In privilege identity management, we can enforce MFA verification during the activation process. When this setting is in place, eligible users should have valid MFA claims to proceed with the role activation. But now we can use conditional access policies with PIM role activation. This will allow us to enforce more advanced controls than MFA on role activation. As an example, before the user…
In my previous blog post, I explained how we can automate JML (Joiners/Movers/Leavers) process by using Microsoft Entra lifecycle workflows. You can access it using https://www.rebeladmin.com/2022/11/step-by-step-guide-automate-jmljoiners-movers-leavers-process-with-microsoft-entra-lifecycle-workflows/#more-6030 . In this article, I used employeeHireDate Azure AD attribute value to trigger the…
MDI Sensor installation is the Part 05 of the Microsoft Defender for Identity blog series. So far we learned about following about MDI,
Part 01 – MDI Overview
Part 02 – Create Directory Service Account
Part 03 – Collect Windows Events
Part 04 – Network Requirements
In this blog post, I am going to demonstrate how to enable a MDI instance and then install the first MDI sensor in the…
This is the Part 04 of the Microsoft Defender for Identity blog series and so far in this series, we learned about following,
Part 01 – MDI Overview
Part 02 – Create Directory Service Account
Part 03 – Collect Windows Events
This is the last blog post which covering about MDI prerequisites. The rest of the blog posts in the series will cover the operation side of the MDI.
Microsoft…