Welcome to Cloud Scholars Channel ! I created this channel to help other like minded people increase their knowledge in the cloud. The two main technologies that I focus on are Microsoft Azure and Microsoft 365.
This page is for:
People looking to get into technology. (scholars)
You're going for a certification and need help understanding a topic.
Looking to improve your skillset and learn how to do a specific task for work. (IT professional)
I have 15+ years of experience working in technology and I love to work in the cloud. This page helps me further my education as well so we get to learn together which is pretty cool.
I'd like to thank you for stopping by and I hope you find the content valuable. I'm looking forward to providing you some great material. My goal is to get you from scholar to consultant and consultant to expert!
One thing about technology, you are always learning.
Пікірлер
Got everything configured, AD synced, etc. The only thing I cannot seem to get to work is if I set a user account to "User must change password at next logon" on my on-prem DC, when they log into M365, it does not prompt them to change their password. I have been through every setting in Entra. Googled to high heaven, and M365 never prompts the end-user to change their password. We have a lot of sales people who are on the road and never step into the office so we want them to still change their password when our password policy kicks in. Any insight would be greatly appreciated.
I've run into the same problem as well. They don't get reminded because their technically not logging "on-prem". There is a script that I used in the pass that will check last time they changed their password and send out an email 14 days in advance(you can change the reminder) before the password expires. Unfortunately I don't remember the script but you will need to have it running on your domain controller and use a service account "[email protected]" that has access to send emails.
Thank you so much could you do using azure resources terraform real time scnarios for interview purpose thank you once again😊
what about the vnet description
You can add that if you want to.
@@cloudscholars im getting error of size not available, no matter wat size i choose in east us
Can you get the size when you do it from the console rather then powershell?
@@cloudscholars no at that time also vm configuration is failing
how to do email alert for this account ????
I have a video for this kzread.info/dash/bejne/pJutxbGppcaWeZs.htmlsi=UsTXpS1SAgGV-6H_
Excellent! very well explained about Azure Break Glass account and credential management.
Again, simple and to the point!!
Glad it helped. Please hit the like button for me. Helps with the algorithm.
many thanks for the video; it is really simple and easy to follow. thank you!
Glad it was helpful!
Simple and to the point!
That’s why I do it. Pleas like and subscribe if you haven’t.
So if you have like 300 kay vaults you download them one by one manually?
I’ve never had to manage 300 key vaults before. May have to find another route for what you need.
I'm an IT professional from the 90s, and unlike before, there's now an overwhelming amount of information available. However, finding the time to upskill while maintaining a work-life balance is challenging. Creating concise and to-the-point videos is incredibly valuable and appreciated. Thank you for this video
Thank you for the kind words. Please like and subscribe if you haven’t done so yet. This helps me with the algorithm.
i think when you deleted locations under Conditions > Network condition got deleted
This was a walk thru explanation. My goal was more to explain setups and talk through it.
3:16 for the actual video lmao
Nevermind, 5:12
Was there a question? Not sure what your comment meant.
@@cloudscholars No question, i just got frustrated by how 5 Powershell commands got stretched into a 10 minute video, ain't nobody got time for that lolz
Sorry about that. I try to explain things in the video. I understand, you want to get straight to the point. Hope you got what you needed tho.
How often does periodic reauthentication reset though? If a user walks away, comes back, and unlocks their PC, would that cause the timer to reset and restart? I am working on an unmanaged device policy.
Periodic reauthentication reset depends on the setting you apply. No that timer is associated to your group policy object. This is for last time a user authenticated from a cloud sense. Like a browser session. You can do 8 hours to make sure your users authenticate each day. This is good for security in the event a laptop gets stolen. That browser session would persist allowing the robber access to company data.
Thanks very much, this was really well put together and well communicated. Nice one mate!
down with the ship!
oooh this is a good one. straight to the point and curryfree!
Awesome. Thanks for the lesson. I had an issue with IE Enhanced Security blocking me at the Authentication with a blank sign-in popup. Turned both off for perform and good to go.
You're welcome!
wow real simple & good explanation
Glad you liked it
First of all, thank you very much for the video. After applying the procedure, how long does it take to update?
Thank you!
You're welcome!
Unfortunately, there is no Regex supported yet. This solution is only a workaround that would get more complicated the more parameters you have for name conventions.
Thanks man
You're welcome! Please like and subscribe if you haven't.
So when you say Repot-only mode not applied, do you mean that if we enable the policy to ON, it will grant access or block access?
Denis The Menace was under Report-only Mode, when you check the insights or sign-in logs , how do we conclude that if we enable this policy 'ON' , In future it will block or grant access? (just a little bit confused at this point)
Report only mode will not enforce any actions. Putting the policy "On" will enforce actions. Report only mode is basically an audit mode.
great vid, thanks
I’m preparing for my az-900 exam and this video is the best video demonstration of azure storage accounts, thank you very much for the clear and concise explanation.
Glad it was helpful. Please like and subscribe. Helps me out with the algorithm.
The governance identify license is $7 per user per month. Very expensive license! Again. Thank you for this wonderful video!
lol yes it is expensive. Glad you liked the video. Please share on your social media and subscribe. Helps me grow the page.
Would you please tell me that, can we collect which URL hit my VM in the VM logs?
You using these VMs as a web server?
Great content. What if you don’t create the dynamic group and just choose the guest only in scope?
Yeah that should work. I like to use dynamic groups.
Is there a way to set this up and use a client other than the Azure VPN Client? The client is awful!
lol there are other clients but I've only used the Azure one.
Are you still able to see the list of keys and secrets from the Azure Portal when doing that ?
secrets are only shown once then they are masked.
@cloud scholars Also as you mentioned last point , difference between backup and download. Where it is given in azure as two different? Only one option is download backup; and another option is restore backup.
@cloud scholars As you told Restore backup is not possible if not same subscription or not same region. But it was able to do using between east us and west us. So does that mean East US and West US aren't two different regions?
Thank you for this. I have a lap that I'm learning. Let me ask. Why did you select "Block" when setting up the 2nd "sign-in" risk policy? I didn't understand the reason behind it? Shouldn't it be allow?
I changed it to allow. The system wouldn't allow me to block it. In a production environment I would do allow with a password change.
No BS, clear and concise. Loved it. Thank you very much.
I try to make my videos as straightforward as possible. People want the info given to them. Please if you haven’t like and subscribe. I’d appreciate if you can share as well. Thank you!
Hi, thanks for sharing informative video, I want to add multiple statements for other admin roles as well, I'm new to kql so plz guide
You can do that from the office 365 side. Alert policies
@@cloudscholars well, I found the way. However alerts policy under compliance and security center are limited to Exchange and SharePoint permissions, that's why without P2 wanted to achieve through Log Analytics Alerts.
Thanks, how to estimate LA size requirement if we have many more CA policies. what is recommended retention for better result from workbook.
sorry for the late response. Are you following any regulatory compliance? That will help you with your retention policies.
thank you really helpfull is there a trick to gettign the server on prem to synch up iam synching down from azure but not up
are you doing writeback?
@@cloudscholars oh no I’ll Google that thanks
Sorry I thought this was for an ad sync video. This is for file sync. Can you provide me more details of the issue?
Wonderful man.
Thankyou.
Dude, great video. bunch of good advice in here.
Glad you liked it! Please subscribe for more content.
My org is having an issue with remote users (Intune) changing their passwords in Azure AD (SSPR), but not syncing to their local machine (they have to use their old password to log into the laptop -- Windows + L is not updating it, reboot isn't helping). Which sync mechanism runs for that? Thanks for your video. It helped me understand some of the inner workings that I had no clue about :)
Did you enable write back in Entra AD Connect?
@@cloudscholars Everything was working last week, so whatever mechanisms needed to be configred were. The issue would more likely be that something/a service or process was turned off, not working now, maybe due to a user or service account. I will have an administrator check Entra AD Connect further. Was told it was running, but something's gonna be off...any other place you can suggest to look? Is Entra AD Connect (or something specific inside it) what controls getting an updated password cache onto remote AAD machines?
@@thumper300zx did you figure this out?
Great video. One thing that was unclear to me is why you set the Action Group Region to Global and not match it with the Resource Group region? Thanks for your help!
You should create the Azure AD App Registration through Terraform, then create the Azure AD Service Principal for that that App Reg in Terraform. You will then pull the client_secret from the SP from Azure Key Vault in your TF code, no exposing client credentials in the TF code.
You probably already knew that.
"PromoSM" 😞
My membership type option is grayed out. Do I need to do something to turn it on?
What license do you have?
Nice sir.
Glad you liked it! Please subscribe if you haven't.
Thanks!!
Welcome!
Thanks man, very helpfull!
Glad it helped!
thank u for the video but when we use the script in the file share connect ?
Can you be more detailed with your question? I’m not following.
@@cloudscholars when we creat the service on connect blade there is a script we use it on the VMs to connect them to the file share
Very clear and to the point. Thanks for sharing