imageIf you recently deployed Microsoft Defender for Identity on your Domain Controllers and haven’t gone through all the prerequisites, you may find that you receive health alerts indicating NTLM Auditing is not enabled.

You can also enable NTLM Auditing on your Domain Controllers if you are planning to deploy Microsoft Defender for Identity.

Read at the link below for instructions on how to enable NTLM auditing via Group Policy to elevate the effectiveness of your Microsoft Defender for Identity deployment.

Posted by: kurtsh | February 19, 2023

INFO: Microsoft Security Best Practices Resources

I had planned on writing something similar to what’s below however this was a such a good roundup, I shamelessly stole the following from Jiadong Chen, Microsoft Cybersecurity MVP.

imageMicrosoft is leading the way in security best practices with their comprehensive reference materials, such as the Microsoft Cybersecurity Reference Architectures, Microsoft cloud security benchmark, the Cloud Adoption Framework, and Microsoft security best practices provide valuable guidance on how to best protect systems and data in the cloud. In this post, I’d like to share some of the key Microsoft security best practices resources that can help ensure your organization’s security!

Diagrams and sections in MCRA are a key source of security best practices for many topics including:

  • Zero trust user access, security operations, multicloud and cross-platform capabilities, operational technology (OT), attack chains, technical capability coverage, Azure native security controls, and security roles and responsibilities.

To rapidly adopt Zero Trust in your organization, RaMP offers technical deployment guidance organized in these initiatives:

The MCSB provides security best practices for Microsoft Azure, on-premises datacenters, and other cloud providers, including two types of guidance:

Cloud Adoption Framework can help you get started with several different getting started guides, of which security is an important component.

Assess your Security Journey for Cloud Adoption. Receive actionable considerations to improve your security posture.

Helps accelerate security program modernization with reference strategies built using Zero Trust principles

Recently, Jeff Woolsey, Microsoft Principal Program Manager for Windows Server & Hybrid Cloud, in what can only be described as a fit of frustration Smile, posted this information to his followers & it’s worth repeating:

  1. Do not put Domain Controllers on the open internet. 
    Do not put Domain Controllers on the open internet. 
    Do not put Domain Controllers on the open internet.
    Here’s some additional helpful guidance for securing Domain Controllers:
    Securing Domain Controllers Against Attack
  2. You should run all domain controllers on the newest version of Windows Server that is supported within your organization. Organizations should prioritize decommissioning legacy operating systems in the domain controller population.
  3. Keeping domain controllers current and eliminating legacy domain controllers, allows you to take advantage of new functionality and security. This functionality may not be available in domains or forests with domain controllers running legacy operating system.
  4. What is the impact of upgrading the Domain or Forest Functional Level?
  5. At this point in time, your domain controllers should all be running at Windows Server 2016 Functional Level. There’s a good chance that future AD features will require a 2016 DFL. To learn more about Active Directory Functional Levels see:
    What Are Active Directory Functional Levels?
  6. Q: Are their any concerns about upgrading Domain or Forest Functional Level
    A: No. In a review over a decade of support calls, NOT ONE involves a case where changing the Domain or Forest Function Level was responsible as the root cause of any issue.
  7. How to raise Active Directory domain and forest functional levels:
  8. Best Practices for Securing Active Directory
Posted by: kurtsh | February 15, 2023

EVENT: Azure CosmosDB Conf – March 28, 2023

imageCheck out what’s being announced at #AzureCosmosDBConf!

Azure Cosmos DB Conf is a free virtual developer event co-organized by Microsoft and the Azure Cosmos DB community.

This is our third Azure Cosmos DB Conf. Sessions will be a combination of Microsoft and community delivered. Come and learn more about Azure Cosmos DB. See what others in the community are building.

March 28, 2023 8:00AM PT – 11:00AM PT 

Pre-Register Now:

Posted by: kurtsh | February 15, 2023

TRAINING: Microsoft Training & Certification for Students

imageDo you have students that are looking for a career in technology?

Are you a student looking for resources on how to get ahead with Microsoft technology?

Microsoft Student Summit
A good place to start is the Microsoft Student Summit 2023, a 90 minute virtual event the week of March 20 to help build your skills and experience on the Microsoft Cloud. Students and tech career seekers should register now to attend a session in your timezone.

image“Student Hub” and more
Additionally, the following resources are available from Microsoft for students interested in careers in tech:

imageLearning Pathways is a a collection of self-guided learning journeys to help you with your ongoing professional development.

These guides are one-page overviews that are HYPERLINKED and show the available training available for the subject.  They act as learning companions to the Enterprise Skills Initiative and are available in the following categories:


  • Azure Administrator
  • Azure VMWare Solution
  • Azure Solution Architect
  • Azure Network Engineer
  • Stack Hub Operator

Data & AI:

  • Data Skills (Aspiring Analyst)
  • Power BI Data Analyst
  • Data Engineer
  • Azure Synapse Analytics
  • Azure Database Admin
  • Azure Data Scientist
  • AI Engineer
  • Microsoft Purview


  • Security Operations Analyst
  • M365 Security Admin
  • Azure Security Engineer
  • Identity and Access Admin
  • Information Protection Admin
  • Microsoft Sentinel


  • Azure Developer
  • Azure DevOps
  • GitHub Learning


  • Microsoft Cost Management
  • Digital Skills > Cloud
  • Microsoft Teams


  • Azure for AWS Architects
  • Azure for AWS Developers
  • Azure for AWS SysOps

To download the guides. visit:

imageMicrosoft is seeing impact from Viva Goals and we are working with many clients to do the same.

Here’s what Ian Story, Directory of Product Development for SharePoint Syntex at Microsoft, has to say about working with our OKR tools.

“All businesses need to have objectives and key results to understand how they’re doing, particularly in times where we have to do more with less. In a business like mine – Microsoft Syntex – we see that OKRs save us time and keep alignment when we are all very busy. We use Viva Goals to track our OKRs and make sure that we’re staying on track, optimizing our investments, and driving business performance for Syntex while we help all our customers achieve more.”  

Read more about how Microsoft Viva is being developed and deployed at Microsoft:

#microsoftsyntex #syntex #microsoftteams #vivagoals #okrs

Posted by: kurtsh | February 13, 2023

NEWS: Microsoft & Artificial Intelligence Announcements

MicrosoftOpenAITimelineMicrosoft has made 6 major announcements in the past few weeks regarding artificial intelligence.

  1. Microsoft OpenAI partnership
  2. GPT & Bing & Edge
  3. GPT & Viva Sales
  4. GPT & Teams Premium
  5. Microsoft on Responsible AI
  6. General availability of “Azure OpenAI Service”

Additionally, Microsoft previously announced exclusive licensing of GPT-3 language model.

For State & Local Government decision makers, the opportunity is excellent:

Azure has made OpenAI services available in “commercial” tenants:

There’s been lots of coverage from the press.

imageA new paperback book that examines the use of Generative AI for State & Local Government scenarios was released earlier this month:

"Generative Artificial Intelligence Use Cases in State & Local Governments" is a groundbreaking book that explores the numerous ways in which AI can be harnessed by government entities at the state and local levels to enhance their operations and services.

The book provides a comprehensive overview of AI technologies and their potential applications, including:

  • predictive maintenance
  • fraud detection
  • budget forecasting
  • grant application review
  • and much more

With real-world case studies and examples of AI deployments, the book illustrates the tangible benefits that can be achieved by incorporating these technologies into government operations.

The book also provides practical guidance on how to plan and implement AI projects, including best practices for data management, ethical considerations, and how to foster collaboration between AI practitioners and government officials.

Whether you are a government executive, an AI professional, or simply interested in the role of technology in the public sector, this book is an essential resource for anyone looking to understand the future of AI in state and local governments.

Get the book here on Amazon:

imageSome organizations have users that switch computers often and require the use of Microsoft 365 Apps such as Word, Excel, PowerPoint, etc.  Each time they switch computers, one of their 6 license activations are used… until there are no more activations are left.

If this becomes a problem for your users, the user that’s “maxed out” their Microsoft 365 Apps installations may “deactivate previous device installations” that have been used on their own.
Deactivate an installation of Office – Microsoft Support

If you have an Microsoft 365 subscription, you can sign out of Office on a PC or Mac remotely from any web browser to deactivate the installation. Because Office will sign you out of devices automatically to stay within your sign-in limit, there’s no longer a need to use this process to free up installs. For more info, see How sign in works in Microsoft 365.

Note: Signing out of Office doesn’t uninstall Office, remove Office documents, or cancel your Microsoft 365 subscription.

Alternatively, you may leverage Microsoft 365 Apps via “Shared Computer Activation”.
Overview of shared computer activation for Microsoft 365 Apps – Deploy Office | Microsoft Learn

Shared computer activation lets you deploy Microsoft 365 Apps to a computer in your organization that is accessed by multiple users. Here are some examples of supported scenarios:

  • Three workers at a factory share the same physical computer, with each worker using Office on that computer during their eight-hour shift.
  • Fifteen nurses at a hospital use Office on 10 different computers throughout the day.
  • Five employees connect remotely to the same computer to run Office.
  • Multiple employees use Office on a computer that’s located in a conference room or some other public space in the company.
  • Multiple users access an instance of Office that is hosted through Remote Desktop Services (RDS).

Shared computer activation is required for scenarios where multiple users share the same computer and the users are logging in with their own account. Normally, users can install and activate Microsoft 365 Apps only on a limited number of devices, such as 5 PCs. Using Microsoft 365 Apps with shared computer activation enabled doesn’t count against that limit.

« Newer Posts - Older Posts »