Sep 7Why you should use Entra Workload Identity FederationMicrosoft Entra Workload Identity Federation is a hidden gem when dealing with app registrations and service principals because it will significantly improve the security posture of your workload identities. …Entra Id5 min readEntra Id5 min read
May 10Retrieving Windows LAPS Azure AD Passwords with PowerShellDid you know that for the new Windows LAPS Azure AD is also maintaining the password history? The built in PowerShell commandlet relies on the Microsoft Graph PowerShell SDK and within this post I want to show you how to work with the Get-LapsAADPassword cmdlet. Kudos to Niklas Tinner as…Windows3 min readWindows3 min read
Apr 11Provoking Defender for Identity suspicious certificate usage alertsMicrosoft Defender for Identity (MDI) has announced a new capability back in February to detect suspicious certificate usage for Kerberos authentication. It is already well-known, that Active Directory Certificate Services (ADCS) is a lucrative target for adversaries to achieve persistence in Active Directory as ADCS can be easily misconfigured resulting…Defender For Identity8 min readDefender For Identity8 min read
Mar 12You must not touch my endpoint security settings!Intune Endpoint Security Configuration Settings have become the way to go for configuring security features on various platforms. What did start with Microsoft Defender for Endpoint settings for Windows clients has evolved to settings for macOS, Windows Servers and is treated like a first class citizen. …Sentinel4 min readSentinel4 min read
Feb 22Optimising Microsoft Graph PowerShell scriptsWe all have probably been there and developed a PowerShell script that took some fair amount of time until the execution completed, weren’t we? Of course one could argue and say that as long a script ‘works’ it is good enough but depending on the use case and environment a…Microsoft Graph9 min readMicrosoft Graph9 min read
Jan 30Migrating to the new Windows Store experienceThe Microsoft Store for Business will be discontinued mid 2023 and Intune recently introduced the new Windows Store experience backed by winget to distribute apps to your Intune managed endpoints. To simplify the migration to the new Windows Store experience I created a PowerShell Script that migrates all currently assigned…Winget2 min readWinget2 min read
Jan 23GitHub Actions with Entra Workload Identity FederationWorkload Identity Federation (let’s just call this WIF) allows app principals not residing within Azure to request short lived access tokens. This removes the need of storing client secrets or certificates within GitHub as Action secrets. One drawback ist that currently only the Azure modules support the usage of WIF. How it works …Azure Ad3 min readAzure Ad3 min read
Dec 30, 2022Inside Windows package managerWindows Package Manager (winget) provides exciting features to install and upgrade apps on Windows devices. But how does winget actually work and how are new packages integrated? Within this post I want to elaborate on some questions I had when having a closer look into winget. How does winget find sources? By default, winget has…Windows4 min readWindows4 min read
