Yesterday, Microsoft introduced the Azure Automation Runbook Gallery. This new feature gives you a growing list of runbooks, that’s already polished and ready for use.
In other words, it just got much faster to achieve your automation goal without being a hard core PowerShell guru.
Read a more about it at the Microsoft Azure Blog http://azure.microsoft.com/blog/2014/10/07/introducing-the-azure-automation-runbook-gallery/
When you enable Azure MFA on a tenant, you get the option to configure IP whitelisting. Another nice feature that you have is to require MFA only when the users do not originate from the intranet. In a multisite environment, with offices located all over the world, or if you do not have a persistent IP from your internet service provider, this is like gold!
If you want this to work, you have to do some configuration on your Active Directory Federation Service (ADFS). Along with the normal claims, you also have to send another one.
http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork
Alongside with enabling this, I’ll also configuring the service so the users can check the Keep me signed in box.
Sign into your ADFS server, and open the ADFS Management Console. If you then browse into Trust Relationships -> Relying Party Trusts. There you find Microsoft Office 365 Identify Platform.
Right click and, select Edit Claims Roules…
You are now watching the default claims rules that’s configured for Office 365. We will add two rules here. One for the Inside Corporate Network feature and one for the Keep me signed in feature.
First the Inside Corporate Network setting. Click Add Rule… and from the dropdown menu select Pass Through or Filter an Incoming Claim.
Then give the rule a good name, and set the Incoming claim type to Inside Corporate Network. That is it.
The next one is for the Keep me signed in. Add a new rule, and from the dropdown menu select Send Claims Using a Custom Rule.
On the next page, give the rule a good name, and add this custom rule
c:[Type == "http://schemas.microsoft.com/2014/03/psso"] => issue(claim = c);
That is all. Your MFA enabled users no longer gets a request to verify their authentication when they originate from the intranet.
My reading list for Microsoft Exam 70-533 – Implementing Microsoft Azure Infrastructure Solutions is finally complete enough to share.
I have not had time to take the exam myself yet, so it might still come some changes to the list. Happy reading 🙂
A new Azure PowerShell release is available. To upgrade, click this link http://go.microsoft.com/fwlink/p/?linkid=320376&clcid=0x409 or follow the guide from the Microsoft Azure Documentation http://azure.microsoft.com/en-us/documentation/articles/install-configure-powershell/
This Azure PowerShell release includes:
Source: http://azure.microsoft.com/en-us/updates/azure-powershell-0-8-8/
Had a case yesterday where we needed the password for a Certificate PFX file.
Luckily we found this tool, and after a short time using brute force we got the password: http://crackpkcs12.sourceforge.net/
If you have a netbook or a small laptop, why not spin this up in Azure using a Linux machine?
http://azure.microsoft.com/en-us/documentation/articles/virtual-machines-linux-tutorial/
Anyhow, it works, and the service is back on line 🙂
