The increasingly widespread use of SaaS email service providers such as Exchange Online, G-Suite, Amazon SES, SendGrid and others is a challenge for email administrators. To prevent emails to customers from ending up in the spam filter or not being accepted at all, a proper configuration of DMARC, DKIM and SPF is mandatory.

Especially with SPF, it is easy to simply add all the ‘include’ entries of the third-party providers. However, this can also backfire if, for example, the maximum number of DNS lookups (10) or the maximum length of a TXT DNS record (255) is exceeded. Especially with include the effects are not always directly visible, because many services themselves also use include to organize the IP ranges.

If you receive the following error message when accessing a user object in Entra ID (Azure AD), this can have several causes.

The most obvious cause is: The necessary permissions are missing.

But what if the corresponding Entra ID (Azure AD) role groups have been assigned and are active?

Microsoft 365 E3, Office 365 E3, Business Basic or F3? Which license package includes which features and how do the add-ons differ?

Microsoft’s license bundles are numerous and can quickly become confusing. Very few customers are likely to know all the features that their license package includes.

And even as a consultant, the question “Can I use feature x in plan y?” is not always answered ad hoc.

Dan Chemistruck of Infused Innovations has created a wonderful overview of the current Microsoft 365 plans and shares that information in this blog post or also as a (non-downloadable) Excel file. The Excel file includes even more information on add-on pricing.

On Tuesday, April 13th, I will be speaking at the Cloud Management User Group London virtual meetup. The topic of my talk is “Phase out Legacy Authentication”.

It is the first Meetup of the User Group and this is organized by Dean Ellerby, Andy Jones and Simon Lee. You can find the User Group on Twitter and Meetup.

Agenda

All times are in CEST

The error

You are using the sign-in feature on a Windows virtual machine in Azure with Azure Active Directory authentication, and users receive the following error message when they sign-in.

BitLocker provides a convenient way to encrypt the hard drive on computers running Windows 10 Professional.

A YubiKey is my choice for passwordless sign-in to Entra ID (Azure AD).