The CISA report titled “Microsoft Office 365 Security Observations” makes five recommendations to improve security of an Office 365 tenant. The recommendations are valid, but competent administrators won’t take long to implement them. In fact, the worst thing is that consultants brought in to help organizations didn’t seem to have much expertise in securing Office 365.
The LinkedIn connector for Office 365 now uses a group to control the set of user accounts allowed to connect their accounts to LinkedIn. It’s a good change because it makes the connection easier to manage. Even so, you might still need to use PowerShell to manage the membership of the group, especially if you want to add multiple people to the group at one time.
Making sure that Office 365 user (and administrator) accounts have good passwords is a never-ending task. A new preview feature in Azure Active Directory helps by ensuring that users can’t include common words specific to the organization (like its name) in a password. It’s another piece in the puzzle to frustrate potential attackers.
Grrr. It’s been that kind of day. While chasing a Teams bug (about which more another time, once I have a consistent repro case), I needed to log on to Skype Online PowerShell. We use the Azure baseline policy that forces MFA for all admin accounts in our tenant; I just updated Chapter 3 of …
Need a script to turn off sub-options in Office 365 plans like the one that controls Microsoft Teams? Here’s a Petri.com article that explains how to do it with the Microsoft Online Services PowerShell module.
Microsoft has issued patch CVE-2018-8340 to fix a problem with Active Directory Federation Services. You should download and install this patch now.
A recent post by MVP Mark Vale describes how to use synchronization transformation rules in AADConnect to change the last name, first name format (for example, Smith, James) for display names to a more user-friendly first name last name format (our example becomes James Smith) for accounts as they synchronize to Azure Active Directory from an …