Microsoft has a lot of options to view Azure log data in one form or another. There is the Security Center, Azure Sentinel, Log Analytics, and Insights. This is fine for an Azure centric organization, but many organizations already have log collection systems in place such as Splunk, and using multiple logging platforms is not efficient. This article walks through sending Azure AD and Office 365 logs to Splunk.Continue reading “Use Splunk to Collect Logs from Office 365 and Azure AD”
Azure Traffic Manager is a global DNS service hosted in Azure. It extends the functionality of DNS beyond simple name to IP resolution, adding load balancing and advanced resolution features such as geo-fencing, weighted priority, performance, and source IP based name resolution.
Just as important to what it is, is what it is not. It is not an IP based Global Load Balancer. Traffic Manager does not handle IP session data, BGP or any other routing protocols. It is only an External DNS solution, it won’t work as an internal DNS solution. Continue reading “Azure Traffic Manager”
For all the technical challenges I’ve ran into, nothing is more frustrating than trying to understand Microsoft Licensing. I put together an infogram as an attempt to explain Microsoft licensing and the relationship between the O365, EMS and the new Microsoft 365 license bundle. Supporting links are below as well as a video I put together to explain how each product relates to the other. This is meant to be informational only, please seek assistance from a Microsoft licensing professional before making any purchasing decisions. Continue reading “Microsoft 365 E3 and E5 Bundels”
Today I took care of a cleanup task after the ADFS implementation. The problem: SSO did not work with Microsoft Edge and Chrome. When trying to access any Microsoft cloud services from a non-IE browser, I get directed to the web form landing page to enter a password. Continue reading “Single Sign On with Non-Internet Explorer Browser”
I had a problem this week when connecting to Azure VM’s. When connecting by RDP parts of the screen were blocked out by black squares and rectangles like the image below. This only happened when connected to Azure VM’s, I did not have the problem with VM’s in any of my other datacenters.
Once the Azure implementation of Active Directory Federation Services (ADFS) was in place I ran through the test process. Single Sign on works as expected from inside the network. Going to microsoftonline.com passes my client to the internal ADFS server where I enter my user name and get redirected to the Office 365 landing page. Doing the same from outside the corporate network works similarly only directing me to the external servers where I had to enter my domain UPN (username) and password. All well, but then…
The problem was connecting to an Office 365 site from a domain joined computer connected outside the corporate network via Direct Access (DA). In this scenario I get the prompt for username and password. This is not ideal, the end users expectation is to have the same experience through DA as in the office. Continue reading “Microsoft Direct Access and Azure Single Sign On”
If you deployed a VM using the new Resource Manager mode in Azure and need to find the IP and if it is static you may have ran across the “Get-AzureVM” command as an option to retrieve IP information. This command is for “Clasic” mode and won’t work in Resource Manager mode.
To get IP information including the internal IP and if it is set dynamic or static, use this command:
Get-AzureRmNetworkInterface -name <NIC_Name> -ResourceGroupName <NIC_ResourceGroup>
Notice that this does not specify the VM Name, it specifies the NIC attached to the VM. The output will give you the IP address and indicate if it is static or dynamic.
Over the next few weeks I undergo a move of critical organization services to Office 365. Most of the subsequent posts will be related to activities required
to prepare the existing environment for O365. This post will focus on the three options for allowing users to access O365.
In order for users to access O365, they need to authenticate. Office 365 authenticating takes place with the help of Azure Active Directory. There are three options for authenticating to O365:
Continue reading “Accessing Office 365”