Monday, August 21, 2017

MVA Learning: Active Directory in a Hybrid Environment

Microsoft’s identity solutions span on-premises and cloud-based capabilities, creating a single user identity for authentication and  authorization to all resources, regardless of location. We call this Hybrid Identity. Today most Organizations adopt the Hybrid Identity Model to provide rich end user experience when accessing resources from anywhere, anytime on any device with enhanced Access controls.


Extending your AD DS to Azure, Integrating your On premises AD DS with Azure AD, and Extending your AD FS to Azure are some key concepts when you plan on this Hybrid Identity Model. To understand these topics in detail you now have the latest Microsoft Virtual Academy Course "Active Directory in a Hybrid Environment" a new addition to the list of authoritavie set of Course on Azure.

Microsoft MVP Corey Hynes presents this excellent course to cover the below key concepts to get you prepared to understand and implement the Hybrid Active Directory.
  • Hybrid Active Directory: Learn the different ways that Azure AD can be connected to Windows Server AD.
  • Azure AD Connect: Walk through Azure AD connect, the tool used to connect Azure AD and Windows Server AD.
  • Manage and Monitor Azure AD Connect: Use the monitoring tools to maintain the health of Azure AD Connect.
  • AD Federation: Configure Azure AD Federation and connect it to Windows Server Active Directory.
Access the Course here: Active Directory in a Hybrid Environment

You can further advance your learning by reviewing the below Resources:

Reference Architecture: Identity management

Microsoft Ignite session : Connect your on-premises directories to Azure AD and use one identity for all your apps

Microsoft Cloud IT Architecture Resources: Microsoft Cloud Identity for Enterprise Architects

Design GuideHybrid Identity Design Considerations Guide

Finally, A real world Technical Case study from Microsoft on their own Journey: Managing user identities and secure access at Microsoft

Hope these resources are useful for your Learning. Stay tuned for more updates...

Friday, August 11, 2017

PowerShell Module Browser Now Available

Microsoft team recently released the new PowerShell Module Browser, an easy, predictable way to search all Microsoft PowerShell modules and cmdlets.



Access the Browser here: PowerShell Module Browser

Review the documentation here: Announcing the PowerShell Module Browser

New Servicing Model for Windows 10

Microsoft team recently updated the Servicing Model for Windows 10 to align with Office 365 ProPlus as announced earlier, and also now adopting common terminology to make it as easy as possible to understand the servicing process.



 The two most important terms to understand:

Semi-Annual Channel. These are the twice-per-year feature update releases, targeting March and September, designed for the broad population of general-purpose PCs used throughout organizations.  Each of these releases will be serviced for 18 months from the date of release.  (The Semi-Annual Channel replaces the Current Branch [CB] and Current Branch for Business [CBB] concepts.)

Long-Term Servicing Channel. These are less frequent releases, expected every 2-3 years (with the next one expected in 2019), designed for special-purpose PCs such as those used in point-of-sale systems or controlling factory or medical equipment.  Each of these releases will be serviced for 10 years from the date of release.  (The Long-Term Servicing Channel replaces the Long-Term Servicing Branch [LTSB].)

Access the Official Blog post here: Windows as a service: Simplified and Aligned

Additionally review the below Blog post for more details.

Demystifying Windows as a Service – wake up! please

More detailed updates are shared in the below Blog posts.


Update to the Windows as a Service Model

Automating Windows as a Service

Also take a look at the latest Microsoft Mechanics video to explore the streamline update model between Office and Windows 10.


Keeping your Office clients up-to-date: New tools and aligned update model with Windows 10

Stay tune for more updates...

Sunday, August 06, 2017

Skype for Business topologies supported with Modern Authentication

As of August 1, 2017, for all newly created Office 365 tenants, use of modern authentication is now on by default for Exchange Online and Skype for Business Online


Microsoft team updated the Office Blogs post to reflect the new updates and the related Support article is updated to reflect the new changes. 

You can access the support article here: Using Office 365 modern authentication with Office clients

You can follow the instructions in the below posts to know how to turn on Modern Authentication for Skype for Business Online.



This Blog post is written to share the above updates and direct you to the new TechNet article published recently on the Skype for Business topologies supported with Modern Authentication.

This article lists what online and on-premises topologies are supported with Modern Authentication in Skype for Business, as well as security features that apply to each topology.

Supported MA topologies in Skype for Business

There are potentially two server applications, and two Office 365 workloads, involved with Skype for Business topologies used by MA.
  • Skype for Business server 2015 (CU 5) on-premises
  • Skype for Business online (SFBO)
  • Exchange server on-premises
  • Exchange server online (EXO)

If your Organization is planning to enable Modern Authentication for your users with Skype for Business, this article is quite handy to know the supported topologies for Modern Authentication.

New Sign-in Experience Updates !!!

Microsoft team is making progress to converge the Azure AF and Microsoft Account (MSA) identity systems and as a part of this Journey last week they announced the new unified log-in screen/experience which is now in Public Preview.

This new change makes both Azure AD Login and Microsoft Account sign-in page to have a consistent look. Users have the option to Opt-in to this new experience now, Per the Official Announcement below, This new experience will be available as an opt-in public preview for the next few weeks and Microsoft will switch over to the new UI by default during the last week of September.


Read the Official Announcement here to know more: The new Azure AD Signin Experience is now in Public Preview

Microsoft team is still working to update this new Sign-in experience with missing features.

Review the related Comments in the Blog post above and the Conversations in Microsoft Tech Community to know the latest updates and feedback on the new Sign-in experience.

Read the below Blog post from Veteran MVP Tony Redmond to know the issues caused by this new change and plan on the next steps if your are getting impacted.

Read here: Azure AD Sign-in Changes Cause Problems for Office 365

In addition to this above change, Microsoft team recently announced, Accessing the authenticated Office 365 home page (either through https://portal.office.com or https://www.office.com) will require that your users satisfy the Azure Active Directory Premium Conditional Access policies that you have applied to either Exchange Online or SharePoint Online.

Earlier this change was planned to roll-out on Aug 09th as per this Microsoft Tech Community post, and now its planned for Aug 24th  as per the Official Announcement made in the Enterprise Mobility and Security Blog.

Access the Official Announcement here: An update to Azure AD Conditional Access for Office.com

This change has a minor impact on the installation of Office Applications which is explained in the above post.

Ensure that you take required actions as applicable, and update your end users and support teams on these new Sign-in Experience changes and provide the right support.

Friday, July 28, 2017

NPS Extension for Azure MFA reaches general availability !

Customers who wanted to secure on-premises clients such as VPN are required to to deploy MFA Servers on-premises, Since Cloud-based MFA services like Azure AD have not traditionally supported RADIUS authentication. Microsoft team announced the availability of "Network Policy Server (NPS) extension for Azure MFA"  this February 2017 as a Public Preview, that adds cloud-based MFA capabilities to your authentication infrastructure using your existing servers without the need of On premises MFA Servers specifically deployed for the purpose of securing VPN connections with MFA.


You can read about the announcement here: Azure AD News: Azure MFA cloud-based protection for on-premises VPNs is now in public preview!

This Week Microsoft team announced the General Availability of "NPS Extension for Azure MFA" inside the "Cloud Platform Release Announcements" blog post.

Access the announcement blog post here: Cloud Platform Release Announcements for July 26, 2017

You can review the below Technical documentation to know more on this feature and plan your deployment.

Access the Technical documentation here: Integrate your existing NPS infrastructure with Azure Multi-Factor Authentication

For advanced scenarios refer here: Advanced configuration options for the NPS extension for Multi-Factor Authentication

Also review the excellent blog post from MVP Freek Breson to know how you can Secure the RD Gateway with MFA using the new NPS extension for Azure MFA. Organizations deployed MFA servers On premises or in IAAS environments for the purpose of securing Remote desktop connections with MFA can now take the advantage of this new extension to leverage Azure MFA and remove the MFA servers.

Read here : Securing RD Gateway with MFA using the new NPS Extension for Azure MFA!

Access the latest Technical documentation here: Integrate your Remote Desktop Gateway infrastructure using the Network Policy Server (NPS) extension and Azure AD

Additionally, read another related blog post here : How to Configure Azure MFA as Citrix NetScaler RADIUS using the new NPS Extension

You can take the advantage of Conditional Access once you use start to leverage Azure MFA with this new Extension, review the below Support discussion to know more in detail

Review here: Conditional access for NPS extension for Azure  
Stay tuned for more updates...

Sunday, July 23, 2017

Let's Learn About DevOps

"DevOps" is the new buzzword for many people and many are eager to know what is DevOps? and How it changes today's traditional IT approach, and how it benefits Business Organizations etc. and to know this you have ton of resources available now in the Online Communities.


DevOps ensures both Development and Operations team work together effectively by breaking the "Wall of Confusion" that affects the efficiency of delivering services. DevOps is a cultural change inside the Organization that requires proper planning, training and implementation, and many Organizations have already started to embrace DevOps, and having good knowledge on this new ways of working is essential for every IT Pro today.

When I started learning about DevOps I came across few great resources available from Microsoft and thought of writing this blog post to refer you to begin your DevOps Journey. Some of you would already came across these resources and for some it could be new and beneficial.

Lets begin...

Microsoft Virtual Academy team published a Blog post in the Born to Learn Community that provides references to 8 key resources to begin your DevOps Learning

  • Introduction to DevOps (on edX)
  • DevOps Dimension (on Channel 9)
  • DevOps Fundamentals (on Channel 9)
  • Building Blocks: DevOps and Enterprise Development (on MVA)
  • Modern IT: DevOps to ITIL, Creating a Complete Lifecycle for Service Management (on MVA)
  • The DevOps factory (on TechNet)
  • The DevOps blog (on TechNet)
  • Enabling DevOps Practices with Visual Studio Online Build (on MVA)

Access Blog post here: 8 Ways to Learn About DevOps

In addition to the above review few more additional resources referenced in the below IT Resources & Training space from Microsoft Tech Community.

Access here: Enhance your knowledge of the rising DevOps culture

Above resources covers most of your learning path to DevOps, in addition to this you now have the latest MVA course to know the answers for Top 10 DevOps Questions

Access the course here: Top 10 DevOps Questions Answered

If you are in to Mobile development then download the free Mobile DevOps e-Book: Mobile DevOps methodology e-book: Your Guide to Mobile DevOps

Above collection are some of the key resources curated from my end and you have much more available Online to advance your Learning.

Follow Key DevOps Twitter Handles and Enthusiasts in the Online communities to know the latest updates.

Stay tuned for more updates...

Saturday, July 22, 2017

Skype for Business Cloud Connector Edition version 2.0 now Available

Microsoft recently announced the availability of Skype for Business Cloud Connector Edition version 2.0


This new version brings the latest capabilities that lets customers integrate their existing PSTN trunks to Cloud PBX providing three modalities:


  • Authentication of the local trunk to Office 365 Cloud PBX;
  • Keep media within enterprise boundaries;
  • Negotiation of codecs between the clients and a PSTN gateway/Session Border Controller (SBC)

Also it addresses the most requested improvements by our customers including media bypass, support of 16 Cloud Connector Editions per one PSTN site, the ability to manipulate SIP headers, use of Office 365 Skype for Business accounts and more.

More updates are available in the Official announcement post in Microsoft Tech Community site: Announcing Skype For Business Cloud Connector Edition 2.0

Be sure to review the documentation references and the recorded training videos to know more.

Update:

Next Version of Cloud Connector Edition 2.1 will support Coexistence with On-Premises Skype for Business server 

Access the below Blog post from renowned MVP Tom Arbuthnot to know more: Cloud Connector Edition 2.1 with Coexistence with On-Premises Hybrid due 2017 Quarter 4, Requires SfBS CU6

Stay tuned for more updates...

Friday, July 21, 2017

MVA Learning: Optimize Your Network for Microsoft Cloud Offerings

Is your organization moving to a cloud-inclusive infrastructure or planning your Journey,  As an IT Pro, part of your responsibility is to prepare your network environments to handle the increased traffic and to create stronger infrastructures. Access the latest Microsoft Virtual Academy course to know how to optimize your Network for Microsoft Cloud Offerings.



This MVA course is based on the content in the Microsoft Cloud Networking for Enterprise Architects poster and covers the below essential topics,
  • The fundamental shift in networking for cloud-based computing
  • On-premises network path optimization
  • Optimizing intermediate systems in your network edge
  • The role and use of ExpressRoute connections