SendGrid, forwarding and DMARC policy

We have recently deployed a strict DMARC policy (p=reject; sp=reject) on our domains. While this adds greater security while sending e-mail and prevents spoofing, we noticed that certain mails forwarded within our organization stopped coming in.

Continue reading “SendGrid, forwarding and DMARC policy”

Azure AD Connect, group-based licensing and proxy addresses

We have had the group-based licensing option available in preview for over a year. While this service is in preview, it makes provisioning hundreds of users from Active Directory really simple.

You simply create users in your on-premise Active Directory, assign them a valid User Principal Name, add them to the correct group and then sync them with Azure AD Connect, right? Not that fast cowboy!

Continue reading “Azure AD Connect, group-based licensing and proxy addresses”

Best practices for managing students in Active Directory

For quite a long time, we have been running a local service called which primarily focused on providing SSO experience for various systems at schools (primary and high schools) along with automatic synchronization with the school’s information system. Throughout the time we have hit a lot of edge scenarios, and compiled a best practices guideline.

Continue reading “Best practices for managing students in Active Directory”

Protip: Assigning section level permissions in OneNote

When you have a OneNote notebook shared with an entire group or site in SharePoint (or with few people in OneDrive for Business) you might want to be able to set permissions on a section or section-group level. While this functionality isn’t for some reason available directly from the UI, it is definitely possible. Read on to learn how!

Continue reading “Protip: Assigning section level permissions in OneNote”