Microsoft Ignite 2019 has kicked off. On Sunday I was attended the pre-day workshop on IoT. Benjamin Cabé took the group through the development of a modern cloud IoT solution.
We focused on Microsoft’s demo company, Contoso Art Shipping Inc.
The workshop started by setting up sensors using IoT Hub and the new Device Provisioning Service with Plug and Play to do enrolment.
The device we used was the Azure MX Chip Dev Kit.
There are times when you need to force a user or users to be disconnected for Microsoft 365 services like Exchange and SharePoint and block their access. When this happens, you need to complete the following tasks.
Block the user’s sign in Reset the user’s password and force a change on next login Revoke their sessions to SharePoint and OneDrive Revoke or remove their AzureAD authentication tokens These tasks can be done via the GUI, but it’s quick to have a script pre-paired.
Microsoft is currently on a path to switch services to Passwordless logins, meaning we will at some point no longer require a password. This does not mean accounts will not be protected; accounts will be using tokens, Multi-Factor, authenticator apps to perform authentication.
The Microsoft strategy is base on 4 steps; Develop password replacement offering Reduce the user-visible password surface area Transition into password-less deployment Eliminate password from identity directory Right now, we still see the continued development of the replacement for passwords and the reduction of locations where we need to enter password.
FIDO keys provide you with a hardware-based authentication device. The keys can be used on a number of different sites as well. I use the keys to protect my AzureAD login, GitHub and a few other places as well. In this section, I will go over the process to enable AzureAD.
In part 1, I went over methods for PasswordLess login and set up the Microsoft Authenticator App.
AzureAD Passwordless Sign in with FIDO - Part 1
FIDO keys provide you with a hardware-based authentication device. The keys can be used on a number of different sites as well. I use the keys to protect my AzureAD login, GitHub and a few other places as well. In this section I will go over the configuration for locking down a Windows 10 device. I have already gone over the process to enable AzureAD in part 1 and 2.
A few months ago, I created this blog, and it has taken a bit of time, but its time to give blogging another try. I have created this blog to help other people with issues or topics that I have been working on. Over the last few years I have been working on cloud base solutions focusing on Microsoft technology and some Google services.
Currently, I am working as a Principle Architect focusing on the Microsoft cloud.