Browsed by
Author: nbonnet

RPO and RTO

RPO and RTO

The RPO and RTO RPO and RTO are part of the disaster recovery policy. It’s very important to understand the difference between RPO (Relative Point Objective) and RTO (Recovery Time Objective). The RPO is the maximum time we allow ourselves to lose. This time can be expressed in minutes, hours or, in the worst case, days. This is the time between the incident and the last backup. In the case of a very short RPO, several daily backups will be…

Read More Read More

Send Organizational messages

Send Organizational messages

This features permit to send important messages to employees. They need have a Windows 11 PC managed by Intune. It’s an interesting features for remote and hybrid work scenarios. The message is send to Azure AD users and the delivery status can be tracked.

Manage Tape drive

Manage Tape drive

The 3-2-1-1-0 rule The availability of the IT system and the integrity of the data is an important point not to be neglected. The tape drive is therefore an essential part of the backup system.The 3-2-1-1-0 rule is a good practice that should be followed. This involves 3 : Keep three copies of the data. One copy concerns the “primary” data, the other two are two backups. This prevents data loss in the event of a location malfunction or data…

Read More Read More

Migrate MFA & SSPR

Migrate MFA & SSPR

Why migrate MFA and SSPR Microsoft has announced the depreciation of historical portals. All DSIs have until January 2024 to proceed with the migration. We will see in this post how to operate this migration step by step. The migration can be done respecting its own schedule with a deadline of January 2024. Please note that the process is fully reversible. The tenant-wide MFA & SSPR policies can continue to be used during the migration. A user group is used…

Read More Read More

Windows LAPS with Intune

Windows LAPS with Intune

Overwiew of Microsoft LAPS Windows LAPS or Local Administrator Password Solution is a Microsoft tools used by the DSI team for manage local password. The password of the local administrator password can be modify and stored in Active Directory and Azure Active Directory. It’s a fantastic tools for on-premise or Hybrid AD Join computer. The computer can be configured by Microsoft intune. With Microsoft Intune, the Windows LAPS CSP (Configuration Service Provider) must be used. If you save the password…

Read More Read More

Veeam for M365 v7

Veeam for M365 v7

New features implemented Veeam for M365 v7 gives you the possibility to manage your data in M365. You can backup and recovery Exchange, Sharepoint, OneDrive for Business and Microsoft Teams. This version of Veeam for Microsoft 365 offers a number of new features Integration with Veeam ONE v12 A new integration with Veeam ONE v12 is inmplemented in this version. It’s now possible to have visibility and control of the Veeam for M365 in veeam ONE. More than 10 alarms…

Read More Read More

Endpoint Privilege Management

Endpoint Privilege Management

Intune Endpoint Privilege Management is an interesting feature, he permit to a standard user (so without administrator rights) the possibility to elevate privileges if needed. The policy of least privilege is respected. Prerequisites Endpoint Privilege Management require Intune suite or standalone licence.

Group Policy analytics

Group Policy analytics

The GPO analytics tools The Group Policy anlytics tools is a very interesting tools if you want migrate to the modern management and configure computer with Intune. He offer few scenarios Analyzes on-premise GPOs Validate if the parameter configured by Active Directory GPO is supported by Intune (configured through Intune) Verify if any setings in the GPO is deprecated or not available Export a GPO From the Group Policy Management console, expand domain name and click on Group Policy Objects.

Upgrade to veeam v12

Upgrade to veeam v12

Backup configuration Veeam v12 is now officaliy available. We can see on this post the upgrade of the version of Veeam v11 to v12) and the upgrade of the database (SQL to PostGreSQL). The upgrade has performed on the same server. If you have installed Veeam Backup Enterprise Manager, you need to upgrade it before.

Administrative units in Azure AD

Administrative units in Azure AD

Administrative units is an Azure AD features. She contains only users, groups or devices and permit to restrict permissions in a role. One user can be members of multiple administrative units(by division and country for example.