Author: rzomerman

Windows Virtual Desktop – Require MFA – icw Duo Security

MFA for WVD, doesn’t that already exist through Azure AD conditional access? Yes, it does, but its limited to certain scenario’s. With the Azure AD MFA WVD access, you only need to MFA once in order to access any desktop published through WVD. Which got me thinking: what if I want to request an MFA […]

Read more

WINDOWS VIRTUAL DESKTOP – BUILING YOUR IMAGE AUTOMATED (III)

In our previous post we talked about the scripts that can install applications and set settings automatically without even login-on to the system. In this post we will see how we can use those scripts in a JSON file, together with the Azure Image Builder. Within the JSON file we specify which OS we want, […]

Read more

WINDOWS VIRTUAL DESKTOP – BUILING YOUR IMAGE automated (II)

In these last and future posts we will be building an image with the Azure Image Builder. The Image builder takes a standard OS (from the marketplace or your image gallery) and runs a number of scripts against that image fully automated. In this post goes into creating those scripts that the customizer can use […]

Read more

WINDOWS VIRTUAL DESKTOP – Builing your Image (I)

In this post we will build our own image to be used with WVD. Apart from using the Deploy Microsoft 365 Apps by using Remote Desktop Services guide to install Office 365, we will also install Teams (optimized for WVD), Visual Studio Code, set some preferences and copy those to the default profile before optimizing […]

Read more

F5 – LDAP – Active Directory Lightweight Services

Some people have had some trouble with the F5 demo I posted about where we can inject additional HEADERS based on an external LDAP store. While this post specifically goes into setting up the LDAP store for that, it can also be used for any Active Directory LDAP deployment. First let’s start with a standard […]

Read more

DataWiza – Secure Hybrid Access done right

As you might have noticed, the last few posts are all about identity and the so called Secure Hybrid Access solutions. This one fall under that same category and is not sponsored by, but I did get a test account from them…. Active Directory or any identity store is usually used as the primary source […]

Read more

AZURE AD – EXTERNAL IDENTITIES (IV) Advanced flowS

In all our previous posts we had the user sign-up flow take control of the actual creation of the user in Azure AD. The problem with that flow is that if we want to add the user to a group or perform other functions on it (like adding additional attributes) we would have to reply […]

Read more

AZURE AD – EXTERNAL IDENTITIES (III) Custom ATTRIBUTES

In the previous two posts I explained how to connect External Identities to a Logic App. This allows us to define advanced workflows for signing up external users. The power of Logic Apps is virtually unlimited and the built-in connectors can help us with lots of things. I created a logic app that adds the […]

Read more

AZURE AD – EXTERNAL IDENTITIES (II) Logic Apps

First of all, I have a confession to make: I’m not a developer to the extend that I cannot write an API from scratch or any other application that isn’t based on pure PowerShell or VBS scripting. Which means integrating an API into External Identities is going to be a challenge for me. I wish […]

Read more

Azure AD – External Identities (I)

Let’s say you have an application that you want your vendors to access. If this application is Azure AD joined you could create a separate account, you could invite them as a guest using their email address, you can even add their domain name as a connected organization, or you could use external identities. That […]

Read more