Last Weekly Round-Up of August!

August comes to a close with a couple of dry spells from me. I had the audacity to take vacation and then went deep into the weeds on a couple of early Windows 365 deployments, and while the world soldiered on, it left me with little time to chase those wonderful product threads. But I'm back!

The Windows 365 webinar was a huge success, and we've launched a QuickStart Engagement to get customers up & running with 30 days of free licensing. I'm looking forward to following up with next month's webinar covering all the management aspects of both that and Azure Virtual Desktop, which I aim to have running in the same tenant. And spoiler alert: I also got a Windows 365 Business SKU to run in the same environment, so we're going to absolutely drain the list of available Microsoft offerings for virtualized PC's in the cloud.

Microsoft's Windows Team published updated system requirements for Windows 11, along with a second crack at the readiness tool. The list didn't change much, but a couple Intel chips got added. AMD's list did not change.

I really hope to have some exciting news soon around whether or not Windows 365 actually has to be Hybrid Azure AD-joined, but while we wait for that answer, let's prepare for the eventual desired state of 'no' and get back to decoupling cloud resources from that legacy AD. To that end, there's a great 9-part series ramping up at MSEndpointMgr.com covering every aspect of enabling SSO from AADJ devices to AD. It looks to be pretty exhaustive, and there's definitely an element of "scale up to scale down", but this is definitely the way I think most organizations should be thinking about future investments in Active Directory. Speaking of directories, some may know that I'm obsessed with attributes. Your user accounts that only have firstname/lastname/emailaddress? Those keep me up at night. There are hundreds of little attributes starving right in front of you! Give them love! Addresses, managers, organizational details, all sorts of wonderful things that can be used instead of groups to define access in your environment! Looks like attribute enforcement is coming to Identity Governance! It appears I'll be able to expose a number of attributes for guest users to fill out themselves. This fills me with glee and existential dread, because if they spell the attribute value wrong, it'll require some babysitting. For instance, get-azureaduser -Filter "City eq 'Richmond'" will not return anybody who spells it "Rihcmond".

Oh and speaking of PowerShell commands, that command above is part of the AzureAD module that uses AAD Graph. AAD Graph itself is scheduled for retirement in June 2022, so start retooling your scripts and anything else that uses AAD Graph and ADAL authentication library now. If you're not sure how this impacts you, here's an explainer, a script for checking your usage, and a migration checklist. Expect the Microsoft news outlets to start running a little lean over the coming month because they're going to want to have lots of cool stuff to announce at Ignite! Yep: back on the calendar for the 2nd time this year, and free and virtual again, Ignite will be November 2 - 4. Sign up and let's plan a watch party!

 

Comments