Move on from Exchange Online SMTP Basic Authentication with Client Submission

Intro Link to full Microsoft article:https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-to-retire-basic-auth-for-client-submission-smtp/ba-p/4114750 Microsoft are closed one of the older legacy protocols; SMTP with basic authentication.Due late september 2025, now is the time to prepare your systems for the decommission of SMTP relay using the old basic authentication. This article talks about a few ways to modernize sending mails. High volume email …
Continue reading Move on from Exchange Online SMTP Basic Authentication with Client Submission

Microsoft Defender for Endpoint – Use Microsoft Security API to export inventory

Intro This guide will assist in the proces of exporting inventory from Defender for Endpoint. This export will both export servers and clients that are registrered in Defender for Endpoint, since servers also registrer to the same inventory as clients. It can be useful then you want to export data about high exposure devices, or …
Continue reading Microsoft Defender for Endpoint – Use Microsoft Security API to export inventory

Azure Bastion

Deploy Azure Bastion to subscription No hassle of managing Network Security Groups (NSGs)You don’t need to apply any NSGs to the Azure Bastion subnet. Because Azure Bastion connects to your virtual machines over private IP, you can configure your NSGs to allow RDP/SSH from Azure Bastion only. This removes the hassle of managing NSGs each …
Continue reading Azure Bastion

Create custom Privileged Identity Management (PIM) group with approver

Description This guide will walk through the proces of creating custom PIM group that will give members eligility to elevate and become global admin. This guide will also outline how to setup approver as required step in the proces of elevation. Create groups Enable groups for PIM Setup PIM for the group that holds the …
Continue reading Create custom Privileged Identity Management (PIM) group with approver

Manage emergency access accounts in Microsoft Entra ID (Break glass)

Microsoft Learn source article: https://learn.microsoft.com/en-us/entra/identity/role-based-access-control/security-emergency-access  This guide was originally written as an internal guide for infrastructure consultants to configure for customers. However I felt the need to share this approach, since break-glass is a concept widely debated, but very important to configure. I do also recommend the use of a direct partner of Microsoft, that can …
Continue reading Manage emergency access accounts in Microsoft Entra ID (Break glass)

Require Multifactor Authentication to register or join devices with Microsoft Entra

In Entra ID under Devices, All Devices and then Device Settings, you can enable: Require Multifactor Authentication to register or join devices with Microsoft Entra. However Microsoft recommends disabling this feature (enabled by default) and enforcing via a conditional access policy instead. This guide provides 2 ways of achieving that goal. Method 1: This method …
Continue reading Require Multifactor Authentication to register or join devices with Microsoft Entra

Robocopy

Robocopy is a great tool for copying and syncing data between source and destination (and vice-versa).Here you can find both general knowledge about the tool and few examples on how to use Robocopy. Reference All commands can be found here:https://learn.microsoft.com/en-us/windows-server/administration/windows-commands/robocopy Known issues How to run Robocopy Robocopy is included in Windows. You can start Robocopy …
Continue reading Robocopy

Migration to Converged Authentication Methods

Intro This guide will assist in the proces of migrating from legacy MFA and legacy SSPR, to the new converged authentication methods. On September 30th, 2025, the legacy multifactor authentication and self-service password reset policies will be deprecated and you’ll manage all authentication methods in the authentication methods policy. NoteAfter all authentication methods are fully …
Continue reading Migration to Converged Authentication Methods