Kategorie: Azure Active Directory

Manage partner relationships (CSP) and partneradmin roles in a M365 tenant

Veröffentlicht am von Andre

When a Microsoft partner (CSP) sends you an invitation into your M365 tenant you might also give them Global Administrator and Helpdesk admin permissions even though the partner just provides you with licenses. This is a problem as a partner could access your M365 tenant and can make changes like adding accounts, changing permissions, read… Weiterlesen Manage partner relationships (CSP) and partneradmin roles in a M365 tenant

Überprüfen der Partnerbeziehungen (CSP) und Rollen im M365 Tenant

Veröffentlicht am von Andre

Seit einiger Zeit nutzen Angreifer die Schnittstelle zwischen M365 Partner (CSP) und Kunden aktiv aus, um so in einen M365 Kundentenant zu gelangen. Das wird dadurch ermöglicht, dass man einem M365 Partner Zugriff in seinen Tenant gewährt hat, um von diesem z.B. mit Microsoft Lizenzen versorgt zu werden, dabei aber auch dem Partner Global Administrator,… Weiterlesen Überprüfen der Partnerbeziehungen (CSP) und Rollen im M365 Tenant

Use Graph Directory Schema Extensions for Microsoft Teams Governance

Veröffentlicht am von Jakob
Graph and Teams

In this article, I want to share a method that allows your organization to bring a Microsoft Teams Governance solution to the next level. Most organizations that use Microsoft Teams have Governance requirements like naming conventions, Teams creation limitations, etc. Microsoft has solutions in the portfolio that help you fulfill these requirements, like creation and… Weiterlesen Use Graph Directory Schema Extensions for Microsoft Teams Governance

Use more Access Packages!

Veröffentlicht am von Jakob

Microsoft Teams & Azure AD Access Packages = BFF ?! Hi, the more I am using Azure Active Directory Entitlement Management and Access Reviews, the more I am impressed by the possibilities of Identity Governance. The challenges which I am confronted with every day, these are especially Governance, Compliance and Security Topics round about M365,… Weiterlesen Use more Access Packages!

Microsoft Teams – Fulfill Advanced Guest Access Requirements

Veröffentlicht am von Jakob

There are a lot of of settings available in a Microsoft 365 Tenant which were responsible for guest access. To manage guest Access in Teams you have to adjust different settings. At least the Azure AD external Collaboration Settings, the SharePoint Sharing Policies & Settings and the Teams Guest Access Settings are relevant. If you’re… Weiterlesen Microsoft Teams – Fulfill Advanced Guest Access Requirements

Another Microsoft Teams Governance Approach – Using Azure AD Identity Governance

Veröffentlicht am von Jakob

Since Microsoft published the Request a Teams App Solution on github ( https://github.com/OfficeDev/microsoft-teams-apps-requestateam ), I stopped all my „ambitions“ to create my own deployment tool for Microsoft Teams, because it´s designed very well and especially the PowerApp-Part is better than I could ever build it. So I concentrated on other Governance topics than the creation… Weiterlesen Another Microsoft Teams Governance Approach – Using Azure AD Identity Governance

Advanced Conditional Access Use Cases – Part 2: Controlling the actions in a session

Veröffentlicht am von Christopher Brumm

After my introduction to Policy Design for Conditional Access and the integration of Risk Based Conditional Access I would like to deal with the first session controls today. While all other policies so far were concerned with the question of whether an access is allowed or not, session controls define conditions within the access or… Weiterlesen Advanced Conditional Access Use Cases – Part 2: Controlling the actions in a session