As Microsoft enabled the Radius option in the Azure Gateway VPN configuration, it now means you can enable MFA on your P2S connections! There is a caveat however. It only works if you have replicated your users from an Active Directory into Azure Active Directory. If you have cloud-only user, it doesn’t work (yet..) I’ll […]
In my previous post I mentioned the way to create a USB/ISO for booting / installing the ASDK system. Now I’ve automated the creation of the ISO image (so you don’t have to) and with Microsoft buying GitHub, I also pushed all the code onto GitHub as well. In there you will find the following […]
When you have deployed your ASDK in ADFS mode and you want to shutdown/reboot the host, you might notice that the service never comes up again.. while a shutdown through the host directly is not-supported you are able to shutdown the ASDK using the AzS-ERCS01 privileged endpoint. To shutdown your ASDK do the following from […]
(Not supported by Microsoft alert!) Azure Stack uses Active Directory technologies for identity management and authentication. By default, Azure Stack has 2 modes in can operate in. It can be used in a AAD mode utilizing Azure Active Directory for identity permission assignment as well as federated authentication or it can be setup in the […]
Microsoft Azure has the option to enable Accelerated Networking on VM’s. More information on the feature can be found here but this post is not to tell you about what good it does nor how it works.. no, this post is to introduce a new script that will enable/disable the function for you! update: it’s […]
If you want to deploy the Azure Stack Development Kit, the deployment guide instructs you to install a clean Windows 2012R2 or 2016 server OS on the physical host to then configure it to boot from the CloudBuilder VHDX on the C drive. In this blogpost the initial installation of Windows 2012R2 / 2016 is […]
While this blog is mostly focused around passwords and how to ensure people can login, the new direction within Microsoft is to get rid of passwords. I can already feel the shock from many security officers reading this post, but hear us (eeuh Microsoft) out on this one. Passwords are by default unsecure, they require […]
In the initial post, we looked at PTA from a high-level perspective. This post goes into the actuals and internals of the PTA to ensure you can convince your security department on why PtA is a very good idea. Inside Azure AD there are multiple components that work together to ensure the safety of your […]
I know that many of my posts are about networking icw a Juniper SRX… as I happen to have one. But what if you don’t have such a “sophisticated” device that can handle multiple virtual routers, BGP and all the other stuff. Well I could say, buy one from e-bay.. but let’s see if I […]