MFA Without the Authenticator App for Azure AD and Microsoft 365

Multi-Factor Authentication (MFA) adds an important layer of security to Azure AD or Microsoft 365 accounts.  For many, the Microsoft Authenticator app provides the needed second-factor for MFA.  But that depends on a mobile device.  In some cases, an employer may want to use an alternative to a cell phone or mobile device for MFA.  This video looks at a Yubico Yubikey hardware token as an alternative to the Microsoft Authenticator app on a cell phone for Azure MFA.

Continue reading “MFA Without the Authenticator App for Azure AD and Microsoft 365”

Hybrid Azure AD Join: The device object by the given ID is not found

I worked on an Azure Active Directory lab for Hybrid Azure AD Join today and ran into a problem.  The lab is a new deployment, single Windows Server 2019 Domain Controller running the 2.x version of Azure AD Connect Sync.  Express install was used, there are no OU or advanced filters in place.  Following the directions outlined in the Microsoft documentation is straightforward.  However, after enabling Hybrid Azure AD Join, the computers did not show in the Azure AD Portal under Devices.

Continue reading “Hybrid Azure AD Join: The device object by the given ID is not found”

Don’t Use Azure AD Domain Services to Replace Windows Domain Controllers

Azure AD Domain Services

I’ve been sitting on this topic for a while.  I typically like to pass along information that helps people better understand Azure and other Microsoft products absent of my option.  However, this post is slightly opinionated, an opinion that was formulated after seeing problems users ran into while trying to use Azure AD as a replacement for Windows AD. 

Continue reading “Don’t Use Azure AD Domain Services to Replace Windows Domain Controllers”

Getting Started with Azure AD App Proxy

Azure AD App Proxy

Azure AD Application Proxy provides a simple, secure, and cost-effective way for remote access to on-premises websites and web-based applications.  This video starts with an overview of how App Proxy works and then provides a tutorial on configuring the service with basic Azure AD authentication.

Continue reading “Getting Started with Azure AD App Proxy”

Azure AD Domain Services Forest Type, User or Resource?

Azure AD Domain Servcies

Azure Active Directory Domain Services (Azure AD DS) now supports two forest types: User and Resource.  In this video, we go over what each Azure AD DS forest type, User and Resource, does and when to use one over the other.

Continue reading “Azure AD Domain Services Forest Type, User or Resource?”

Azure AD Connect Sync and Cloud Sync, What’s the Difference?

Azure AD

Many organizations use Azure AD Connect Sync to synchronize hybrid identities from Windows AD to Azure AD DS.  Microsoft recently announces a new service, Azure AD Connect Cloud Sync, that also synchronizes Windows AD identities to Azure AD.  In this video, we go over how they are similar, features that are different, and when to use one or the other.

Continue reading “Azure AD Connect Sync and Cloud Sync, What’s the Difference?”

Azure AD Administrative Units

Azure AD Administrative Units

In this video, I go over Azure AD Administrative Units.  Azure AD Administrative units are a way to delegate admirative tasks to a subset of Azure AD users.  We review how to create Admin Units and how to add users and groups to an Administrative Unit. We also delegate administrative rights to a user to on an Administrative Unit.

Continue reading “Azure AD Administrative Units”