Azure Virtual Desktop; “The sign-in method you’re using isn’t allowed”

Posted on by Travis Roberts
ADV

Azure Virtual Desktop now has the option to join session hosts to Azure AD in addition to Windows AD and Azure AD Domain Services.  I got the error message below while logging in.

“The sign-in method you’re using isn’t allowed.  Try a different sign-in method or contact your system administrator.”

Continue reading “Azure Virtual Desktop; “The sign-in method you’re using isn’t allowed””

SMB Multichannel with Azure File Shares

Posted on by Travis Roberts

Azure File Shares Premium support SMB multichannel, a way to improve throughput for applications and services.  This video goes over what it is and how it works.  It also goes over performance, network, and Azure VM considerations to help make the best of Azure Files premium.

Continue reading “SMB Multichannel with Azure File Shares”

MFA Without the Authenticator App for Azure AD and Microsoft 365

Posted on by Travis Roberts

Multi-Factor Authentication (MFA) adds an important layer of security to Azure AD or Microsoft 365 accounts.  For many, the Microsoft Authenticator app provides the needed second-factor for MFA.  But that depends on a mobile device.  In some cases, an employer may want to use an alternative to a cell phone or mobile device for MFA.  This video looks at a Yubico Yubikey hardware token as an alternative to the Microsoft Authenticator app on a cell phone for Azure MFA.

Continue reading “MFA Without the Authenticator App for Azure AD and Microsoft 365”

Hybrid Azure AD Join: The device object by the given ID is not found

Posted on by Travis Roberts

I worked on an Azure Active Directory lab for Hybrid Azure AD Join today and ran into a problem.  The lab is a new deployment, single Windows Server 2019 Domain Controller running the 2.x version of Azure AD Connect Sync.  Express install was used, there are no OU or advanced filters in place.  Following the directions outlined in the Microsoft documentation is straightforward.  However, after enabling Hybrid Azure AD Join, the computers did not show in the Azure AD Portal under Devices.

Continue reading “Hybrid Azure AD Join: The device object by the given ID is not found”

Enforce Multi-Factor Authentication (MFA) on External Guest Azure AD Accounts

Posted on by Travis Roberts

In this video, we go over what a Business to Business (B2) external Azure AD account is and how to enforce Multi-Factor Authentication (MFA) on guest accounts with a Condition Access Policy.  The demo goes over disabling SMS authentication, then inviting guest users to the tenant.  After that, we walk through enabling MFA with the Microsoft Authenticator app.

Continue reading “Enforce Multi-Factor Authentication (MFA) on External Guest Azure AD Accounts”

Don’t Use Azure AD Domain Services to Replace Windows Domain Controllers

Posted on by Travis Roberts
Azure AD Domain Services

I’ve been sitting on this topic for a while.  I typically like to pass along information that helps people better understand Azure and other Microsoft products absent of my option.  However, this post is slightly opinionated, an opinion that was formulated after seeing problems users ran into while trying to use Azure AD as a replacement for Windows AD. 

Continue reading “Don’t Use Azure AD Domain Services to Replace Windows Domain Controllers”