Tag: Step by Step Guides

Microsoft Secure Score - Devices

On this page, I will describe how I implemented my current Microsoft Secure Score on the Devices pillar. This means altering mostly the…

Update your Kerberos configuration with Azure Virtual Desktop (RC4)

Microsoft released that the Kerberos protocol will be hardened by an update coming in April to June 2026 to increase the security. This was…

Getting started with Microsoft 365 Backup

Microsoft 365 Backup ensures that your data, accounts and email is safe and backed up into a separate storage space. A good and reliable…

Microsoft Secure Score - Identity

On this page, I will describe how I implemented my current Microsoft Secure Score on the Identity pillar. This means altering mostly the…

I tested Azure Virtual Desktop RemoteAppV2

Microsoft announced RemoteAppV2 under some pretty enhancements on top of the older RemoteApp engine. This newer version has some…

Getting started with GitHub Pages

With GitHub Pages, we can host some free websites for personal use. This is really great as we mostly already use GitHub to store our code and assets for websites.

Azure Virtual Desktop V6/V7 VMs imaging

When I first chose to use V6 or V7 machines with Azure Virtual Desktop, I ran into some boot controller errors about the boot…

Get notifications when Entra ID break glass admins are used

As we want to secure our Break Glass Accounts as good as possible, we cloud want to get alerts when break glass admins are used to login.

Create HTTPS 301 redirects with Azure Front Door

In this post, I will explain how I redirect my domains and subdomains to websites and parts of my website. If you ever visited my tools…

Everything you need to know about Azure Bastion

Azure Bastion is a great tool in Azure to ensure your virtual machines are accessible in a fast, safe and easy way. This is cool if you…

Upload multiple Github repositories into a single Azure Static Web App

In this guide, I will describe how I host multiple Github applications/tools into one single Static Web App environment in Azure. Ths…

What is MTA-STS and how to use it to protect your email flow

MTA-STS is a standard for ensuring TLS is always used for email transmission. This increases security and data protection because…

Remove Microsoft Print to PDF and OneNote printers script

In this guide, I will show you how to delete the printers using a PowerShell script. This is compatible with Microsoft Intune and Group Po…

Automatically start Windows App at startup

In some cases we want to automatically start the Windows App for connections to AVD and Windows 365 at startup. We can achieve this through different ways which I will describe in this post.

Azure Virtual Desktop FSLogix and Native Kerberos authentication

On this page I will describe how I built an environment with a pooled Azure Virtual Desktop hostpool with FSLogix and using the Entra…

FSLogix and maximum Azure Files security

When using Azure Files and Windows 11 as operating system for Azure Virtual Desktop, we can leverage the highest SMB encryption/security…

Deploy Google Chrome Single Sign On with Intune

When deploying Google Chrome with Microsoft Intune, users still have to manually login with their credentials into Microsoft Online websites.

Disable users' self service license trials

One day I came across an option in Microsoft 365 to disable the users’ self service trials. You must have seen it happening in your ten…

ARM templates and Azure VM + Script deployment

In Azure we can deploy ARM templates (+ script afterwards) to deploy resources on a big scale. This is like an easier version Terraform…

Disable Windows Taskbar Widgets through Intune

Today a short guide on how to disable Windows Taskbar widgets through Intune. I mean this part of the Windows 11 taskbar:

Using and configuring Windows Backup for Organizations in Intune

Microsoft just released a new feature, Windows Backup for Organizations, which is a revolution on top of the older Enterprise State Roaming.

Remove Pre-installed Windows Store Apps with Intune

Since the latest Windows 25H2 update, we have a great new feature. We can now remove pre-installed Windows Store Applications which we…

Solved - ADSync service stopped (Entra Connect Sync)

Customize Office apps installation for Azure Virtual Desktop

When deploying Microsoft Office apps to (pooled) Virtual Desktops, we mostly need to do some optimizations to the installation. We want to…

Automatic Azure Boot diagnostics monitoring with Azure Policy

In Azure, we can configure Boot diagnostics to view the status of a virtual machine and connect to its serial console. However, this must…

How to completely hide language bar/selector Windows 11

One of the small things I experienced in one of the updates for Windows 11 (24H2) is that the language bar/selector get’s automatically…

Wordpress on Azure

Wordpress. Its maybe the best and easiest way to maintain a website. This can be run on any server, and in Azure, we also have great possi…

In-Place upgrade to Windows Server 2025 on Azure

This guide explains how to perform a in-place upgrade WIndows Server on Azure to leverage the newest version and stay secure.

Starting out with Universal Print

Universal Print is a Microsoft cloud solution which can replace your Windows based printservices. It can be used to deploy printers to…

Match AD users using Entra Connect Sync and MSGraph

Sometimes, it is necessary to match an existing local Active Directory (AD) user through Entra Connect with an existing Entra ID user…

Joining storage account to Active Directory (AD DS)

Joining a storage account to Active Directory can be a hard part of configuring Azure Virtual Desktop or other components to work. We must…

Clean up old FSLogix profiles with Logic Apps

Today I have a Logic App for you to clean up orphaned FSLogix profiles with Logic Apps. As you know, storage in Azure costs money and we…

Using FSLogix App Masking to hide applications on Virtual Desktops

In this blog post I will explain and demonstrate the pro’s and features of using FSLogix App Masking for Azure Virtual Desktop. This is a…

Use Ephemeral OS Disks in Azure

In Azure, you have the option to create Ephemeral OS disks for your machine. This sounds really cool but what is it actually, what pro’s…

RDP Multipath - What is it and how to configure?

RDP Multipath is a new protocol for Azure Virtual Desktop and ensures the user always has a good and stable connection. It improves the…

Implement Certificate-based authentication for Entra ID scripts

When using Entra ID, we can automate a lot of different tasks. We can use a script processing server for this task but doing that…

Use Azure Logic Apps to automatically start and stop VMs

With Azure Logic apps we can save some money on compute costs. Azure Logic apps are flow based tasks that can be run on schedule, or on a…

How to implement Azure Firewall to secure your Azure environment

In this article, we are going to implement Azure Firewall in Azure. We are going to do this by building and architecting a new network and creating…

Enhance email security with SPF/DKIM/DMARC

When it comes to basic email security, we have 3 techniques that can enhance our email security. SPF, DKIM and DMARC.

Pooled Azure Virtual Desktop with Azure AD cloud users only

Since the beginning of Azure Virtual Desktop, it is mandatory to run it with an Active Directory. This because when using pooled sess…

Creating Static Web Apps on Azure the easy way

Microsoft Azure has a service called the ‘Static Web Apps" (SWA) which are simple but yet effective webpages. They can host HTML…

Create custom Azure Workbooks for detailed monitoring

Azure Workbooks are an excellent way to monitor your application and dependencies in a nice and customizable dashboard. Workbooks can…

Setup a Minecraft server on Azure

Minecraft is a great game. And what if i tell you we can setup a server for Minecraft on Azure so you can play it with your friends and…

Monitor Azure Virtual Deskop logon speed

Sometimes we want to know why a Azure Virtual Desktop logon took longer than expected. Several actions happen at Windows logon…

Deploy Resource Group locks automatically with Azure Policy

Locks in Azure are a great way to prevent accidental deletion or modify resources or resource groups. This helps further securing your…

Migrate servers with Azure Migrate in 7 steps

This page is about Azure Migrate and how you can migrate an on-premises server or multiple servers to Microsoft Azure. This process is not very easy, but it’s also not extremely difficult. Microsoft hasn’t made it as simple as just installing an agent on a VM, logging in, and clicking the migrate button. Instead, it is built in a scalable way.

AMC - Module 11: Infrastructure as Code (IaC) and DevOps

In this module, we cover Azure: Infrastructure as Code (IaC) and DevOps. This module focuses more on development on Azure, with less emphasis…

Solved - FSLogix release 25.02 breaks Recycle Bin - Azure Virtual Desktop

I tested the new FSLogix 25.02 version and a very annoying bug appeared. “The Recycle Bin on C:\ is corrupted.”

Save Azure costs on Virtual Machines with Start/Stop

With the Azure Start/Stop solution we can save costs in Microsoft Azure and save some environmental impact. In this guide I will explain…

Penetration testing Defender for Identity and Active Directory

In this guide, i will show how to do some popular Active Directory attacking tests and show how Defender for Identity (MDI) will alert…

Deep dive into IPv6 with Microsoft Azure

In Microsoft Azure, we can build servers and networks that use IPv6 for their connectivity. This is especially great for your webserv…

How to monitor your Active Directory with Defender for Identity

Microsoft Defender for Identity (MDI for short) is a comprehensive security and monitoring tool which is part of the Microsoft XDR suite…

Using Azure Update Manager to manage updates at scale

Azure Update Manager is a relatively new tool from Microsoft and is developed to automate, installing and documenting…

Active Directory FSMO roles

Active Directory Domain Controllers are assigned 5 different FSMO roles, which all have their own function. We can separate them over multiple…

Stop OneNote printer from being default printer in AVD

If you have the Office Apps installed with OneNote included, sometimes the OneNote printer will be installed as default…

How to upload PowerShell script to Gallery with Github Actions

Azure VPN Gateway Maintenance - How to configure

Most companies who use Microsoft Azure in a hybrid setup have a Site-to-Site VPN gateway between the network in Azure and on-premises. This…

Set a domain alias for every user in Microsoft 365

In this guide i will explain how to add a alias of a domain to every user in Microsoft 365/Exchange Online.

Configure DNSSEC and SMTP DANE Microsoft 365

This guide explains how to configure the new announced DNSSEC and SMTP DANE security options in Exchange Online.

Automatic AVD/W365 Feed discovery for mobile apps

When using Azure Virtual Desktop (AVD) or Windows (W365), we sometimes use the mobile apps for Android, MacOS or iOS. But those apps rely…

Azure Stack HCI - Host your Virtual Desktops locally

Azure Stack HCI is a solution for Microsoft Azure to host Azure resources on your own hardware and location. This soun…

How to solve DeletingCloudOnlyObjectNotAllowed error Entra Connect Sync

Now and then we come across a problem with Entra Connect Sync which states “DeletingCloudOnlyObjectNotAllowed”. This error looks…

Solved - Microsoft 365 tenant dehydrated

Microsoft will sometimes “pause” tenants to reduce infrastructure costs. You will then get an error which contains “tenant dehydrated”.

Solved: August 2024 updates breaks GPO Item level targeting - user in group

Also impacted by the update where you can’t select users to filter your Group Policies (GPO)? Read this guide for a temporary solution.

Solved - Windows Store applications on FSLogix/Azure Virtual Desktop

By default, Microsoft Store applications are not supported when using FSLogix. The root cause is that Windows stores some metadata that…

Migrate Group Policies to a new server or domain like a pro

Once in a while, we as IT administrators need to migrate our Group Policies of Windows Server to another server. Sometimes to…

Optimize Windows 11 for Azure Virtual Desktop (AVD)

When using Windows 11 on Azure Virtual Desktop (AVD) - without the right optimization - the experience can be a little lagg..

Create a Catch all mailbox in Exchange Online

Sometimes a company wants to receive all email, even when addresses don’t really exist in Exchange. Now we call this a Catch all mailbox…

Microsoft 365 create a shared mailbox with same alias

By default it is not possible to create multiple shared mailboxes with the same name/alias. In this guide i will explain how to reach…

Migrate data to SharePoint/OneDrive with SPMT

This page helps you to migrate to SharePoint or OneDrive with the SharePoint Migration Tool (SPMT). This tool helps automating the…

Using PowerShell remote sessions

In this guide i explain how to use PowerShell remote sessions, what they are and how to configure your systems to use this. Also some…

How to enable Remote Group Policy update

This guide explains how to perform Remote Group Policy updates and how to do the initial configuration needed.

Dynamic group for access to Windows 365

This guide will explain how to create a Dynamic group for access to Windows 365. THis further enhance the deployment of new users.

Dynamic Distribution Groups in Microsoft 365

This guide explains how Exchange Online Dynamic Distribution Groups work, how to create and maintain them with Microsoft 365.

Change Evaluation version to Standard/Datacenter version

When you install a fresh Windows Server Evaluation installation from a .iso file, it will be installing the OS as a Evaluation version…

Bulk create Active Directory users with Powershell

This page will share a PowerShell script to create bulk AD users with Powershell. Click here for more information…