Certificate-based authentication is an extremely robust and secure mechanism for validating a user's identity. However, until recently, you had to deploy Active Directory Federation Services (AD FS) to make it available for Azure AD. Microsoft has recently introduced an Azure AD certificate-based authentication service (Azure CBA), which significantly simplifies implementing certificate-based authentication.

The post Azure AD certificate-based user authentication first appeared on 4sysops.

Pass-through authentication is an alternative to AD FS and password hash synchronization in Azure AD. This technology allows users to access cloud apps after authenticating against the local Active Directory. The configuration of pass-through authentication is less complex than that of AD FS, for example.

The post Configuring SSO between Active Directory and Azure using pass-through authentication first appeared on 4sysops.

Getting rid of unsecure password authentication is becoming a priority for many businesses. Companies using Microsoft's Azure Active Directory have many options to implement passwordless authentication. One of these is using a FIDO2 security key.

The post Passwordless authentication with FIDO2 and Azure Active Directory first appeared on 4sysops.

In my last article, titled "What is serverless computing? An introduction to AWS Lambda," we took a detailed look at what serverless computing does. Taking the next step, we will create a working example in AWS Lambda using the Go programming language (often referred to as Golang).

The post Writing an AWS Lambda function using Go (Golang) first appeared on 4sysops.

Microsoft offers many solutions and services to defend your Microsoft 365 tenancy. One of the most touted features available in Azure AD Premium P1 (and higher) is Azure Conditional Access. Conditional Access allows you to set policies that determine what type of devices, which users, and under what conditions a request to access a service may be allowed or blocked.

The post Azure Conditional Access policies not working in Google Chrome first appeared on 4sysops.

Customers using Exchange Online can take advantage of Microsoft Office 365 Message Encryption (Microsoft OME) as an online service built into Microsoft Azure Rights Management (Azure RMS) to encrypt Office 365 email messages and various attachments.

The post Microsoft Office 365 Message Encryption: Encrypt email in Microsoft 365 first appeared on 4sysops.

Azure Arc allows organizations to extend the Azure Resource Manager control plane from the public cloud to their on-premises environments so that they can manage these resources like they natively existed in Azure and utilize services like Automanage. This provides functions such as remediation of configuration drifts, setting up backup and monitoring, and hotpatching Windows Server.

The post Azure Arc: Manage on-prem Windows Server VMs with Azure Resource Manager first appeared on 4sysops.

In my previous post, I explained how to install Boto3 with VS Code on Windows. Even though all components involved are cross-platform, the installation of the AWS SDK with VS Code on macOS is a bit different.

The post Pip install Boto3 first appeared on 4sysops.

Azure AD supports so-called dynamic groups. A dynamic group can comprise devices or users on which you set query rules to determine their membership. These groups can then be used throughout your Microsoft 365 tenancy to provide access to resources, with a few exceptions for Microsoft Exchange Online.

The post Using Azure AD dynamic groups for Microsoft 365 resources first appeared on 4sysops.

The term serverless computing sounds very cool, but what does it actually mean? In this post, I will introduce AWS Lambda, Amazon's serverless computing service.

The post What is serverless computing? An introduction to AWS Lambda first appeared on 4sysops.

Effective March 1, 2022, prices for some Microsoft 365 and Office 365 subscriptions will increase by up to 25 percent. Companies could save money by switching to a plan that doesn't include the Office apps and instead purchasing a perpetual license for those apps in the Long-Term Servicing Channel (LTSC).

The post Price increase for Microsoft 365: Save costs with hybrid licensing first appeared on 4sysops.

In this guide, I show you how to install Boto3, the AWS SDK for Python, in Microsoft's free Visual Studio Code (VS Code) on a Windows machine. This will allow you to automate in Amazon's cloud with the most popular scripting language on the planet.

The post Install Boto3 (AWS SDK for Python) in Visual Studio Code (VS Code) on Windows first appeared on 4sysops.

Repairing, migrating, and exporting Exchange Server data can be challenging. Learn how the Stellar Toolkit for Exchange can make these tasks much easier.

The post Stellar Toolkit for Exchange: Repair database , Migrate to Microsoft 365, , export mailboxes first appeared on 4sysops.

If you attach an EBS volume to an Amazon EC2 instance, you can configure its device name. However, the block device driver of newer Linux kernels might randomly assign a different name. In this AWS guide, you will learn how to edit the fstab configuration file to ensure that an EBS volume automatically mounts on the correct mount point.

The post Automatically mount an NVMe EBS volume in an EC2 Linux instance using fstab first appeared on 4sysops.

If you have to deploy several virtual machines together with their resources to multiple Azure resource groups, you can use nested templates with my PowerShell script.

The post Using nested templates and a PowerShell script to deploy multiple Azure resource groups with virtual machines and supporting resources first appeared on 4sysops.

When joining a device to Azure AD, you may receive the following error message:

Something went wrong. It looks like we can't connect to the URL for your organization's MDM terms of use. Try again, or contact your system administrator with the problem information from this page.

The post Joining Azure AD fails—Can't connect to URL for your organization's MDM terms first appeared on 4sysops.

In this post, we will be looking at purging options to permanently delete a Key Vault and fully erase all the secrets, keys, and certificates in it. Sometimes destroying data properly is as important as keeping it secure. We all know that there are some cases in which the data is actually not deleted completely, even if we think it is. Key Vaults in Azure are a good example of this.

The post Permanently delete a Key Vault in Azure using PowerShell first appeared on 4sysops.

The OneDrive client synchronizes files between the local computer and the cloud. Sometimes, it can happen that this synchronization does not work properly. You then have a different file status on the PC than in OneDrive. Resetting the OneDrive client usually solves this problem.

The post Reset OneDrive synchronization first appeared on 4sysops.