Azure users signing in non-interactive to BING app from CH
Hi. Azure signing logs show that we have a user signing in non-interactive from a Chinese IP address that belongs to a middle School in China. In a region the user had visited 4 weeks before. I see a lot of these sign-ins for various users in other…
Everyone locked out of tenant due to a faulty Conditional Access Policy
We have been locked out of our tenant for almost 2 weeks now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding…
C# Generate token console for Intune datawarehouse
Using .NET 4.8.1 and the code snippet below from Microsoft Learn (https://learn.microsoft.com/en-us/mem/intune/developer/data-warehouse-app-only-auth-). I am unable to get this module to work. It seems the line with AuthenticationContext,…
Part of this app has been blocked IIS Worker Process has tried to load Microsoft.Workflow.Compiler.exe
When launching an ASP.Net web application on a Windows 11 system with Smart App Control On, I'm getting the below toast notification. Part of this app has been blocked: IIS Worker Process has tried to load Microsoft.Workflow.Compiler.exe which doesn't…
Everyone locked out of tenant due to a faulty Conditional Access Policy
We have been locked out of our tenant for over a week now due to a faulty Conditional Access policy. During this week, there have been several conversations with a number of Microsoft support technicians, none of which seemed to have an understanding of…
Windows Hello for Business in Hybrid Environment - 'Not Applicable' Error
I am trying to deploy WHfB in a hybrid environment where devices are being managed by both SCCM and Intune. After I created Identity Protection Configuration on Intune that requires WHfB, I got an error that says "Not Applicable". Note: Since…
I have a conflict with two security baselines. I created an excluded group, but no all devices are updating.
Devices are not clearing from previous security baselines.
what are Microsoft security recommendation for Microsoft Entra
hello, We are setting up a Microsoft Enterprise tenant; what basic recommendations can we make to make it more secure? Like we know, we like to implement MFA,CA ,PIM ,Audit log anything apart for this specially from IAM side security. Thanks Richa
Procedure for enabling and configuring the LDAPs feature for the existing Domain Controllers globally.
I need to globally configure the LDAPS feature in over 20 on-premises Domain Controllers/Global Catalogs to support new security software integration. My existing AD Domain controllers are Windows Server 2016 with Windows Server 2016 FFL/DFL. What steps…
![](https://techprofile.blob.core.windows.net/images/WsWYoGdWukeBW66msAr6qQ.png?8D8128)
I have Attack surface reduction
I have create two rules in ASR in one rule i have set audit and in other rule i have set block for same configuration Block executable files from running unless they meet a prevalence, age, or trusted list criterion but when i see report from defender…
Testing Cloud PKI against Windows Web Server
I am evaluating Intune Cloud PKI solution and I want to test the certification usage with IIS build on Windows Server. The Server is not member of Active Directory, so I downloaded Root and Issuing certificates as files and imported them into the Windows…
![](https://techprofile.blob.core.windows.net/images/iyN8gQFAAwAAAAAAAAAAAA.png?8DC6DB)
How to implement tiering model in Microsoft Entra
Hello, Microsoft recommends the tiering model for AD that we implemented. is there any tiering model concept that Microsoft recommends for designing Microsoft Entra so we can implement it in new tenant . incase no tiering model recommended the…
Why ADMX & ADML profiles does not allow other profiles/policies to upload when some other policies are in use with any configuration profiles?
Why ADMX & ADML profiles does not allow other profiles/policies to upload when some other policies are in use with any configuration profiles? Here is what I have experienced: I had uploaded Windows.admx and Windows.adml and after that I had…
MFA Excluded accounts - still prompting for MFA registration
Hi Team, We have enabled the MFA in our organisation and we have created conditional access policy for the service accounts to exclude from MFA. We have disabled the MFA for those accounts under O365 admin > Active users> MFA when we try login…
How do I stop the twice hourly automatic attempts to fraudulently sign into my webmail account
Twice hourly automatic attempts to fraudulently sign into my Hotmail account from random IP addresses across the world. How do you to stop these ? Sooner or later I assume the brute forcing will work. The amount of notifications is annoying as well
Microsoft Defender against Palo Alto Cortex
I am tasked to compare Palo Alto Cortex solution on our existing Windows workstations against MS Defender for Endpoint. There is several articles about this and my first conclusion is, that Defender might have only small weakness against Palo Alto but I…
![](https://techprofile.blob.core.windows.net/images/iyN8gQFAAwAAAAAAAAAAAA.png?8DC6DB)
Sign-in logs question
Hi, I need to help to understand the sign logs in Microsft Entra admin center. I found some external user activity in sign logs. I am confused how can i know which service is accesiing. How can i verify it's only teams meeting or teams channel or…
Cant remove work or school account from personal PC
recently left an organization and my ID there was disabled. When employed there, I used my personal PC for work as well as my own stuff. Now I get frequent requests to log in to my Work or School Account. How do I remove the Work account from my personal…
Can you implement event-based retention policies with a Business Premium License?
I'm looking to suggest event-based retention policies as a solution for a client I'm working with. They hold a business premium license and I'm trying to determine whether the Business Premium license supports this level of functionality or is it only…
Stop downloads on unmanaged devices - conditional access
Hi all, I want to set a block policy on downloads from sharepoint and onedrive for unmanaged devices - personal or not within the tenant.