Видео

Question related Passkey in Mobile devices that only use MAM, meaning, they are not onboarded to Intune. Why I can't use Passkey on those devices, I am unable to login to teams, Outlook apps that are protected only from app protection policies

Minute 35:09: who are the tenantadmins, are only the Global admins or any admin will receive the message, i.e.: will intune admin receive this alert?

minute 31:04 App consent is there any way to reduce the extra workload to user consent to the admins? minute: 31:54: admin consent request how the admins can know if the app that is requesting the permissions is secure or not? In the option "Allow user consent apps from verified published from selected permissions" All users can concent for permissions classfied as "low impact" do you know where can I find the low impact, medium impact and high impact permissions?

minute 30:18 and minute 36:21 MDCA blade called "OAuth apps" where you could see the App Registration with high level permissions what do you think about use the MDCA app governance to detect the app registration with high privileges level?

Minute 28:28 is there any way to setup a prefered MFA method, meaning that from admin setup the priority for the authentication methods i.e.: 1. Passkey 2. Authenticator Passwordless 3. Authenticator Nubmer matching. How can I know what is the primary MFA verification method that user is using to verify his identity?

Hello team, Comments: minute 24:23 Pre-requirement for CAP user action "register or Join device" If you plan to create the conditional access policy for the user action "register or Join device", you need to have in EntraID-->Devices-->Device Settings--> Option: "Require MFA to register or join devices with Microsoft Entra" set to NO. Amazing material, I see you r videos like I am in a very serious class, this is the knowledge that make difference

Here for the biceps :-) Seriously thanks for the details and the time !

Hi whats the difference between enterprise and SMB, and if I complete the category under SMB will i get E5 license of 200 in modern work as they mentioned ?

Does MS not block Tor nodes by default ?

In my situation, I've enabled a phishing-resistant method through a conditional access policy. The requirement is to enforce this for external logins. However, in my scenario, this method still prompts for the Yubikey despite bypassing the password requirement.

Assuming you are recording and transcribing the Teams Meetings in order to have Copilot summarize and follow up on?

Hello Nick, I'm not sure if my messages are reaching you through your website. I need assistance with migrating from GoDaddy to Microsoft 365. Do you provide this service? Thank you

Minute 28:31, what is a PSA tool? Is defender portal, or Sentinel or what is a PSA tool that will receive the alerts?

Minute: 20:19 related life time for the token 1 hours, you told us about session persistent to never, however, I believe you were talking about sign-in frequency. the sign-in frequency limit the life-time of the access token. Session persistance to never: if the browser is closed the session token is removed, then, if the user open again the browser, he will need to reauthenticate. Can you please help us with that clarification. best regards,

Amazing material... This is real case scenarios. microsoft focus a lot in PPT or how the feature works, however, you are teaching us why we should configure it... Excellent, I loved that explanation about pass-the-cookie. I hope in the future you can talk about team phishing, Anonymous access in Teams, DC Sync attack for Entra ID connect, app consent by users, who can invite guest, what a guest can do, attack surface reduction rules, Windows Hello, LAPS, and the other kind of attack that we should protect in our organization. I don't miss any of your videos, that help me to reinforce and improve my level in Microsoft. thanks for your support.

That was a great walkthrough for some of the areas admins should pay attention to as well as highlighting some of the pitfalls. One thing I would like MS to start doing, especially for some of their built-in rules, such as the 'Suspicious Email Forwarding Activity', rule, is to give far more details that are immediately presented to the end user checking the alert. Currently you get the alert but it won't show you the external domain that the email was being sent to, the subject of the email or any useful information. The only way I can find that is to head over to Purview, and look there for the alert as that will give some additional information when you open the alert. Also, another thing that would be great is is we could actually see the KQL behind some of the built-in alerts so that we could project more additional information from the resulting query and/or delete the built in one and use a decent custom one built-off the original MS Built-in query. Another thing we really struggle with is having a way to identify which users are actively authenticating via passkeys/FIDO2 as opposed to just having it available. The closest I see in the logs in Windows Hello, but you can't see in the users Sign-in logs in Entra where FIDO2/Passkey was specifically used. Loving the use of the whiteboard as well. Really makes a difference for presentation. As always, great videos and thanks you.

Soooo, basically social engineering…. Yes. That is really hard to protect against and no MFA/Secure login method can protect against stupid people/careless people. So this is, to be clear, NOT a weakness of the FIDO2 key, rather its about getting access to the system you’re logging in from beforehand through social engineering… ”really legacy” for sms, good one! BUT in reality especially SMB customers have a hard time getting security and why sms is bad.

So since there is a built in MFA feature in 365 and Azure, why would you need Duo? I’m specially interested in understanding why you need Duo for Azure connected computers if there is MFA built in?

so what I learned is that there is actually not protection against session cookie replay attack. One thing that boggles my mind is how easy it is and how ridiculously it laughs in the face of all the protections IT admins can put in place. After all this, your users are still the weakest link and you have nothing to protect yourselves against. The other thing is, (again because I don't understand how cookies work), why the hell are these cookies in plain text? Shouldn't they be encrypted?

Looking at the first example.. wouldn't Bruce have been able to find that HR information via SharePoint search anyway? I don't see why CoPilot would make the difference here?

Nice video!!! One doubt, do I need to enroll the device with company portal and then install the apps so I can manage them?

Many of these features don't work for IMAP/POP accounts. No categories, no To Do integration, no undo...

When I set a DLP exchange policy to encrypt the email. It encrypts the attachments. This was not the case a couple of months ago. Do you know how to manage that? Can it be managed better through labels?

Danke!

One question, how to handle passwords with user provisioning? This would create accounts without password? Not looking for identity workflow related licenses

Great work Nick!

Right click functions including copy and paste are all missing. What the hell. I literally cannot do my job.

Show-Command would be a good one to cover

Awesome video - Thank you!

you are aware that Teams is no longer part of office 365 and is its own entity

Hello, I use 3rd party MDM solution for macOS devices and have app conflict between MS Defender and MDM's default system application(it has Full disk access must be running). How to resolve that conflict?

Microsoft 365 E5 Compliance is an add on to E3 to get you some of those E5 Labeling and classification features that you don't get with E3.

Great and insightful share💯👏🙏

Thanks for this. I don’t see the link to the blog post. Can you share that here please?

Hi, I don't see the file name RunSCuBA anymore like the video. Could you please give me some information?

Great as always! Not as much 'as well, too' as other vids though 🙁

Great video! When writing the bulleted list in Teams 11:58 , from where did it get the CSV file? Can it also access onedrive for meeting preparation?

Thanks so much for these steps! Your video and blog were straight forward with everything that needed to be done. I was able to complete this in about 15 minutes, purchase a couple licenses for basic no teams as well for some increased storage. I went back to go daddy and created a new user since I had 1 out of 5 left on an essentials package and nothing came over. I wanted to test this to ensure the partnership was severed and they couldn't manage the account anymore.

So if my staff uses copilot, it means I can probably fire one of them with the time saving

The best M365 content. Appreciate you Nick, thank you

hi, a silly and newbie question please. I was wondering, we are fully cloud based that uses O365, Azure and Intune. We don't have any servers locally or any domain controllers. how could I redeem the 5 points for my Microsoft Secure Score? thanks

Your deleted items is not a storage folder!

Thanks!

Excellent video... Excellent the end-user experience.. This is run the extra mile, Excellent video, very very good, It is not only theory. You don't tell the "history", you show what is really feel it. Thank you very much for sharing your knowledge with the community. 😁😁😁😁😁😁

wow!!! thank

can you federate with a GCCH tenant?

anyone able to get refunds from GoDaddy for unused months you have subscribed to before the migration? Looking to do this and I am seeing within 30 days. Is this process still the same since this video released a couple years ago?

Very well demonstated

How would people know to place a forward slash? :)

Excellent video and very useful info. Microsoft's current settings for Android don't jive with my phone. Even I, as an IT professional, could not get it to work. It came up with failures during the process that were unclear of the cause. I will have to look into this when I have more time.