MFA Excluded accounts - still prompting for MFA registration
Hi Team, We have enabled the MFA in our organisation and we have created conditional access policy for the service accounts to exclude from MFA. We have disabled the MFA for those accounts under O365 admin > Active users> MFA when we try login…
How do I stop the twice hourly automatic attempts to fraudulently sign into my webmail account
Twice hourly automatic attempts to fraudulently sign into my Hotmail account from random IP addresses across the world. How do you to stop these ? Sooner or later I assume the brute forcing will work. The amount of notifications is annoying as well
Microsoft Defender against Palo Alto Cortex
I am tasked to compare Palo Alto Cortex solution on our existing Windows workstations against MS Defender for Endpoint. There is several articles about this and my first conclusion is, that Defender might have only small weakness against Palo Alto but I…
Sign-in logs question
Hi, I need to help to understand the sign logs in Microsft Entra admin center. I found some external user activity in sign logs. I am confused how can i know which service is accesiing. How can i verify it's only teams meeting or teams channel or…
Cant remove work or school account from personal PC
recently left an organization and my ID there was disabled. When employed there, I used my personal PC for work as well as my own stuff. Now I get frequent requests to log in to my Work or School Account. How do I remove the Work account from my personal…
Can you implement event-based retention policies with a Business Premium License?
I'm looking to suggest event-based retention policies as a solution for a client I'm working with. They hold a business premium license and I'm trying to determine whether the Business Premium license supports this level of functionality or is it only…
Stop downloads on unmanaged devices - conditional access
Hi all, I want to set a block policy on downloads from sharepoint and onedrive for unmanaged devices - personal or not within the tenant.
Clarification regarding Azure Enterprise Application or Service principal and Application registration.
I need help and clarification regarding the Azure Enterprise Application or Service principal and Application registration. Any Enterprise Application or Application Registration that has AppOwnerOrganizationId attribute no value (empty) meaning that…
I need to renew our NDES Server certificate and also its PKI certificate on it
I need to renew our NDES Server certificate and also its PKI certificate on it. These are not yet expired. They will expire in July. The goal is to renew for 10 years.
Why is the Security Baseline 23h2 not available in intune?
Hello, We are rolling out Windows 23h2 update and I want to use the right security baselines in Intune. Currently we are using the Baseline November 2021 but I see that the 23H2 security baseline documentation is available in the Security Compliance…
Windows 11 23H2 "View Wi-Fi Security Key"
Windows 11 23H2 recently introduced a new function "View Wi-Fi Security Key" within the "Manage Known Networks" Settings location. With some deployments auto-configuring Wi-Fi via GPO and Intune, is there a way to disable this new…
what Intune core services work not function correctly. if Port 80 could not be opened on a Firewall
A customer has concerns about allowing Traffic over TCP Port 80 for Intune even though it appears to be a requirement for Intune Core Services, and Authentication dependencies. What may not function if Port 80 is blocked?…
Minimum password Length
Hello Members, Is there a possible way to change the default password policy and set the minimum length of password as 14 characters?
Is there a way to block "Microsoft Azure PowerShell" for all users?
Greetings, I'm afraid that this one can't be blocked by design, but I will ask anyway. Is there a way to block login attempt from Microsoft Azure PowerShell? We are constantly probed from all around the world, and I can't see to figure out how to block…
Manger wants total control over employee data
A Manager wants to have total control over 5 employee data. The laptop is provided by the Company and any file created by the employee, the Manager should be able to see it. No files should be deleted by the employee even if the employee is the owner of…
Windows Security Key Login with Multiple Accounts on Key
We are currently implementing security key logins for Windows 11 using YubiKey FIDO keys on our AutoPilot deployed AzureAD only joined devices. So far the implementation is working well for the majority of our users. Our administrators have separate…
Data disk Bitlocker recovery key gone after computer re-installation
I have desktop workstation with extra physical data disk drive encrypted with bitlocker. I changed OS disk for bigger one, updated bios and was about to re-install OS anyway. After BIOS upgrade, User Account for M356 services stopped working on existing…
Questions regarding tokens/sessions maliciously created during Phishing
Hello, I have a few questions related to Phishing attacks that steal creds/create sessions for threat actor: If a threat actor steals a token/creates a malicious session using cred proxy, can they keep refreshing it themselves? Fastest way to kill a…
Defender Application guard Enterprise mode not working in Corporate network.
We have configured Defender Application guard Enterprise mode in Intune for testing purpose but not working in corporate network. But when we connect public network like mobile hotspot it is working fine as expected, Trusted cloud resource is added for…
Acitivity logs question
Hi, I need to help to understand the sign logs in Microsft Entra admin center. I found some external user activity in sign logs. I am confused how can i know which service is accesiing. How can i verify it's only teams meeting or teams channel or…