SendGrid, forwarding and DMARC policy

We have recently deployed a strict DMARC policy (p=reject; sp=reject) on our domains. While this adds greater security while sending e-mail and prevents spoofing, we noticed that certain mails forwarded within our organization stopped coming in.

Continue reading “SendGrid, forwarding and DMARC policy”

Azure AD Connect, group-based licensing and proxy addresses

We have had the group-based licensing option available in preview for over a year. While this service is in preview, it makes provisioning hundreds of users from Active Directory really simple.

You simply create users in your on-premise Active Directory, assign them a valid User Principal Name, add them to the correct group and then sync them with Azure AD Connect, right? Not that fast cowboy!

Continue reading “Azure AD Connect, group-based licensing and proxy addresses”

Best practices for managing students in Active Directory

For quite a long time, we have been running a local service called which primarily focused on providing SSO experience for various systems at schools (primary and high schools) along with automatic synchronization with the school’s information system. Throughout the time we have hit a lot of edge scenarios, and compiled a best practices guideline.

Continue reading “Best practices for managing students in Active Directory”

Protip: Assigning section level permissions in OneNote

When you have a OneNote notebook shared with an entire group or site in SharePoint (or with few people in OneDrive for Business) you might want to be able to set permissions on a section or section-group level. While this functionality isn’t for some reason available directly from the UI, it is definitely possible. Read on to learn how!

Continue reading “Protip: Assigning section level permissions in OneNote”

Azure AD authentication for SSH

To be honest, managing authentication in Linux for multiple users/admins can be a huge pain. Different companies use various tools – generally, they use a centralized tool to distribute developer’s SSH keys. This can still be a pain, however if the company has Azure AD (or Office 365), why not to use those accounts for authentication?

Continue reading “Azure AD authentication for SSH”

Setting up ADFS with Azure AD as Dynamics 365 Identity Provider

In previous article, we have looked at the possibility to connect Dynamics 365 on-premise directly with Azure AD, which is on one hand really cool, on the other, it doesn’t provide all the features like mobile apps integration. In this article, we are going to explore a production ready solution by leveraging Active Directory Federation Service and Azure AD as a Claims Provider Trust.

Continue reading “Setting up ADFS with Azure AD as Dynamics 365 Identity Provider”

Using Azure Active Directory for SSO with Dynamics 365 On-Premise

While Dynamics 365’s documentation is full of articles and tutorials about setting it up with Active Directory Federation Services, there is no mention of using Azure Active Directory for Single Sign On. Many replies in communities say that this is not possible, but today we are going to prove them wrong.

Continue reading “Using Azure Active Directory for SSO with Dynamics 365 On-Premise”