Gearing up for Azure AD Connect cloud provisioning

In this post, we will cover the Azure AD Connect cloud provisioning (preview) released in November 2019. The Cloud provisioning is an Agent that can bridge between on-prem and Azure AD to sync users. I don’t see cloud provisioning as a replacement for AD Connect, but more like simplifying the way to configure user provisioning, across more complex setups with multiple or disconnected forests. Trying…

Read More

Hasta La Vista ADFS – Migrate from AD FS to Azure AD with style

Microsoft introduced AD FS application activity report (preview) and Azure AD staged rollout (preview) back in November 2019. These announcements are great opportunities to start the planning year 2020, to get rid of your AD FS environments. I will throughout this post see if these tools can speed up the migration processes. Why start this project when my ADFS environment is working “perfectly” and our…

Read More

SAML – Azure AD AADSTS75011: authentication method ‘x509′,’Multifactor’

I had some trouble with an Azure AD integration with a 3.party SAML application. The users got Azure AD prompt, with the error below: AADSTS75011 authentication method ‘x509′, Multifactor’ by which the user authenticated with the service doesn’t match requested authentication method ‘Password, ProtectedTransport’. Related to the failed login screen below, most logins were successful and looking into the user getting failure, the problem could…

Read More

FEITIAN FIDO Keys for Passwordless

I have gotten some new FIDO keys from FEITIAN, and have done some testing to see how they work with Azure AD and Passwordless.So this Blogpost is more like the following up series, from the last post https://alven.tech/passwordless-with-windows-10-and-yubikey Heard about Feitan? I certainly never heard about them before, and first came across FEITIAN, when Microsoft announced the partners for FIDO support.https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Microsoft-passwordless-partnership-leads-to-innovation-and-great/ba-p/566493 Looking more into FEITIAN…

Read More

Passwordless with Windows 10 and Yubikey

Look at these guys! They are so happy, they have gotten their Yubikey’s and are ready for some Passwordless Authentication with Windows 10. In March I posted a blog post about using Yubikey with Azure AD – https://alven.tech/yubico-with-azure-ad-mfa/,  So this post is a follow-up since Microsoft has now support for passwordless and Fido2 with Windows 10 (still only preview).In his post, I will go through…

Read More

Intune – iOS Company Portal not downloading (user affinity)

In 2019, I have been working on an MDM iOS migration project from Jamf to Intune. In this project, we got some problems regarding Intune and Company Portal (VPP) not being downloaded with User affinity Enrollment profiles for iOS. Trough this post I want to give some more insight/details regarding this issue, and how we “Solved” (workaround) it. One of the technical requirements for Intune…

Read More

Yubico with Azure AD MFA

I recently bought the Yubikey 5C and Yubikey NFC from yubico.com. Yubico is in short summary a company behind Yubikey hardware auth device supporting (OTP,U2F and FIDO2) protocols. You can read much more information and details at yubico.com. Since I’m Interested In Security and Identity authentication, I wanted to do more testing with Azure MFA for OATH hardware tokens (public preview) and Windows 10 Passwordless…

Read More

Azure Migrate <3 GDPR

I have been following the development of Azure Migrate since my first trip to Ignite in 2017, and have been looking forward to getting this to EU regions, but I have been waiting with patience 🙂 The first time I thought Microsoft was to release Azure Migrate for EU Regions, was back in TechSummit in Paris, March 2018. The release would have been a perfect fit…

Read More