tag:blogger.com,1999:blog-39140704184839775862024-03-19T23:12:48.676+01:00The Cloud is a neighborhoodMicrosoft Azure and other cloud related things Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comBlogger202125tag:blogger.com,1999:blog-3914070418483977586.post-91145845096312676542023-03-20T13:04:00.008+01:002023-03-20T15:00:10.040+01:00Removing all "Unknown" object from permission/access list in Azure (IAM)I do not like to have permission in Azure that gives access to "Unknown". I consider this a "visual" disturbance, a documentation issue, and a potential security risk. So I usually delete them when I find them.You can find them by browsing around the entire portal manually or you can find them by using a script to document all access like my script explained in "Documenting Azure resources Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-66454429759135334032022-08-24T14:31:00.002+02:002022-08-24T14:31:49.477+02:00Documenting Azure resources access (AIM) There are many situations when you want to know the access structure for all your Azure resources. Examples could be:DocumentationCleaning out permission given to individuals instead of groupsSafe screening (groups/individuals that should not have access)Deleted identities still visible in the AIM listPreparing for features like Privileged identity management (PIM)Comparing changes in access Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-74812854509522282302021-11-26T14:19:00.005+01:002021-11-29T10:42:30.161+01:00Change owner for App registration and Enterprise Apps in Azure I got a long list of Azure AD App Registration/Enterprise Apps that needed to get a new owner. This is a quite common task since the original owner might have quit or changed role. So knowing that this is a task that might appear every now and then I wrote two short and quick PowerShell script to fix this. One for App registration and one for Enterprise Apps, you can, of course, Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-66793618952294952562020-09-26T17:15:00.004+02:002020-09-26T17:15:46.505+02:00PowerShell script to get some AzureAD logins stats The information you get in the Azure portal about logins are decent, but some time you need some statistic or insight fast and don't want to use the graphic interface or down load csv/json files.I have created som script and favourite lines and uploaded it to my Github repoThere is a menu based script to quick get some stats about successful and unsuccessful logins, apps used and loginOlav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-1971730783361229262020-07-20T10:50:00.000+02:002020-07-20T10:50:05.838+02:00Unused Azure AD Connect accounts "On-Premises Directory Synchronization Service Account"Playing with #Azure Privileged Identity Management made me aware of two active accounts from old or failed AAD connector installations from way back.
And we don't want to leave something with that potential for misusage laying available in our AAD.
To check if you have you the same in your system don't need PIM, just search for "On-Premises Directory Synchronization Service AccountOlav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-91909516574411329182020-07-09T14:36:00.002+02:002020-07-09T14:49:38.922+02:00Requesting access with Azure AD Privileged Identity Management from PowerShellUsing Azure AD Privileged Identity Management (PIM for short) as a method to control access to Azure resource are nice security feature. It makes it more trackable and gives the granted roles for a defined time period. You can add approval as a necessary add-on security feature, use MFA or other adjustments. Read more about PIM here.BUT! it can also feel like a pain in the... if you useOlav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-26174738196152385392020-04-21T13:17:00.000+02:002020-04-21T13:17:50.330+02:00Finding empty resource groups in AzureNot easy to have control over your Azure resource groups, but maybe find all those whiteout any content could help?
I have created a PowerShell script helping me in my environment. Should be easy to adjust it to different needs.
Got valuable help from VidarW
The script creates a csv file, but it is easy to change it for instance to a grid view instead
Script are located in my Github:
Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-16866301443218142102020-04-17T13:56:00.001+02:002020-04-17T13:58:06.585+02:00Cheat for PowerShell connecting to remote machineYes I know, it's quite easy to connect against a remote machine to run PowerShell. But I am not doing it on a regular basis so I always forget:
Enter-PSSession -ComputerName COMPUTER -Credential USER
So to make my life easier I have created a really easy script with a shortcut on my desktop, that just ask for remote computer name and my password.
Script:
$RemoteMachine = Read-Host -Prompt "Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-38086467599615908582020-04-17T09:28:00.001+02:002020-04-17T09:28:38.327+02:00Creating Azure Resource Groups with PowerShell
I am working in a intense DevOps environment so I am creating new Resource Groups in Azure quite often. Doing this the manual way are of course are quite boring and might open up for different types of mistakes.
So way not make sure that the mistakes are consistent and do it with a script?
I have made the script with an example input file available on my GitHub so you can find it hereOlav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-85180081219989523912019-12-30T15:30:00.000+01:002019-12-30T15:30:58.731+01:00End off year and first set off conferences and speaking engagements for 2020
2019
2019 was a busy year (as most off them usually are). Lots of conferences and speaking engagements, Nordic Infrastructure Conference and MVP Dagen in Oslo, SharePoint Conference in Las Vegas, Ignite in Orlando and Paris just to mention some.
Other important events was starting the Norwegian podcast channel "Blå Skjerm Brødrene"
Most cast's are in Norwegian but there is some real Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-7283268542292810602019-11-29T13:24:00.002+01:002019-11-29T13:25:52.587+01:00My Microsoft Ignite 2019 Activity Summary
Microsoft Ignite 2019
You always get overwhelmed and impressive by Microsoft Ignite, no matter how many times you have been on it. The energy from the attendees and organizers are always a boost that makes the jetlag and sore feet from all the walking feel quite unimportant.
This year I had 1 breakout session and 2 hours with the Podcast center to record what became 3 video podcasts in Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-13028260416687768362019-11-18T09:12:00.000+01:002019-11-18T09:12:15.784+01:00Change search provider for Edge Chromium editionLove the new chromium based edge but it's currently a bit annoying to change the search provider.
found help in this article, but its quite old and not accurate any longer (but still gave me the solution on what to look for) :https://windowsloop.com/change-chromium-edge-search-engine/
Quick fix is to type in: edge://settings/search
If your preferred search provider is missing you Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-79052542655204189812019-11-13T15:42:00.000+01:002019-11-13T15:42:45.214+01:00Ignite The Tour Paris - BRK30010 sessionJust finished my session "BRK30010 - With so many different ways to secure data across the Office 365 platform, it’s hard to know what to use when"
Don't know what happen with the name, took about 2 slides and 3 minutes just to read it. Event tried to use a acronym "WsmdwtsdatO365pihtkwtuw" still long and took even longer to pronounce it.
But the session worked, awesome audience here in Paris.
Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-80199705129925679892019-09-20T10:08:00.000+02:002019-09-20T10:08:05.447+02:00Create a group for all Autopilot devicesWorking with Autopilot and need a group covering all AutoPilotet enrolled devices?
Michael Niehaus has this covered in his blogpost: Autopilot profile assignment using Intune
The quick guide will be to create a Dynamic group in Azure AD with the following rule syntax:
(device.devicePhysicalIDs -any _ -contains "[ZTDId]")
Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-41487154526538367182019-08-28T14:01:00.000+02:002019-08-28T14:01:18.503+02:00The next episode!
I have been a consultant since 96/97, working within all different kind and sizes of companies, both as a hired gun for customer and employee in different consultant houses. Enjoying the differences in environments and demands have made the work hard at times, but most rewarding and educational.
Without a doubt, my time at Innofactor has proven to be a period amongst the most skilled Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-16431240686317962172019-08-23T12:38:00.000+02:002019-08-23T12:38:35.468+02:00Change Windows 10 from volume license (VLK Pro/Enterprise key) to use the key machines built-in key Felt a bit stupid today (again). Have been struggling with some Microsoft Surface Go devices. Love the device but, when they are shipped with Windows 10 1803 version you will use some time updating them. So my brilliant idea was to reinstall them clean with the latest updated ISO from a stick. Smart right?, jupp except that I download the business VLK version.
So should I wipe and reload? (Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-77587678451052942532019-08-16T11:30:00.003+02:002019-08-16T11:30:48.615+02:00MVP Dagen 2019 and Innofactor webinarI have 2 events coming up now right after the summer. First one is a webinar on the 28. of August and the next one is Microsoft Dagen in Oslo, Norway. Main foucs on both are related to OneDrive/SharePoint and security.
More info and links:
Innofactor: Microsoft 365 Insights e-Seminar
One event, 3 tracks, 4 sessionsBy joining one or more sessions in our free-of-charge Microsoft 365 Insights Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-82253635156199720982019-06-21T10:03:00.000+02:002019-06-21T10:06:39.251+02:00Summer holiday and nice resources to help you stay out of the sunHere in Norway, the summer holiday is about to start for a bunch of people. We know from experience that many IT Pros have the danger of self-combustion if they get hit by direct sunlight. So to make sure that doesn't happen I have collected some nice resources for you to spend time on your IT ninja skills instead of self-combustion.
A great place to start if you want to get some hands-on Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-9652778648108959252019-05-27T11:18:00.000+02:002019-05-27T11:20:19.337+02:00Recordings of demos and slidedeck from SharePoint conference 2019
Back to work after speaking at SharePoint Conference 2019 in fabulous Las Vegas. Used a bit more time then I calculated on uploading video and slides from my presentation. Who would know that bandwidth on airports and conference hotel might be slow ;-)
But now it's ready.
Slides are here
Recording of demos:
SharePoint Basic IRM and Conditional Access
Risk-based identity Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-69331392096974411722019-05-15T14:45:00.000+02:002019-05-15T14:57:48.447+02:00Sharepoint Conference 2019 - Secure your data, not your device podcast with Pål-ErikSitting and doing some final tweaks on my presentation for the SharePoint Conference.
It looks like there will be gladiators in there, of course, I am after all talking about information security.
And lucky for me, Mr. Pål-Erik Winther, walked by and had time for a chat.
I took the opportunity to start the "tape" recorder and it resulted in not only one, but 2 fine Microsoft Information Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-33469757597131485212019-03-01T01:38:00.000+01:002019-03-01T01:38:15.986+01:00
I Was
thinking about starting this blog post like this:
What
do I have in common with Ozzy, Iron Maiden and Bob Seger?
We are all gone perform in Las
Vegas fabulous MGM Grand this year.
But that might have been perceived
as high-pitched. So instead I will start by stating that I am so looking
forward to being speaking at the largest SharePoint
conference that has gathered an Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-4440311616001283212019-02-18T13:58:00.001+01:002019-02-18T13:58:38.526+01:00Test-MigrationReadyness.ps1 ScriptI have added a OneDrive/SharePoint migration related script to my GitHub
This is an add-on to make my script "Test-OneDrivePath.ps1" only check against specified folders (and its subfolders) instead of all folders in the specified path.
I have used the SharePoint Migration Tool's input file as the source for folders since this makes me able to combine one input file with the migration itself. Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-51044027869327554952019-02-13T10:01:00.000+01:002019-02-13T10:01:20.389+01:00Slides and links to scripts from my NIC 2019 sessions
Another Nordic Infrastructure Conference has come to an end. As always got to talk to lots of interresting people attending and speaking. Got my first bluescreen during a presentation, looks like it was dlidusb2.dll a DisplayLink driver that caused it. Luckily my Surfacebook 2 booted up fast and got me going without to much hassle.
Big thanks to Jimmy Hang for the picture
Lets put Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-56844992938272331192018-12-28T16:35:00.000+01:002018-12-28T16:35:29.924+01:00SharePoint Conference 2019 - Secure the data, not the device
Hi, I am just sitting here and planning my session for SharePoint Conference 2019.
While SharePoint have been around for a while now, it might seem like 2019 will be a year when many companies will start to migrate content of their file servers to SharePoint Online.
Users home folder are being migrated to OneDrive and shared folders are heading for different Office 365 Groups, Teams or otherOlav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.comtag:blogger.com,1999:blog-3914070418483977586.post-56255480510690528482018-10-09T22:15:00.000+02:002018-10-09T22:17:03.756+02:00Ignite - The Windows 10 tips you wished you knew last week #THR2152
Had awesome sessions with an amsing big crowd during my "The Windows 10 tips you wished you knew last week". I had hoped for a 45 minute session on that topic, but I tried to keep the most important things. The session contained lots of demos and script so I created this blog to give you links to recordings of all the demos, scripts and tools.
Demo recordings:
Find Install and reboot time
Olav Tvedthttp://www.blogger.com/profile/14282132103868914749noreply@blogger.com