Restrict access to Azure Portal from external network using Conditional Access Policy

Restrict access to Azure Portal from external network using Conditional Access Policy

In this post I will cover the topic on how to restrict the access to Azure Portal from external network using Conditional Access Policy. When we say restricting the access from external network – means we are talking about location / IP address range. If organization is having Active Directory installed, they already have Active Directory sites and services with all AD sites specified. These AD Sites (can be called location) will be having list of IP subnets defined for each. Based upon our requirement we can add create the Named Locations through Conditional Access settings and can specify the IP address subnets and can mark them as trusted location.

(more…)
Block access to Office 365 if Windows device not patched

Block access to Office 365 if Windows device not patched

In this post I will be discussing on how to Block access to Office 365 access when Windows is not patched. The purpose of this post is to implement a solution so as if any Windows 10 workstation device is not patched for last couple of months (let’s say 6 months), device should not be able to access Office 365 or we can say let’s block the access to Office 365 applications such as word, excel, PowerPoint etc.

(more…)
Secure Account using Multi-factor authentication (MFA) in Azure

Secure Account using Multi-factor authentication (MFA) in Azure

In this post I will show you how to Secure Account using Multi-factor authentication (MFA) in Azure or we can say how to setup MFA (Multi-factor Authentication) in Azure. MFA is enabled automatically when you create account on Azure, this is done automatically as part of Security defaults. But this is not the only way (ie. Security Defaults) to achieve Multi-factor authentication. There are other methods and much suitable and recommended by Microsoft. Conditional Access is one the better way to achieve the MFA.

(more…)
How to create Dynamic Group in Azure AD

How to create Dynamic Group in Azure AD

In this post I will cover the topic on how to create Dynamic group in Azure AD. Dynamic group which can be either Dynamic User od Dynamic Device, gives the benefit of dynamically creating a group based upon a query, hence the group membership will keep on changing based upon the criteria it is going to meet.

(more…)
Microsoft Authenticator – activation code push notification error

Microsoft Authenticator – activation code push notification error

While trying to register for Azure Multi-Factor Authentication on your mobile phone, we might see a common error  We couldn’t add the account. Please verify that the activation code is correct and push notifications are enabled on your device for this app.

In your organization if Azure MFA (Multi-factor authentication) is enabled (either through Security Defaults or Conditional Access policy), and when first time you login to Azure Portal, you will be prompted with message

(more…)