Scenario You want to allow an application the permission to add and remove members in an Entra Group with the least possible permissions used. Solution You can of course solve this by giving your application one of the following Application … Continue reading →| Microsoft Security Solutions
Background A developer at a customer recently asked me: “I have a custom API protected by Entra ID. Can you allow me to grant admin consent to my own APIs, without needing to contact an Entra ID ad…| Microsoft Security Solutions
I often hesitate to decline meetings since they then disappear entirely from my calendar. If my schedule changes I might have been able to attend, but since there is no trace left of the meeting, I…| Microsoft Security Solutions
Here is a quick guide on how to make a USB stick bootable and how to split a Windows WIM file into smaller files, so that they will fit on the FAT32 formatted USB drive. This is not in any way new …| Microsoft Security Solutions
Many phishing attempts use the “someone has shared a files with you”-notification email as their template. I would say they are used for two main reasons: They are common and/or expecte…| Microsoft Security Solutions
In larger Teams meetings it can be distracting with the constant ding-ding sound when people join the lobby: If you are the organizer of a meeting, you can choose to skip the Lobby feature. In an a…| Microsoft Security Solutions
During Teams meetings, I am sometimes unable to unmute my microphone: It usually occurs when I use the Teams Web app ( and Bluetooth headsets that mute when I raise the microphone arm. If I am on m…| Microsoft Security Solutions
If you want to share a URL without it being clickable (for visual reasons or to avoid accidental clicks), you can use the so-called fake dot. The fake dot looks like a regular dot but will usually …| Microsoft Security Solutions
If you want to receive files without using email, you can use the Request files feature in OneDrive for Business. Locate the folder you want the incoming files to end up in, click on the three dots…| Microsoft Security Solutions
Last week I hosted a webinar together with our partner Condatis, where we talked about how to manage External Identities with Azure AD B2B/B2C. Thanks to all who attended it live! You can now watch…| Microsoft Security Solutions
If you are using a FIDO2 Security Key, such as a YubiKey, you may have run into the issue that you cannot use it to authenticate with your Azure AD account using PowerShell: As you can see, the nee…| Microsoft Security Solutions
Sometimes I want to highlight specific text when I’m sharing a Microsoft Docs-page to someone, like in this example:You can do this yourself by appending the following text after the Docs-link:?vie…| Microsoft Security Solutions
A customer who uses Microsoft Advanced Threat Analytics (ATA) recently had severe issues with their ATA implementation. At first, the portal started to behave strangely, not showing all information…| Microsoft Security Solutions
In the newly released version 1.0.91 of Teams for iOS it was announced that it now supports Sensitivity Labels for your Teams: (Sorry that the screenshots are in Swedish, you’ll have to trust…| Microsoft Security Solutions
You have for a while been able to copy your AIP Labels to the Security & Compliance Center from the Azure Information Protection Portal. But you can now also copy your AIP Policies (in Preview)…| Microsoft Security Solutions
This is a guide that shows you how to get a publicly trusted wildcard certificate at no cost from Let’s Encrypt using PowerShell. Requirements: Windows PowerShell 5.1 .NET Framework 4.7.2 (li…| Microsoft Security Solutions
Are you also having the issue where accessing your Hyper-V VM Guests works great when connecting via Virtual Machine Connection, but the VM hangs when you try to access it using Enhanced Session or…| Microsoft Security Solutions
Once you have enrolled your FIDO2 security key in Azure AD (which can be done here), you can easily sign-in to web pages that use Azure AD as Identity Provider without needing to enter your passwor…| Microsoft Security Solutions
When you visit it shows pages in the local language you have configured in your browser’s settings. Sometimes the pages are properly translated by humans, sometimes it is machine translated.I…| Microsoft Security Solutions
I’ve been missing an easy way to tell if an AIP label will encrypt information, or if it “only” adds the label metadata and/or visual markings. Sure, I can explain it in the description of the labe…| Microsoft Security Solutions
Microsoft has released a PowerShell module on PSGallery that can test if you are mitigating the issues that Meltdown and Spectre are using. Simply run the following command in an elevated PowerShel…| Microsoft Security Solutions
I have previously blogged about the free publicly trusted certificate solution Let’s Encrypt, see here. In this post, I will show how you can request a certificate with a PowerShell script and prov…| Microsoft Security Solutions
When there is an update available for ATA you will get a blue arrow notification in the portal. Hovering with the mouse pointer over the icon will show what’s new in the available update: The updat…| Microsoft Security Solutions
I have several times encountered these issues, so it decided it was time to write a blog post about it. The situation You are using a proxy server for web communication. Direct communication to the…| Microsoft Security Solutions
Here’s a new short video from Microsoft that shows how you can protect your organisation’s information, using solutions that are part of the Enterprise Mobility + Security suite, such a…| Microsoft Security Solutions
When I recently installed an ATA Center I encountered the following error message: Installation failed. Error code: 0x80070002 I got the error message right after entering the Center configuration …| Microsoft Security Solutions
When doing PKI audits and also when troubleshooting autoenrollment I want to see if there are multiple Group Policies that configure contradictory PKI settings. Instead of manually going through al…| Microsoft Security Solutions
One of the security solutions I work with is called Azure Information Protection. It is Microsoft’s solution for labeling and protecting information and it has some awesome features: Super simple t…| Microsoft Security Solutions
I gave two talks at the TechX conference held at Microsoft headquarters in Stockholm on February 13-17 2017. The sessions were recorded and are now available to watch on YouTube [see links below]. …| Microsoft Security Solutions
Sometimes I run into error messages in foreign languages, like this French one: Ok, I admit it, I made the dialog box myself, but the message text is real. And I have no idea what it means. So, how…| Microsoft Security Solutions
The password manager LastPass has always been free to use in your web browser, but they just announced that they will no longer require a paid subscription for accessing your LastPass from mobile d…| Microsoft Security Solutions
The Azure Information Protection client was recently updated to version 1.2.4.0. One of the improvements is a built-in diagnostics tool: You get to this dialog box by going to the Home tab and clic…| Microsoft Security Solutions
I have previously blogged about how you can get a free SSL certificate from the Certification Authority called WoSign, but they have been misbehaving lately (see details here) and some big companie…| Microsoft Security Solutions
A few days ago I spoke about IT security in general and Advanced Threat Analytics in particular at Microsoft’s headquarter in Stockholm. I showed a few sites and was asked to share them. So here th…| Microsoft Security Solutions
An SSL certificate has a field called Subject. The Subject field contains the domain name that the certificate is valid for. Subject can only contain one domain name: The field Subject can have mor…| Microsoft Security Solutions
This blog post will guide you through the steps of obtaining a publicly trusted SSL certificate with up to 5 domain names, at no cost. There are no hidden costs, ads or referrals involved. You do n…| Microsoft Security Solutions
About a month ago I gave a talk about Microsoft Advanced Threat Analytics (ATA) at TechX, a Microsoft event here in Sweden. The session is now posted on YouTube and available for everyone to see. P…| Microsoft Security Solutions
I just installed a CA server for testing, and noticed something strange. First I installed the binaries with the cmdlet Add-WindowsFeature, without any issues: When I was about to install and confi…| Microsoft Security Solutions
Best Practices from Microsoft when deploying Network Device Enrollment Service (available here) states: “Always set up the administrator site with SSL-only configuration. (Disable http access to th…| Microsoft Security Solutions
If your AD account has the “User must change password at next logon” option enabled: and you try to logon to a RDP session (with correct credentials): you might encounter this error mes…| Microsoft Security Solutions
