Search This Blog

Monday, October 30, 2023

Friday, October 27, 2023

Wednesday, October 25, 2023

Protect apps with Microsoft Defender for Cloud Apps Conditional Access App Control

 Conditional Access App Control enables user app access and sessions to be monitored and controlled in real time based on access and session policies. Access and session policies are used within the Defender for Cloud Apps portal to further refine filters and set actions to be taken on a user. 

人为财死鸟为食亡

 人为财死鸟为食亡

Monday, October 23, 2023

What is Azure Continuous Access evaluation ?

 Continuous access evaluation for Microsoft 365 and Azure Active Directory (Azure AD) proactively terminates active user sessions and enforces tenant policy changes in near real time instead of relying on access token expiration

CAE only has insight into IP-based named locations. CAE doesn't have insight into other location conditions like MFA trusted IPs or country/region-based locations. When a user comes from an MFA trusted IP, trusted location that includes MFA Trusted IPs, or country/region location, CAE won't be enforced after that user moves to a different location. 


Saturday, October 21, 2023

What administrators will receive users at risk detection alerts from Azure AD identity protection?

 Configure users at risk detected alerts


The recipients of this email - Users in the Global Administrator, Security Administrator, or Security Reader roles are automatically added to this list

Thursday, October 19, 2023

The Microsoft Entra Connect Health agent is installed on each targeted server.

 Health agents must be installed and configured on targeted servers so that they can receive data and provide monitoring and analytics capabilities.


For example, to get data from your Active Directory Federation Services (AD FS) infrastructure, you must install the agent on the AD FS server and on the Web Application Proxy server. Similarly, to get data from your on-premises AD Domain Services infrastructure, you must install the agent on the domain controllers.


Wednesday, October 18, 2023

Monday, October 16, 2023

Azure VM stop , deallocate tasks stopped working ~~~ delete / re-create those tasks at a later rescheduled time worked

 Azure VM  stop , deallocate tasks stopped working ~~~  delete / re-create those  tasks at a later rescheduled time worked

reason unknown, but I solved the problem










Thursday, October 12, 2023

jackfruit ~~~ 菠萝蜜

 jackfruit ~~~ 菠萝蜜


If Samsung Gallery upload to OneDrive isn’t working ... what a day ... does not work with MS 365 work Onedrive

 https://support.microsoft.com/en-gb/office/samsung-gallery-and-onedrive-99c4e77b-8e63-4ddc-aede-19f81acee1a3

  • Your Samsung Gallery can only be connected to OneDrive personal accounts (i.e. not OneDrive for work or school users).


Wednesday, October 11, 2023

Azure AD Application Proxy supports remote workers by publishing on-premises applications that will be accessed over the internet. These applications can be published through the Azure portal to provide secure remote access from outside your network.

 Azure AD Application Proxy supports remote workers by publishing on-premises applications that will be accessed over the internet. These applications can be published through the Azure portal to provide secure remote access from outside your network. 

AZURE: Configure Conditional Access App Control for Slack

 Like Facebook Workplace, you start by adding the Slack app to Azure Active Directory, and then configure the required SSO settings before you're able to create a Conditional Access policy, and finally the required Conditional Access App Control policies.


Monday, October 9, 2023

defender for cloud apps portal url

 https://github.com/MicrosoftDocs/microsoft-365-docs/blob/public/microsoft-365/security/defender/portals.md

Security operators and admins can go to the following portals to manage security-specific settings, investigate possible threat activities, respond to active threats, and collaborate with IT admins to remediate issues.


Portal name Description Link

Microsoft 365 Defender portal Monitor and respond to threat activity and strengthen security posture across your identities, email, data, endpoints, and apps with Microsoft 365 Defender security.microsoft.com

Microsoft Defender Security Center Monitor and respond to threat activity on your endpoints using capabilities provided with Microsoft Defender for Endpoint. NOTE: Most tenants should now be redirected to the Microsoft 365 Defender portal at security.microsoft.com. securitycenter.windows.com

Office 365 Security & Compliance Center Manage Exchange Online Protection and Microsoft Defender for Office 365 to protect your email and collaboration services, and ensure compliance to various data-handling regulations. NOTE: Most tenants using the security sections of the Office 365 Security & Compliance Center should now be redirected to the Microsoft 365 Defender portal at security.microsoft.com. protection.office.com

Defender for Cloud portal Use Microsoft Defender for Cloud to strengthen the security posture of your data centers and your hybrid workloads in the cloud portal.azure.com/#blade/Microsoft_Azure_Security

Microsoft Defender for Identity portal Identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions using Active Directory signals with Microsoft Defender for Identity portal.atp.azure.com

Defender for Cloud Apps portal Use Microsoft Defender for Cloud Apps to get rich visibility, control over data travel, and sophisticated analytics to identify and combat cyberthreats on cloud services portal.cloudappsecurity.com

Microsoft Security Intelligence portal Get security intelligence updates for Microsoft Defender for Endpoint, submit samples, and explore the threat encyclopedia microsoft.com/wdsi

Portals for other workloads

While these portals are not specifically for managing security, they support various workloads and tasks that can impact your security. Visit these portals to manage identities, permissions, device settings, and data handling policies.


Portal name Description Link

Entra portal Access and administer the Microsoft Entra family to protect your business with decentralized identity, identity protection, governance, and more, in a multi-cloud environment entra.microsoft.com

Azure portal View and manage all your Azure resources portal.azure.com

Azure Active Directory portal View and manage Azure Active Directory aad.portal.azure.com

Microsoft Purview compliance portal Manage data handling policies and ensure compliance with regulations compliance.microsoft.com

Microsoft 365 admin center Configure Microsoft 365 services; manage roles, licenses, and track updates to your Microsoft 365 services admin.microsoft.com

Microsoft Intune admin center Use Microsoft Intune to manage and secure devices. Can also combine Intune and Configuration Manager capabilities. endpoint.microsoft.com

Microsoft Intune portal Use Microsoft Intune to deploy device policies and monitor devices for compliance endpoint.microsoft.com

Shadow IT is the term used to describe the deployment and use of apps by other departments in an organization other than IT.

 Shadow IT is the term used to describe the deployment and use of apps by other departments in an organization other than IT.



Sunday, October 8, 2023

azure: That's great! You must first disable security defaults before enabling a Conditional Access policy.

 How do I disable security defaults before enabling a Conditional Access policy?

Disabling security defaults

Sign in to the Microsoft Entra admin center as a Global Administrator.

Browse to Identity > Overview > Properties. Select Manage security defaults.

Set Security defaults to Disabled (not recommended).

Select Save.


Microsoft Entra admin center URL : https://entra.microsoft.com/#home

 Microsoft Entra admin center URL : https://entra.microsoft.com/#home


AZURE Conditional access comes with six conditions: user/group, cloud application, device state, location (IP range), client application, and sign-in risk

 Conditional access comes with six conditions: user/group, cloud application, device state, location (IP range), client application, and sign-in risk. You can use combinations of these conditions to get the exact conditional access policy you need. 




Administrators are faced with two primary goals: Empower users to be productive wherever and whenever Protect the organization's assets

 Administrators are faced with two primary goals:


Empower users to be productive wherever and whenever

Protect the organization's assets

Saturday, October 7, 2023

Teamviewer vs Microsoft quick assist .... Teamviewer is much better , that's why its not free

 Microsoft quick assist is slow ... but free

one client PC is behind a Asus wifi extender , it does not even connect... showing connecting ... forever

in this case Teamviewer is slow too, but somehow still show the remote screen


Azure Active Directory Premium P1 vs. P2:

 https://petri.com/azure-active-directory-premium-p1-vs-p2/#:~:text=A%20standalone%20Azure%20Premium%20P1,Azure%20Active%20Directory%20Premium%20P1.

A standalone Azure Premium P1 license costs $6 per user / per month, whereas Azure Premium P2 license cost $9 per user / per month. All member user accounts in the Azure AD tenant must be licensed. If your organization licenses Microsoft 365, then Microsoft 365 E3 licenses include Azure Active Directory Premium P1

A Active Directory Identity Protection

Azure Active Directory Identity Protection can analyze a user’s sign-in request against risk factors such as known leaked credentials, atypical travel, malware-linked IP addresses, and unfamiliar sign-in properties. This additional intelligence is useful for organizations looking to automate responses to suspected compromised user accounts without relying on users reporting odd behavior or administrators reviewing logs after the fact.


Access reviews

Access reviews allow better management of group memberships and access to enterprise applications by delegating regular access reviews to specific reviewers to confirm whether the provided access is still required. This is particularly useful for high-privilege security groups or applications that process sensitive data. It is often a regulatory and/or audit requirement to demonstrate effective access management processes.


Privileged Identity Management

Friday, October 6, 2023

Unlike most remote support software, Quick Assist does not allow transferring files!

 Unlike most remote support software, Quick Assist does not allow transferring files!

liner 衬垫

 liner  衬垫

Remember, you can only enable MFA for organizational accounts stored in Azure Active Directory. These are also called work or school accounts.

 Remember, you can only enable MFA for organizational accounts stored in Azure Active Directory. These are also called work or school accounts.

Wednesday, October 4, 2023

Tuesday, October 3, 2023

Azure AD Connect can be installed on a domain controller, member server, or non-domain joined server.

 Azure AD Connect can be installed on a domain controller, member server, or non-domain joined server.

non-domain joined server ?


To install Azure AD Connect, you must have Local administrator permissions on the Azure AD Connect computer.

 To install Azure AD Connect, you must have Local administrator permissions on the Azure AD Connect computer.

Monday, October 2, 2023

Sunday, October 1, 2023

中国国籍法的“高明”之处,可以灵活运用。

 国籍法后面还有规定:“加入、退出和恢复中国国籍的申请,由中华人民共和国公安部审批。经批准的,由公安部发给证书。”


不管是加入还是退籍,您最终的办理成功与否,都需要公安部发给证书。加入的发放入籍证书,退籍的发放退籍证书。


所以如果你只是拿了外国护照,没有去申请这个退籍证书,那不好意思,你的国籍状态就处于一个模糊的程度,用简单一点的话来说,那就是“说你是中国人你就是,说你不是你就不是”。