I need that when new users open https://shell.azure.com/ the initial configuration does not have to be set. Is this possible?
All IMGs must be in a storage account that I want
How can I do it? Is there a powershell that I can run when a user needs to use cloudshell? Or which are the minimum permissions to give users for only can create their IMG in storage account that I want.
Hi,
I cannot view anymore the "Select All" view for the resource group field.
Is it something that Azure has changed?
Hi,
We are using SharePoint online and planning to classify our contents based on the confidentiality of the contents using AIP or CAS. If any document contains SSN/Credit card number it will be classified
as highly confidential.
Is it possible to monitor the classification of the files if end user by mistake wrongly classifies the files in O365 using AIP or CAS?
Thanks.
Is there a version of "AWS transit gateway" in Azure?
https://aws.amazon.com/transit-gateway/
AWS's version of virtual gatewas is like a virtual router in the cloud provided as a service for VPC to connect.
It is like a hub where spokes can connect to other VPCs in the cloud.
AWS transit gateway is a virtual gateway where multiple VPC can connect via a single virtual gateway so that traffic can be routed to other VPCs.
How would we do this in azure?,... what is the corresponding product?
This allows a connecting of separate VPCs to a single interface like in a hub and spoke design.
In other words, if we need multiple VNETs to communicate is there a azure product that acts like a virtual gateway to allow this? We do not want to directly configure a peering to each VPC but rather want a virtual gateway where the traffic can be routed to multiple VNETs. There would be no need to have a separate peering between each Vnet.
dsk
Brad Boozer Support Technician Mattress Firm
I need that when new users open https://shell.azure.com/ the initial configuration does not have to be set. Is this possible?
All IMGs must be in a storage account that I want
How can I do it? Is there a powershell that I can run when a user needs to use cloudshell? Or which are the minimum permissions to give users for only can create their IMG in storage account that I want.
Hello guys
We are migrating a custom inhouse application from AD FS to Azure AD.
There is currently issuance rules in AD FS that sends specific value in outgoing claim if user belongs to a certain AD security group. Application then makes user authorization decisions based on that claim value it receives. Claim is mapped to a attribute in application which has fixed size limit of 2048 bytes.
Things gets bit complicated when we move from ADFS to Azure. As far as I know it is not currently possible to send only one or two AD group membership of the user in SAML claims.
You can emit group claim, but it would contain all security groups or distribution lists user is a member of. And we don't want to send all groups user is a member of because of application attribute size limitation.
I'm fairly new in Azure business so it is totally possible that I've misunderstand a concept and just can't see an obvious.
Any ideas?
I need that when new users open https://shell.azure.com/ the initial configuration does not have to be set. Is this possible?
All IMGs must be in a storage account that I want
How can I do it? Is there a powershell that I can run when a user needs to use cloudshell? Or which are the minimum permissions to give users for only can create their IMG in storage account that I want.
Looking for detailed steps on configuring an express route from on premise to the cloud as well as providing a way for vnets to communicate with other vnets/on premise?
Are there any prerequisite configurations that need to be done on premise? Do we need any special gateways configured in the Vnets? We will be using several vnets to include: 1) vnet 2- management apps- requires jump servers, 2) vnet 1 - path for traffic from on premise to other vnets, 3) vnet 3- production, 4) vnet 4 - development, 4) vnet 5 - test. All traffic with the exception of management traffic will all pass through vnet 2. Is there a type of virtual router (ie AWS has a virtual gateway which is a SaaS which acts like a router) so that traffic can communicate between vnets in the cloud while allowing for communication with on premise {vnet 1 (all cloud bound traffic except management traffic) and vnet 2 (management traffic like jump servers) would both need to communicate with on premise}?
It seems like there is no such azure offering for a virtual network interface that allow communication between vnets? I only noticed a hub vnet which communicates with the on premise via a express route gateway. This hub and spoke seems to only allow communication with the hub? Wanting to reduce or simplify the cloud peering configurations. (see diagram in the link) We were expecting to have vnet have peering connections to this virtual gateway (which would have to act like virtual router service) allowing for communication between the vnets in the cloud. Vnet 1 ( all traffic expect management) and Vnet 2 ( management) would be the entry point for traffic in the cloud.
dsk
I need that when new users open https://shell.azure.com/ the initial configuration does not have to be set. Is this possible?
All IMGs must be in a storage account that I want
How can I do it? Is there a powershell that I can run when a user needs to use cloudshell? Or which are the minimum permissions to give users for only can create their IMG in storage account that I want.
Hi,
I have a question.
What is difference between vnet peering and vpn gateway.
For example, If I have 2 different regions and I want to connect them with eachother. For this case I have two options. I can enable peering or I can create VPN gateway.
What is difference between in both of them and what is recommended way?
Regards
Hi @all,
I couldn't find a clear answer for 2 questions:
After I enables the synchronization between the Azure AD and the on premise Active Directory,
1. is is possible to change my password either in Azure AD or OnPrem AD and it will work in both direction?
2. is it possible to activate the MFA function for all users independent if they log-on on Azure AD or OnPrem AD?
(I mean do they get a MFA dialog if they log-on on the OnPrem AD?)
Thanks for helping.
George
Hi all,
I have a scenario where we had setup a new x509 Public certificate in the ADFS as Primary certificate. The old certificate was setup as Secondary but wasn't expired. At the same time in the application, the new certificate was added and was enabled together
with old certificate also added and enabled. Following is the series of events that happened after that:
1. All SAML logins got validated in Application using the new x509 certificate until the old certificate got expired.
2. When the old certificate expired, SAML logins stopped working.
3. To get into the Application using SAML, Admin had to disable the old certificate from Application.
4. By disabling the old certificate, users were able to login again using SAML using the new certificate at ADFS side as well as on Application
side.
Question: We can see that SAML logins were getting validated with the new certificate until the old one expired. Why did the expiry of old certificate
caused an issue with SAML logins then? Can somebody please help answering the above question? Thanks.
This is exactly what I did. https://docs.microsoft.com/en-us/azure/advisor/advisor-alertsThe problem is: it doesn't work.
Any inputs please
Hi
I have studied many articles about conditional access policies in azure. But could not understand. Please define me about conditional access policy in easy english and example. thanks
Regards
Hi,
I have installed Azure AD Connect, during the installation I can see few options.
Password Hash Syncronization
Pass through Authentication
Please correct me if I am wrong:
Password Hash Syncronization:- with this option, On-premise password hash and cloud password hash will sync to eachother. means If we will change the password from on-premise, it will update automatically on cloud side. If we will change it from cloud then it will change autmomattically on On-premise side. But authentication will be on cloud?
Pass through Authentication:- please define it for me. thanks
Regards