SlideShare a Scribd company logo

EWUG - Something about the Cloud - Unit IT - January 14, 2020

Download as PPTX, PDF
Peter Selch Dahl
Peter Selch Dahl

Azure AD Refresh of new features and options released during Ignite and afterward. A look into new future features to enforce governance upon cloud applications and service principals

Software
1 of 28
“Something about the Cloud” - EWUG.DK - Level 200-300 Peter Selch Dahl - Cloud Architect and Microsoft Azure MVP
Microsoft MCSA: Cloud Platform - Certified 2018, Microsoft MCSA: Office 365 - Certified 2018, Microsoft MCSE: Cloud Platform and Infrastructure - Certified 2018 Microsoft MCSA: 2016 Windows Server 2016, Microsoft MCSA: 2012 Windows Server 2012, Microsoft MCITP: 2008 Server and Enterprise Administrator, Microsoft MCSA: 2008 Windows Server 2008, Microsoft MCSA/MCSE : 2003 Security, Microsoft MCSA/MCSE : 2000 Security, VMWare Certified Professional VI3/VI4/VI5, CompTIA A+, Network+, EC-Council: Certified Ethical Hacker (CEH v7), And more Peter Selch Dahl Cloud Architect, Azure MVP Twitter: @PeterSelchDahl www: www.peterdahl.net Blog : http://blog.peterdahl.net Mail : psd@apento.com
• Enterprise Admin Consent Request Management • Service Principals permissions and monitoring • Microsoft Graph scope policies • Staged rollout of CloudAuth • Azure AD Connect Cloud Provisioning • Azure AD Join support in Azure VM • And more 
Consent of principals JANUARY 14, 2020 @EWUGDK 4 http://blog.peterdahl.net/2018/05/14/azure-ad-v2-apps-vs-the-brick-wall/
Consent of principals JANUARY 14, 2020 @EWUGDK 5 •Application permissions — are permissions given to the application itself. In this scenario, the resource given access to does not have any knowledge of the permissions of the end user. In earlier literature from Microsoft patterns and practices, this model is also referred to as the “trusted subsystem” model where the idea is that the API resource trust the caller system to do the proper authorization of end users. For example, for web applications this has “always” been the model used for calling an SQL server. •Delegated permissions — are permissions that the end-user delegates to the application for access to the user’s data/resources. For instance, the application can be given access to the end user’s mailbox. This is analogue to what in earlier literature is referred to as “impersonation”, meaning that the application impersonates the end user when calling the API resource. The application acts on behalf of the end user, for instance a third party application might post on your Twitter timeline.
Consent of principals JANUARY 14, 2020 @EWUGDK 6 https://portal.cloudappsecurity.com/#/app-permissions/ Delegated Access Will soon be available within the Azure Portal as well.
Public Preview: Admin consent workflow JANUARY 14, 2020 @EWUGDK 7 • Users can request access when user consent is disabled • Users can request access when apps request permissions that require admin consent • Gives admins a secure way to receive and process access requests • Users are notified of admin action https://aka.ms/adminconsentworkflow/
https://azure.microsoft.com/da-dk/blog/managing-azure-secrets-on-github-repositories/
Conditions Allow access or Block access Actions Enforce MFA per user/per app User, Group, App sensitivity Device state LocationUser NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT MFA IDENTITY PROTECTION Risk CLOUD-POWERED PROTECTION
Service principals consent - Refresh JANUARY 14, 2020 @EWUGDK 10 Application Access
Service principals consent - Refresh JANUARY 14, 2020 @EWUGDK 11 Application Access Philippe Signoret – PM, Azure AD: https://gist.github.com/psignoret/9d73b00b377002456b24fcb808265c23
Service principals monitoring - Refresh JANUARY 14, 2020 @EWUGDK 12 https://feedback.azure.com/forums/223579-azure-portal/suggestions/33867259-azure-ad-sign-in-activity-log-should-record-and-sh
JANUARY 14, 2020 @EWUGDK 13 Microsoft Graph scope policies
Microsoft Graph scope policies JANUARY 14, 2020 @EWUGDK 14
Conditional access for MS Graph JANUARY 14, 2020 @EWUGDK 15 Issue: Gitlab doesnt play well with Azure AD Conditional Access compliant device policy Cause: “Conditional access policy was applied because the GitLab app calls Windows Azure Active Directory and a policy has been applied to this resource. The policy requires a compliant device.” Conditional access policy was applied because the GitLab app calls Windows Azure Active Directory and a policy has been applied to this resource. The policy requires a compliant device. A policy with a location condition was evaluated: - InsideCorpnet claim was not set - IP allowed due to tenant strong auth policy: False Policy Name: All Apps: Require Domain Joined device (Specific Groups, Apps Exempted/Excluded) Policy Id: 10c9a77e-d561-4cdf-ab7e-75681f957dbf Application Name: GitLab Application Id: ddf3c150-4813-4e90-b73b-72ba13224c0a Action: RequireCompliantDevice Solution: Since the Conditional Access Policy is configured to apply to all applications, will apply to Windows Azure Active Directory blocking the access. Unfortunately, Windows Azure Active Directory is not an app that we can select at the moment to be excluded. For a possible solution, you can change the Conditional Access Policy to target only the required applications instead of all applications, exclude the user or change the access controls to require for example MFA
Conditional access for MS Graph JANUARY 14, 2020 @EWUGDK 16 Current behavior • Policy applied to MS Graph if it is set on EXO or SPO Future • Apply policy directly to permissions • Example use case : An org can apply policy to mail access without restricting access to contacts, tasks etc…
JANUARY 14, 2020 @EWUGDK 18 Azure: Windows 10 / server 2019 Azure AD join
Azure: Windows 10 / server 2019 Azure AD join JANUARY 14, 2020 @EWUGDK 19 https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-authentication-to-windows-vms-in- azure-now-in-public/ba-p/827840  https://feedback.azure.com/forums/169401-azure- active-directory/suggestions/32995456-support-azure- ad-domain-join-for-windows-server-20  https://windowsserver.uservoice.com/forums/295047- general-feedback/suggestions/32995450-support- azure-ad-domain-join-for-windows-server-20
Cloud Drivers
Cloud Drivers
JANUARY 14, 2020 @EWUGDK 22 AzureAD: Cloud Provisioning
AzureAD: Cloud Provisioning JANUARY 14, 2020 @EWUGDK 23 • Disconnected Active Directory forests provisioned to a single Azure AD tenant • Sync complexity and data transform logic moved to the cloud • No heavyweight, on-premises sync server Azure AD Active Directory Disconnected Active Directory forests
JANUARY 14, 2020 @EWUGDK 24 AzureAD: Staged rollout of CloudAuth
Staged rollout of cloud authentication JANUARY 14, 2020 @EWUGDK 25 https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-staged-rollout • Configure groups of users to use cloud authentication instead of federation
Do I really need ADFS? JANUARY 14, 2020 @EWUGDK 26 • 99% of companies doesn’t need ADFS anymore! What about the 1% of companies? • The 1% is REALLY difficult! Very advanced technical scenarios require ADFS mostly for better hybrid support. • https://docs.microsoft.com/en-us/archive/blogs/pie/do-i-really-need-adfs • https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for- business/hello-feature-remote-desktop
T: +45 82 32 32 32 F: +45 82 32 32 22 M: info@proactive.dk W: www.proactive.dk
A shift in IT focus…..

Recommended

CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
Peter Selch Dahl
 
Introduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKIntroduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDK
Peter Selch Dahl
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Peter Selch Dahl
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Peter Selch Dahl
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Roy Kim
 
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentAzure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Roy Kim
 
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Roy Kim
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
NCCOMMS
 

Recommended

CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
CoLabora March 2022 - Improve security posture by implementing new Azure AD ...
Peter Selch Dahl
 
Introduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDKIntroduction to basic governance in Azure - #GABDK
Introduction to basic governance in Azure - #GABDK
Peter Selch Dahl
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
Peter Selch Dahl
 
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSOColabora.dk - Azure PTA vs ADFS vs Desktop SSO
Colabora.dk - Azure PTA vs ADFS vs Desktop SSO
Peter Selch Dahl
 
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUGAzure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Azure AD App Proxy Login Scenarios with an On Premises Applications - TSPUG
Roy Kim
 
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template DeploymentAzure Key Vault with a PaaS Architecture and ARM Template Deployment
Azure Key Vault with a PaaS Architecture and ARM Template Deployment
Roy Kim
 
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Microsoft Reactor Toronto 5/5/2020 | Azure Kubernetes In Action - Running and...
Roy Kim
 
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
O365Con18 - A Lap Around Monitoring, Auditing and Securing Microsoft Azure - ...
NCCOMMS
 
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
Kumton Suttiraksiri
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
Kris Wagner
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
Ammar Hasayen
 
03_Azure Security Center_GAB2019
03_Azure Security Center_GAB201903_Azure Security Center_GAB2019
03_Azure Security Center_GAB2019
Kumton Suttiraksiri
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
Sovelto
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
Krunal Trivedi
 
T4 – Understanding aws security
T4 – Understanding aws securityT4 – Understanding aws security
T4 – Understanding aws security
Amazon Web Services
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019
Ammar Hasayen
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Azure Backup Simplifies
Azure Backup SimplifiesAzure Backup Simplifies
Azure Backup Simplifies
Tanawit Chansuchai
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Microsoft Azure News - June 2021
Microsoft Azure News - June 2021Microsoft Azure News - June 2021
Microsoft Azure News - June 2021
Daniel Toomey
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
Anthony Clendenen
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
Peter Selch Dahl
 
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
Brian Andrzejewski
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses
Atanas Gergiminov
 
Building Automated Governance Using Code, Platform Services & Several Small P...
Building Automated Governance Using Code, Platform Services & Several Small P...Building Automated Governance Using Code, Platform Services & Several Small P...
Building Automated Governance Using Code, Platform Services & Several Small P...
Todd Whitehead
 
Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
CoLaboraDK
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
 

More Related Content

What's hot

04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
Kumton Suttiraksiri
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
Kris Wagner
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
Ammar Hasayen
 
03_Azure Security Center_GAB2019
03_Azure Security Center_GAB201903_Azure Security Center_GAB2019
03_Azure Security Center_GAB2019
Kumton Suttiraksiri
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
☁ Hicham KADIRI ☁
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
Sovelto
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
Anoop Nair
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
Venkatesh Narayanan
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
Krunal Trivedi
 
T4 – Understanding aws security
T4 – Understanding aws securityT4 – Understanding aws security
T4 – Understanding aws security
Amazon Web Services
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019
Ammar Hasayen
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
Benjamin Hüpeden
 
Azure Backup Simplifies
Azure Backup SimplifiesAzure Backup Simplifies
Azure Backup Simplifies
Tanawit Chansuchai
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
Marcos Oikawa
 
Microsoft Azure News - June 2021
Microsoft Azure News - June 2021Microsoft Azure News - June 2021
Microsoft Azure News - June 2021
Daniel Toomey
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
Anthony Clendenen
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
Peter Selch Dahl
 
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
Brian Andrzejewski
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses
Atanas Gergiminov
 
Building Automated Governance Using Code, Platform Services & Several Small P...
Building Automated Governance Using Code, Platform Services & Several Small P...Building Automated Governance Using Code, Platform Services & Several Small P...
Building Automated Governance Using Code, Platform Services & Several Small P...
Todd Whitehead
 

What's hot (20)

04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB201904_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
04_Extending and Securing Enterprise Applications in Microsoft Azure_GAB2019
 
Microsoft Azure Identity and O365
Microsoft Azure Identity and O365Microsoft Azure Identity and O365
Microsoft Azure Identity and O365
 
Cloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 FoundationCloud Reference Architecture - Part 1 Foundation
Cloud Reference Architecture - Part 1 Foundation
 
03_Azure Security Center_GAB2019
03_Azure Security Center_GAB201903_Azure Security Center_GAB2019
03_Azure Security Center_GAB2019
 
[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy[Azure Governance] Lesson 4 : Azure Policy
[Azure Governance] Lesson 4 : Azure Policy
 
Azure Active Directory
Azure Active DirectoryAzure Active Directory
Azure Active Directory
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
Windows Azure Active Directory
Windows Azure Active DirectoryWindows Azure Active Directory
Windows Azure Active Directory
 
T4 – Understanding aws security
T4 – Understanding aws securityT4 – Understanding aws security
T4 – Understanding aws security
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019
 
Azure Governance
Azure GovernanceAzure Governance
Azure Governance
 
Azure Backup Simplifies
Azure Backup SimplifiesAzure Backup Simplifies
Azure Backup Simplifies
 
Azure governance v4.0
Azure governance v4.0Azure governance v4.0
Azure governance v4.0
 
Microsoft Azure News - June 2021
Microsoft Azure News - June 2021Microsoft Azure News - June 2021
Microsoft Azure News - June 2021
 
Azure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD DeploymentAzure Global Bootcamp 2017 Azure AD Deployment
Azure Global Bootcamp 2017 Azure AD Deployment
 
2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD 2018 November - AZUGDK - Azure AD
2018 November - AZUGDK - Azure AD
 
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
 
Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses Microsoft Azure for Small and Medium Businesses
Microsoft Azure for Small and Medium Businesses
 
Building Automated Governance Using Code, Platform Services & Several Small P...
Building Automated Governance Using Code, Platform Services & Several Small P...Building Automated Governance Using Code, Platform Services & Several Small P...
Building Automated Governance Using Code, Platform Services & Several Small P...
 

Similar to EWUG - Something about the Cloud - Unit IT - January 14, 2020

Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
CoLaboraDK
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
Girish Kalamati
 
Azure-AD.pptx
Azure-AD.pptxAzure-AD.pptx
Azure-AD.pptx
ssuser9dddf7
 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Security Conference
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
Vignesh Ganesan I Microsoft MVP
 
Cloudreach Voices - Azure AD and the Public Cloud
Cloudreach Voices - Azure AD and the Public CloudCloudreach Voices - Azure AD and the Public Cloud
Cloudreach Voices - Azure AD and the Public Cloud
Cloudreach
 
Microsoft graph and power platform champ
Microsoft graph and power platform champMicrosoft graph and power platform champ
Microsoft graph and power platform champ
Kumton Suttiraksiri
 
October 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know WebinarOctober 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know Webinar
Robert Crane
 
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Max Fritz
 
To sign in and beyond: Doing more with your applications and Azure AD
To sign in and beyond: Doing more with your applications and Azure ADTo sign in and beyond: Doing more with your applications and Azure AD
To sign in and beyond: Doing more with your applications and Azure AD
Microsoft Tech Community
 
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...
UiPathCommunity
 
[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...
[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...
[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...
Tomasz Poszytek
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
Vincent Biret
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Vincent Biret
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
Kasun Indrasiri
 
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...
Sébastien Levert
 
Xamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP Slides
Xamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP SlidesXamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP Slides
Xamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP Slides
Xamarin
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Edureka!
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
Vincent Biret
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
Peter Selch Dahl
 

Similar to EWUG - Something about the Cloud - Unit IT - January 14, 2020 (20)

Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...Managing enterprise applications, permissions, and consent in Azure Active Di...
Managing enterprise applications, permissions, and consent in Azure Active Di...
 
Azure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish KalamatiAzure from scratch part 2 By Girish Kalamati
Azure from scratch part 2 By Girish Kalamati
 
Azure-AD.pptx
Azure-AD.pptxAzure-AD.pptx
Azure-AD.pptx
 
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure ADBlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
BlueHat Seattle 2019 || I'm in your cloud: A year of hacking Azure AD
 
Securing your Azure Identity Infrastructure
Securing your Azure Identity InfrastructureSecuring your Azure Identity Infrastructure
Securing your Azure Identity Infrastructure
 
Cloudreach Voices - Azure AD and the Public Cloud
Cloudreach Voices - Azure AD and the Public CloudCloudreach Voices - Azure AD and the Public Cloud
Cloudreach Voices - Azure AD and the Public Cloud
 
Microsoft graph and power platform champ
Microsoft graph and power platform champMicrosoft graph and power platform champ
Microsoft graph and power platform champ
 
October 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know WebinarOctober 2022 CIAOPS Need to Know Webinar
October 2022 CIAOPS Need to Know Webinar
 
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018Hitchhiker's Guide to Azure AD - SPS St Louis 2018
Hitchhiker's Guide to Azure AD - SPS St Louis 2018
 
To sign in and beyond: Doing more with your applications and Azure AD
To sign in and beyond: Doing more with your applications and Azure ADTo sign in and beyond: Doing more with your applications and Azure AD
To sign in and beyond: Doing more with your applications and Azure AD
 
Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...Dev Dives: Master advanced authentication and performance in Productivity Act...
Dev Dives: Master advanced authentication and performance in Productivity Act...
 
[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...
[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...
[PU&D] Why the Microsoft 365 Administrator should care about the Power Platfo...
 
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
#SPSToronto The SharePoint Framework and the Microsoft Graph on steroids with...
 
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
Granite state #spug The #microsoftGraph and #SPFx on steroids with #AzureFunc...
 
API, Integration, and SOA Convergence
API, Integration, and SOA ConvergenceAPI, Integration, and SOA Convergence
API, Integration, and SOA Convergence
 
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...
SharePoint Fest DC 2018 - Everything your need to know about the Microsoft Gr...
 
Xamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP Slides
Xamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP SlidesXamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP Slides
Xamarin and SAP Mobile Platform for Mobile Enterprise Success - SAP Slides
 
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
Azure Active Directory | Microsoft Azure Tutorial for Beginners | Azure 70-53...
 
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
#SPSottawa The SharePoint Framework and The Microsoft Graph on steroids with ...
 
Azure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDKAzure Community Tour 2019 - AZUGDK
Azure Community Tour 2019 - AZUGDK
 

More from Peter Selch Dahl

Global Azure Bootcamp 2019 - Aarhus
Global Azure Bootcamp 2019 - AarhusGlobal Azure Bootcamp 2019 - Aarhus
Global Azure Bootcamp 2019 - Aarhus
Peter Selch Dahl
 
Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...
Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...
Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...
Peter Selch Dahl
 
Global Azure Bootcamp 2018 Aarhus Denmark - Kickoff
Global Azure Bootcamp 2018 Aarhus Denmark - KickoffGlobal Azure Bootcamp 2018 Aarhus Denmark - Kickoff
Global Azure Bootcamp 2018 Aarhus Denmark - Kickoff
Peter Selch Dahl
 
Global azure bootcamp 2018 aarhus denmark - kickoff
Global azure bootcamp 2018 aarhus denmark - kickoffGlobal azure bootcamp 2018 aarhus denmark - kickoff
Global azure bootcamp 2018 aarhus denmark - kickoff
Peter Selch Dahl
 
EWUG 2018 February the journey continues.....
EWUG 2018 February the journey continues.....EWUG 2018 February the journey continues.....
EWUG 2018 February the journey continues.....
Peter Selch Dahl
 
EWUG - Bridging the legacy gap in modern workplaces
EWUG - Bridging the legacy gap in modern workplacesEWUG - Bridging the legacy gap in modern workplaces
EWUG - Bridging the legacy gap in modern workplaces
Peter Selch Dahl
 
Global Azure Bootcamp 2017 - Aarhus, Denmark - Keynote
Global Azure Bootcamp 2017 - Aarhus, Denmark - KeynoteGlobal Azure Bootcamp 2017 - Aarhus, Denmark - Keynote
Global Azure Bootcamp 2017 - Aarhus, Denmark - Keynote
Peter Selch Dahl
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
Peter Selch Dahl
 

More from Peter Selch Dahl (8)

Global Azure Bootcamp 2019 - Aarhus
Global Azure Bootcamp 2019 - AarhusGlobal Azure Bootcamp 2019 - Aarhus
Global Azure Bootcamp 2019 - Aarhus
 
Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...
Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...
Customer story - NAC - The journey from Microsoft hybrid cloud to Microsoft n...
 
Global Azure Bootcamp 2018 Aarhus Denmark - Kickoff
Global Azure Bootcamp 2018 Aarhus Denmark - KickoffGlobal Azure Bootcamp 2018 Aarhus Denmark - Kickoff
Global Azure Bootcamp 2018 Aarhus Denmark - Kickoff
 
Global azure bootcamp 2018 aarhus denmark - kickoff
Global azure bootcamp 2018 aarhus denmark - kickoffGlobal azure bootcamp 2018 aarhus denmark - kickoff
Global azure bootcamp 2018 aarhus denmark - kickoff
 
EWUG 2018 February the journey continues.....
EWUG 2018 February the journey continues.....EWUG 2018 February the journey continues.....
EWUG 2018 February the journey continues.....
 
EWUG - Bridging the legacy gap in modern workplaces
EWUG - Bridging the legacy gap in modern workplacesEWUG - Bridging the legacy gap in modern workplaces
EWUG - Bridging the legacy gap in modern workplaces
 
Global Azure Bootcamp 2017 - Aarhus, Denmark - Keynote
Global Azure Bootcamp 2017 - Aarhus, Denmark - KeynoteGlobal Azure Bootcamp 2017 - Aarhus, Denmark - Keynote
Global Azure Bootcamp 2017 - Aarhus, Denmark - Keynote
 
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-OnEWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
EWUG - Azure AD Pass-through Authentication and Seamless Single Sign-On
 

Recently uploaded

Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
Octavian Nadolu
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
mz5nrf0n
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
Aftab Hussain
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
Rakesh Kumar R
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
Alina Yurenko
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
TheSMSPoint
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - DeugloEmpowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
Deuglo Infosystem Pvt Ltd
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
Peter Muessig
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Crescat
 
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppAI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
Google
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
Boni García
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
Adele Miller
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
lorraineandreiamcidl
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
rickgrimesss22
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Neo4j
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
Drona Infotech
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
lorraineandreiamcidl
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Green Software Development
 

Recently uploaded (20)

Artificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension FunctionsArtificia Intellicence and XPath Extension Functions
Artificia Intellicence and XPath Extension Functions
 
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
原版定制美国纽约州立大学奥尔巴尼分校毕业证学位证书原版一模一样
 
Graspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code AnalysisGraspan: A Big Data System for Big Code Analysis
Graspan: A Big Data System for Big Code Analysis
 
How to write a program in any programming language
How to write a program in any programming languageHow to write a program in any programming language
How to write a program in any programming language
 
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
GOING AOT WITH GRAALVM FOR SPRING BOOT (SPRING IO)
 
Transform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR SolutionsTransform Your Communication with Cloud-Based IVR Solutions
Transform Your Communication with Cloud-Based IVR Solutions
 
Empowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - DeugloEmpowering Growth with Best Software Development Company in Noida - Deuglo
Empowering Growth with Best Software Development Company in Noida - Deuglo
 
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling ExtensionsUI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
UI5con 2024 - Boost Your Development Experience with UI5 Tooling Extensions
 
OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024OpenMetadata Community Meeting - 5th June 2024
OpenMetadata Community Meeting - 5th June 2024
 
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
Introducing Crescat - Event Management Software for Venues, Festivals and Eve...
 
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI AppAI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
AI Fusion Buddy Review: Brand New, Groundbreaking Gemini-Powered AI App
 
APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)APIs for Browser Automation (MoT Meetup 2024)
APIs for Browser Automation (MoT Meetup 2024)
 
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit ParisNeo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
Neo4j - Product Vision and Knowledge Graphs - GraphSummit Paris
 
May Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdfMay Marketo Masterclass, London MUG May 22 2024.pdf
May Marketo Masterclass, London MUG May 22 2024.pdf
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptxLORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
LORRAINE ANDREI_LEQUIGAN_HOW TO USE WHATSAPP.pptx
 
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptxTop Features to Include in Your Winzo Clone App for Business Growth (4).pptx
Top Features to Include in Your Winzo Clone App for Business Growth (4).pptx
 
Atelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissancesAtelier - Innover avec l’IA Générative et les graphes de connaissances
Atelier - Innover avec l’IA Générative et les graphes de connaissances
 
Mobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona InfotechMobile App Development Company In Noida | Drona Infotech
Mobile App Development Company In Noida | Drona Infotech
 
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOMLORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
LORRAINE ANDREI_LEQUIGAN_HOW TO USE ZOOM
 
GreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-JurisicGreenCode-A-VSCode-Plugin--Dario-Jurisic
GreenCode-A-VSCode-Plugin--Dario-Jurisic
 

EWUG - Something about the Cloud - Unit IT - January 14, 2020

  • 1. “Something about the Cloud” - EWUG.DK - Level 200-300 Peter Selch Dahl - Cloud Architect and Microsoft Azure MVP
  • 2. Microsoft MCSA: Cloud Platform - Certified 2018, Microsoft MCSA: Office 365 - Certified 2018, Microsoft MCSE: Cloud Platform and Infrastructure - Certified 2018 Microsoft MCSA: 2016 Windows Server 2016, Microsoft MCSA: 2012 Windows Server 2012, Microsoft MCITP: 2008 Server and Enterprise Administrator, Microsoft MCSA: 2008 Windows Server 2008, Microsoft MCSA/MCSE : 2003 Security, Microsoft MCSA/MCSE : 2000 Security, VMWare Certified Professional VI3/VI4/VI5, CompTIA A+, Network+, EC-Council: Certified Ethical Hacker (CEH v7), And more Peter Selch Dahl Cloud Architect, Azure MVP Twitter: @PeterSelchDahl www: www.peterdahl.net Blog : http://blog.peterdahl.net Mail : psd@apento.com
  • 3. • Enterprise Admin Consent Request Management • Service Principals permissions and monitoring • Microsoft Graph scope policies • Staged rollout of CloudAuth • Azure AD Connect Cloud Provisioning • Azure AD Join support in Azure VM • And more 
  • 4. Consent of principals JANUARY 14, 2020 @EWUGDK 4 http://blog.peterdahl.net/2018/05/14/azure-ad-v2-apps-vs-the-brick-wall/
  • 5. Consent of principals JANUARY 14, 2020 @EWUGDK 5 •Application permissions — are permissions given to the application itself. In this scenario, the resource given access to does not have any knowledge of the permissions of the end user. In earlier literature from Microsoft patterns and practices, this model is also referred to as the “trusted subsystem” model where the idea is that the API resource trust the caller system to do the proper authorization of end users. For example, for web applications this has “always” been the model used for calling an SQL server. •Delegated permissions — are permissions that the end-user delegates to the application for access to the user’s data/resources. For instance, the application can be given access to the end user’s mailbox. This is analogue to what in earlier literature is referred to as “impersonation”, meaning that the application impersonates the end user when calling the API resource. The application acts on behalf of the end user, for instance a third party application might post on your Twitter timeline.
  • 6. Consent of principals JANUARY 14, 2020 @EWUGDK 6 https://portal.cloudappsecurity.com/#/app-permissions/ Delegated Access Will soon be available within the Azure Portal as well.
  • 7. Public Preview: Admin consent workflow JANUARY 14, 2020 @EWUGDK 7 • Users can request access when user consent is disabled • Users can request access when apps request permissions that require admin consent • Gives admins a secure way to receive and process access requests • Users are notified of admin action https://aka.ms/adminconsentworkflow/
  • 9. Conditions Allow access or Block access Actions Enforce MFA per user/per app User, Group, App sensitivity Device state LocationUser NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT MFA IDENTITY PROTECTION Risk CLOUD-POWERED PROTECTION
  • 10. Service principals consent - Refresh JANUARY 14, 2020 @EWUGDK 10 Application Access
  • 11. Service principals consent - Refresh JANUARY 14, 2020 @EWUGDK 11 Application Access Philippe Signoret – PM, Azure AD: https://gist.github.com/psignoret/9d73b00b377002456b24fcb808265c23
  • 12. Service principals monitoring - Refresh JANUARY 14, 2020 @EWUGDK 12 https://feedback.azure.com/forums/223579-azure-portal/suggestions/33867259-azure-ad-sign-in-activity-log-should-record-and-sh
  • 14. Microsoft Graph scope policies JANUARY 14, 2020 @EWUGDK 14
  • 15. Conditional access for MS Graph JANUARY 14, 2020 @EWUGDK 15 Issue: Gitlab doesnt play well with Azure AD Conditional Access compliant device policy Cause: “Conditional access policy was applied because the GitLab app calls Windows Azure Active Directory and a policy has been applied to this resource. The policy requires a compliant device.” Conditional access policy was applied because the GitLab app calls Windows Azure Active Directory and a policy has been applied to this resource. The policy requires a compliant device. A policy with a location condition was evaluated: - InsideCorpnet claim was not set - IP allowed due to tenant strong auth policy: False Policy Name: All Apps: Require Domain Joined device (Specific Groups, Apps Exempted/Excluded) Policy Id: 10c9a77e-d561-4cdf-ab7e-75681f957dbf Application Name: GitLab Application Id: ddf3c150-4813-4e90-b73b-72ba13224c0a Action: RequireCompliantDevice Solution: Since the Conditional Access Policy is configured to apply to all applications, will apply to Windows Azure Active Directory blocking the access. Unfortunately, Windows Azure Active Directory is not an app that we can select at the moment to be excluded. For a possible solution, you can change the Conditional Access Policy to target only the required applications instead of all applications, exclude the user or change the access controls to require for example MFA
  • 16. Conditional access for MS Graph JANUARY 14, 2020 @EWUGDK 16 Current behavior • Policy applied to MS Graph if it is set on EXO or SPO Future • Apply policy directly to permissions • Example use case : An org can apply policy to mail access without restricting access to contacts, tasks etc…
  • 17.
  • 18. JANUARY 14, 2020 @EWUGDK 18 Azure: Windows 10 / server 2019 Azure AD join
  • 19. Azure: Windows 10 / server 2019 Azure AD join JANUARY 14, 2020 @EWUGDK 19 https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-authentication-to-windows-vms-in- azure-now-in-public/ba-p/827840  https://feedback.azure.com/forums/169401-azure- active-directory/suggestions/32995456-support-azure- ad-domain-join-for-windows-server-20  https://windowsserver.uservoice.com/forums/295047- general-feedback/suggestions/32995450-support- azure-ad-domain-join-for-windows-server-20
  • 23. AzureAD: Cloud Provisioning JANUARY 14, 2020 @EWUGDK 23 • Disconnected Active Directory forests provisioned to a single Azure AD tenant • Sync complexity and data transform logic moved to the cloud • No heavyweight, on-premises sync server Azure AD Active Directory Disconnected Active Directory forests
  • 24. JANUARY 14, 2020 @EWUGDK 24 AzureAD: Staged rollout of CloudAuth
  • 25. Staged rollout of cloud authentication JANUARY 14, 2020 @EWUGDK 25 https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-staged-rollout • Configure groups of users to use cloud authentication instead of federation
  • 26. Do I really need ADFS? JANUARY 14, 2020 @EWUGDK 26 • 99% of companies doesn’t need ADFS anymore! What about the 1% of companies? • The 1% is REALLY difficult! Very advanced technical scenarios require ADFS mostly for better hybrid support. • https://docs.microsoft.com/en-us/archive/blogs/pie/do-i-really-need-adfs • https://docs.microsoft.com/en-us/windows/security/identity-protection/hello-for- business/hello-feature-remote-desktop
  • 27. T: +45 82 32 32 32 F: +45 82 32 32 22 M: info@proactive.dk W: www.proactive.dk
  • 28. A shift in IT focus…..

Editor's Notes

  1. gives end users a way to request access to applications that require admin consent. Without an admin consent workflow, a user in a tenant where user consent is disabled will be blocked when they try to access any app that requires permissions to access organizational data. The user sees a generic error message that says they're unauthorized to access the app and they should ask their admin for help. But often, the user doesn't know who to contact, so they either give up or create a new local account in the application. Even when an admin is notified, there isn't always a streamlined process to help the admin grant access and notify their users. The admin consent workflow gives admins a secure way to grant access to applications that require admin approval. When a user tries to access an application but is unable to provide consent, they can send a request for admin approval. The request is sent via email to admins who have been designated as reviewers. A reviewer takes action on the request, and the user is notified of the action. To approve requests, a reviewer must be a global administrator, cloud application administrator, or application administrator. The reviewer must already have one of these admin roles assigned; simply designating them as a reviewer doesn't elevate their privileges. Select users to review admin consent requests. Select reviewers for this workflow from a set of users that have the global administrator, cloud application administrator, and application administrator roles. Selected users will receive email notifications for requests. Enable or disable email notifications to the reviewers when a request is made. Selected users will receive request expiration reminders. Enable or disable reminder email notifications to the reviewers when a request is about to expire. Consent request expires after (days). Specify how long requests stay valid.
  2. https://azure.microsoft.com/en-us/blog/managing-azure-secrets-on-github-repositories/
  3. https://twitter.com/Caleb_B/status/1201544061586268162
  4. Where and how should our organization consume cloud computing services? How will we access, secure, manage, integrate and govern across hybrid environments? How does cloud computing factor into our application strategy and architecture? How should our existing data center and infrastructure approaches and technologies change? Where will our business become a cloud computing service provider to others? https://www.gartner.com/smarterwithgartner/5-questions-to-answer-when-building-a-cloud-strategy/
  5. De-coupled architecture simplifies the complexity of an enterprise network But it comes with a price: Not having a routed private network changes every design Security now comes from the application and not the network
  6. Adoption of new features each quarter of the year….. continuous adoption