Security
Security related items and thoughts
Unable To Access OWA Externally Via WAP 2025 – Still Working On It
After upgrading Web Application Proxy (WAP) to Windows Server 2025 you may run into an issue with certain applications that are published via WAP to the Internet. This issue will also happen if you build a net new environment for both WAP 2019 and newer. This post discusses WAP 2025, but the same is more than likely going to happen with WAP 2022
In the below example the AD FS upgrade went well wi… Read the rest “Unable To Access OWA Externally Via WAP 2025 – Still Working On It”
SPF Record Fun
Sender Policy Framework (SPF) is a fundamental component of modern e-mail authentication, designed to reduce the risk of spoofing and phishing attacks. By publishing a DNS record that specifies which mail servers are authorised to send messages on behalf of a domain, SPF allows receiving systems to validate whether an incoming message genuinely originates from the claimed sender. SPF alone does no… Read the rest “SPF Record Fun”
Entra SSPR Failing–Unexpected Error During A Set Password Operation
On-premises users were unable to use Entra SSPR to reset their passwords. This needs to use the Password Writeback feature, and in this case Entra Connect was used. Nowadays there is also Entra Cloud Sync, but that was not an option for this customer. Users were able to access the SSPR page at https://aka.ms/SSPR and successfully go through all of the steps of the wizard. This included the CAPT… Read the rest “Entra SSPR Failing–Unexpected Error During A Set Password Operation”
Defender for Cloud Apps Access Policy Not Applied to Desktop Applications
In today’s hybrid work environment, securing access to cloud applications is more critical than ever. Microsoft Defender for Cloud Apps offers a powerful way to enforce granular access controls using different policies. Organisations want to ensure that only authorised and compliant devices can access sensitive cloud resources. Requiring device compliance can be achieved with Intune as an MDM a… Read the rest “Defender for Cloud Apps Access Policy Not Applied to Desktop Applications”
Migrating to New Entra ID Authentication Methods
On September 30th, 2025, the legacy multifactor authentication (MFA) and self-service password reset policies will be removed and you'll manage all authentication methods here in the authentication methods policy. Use this control to manage your migration from the legacy policies to the new unified policy. Learn more
Traditional Azure Multi-Factor Authentication has served organizations well for ye… Read the rest “Migrating to New Entra ID Authentication Methods”
Save The Date 14th October 2025
The 14th of October 2025 marks another pivotal moment in Microsoft’s product lifecycle, as a large spectrum of very popular and widely deployed software reaches end-of-support. This includes Windows 10 and Windows 11 22H2. On the productivity front, the extended support for Office 2016 and 2019, along with Visio 2016/2019, Project 2016/2019, and server-side tools like Exchange Server 2016/2019, S… Read the rest “Save The Date 14th October 2025”
How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record
Previously we looked at how to use nslookup to retrieve the main Domain Based Message Reporting And Conformance (DMARC) DNS record. One of the often overlooked and behind the scenes aspect of DMARC is that a 3rd party DMARC provider has to actually grant permission for DMARC reports to be sent to them for a given domain. Without that permission, email service providers will not be able to send DM… Read the rest “How To Use Nslookup To Check DMARC External Domain Validation (EDV) Record”
How to View Copilot for Security Prompt Processing Location And Cross Region Details
Data processing and handling considerations must be reviewed as part of deploying any cloud product. With Copilot for Security there are two aspects that need to be fully understood. One is where the tenant’s data is stored. Secondly is where the AI prompts are processed. It may be the case that these are different locations.
We can use the Copilot for Security (CfS) portal https://securitycopi… Read the rest “How to View Copilot for Security Prompt Processing Location And Cross Region Details”
Copilot for Security – Global Admin Required to Enable Microsoft 365 Service Data Access
Copilot for Security has multiple integration points which can be accessed via either:
Standalone experience
Copilot for Security, accessed through https://securitycopilot.microsoft.com, is considered the standalone experience.
Embedded experience
Accessing Copilot for Security embedded experiences in other Microsoft security products is considered an embedded experience.
For the current list of embedded… Read the rest “Copilot for Security – Global Admin Required to Enable Microsoft 365 Service Data Access”