Author: John O'Neill Sr.

Creating an Azure AD Conditional Access Policy Requiring MFA for Admins

Browse to (login if prompted). Click Azure AD Conditional Access. Click New Policy Enter a descriptive name such as MFA for Admins. Click Users and groups. On the Include tab, click the Select users and groups radio button, then click the Directory roles (Preview) checkbox. Expand the listbox under Directory roles (Preview). Select the following nine roles: Global administrator SharePoint administrator Exchange administrator Conditional Access administrator Security administrator Helpdesk administrator Password administrator Billing administrator User administrator Click the Exclude tab, then click the Users and groups checkbox. Click Select excluded users, then in the Select excluded users flyout...

Read More

The Case Of Error Enabling Security Defaults for Azure AD

Attempting to enable Microsoft’s shiny new Azure Security Defaults in Azure Active Directory, it’s possible to run into an error “It looks like you have Classic policies enabled. Enabling Classic policies prevents you from enabling Security defaults.” What a bummer considering Security Defaults replace the older Baseline Conditional Access Policies as of 29 February 2020. Enabling Security Defaults is also the easiest way to ensure multi-factor authentication is enabled for Azure administrators. Time to fix this error and enable Azure AD Security Defaults! Browse to (login if prompted) Click Azure AD Conditional Access Under the Manage heading, then...

Read More

Setup FindTime for Exchange Online

FindTime, a nifty little tool from the Microsoft Garage folks, aims to ease the circus surrounding scheduling a meeting. You know, the dance we do until we find a time where all the participants can meet? FindTime essentially uses a survey allowing everyone to vote on proposed times until consensus is reached. FindTime then sends a meeting invite on your behalf. A great tool aimed to prevent us spending more time scheduling meetings than participating in them. Learn more about FindTime at Deploy FindTime to your Exchange Online deployment using the Services and Add-ins blade in the M365...

Read More

The Case of MRS Error Migrating Mailboxes to Exchange Online

Migrations from on-premises Exchange to Exchange Online don’t often occur overnight. In many cases, they take weeks or months to complete. During this time, account passwords often change due to password policies, security initiatives, and the like. If the account password changes for the account assigned to a migration endpoint it will cause new migration batches to fail. Unfortunately, the error doesn’t exactly scream “hey, your on-prem password changed for the migration endpoint account.” It’s a bit more ambiguous with the actual error being: The Mailbox Replication Service was unable to connect to the remote server using the credentials...

Read More

How to keep Azure AD Connect Updated

Azure AD Connect is THE tool keeping many organization’s Azure Active Directory in-step with their on-prem Active Directory. Microsoft updates this tool often, keeping it capable and reliable. Installing an upgrade to Azure AD Connect is usually straight forward following a few simple steps. First thing’s first, determine the current release version of Azure AD Connect, comparing that with what’s running internally. Keep up with Azure AD Connect release versions here: Determine the current installed version of Azure ADConnect is just as easy. Logon to the server where Azure AD Connect is installed, then look in Programs and...

Read More

Translate our Blog

Subscribe to our Blog


Microsoft MVP

Cisco Champion


Veeam Vanguard

Follow me on Twitter

Follow @SuperCristal1 on Twitter