Update an WVD Application Group Based on a Windows AD Security Group

WVD Security Groups

One unfortunate aspect of working with Windows Virtual Desktop is the inability to assign users to an Application Group based on group management. Microsoft has heard this complaint and an upcoming version of WVD portal management will include App Group access based on group membership. Until that is available, I created a script that should help.

Continue reading “Update an WVD Application Group Based on a Windows AD Security Group”

Active Directory Domain Service, Azure Active Directory and Azure Active Directory Domain Service Explained

Active Directory Domain Service, Azure Active Directory and Azure Active Directory Domain Service

Microsoft has a couple of options available for identity and authentication services including Active Directory Domain Services, Azure Active Directory, and Azure Active Directory Domain Services.  This can lead to confusion, especially considering three of the options have “Active Directory” in the name.  It also leads to the question “do we still need domain controllers?”  This post reviews these three different options, outlining the functionality and comparing how they work together in Microsoft and Azure.

Continue reading “Active Directory Domain Service, Azure Active Directory and Azure Active Directory Domain Service Explained”

Azure AD and Named Locations

I am at the beginning of implementing Azure AD Premium in an environment and got hung up on the simple task of configuring Named Location for Conditional Access. Now, this was a minor nuisance at best, but thought I would outline what happened as the Microsoft documentation is a bit misleading.

As a background for those of you unfamiliar, Named Location is a feature of Azure AD Premium that lets you define know locations in your AD tenant. This is used for with Identity Protection and login risk assessments. It can also be part of Conditional Access. For example, don’t force MFA when a user logs in from a Named Location. More information can be found here:
https://docs.microsoft.com/en-us/azure/active-directory/active-directory-named-locations

Continue reading “Azure AD and Named Locations”

Accessing Office 365

Accessing Office 365

Over the next few weeks I undergo a move of critical organization services to Office 365.  Most of the subsequent posts will be related to activities required
to prepare the existing environment for O365.  This post  will focus on the three options for allowing users to access O365.

In order for users to access O365, they need to authenticate.  Office 365 authenticating takes place with the help of Azure Active Directory.   There are three options for authenticating to O365:
Continue reading “Accessing Office 365”