Force Teams to Sign Out

Token Resistance I ran into an interesting scenario yesterday during a tenant migration where users from tenant A were successfully migrated to Tenant B, but their accounts remained logged into Teams – even changing the user account names to their onmicrosoft.com domain and removing their Teams license wouldn’t force them to log out… talk about … Read moreForce Teams to Sign Out

Mitigating Azure MFA Outages

With the recent MFA outages (twice in the last two weeks), the question has come up in conversation several times – what do we do when MFA is down, and when our users can’t log in? As you might expect, there are several approaches you can take that allow you to maintain the balance between … Read moreMitigating Azure MFA Outages

Troubleshooting Hybrid Azure AD Join

Hybrid Azure AD Join and Conditional Access One of the cool features of Azure AD Conditional Access Policies is being able to require that machines be domain joined, essentially locking down your access to corporate devices only, and preventing non-managed or non-trusted devices from being able to access your business data. You can see from … Read moreTroubleshooting Hybrid Azure AD Join

Add Azure AD Trusted Certificate Authority

Scott Duffey has put together some excellent articles (four parts in total) around setting up Azure AD based CBA, and deploying certificates to mobile devices. It’s worked really well as a guideline for me in setting up certificate based authentication in production environments – however, there’s one scenario that isn’t covered in these articles, and … Read moreAdd Azure AD Trusted Certificate Authority