Reading Time: 8 minutes Introduction In this post we will cover how to setup Windows Virtual Desktop ARM template with Azure DevOps. We walkthrough 2 different ARM templates. I’m using the ARM WVD templates from Microsoft: https://github.com/Azure/RDS-Templates/tree/master/ARM-wvd-templates that came earlier in 2020. CreateAndProvisionHostPool AddVirtualMachinesToHostPool Figure 1: Visualized DevOps Workflow ARM pipelines In Figure 1, we can see that the Azure DevOps build pipeline is integrated with Azure Key Vault…
Bitwarden and Yubikey
Reading Time: 3 minutes Introduction Password Managers is still a necessity in 2020, and will be for a long time. I’ve been using Bitwarden with YubiKeys for a while now, so it was about time to share some experience, and how easy it’s to get started. Bitwarden https://bitwarden.com/ is an Open Source Password Manager that is hosted on GitHub https://github.com/bitwarden. This means that you have full control over source…
Intune – MEM – Configure Edge browser for iOS and Android
Reading Time: 4 minutes It’s Time to Move to EDGE Mobile! Back in November 2019 the Managed browser was announced to be retired March 31 2020. Already from February 1, 2020, the Intune Managed Application was going to removed from Google Play Store and iOS App Store. Since March is right around the corner, it’s about time to get prepared to do the switch. Regarding a smooth transition, Microsoft…
Gearing up for Azure AD Connect cloud provisioning
Reading Time: 4 minutes In this post, we will cover the Azure AD Connect cloud provisioning (preview) released in November 2019. The Cloud provisioning is an Agent that can bridge between on-prem and Azure AD to sync users. I don’t see cloud provisioning as a replacement for AD Connect, but more like simplifying the way to configure user provisioning, across more complex setups with multiple or disconnected forests. Trying…
Hasta La Vista ADFS – Migrate from AD FS to Azure AD with style
Reading Time: 7 minutes Microsoft introduced AD FS application activity report (preview) and Azure AD staged rollout (preview) back in November 2019. These announcements are great opportunities to start the planning year 2020, to get rid of your AD FS environments. I will throughout this post see if these tools can speed up the migration processes. Why start this project when my ADFS environment is working “perfectly” and our…
SAML – Azure AD AADSTS75011: authentication method ‘x509′,’Multifactor’
Reading Time: 2 minutes I had some trouble with an Azure AD integration with a 3.party SAML application. The users got Azure AD prompt, with the error below: AADSTS75011 authentication method ‘x509′, Multifactor’ by which the user authenticated with the service doesn’t match requested authentication method ‘Password, ProtectedTransport’. Related to the failed login screen below, most logins were successful and looking into the user getting failure, the problem could…
FEITIAN FIDO Keys for Passwordless
Reading Time: 2 minutes I have gotten some new FIDO keys from FEITIAN, and have done some testing to see how they work with Azure AD and Passwordless.So this Blogpost is more like the following up series, from the last post https://alven.tech/passwordless-with-windows-10-and-yubikey Heard about Feitan? I certainly never heard about them before, and first came across FEITIAN, when Microsoft announced the partners for FIDO support.https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Microsoft-passwordless-partnership-leads-to-innovation-and-great/ba-p/566493 Looking more into FEITIAN…
Passwordless with Windows 10 and Yubikey
Reading Time: 4 minutes Look at these guys! They are so happy, they have gotten their Yubikey’s and are ready for some Passwordless Authentication with Windows 10. In March I posted a blog post about using Yubikey with Azure AD – https://alven.tech/yubico-with-azure-ad-mfa/, So this post is a follow-up since Microsoft has now support for passwordless and Fido2 with Windows 10 (still only preview).In his post, I will go through…
Intune – iOS Company Portal not downloading (user affinity)
Reading Time: 5 minutes In 2019, I have been working on an MDM iOS migration project from Jamf to Intune. In this project, we got some problems regarding Intune and Company Portal (VPP) not being downloaded with User affinity Enrollment profiles for iOS. Trough this post I want to give some more insight/details regarding this issue, and how we “Solved” (workaround) it. One of the technical requirements for Intune…
Yubico with Azure AD MFA
Reading Time: 4 minutes I recently bought the Yubikey 5C and Yubikey NFC from yubico.com. Yubico is in short summary a company behind Yubikey hardware auth device supporting (OTP,U2F and FIDO2) protocols. You can read much more information and details at yubico.com. Since I’m Interested In Security and Identity authentication, I wanted to do more testing with Azure MFA for OATH hardware tokens (public preview) and Windows 10 Passwordless…
