What supports modern authentication in Microsoft 365

I get a lot of questions of what does and doesn’t support pure modern authentication in Microsoft 365. Pure modern authentication DOESN’T include App Passwords!

In short, you are best off with the latest version of the Microsoft software. However, here’s the list:

Office 2016

Modern authentication is already enabled for Office 2016 clients, you do not need to set registry keys for Office 2016.

Office 2013

To enable modern authentication for any devices running Windows (for example on laptops and tablets), that have Microsoft Office 2013 installed, you need to set the following registry keys. The keys have to be set on each device that you want to enable for modern authentication:

Registry key Type Value

HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL REG_DWORD 1

HKCU\SOFTWARE\Microsoft\Office\15.0\Common\Identity\Version REG_DWORD 1

iOS

In order to use the native iOS mail client, you will need to be running iOS version 11.0 or later to ensure the mail client has been updated to block legacy authentication.

Mac

One of the three most recent versions of macOS. When a new major version of macOS is released, the macOS and the previous two versions.

macOS Mail on macOS < 10.14 does not support Modern Authentication

Android

Android (Google) Mail does not support Modern Authentication

Outlook on mobile

Outlook for Mobile supports modern authentication by default

Office for iPad® and iPhone® (including Outlook for iOS on iPad® and iPhone®) requires iOS 12.0 or later. Office for iPad Pro™ requires iOS 11.0 or later Office is supported on the two most recent versions of iOS.

Office for Android can be installed on tablets and phones running any of the supported versions of Android and have an ARM-based or Intel x86 processor. Starting on July 1, 2019, support will be limited to only the last four major versions of Android.

Office for Android™ can be installed on tablets and phones that meet the following criteria: running Android KitKat 4.4 or later version and have an ARM-based or Intel x86 processor.

Compare how different mobile devices work with Office 365 – https://support.office.com/en-us/article/Compare-how-different-mobile-devices-work-with-Office-365-BDD06229-776A-4824-947C-82425D72597B

Need to Know podcast–Episode 232

No interview this episode only news with Brenton and myself. Been a little while since we have chatted so a few things to cover off in the Microsoft Cloud and in general.

This episode was recorded using Microsoft Teams and produced with Camtasia 2019

take a listen and let us know what you think – feedback@needtoknow.cloud

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-232-updates/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

The podcast is also available on Stitcher at:

http://www.stitcher.com/podcast/ciaops/need-to-know-podcast?refid=stpr

Don’t forget to give the show a rating as well as send us any feedback or suggestions you may have for the show.

Resources

@contactbrenton

@directorcia

Brenton’s Adoption Podcast

What’s new with Microsoft 365 February 2020

Forms Activity Reports

Staying on top of Office 365 updates

Update to Microsoft Authenticator

Microsoft’s New Cloud printing service

Detect workplace harassment

Our commitment to customer during COVID-19

Full Azure AD P1 is coming to Microsoft 365 Business

One of the frustrating things about Microsoft 365 Business was that it didn’t include the full Azure AD P1 feature set. It had about 80%. This unfortunately created a lot of confusion for people to know exactly was and was not included. For example, Dynamic Groups WAS part of Azure AD P1 but NOT part of Microsoft 365 Business.

That was until now! Per the above Message Center notification, Microsoft 365 Business will receive the full Azure AD P1 from April 2020! Seems like all of us (including Alex Fields, got our Christmas wish)

Thanks Microsoft, that’s going to make things much easier.

Why is there no data in my Azure Sentinel?

If you find that no data is flowing into your Azure Sentinel workspace then check the data connectors as shown above. You should see that the Data types are connected and actual events are appearing.

If you actually Open connector page you should firstly see that the data source is connected (in the top right). In the lower left you should see the connected sources as well as the log counts. However, if you see no data then the most likely cause is that you have not completed the Configuration settings (here selecting Exchange and SharePoint option).

Another way to check is to select the Logs option on the left menu and then run an ad hoc query against some of the data sources as shown above. that should produce some low level logs that confirm data is being ingested.

Azure Sentinel Data Connectors have different configurations, so if you are not seeing any data inside Sentinel, check that you have all the configuration options enabled and connected inside each connector.

CIAOPS Need to Know Microsoft 365 Webinar–March

laptop-eyes-technology-computer

This month I’m going to closer look at OneDrive for Business and hopefully share with you some features that you may not know about. There is more to OneDrive for Business than meets the eye. I’ll have the the latest Microsoft Cloud updates plus open Q and A as well.

You can register for the regular monthly webinar here:

March Webinar Registrations

The details are:

CIAOPS Need to Know Webinar – March 2020
Thursday 26th of March 2020
10.30am – 11.30am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

Techwerks 11–Melbourne 8th May 2020

bw-car-vehicle

We will be back in Melbourne for Techwerks 11 on Friday the 8th of May 2020. The course is limited to 20 people and you can sign up and reserve your place now! You reserve a place by completing this form:

http://bit.ly/ciaopsroi

or sending me an email (director@ciaops.com) expressing your interest.

The content of these all day face to face workshops is driven by the attendees. That means we cover exactly what people want to see and focus on doing hands on, real world scenarios. Attendees can vote on topics they’d like to see covered prior to the day and we continue to target exactly what the small group of attendees wants to see. Thus, this is an excellent way to get really deep into the technology and have all the questions you’ve been dying to know answered. Typically, the event produces a number of best practice take aways for each attendee. So far, the greatest votes are for deeper dives into the Microsoft Cloud including Microsoft 365, Azure, Intune, Defender ATP, security such as Azure Sentinel and PowerShell configuration and scripts, with a focus on enabling the technology in SMB businesses.

Recent testimonial – “I just wanted to say a big thank you to Robert for the Brisbane Techworks day. It is such a good format with each attendee asking what matters them and the whole interactive nature of the day. So much better than death by PowerPoint.” – Mike H.

The cost to attend is:

Gold Enterprise Patron = Free

Gold Patron = $33 inc GST

Silver Patron = $99 inc GST

Bronze Patron = $176 inc GST

Non Patron = $399 inc GST

I hope to see you there.

Trusted IPs

One of the ways that you can ease the burden of having to use MFA with every login to services like Microsoft 365 is to implement Trusted IPs for a limited set of networks. This feature is available with Azure MFA which is part of Azure AD Premium P1 and all SKUs of Microsoft 365 including Microsoft 365 Business.

You can read more about Trusted IP’s here:

https://docs.microsoft.com/en-gb/azure/active-directory/authentication/howto-mfa-mfasettings#trusted-ips

To configure Trusted IPs in your environment visit:

https://account.activedirectory.windowsazure.com/usermanagement/mfasettings.aspx

If you don’t have the appropriate license you will only see:

If you have the appropriate license you will see more options like so:

Thus, into the lower box you put the IP address range(s), behind which you do not wish to have MFA enabled. Anywhere else, it will remain enabled and required. Also don’t forget to check the option to Skip above this box.

If you also look inside your Conditional Access configuration, you will now find that you also have a new Location called MFA Trusted IPs as shown above. You can thus use that as part of your Conditional Access policies if you wish which you can read more about here:

https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition#trusted-ips

In summary then, Trusted IPs allow you to remove the need to use MFA when configured and are part of Azure AD Premium P1 or Microsoft 365 licenses. They are great way to remove the need for MFA for network ranges that you trust. Typically these are the IP ranges inside a businesses local network, that the business completely manages and controls.

A once in ten year opportunity

There is no doubt that currently, every business and individual is headed towards some challenging times. The spread of the Corona virus will affect everyone in some way in the near future. The greatest chance of such effects will probably be economically. The slow down in key industries, including travel, transport, logistics, supply, just to name a few will be huge. These impacts will flow onto businesses, both large and small, and finally down to individuals. In short, it seems pretty assured that it won’t be long before we are officially in recession.

Economic downturns are nothing new however. That happen with surprising consistency and regularity. Here’s a brief history recap:

2020 – Corona Virus

2008 – GFC

2000 – Dot Com bubble burst

1997 – Asian financial crisis

1990 – Currency crisis and the Australian recession ‘we had to have’

1987 – Black Monday stock market crash

and so on.

If you look closely a these events you’ll see that are typically spaced around 10 years apart. Not always. Sometimes longer. Sometime shorter but I reckon it is a pretty safe bet to say that we live in times of a 10 year financial cycle from bust to boom.

Theories on such cycles have been establish by everyone from Kondratiev to Ray Dalio and are worth taking a look at. No one theory contains all the answers, but inside most is a piece of the puzzle for those willing to look.

The worrying thing is that we really haven’t fully recovered from the last downturn thanks to GFC even though we have enjoyed record low interest rates. The problem is now that the next economic shock is here and governments no longer have interest rates as a tool to “stimulate” the economy. It would seem that the only way they have left to make money ‘cheaper’ is to print more of it (known as qualitative easing). Many will debate the ability of such an approach to stimulate the economy, and I will leave you to do your own research on that, however my expectation is that such an approach largely benefits the few well off while disadvantaging the majority who see the purchasing power of their savings fall as government printed money (with no backing but merely what the government says it’s worth) floods the economy.

As bad as things look to be shaping up, there is something positive to remember here. Every threat also brings opportunity. However, opportunities are only available to those who position themselves to take advantage of them early. Thus, what I’m saying is that you should be preparing NOW if you want to firstly ride out the coming storm and secondly, if you want to take advantage of the opportunities that will arise because of it. Remember, the Bible tells us that Noah built the Ark BEFORE it rained!

In technology terms, many large business like Microsoft are now touting tools like Microsoft 365 and Teams as ways to work from home and limit the spread of the Corona Virus. Cleverly, they are also offering these tools for free:

Microsoft commitment to customers during COVID-19

This is a very smart move, because as bad as the situation may appear at the moment, it will not last forever. Just like the GF, Dot Com bubble and so on also didn’t last forever. Yes, there was a pull back, but once the threat had passed the economy continued to grow and the business environment did so as well. Chances are that it will be exactly the same this time as well. We just don’t know how long the downturn will last as yet. However, helping people and business today is going to get them on board with what you offer, from which they are unlikely to change as times improve. It also positions you as a ‘helper’ not a ‘panicer’.

What transpires in the short term with Corona Virus will determine the extent of the challenge we all face. That remains the unknown. That’s why now is the time to ensure you have your house in order and you make sure you are prepared for the downturn that is coming. Then and only then can you look externally for the many, many opportunities that will present themselves going forward both personally and professionally.

In short, right now is the unique opportunity in time to set yourself and your business up for the next 10 year up swing that will inevitably follow the current short term outlook. The smart player looks where the ball is going, not where it currently is!