2S VPN

This video shows how I created a VPN connection between my home lab and Azure Subscription.  I used a Routing and Remote Access role on a Windows Server 2019 as the local endpoint.  This provides the ability to setup a VPN connection without special firewall hardware.  This is useful for home labs and small offices that need connectivity to an Azure subscription.  It also is helpful to walk through the setup to prepare for Azure certifications such as the AZ-103.

Continue reading “Site-to-Site Azure VPN with a Windows RRAS Server”