Blog

Why o why is Microsoft`s default to trust everybody and enable new stuff in all tenants ?

0
ADVISORY

please check for some serious risky settings in your tenants

This blogpost is a small rant (love you Microsoft) about the big company out of Redmond, and why they strayed from their motto in the 2000`s which was «secure by default» -> to Kumbaya, love everybody, Hare Krishna style – and ENABLE like every new feature in our tenants ?

TABLE OF CONTENT
  1. Check for these settings on AdminCenter – https://admin.microsoft.com
  2. Check for these settings on Entra ID – https://entra.microsoft.com
  3. Can`t understand why Microsoft decides to put stuff out there this way
  4. What can we do as MSP or direct customers ?

Check for these settings on AdminCenter – https://admin.microsoft.com

  • CoPilot Agents for everybody (like Enterprise apps restricted, but
Read more

“To group or not to group” is the question – talking about Conditional Access and specifically exclude groups

0

In this blog i talk about if it`s a good idea to discuss using exclusion groups for conditional Access Policies or maybe why not. Topics contain Roles in Entra, External tools not being able to get group membership for an evergreen Dashboard and more…

Don`t lie, this happened to you too

I didn`t know, that this user was still excluded from a certain conditional access rule – somebody

Read more

INTERNAL IT`S DON`T GET TRAINING ANYMORE. MICROSOFT 365, SECURITY & GOVERNANCE IS POTENTIALLY AT RISK!

0

No budget for training.

These times are somehow gone.
Nowadays, we expect the poor guys and girls from internal IT to just get it?
“You guys kept the whole AD and FileServices running for decades, shouldn`t be a problem with this new thing called AzureAD (sorry entra ID now) and stuff…”

Windows 2000 courses with 3 books printed out in ringfolders
Travelling 5 days to become eligible for certification in VMWare VCP

Everyone had the same machine, either via Acronis or Ghost images. So everyone had the same adminaccount & password so we could
Read more

FSLOGIX instead of UPM, and do it right

0

What I am giving you here is links to well known people in the EUC, so you can decide yourself on what to do with your FSLOGIX profiles.
For me, a general problem with FSLOGIX is profile growth. You can take care of that with some basic settings and files, but don’t too much – or you’ll break things

Some of the links are:

  • Jim Moyle, VHDX ProfileShrink Script
  • Aaron Parker, Redirections.xml (as known in UPM) – don’t do too much
    And remember:
    There is Profile/VHDX now
    And there is data (Desktop, Downloads, Documents, Pictures) – so, either use Office365 and OneDrive Redirection or use oldschool FolderRedirections for the data part – you dont want to open up VHDX’s
Read more

Howto solve Microsoft Edge taking massive CPU in Citrix Desktop

0

If you happen to be like me and want to get rid of Chrome asap, check the point below for any Citrix environment to make sure your dekstop does not explode (CPU-wise)

My reason to be still sort of an early adopter for my usual careful self is:

  • to have one headache less and be safer in regard of keeping your tenants data in your Microsoft 365 cloud and not somehow synced to Google
  • to improve user experience in accessing corporate data with the cool new bing search (this shows your clouddata in the serachresults if you configure it that way)

Microsoft Edge taking all of it

Problem is, as you can see in the printscreen above, Microsoft Edge takes … Read more

ABOUT ME
Roman Jucker
Cloud Solution Architect & IT Sherpa
I work for Swiss IT Professional AG, located in Hettlingen, Switzerland. My main focus is helping customers on their journey into a safe Microsoft 365 cloud. I see myself as an IT sherpa, meaning, i take the internal IT with me and enable them to manage everything after it`s all up and done. Technologies allow us to enable users to work safely in a modern desktop with their data all safe and sound up in the cloud.

Helping customers understand and tackle the challenges on their cloud journeys. I see myself as an IT translator and sherpa

all rights reserved by Roman Jucker