Productivv

IT | CLOUD | RELIABLE

Offboard device from Microsoft Defender for Endpoint

Offboard device from Microsoft Defender for Endpoint using Mobile Device Management tools

  1. Get the offboarding packet from Microsoft 365 Defender portal
    1. Navigate to Settings => Endpoints => Device management => Offboarding
security microsoft
  1. Extract the script on the client
windows defender offboarding script
  1. Run the script as administrator
script

Resources:

Offboard devices from the Microsoft Defender for Endpoint service | Microsoft Learn

Onboard Windows devices to Defender for Endpoint using Intune | Microsoft Learn

Configure Cisco AnyConnect with SAML (Azure)

Configure Cisco AnyConnect on Cisco Meraki MX firewall with SAML authentication from Azure

AZURE

  1. Log in to Azure Portal and select Azure Active Directoryazureportal
  2. Select “Enterprise Applications”
    enterprise applications
  3. New Application
    newapplication
  4. In the Add from the gallery section, type AnyConnect in the search box, select Cisco AnyConnect from the results panel, and then add the app. 
  5. Single Sign On
  6. SAML
    saml
  7. Edit Section 1
    section1
    1. Identifier (Entity ID)  – https://firewallname-qpjgjhmpdh.dynamic-m.com/saml/sp/metadata/SAML 
    2. Reply URL (Assertion Consumer Service URL) – https://firewallname-qpjgjhmpdh.dynamic-m.com/saml/sp/acs
  8. SAML Signing Certificate, Download Federation Metadata XML filecode

CISCO MERAKI

  1. Go to your Network
  2. Select “Security & SD-WAN” => Configure => Client VPN
  3. Second tab “AnyConnect Settings”
    1. Enabled
    2. Leave the default AnyConnect Port to 443
    3. Authentication Type => SAMLsaml
    4. AnnyConnect Server URL, same as the hostname but with “https://”annyconnectserverurl
    5. Upload the Federation Metadata XML file from step 8 in the previous sectionsdf

ASIGN USERS / GROUP

  1. Choose left in the menu for “Users and groups” => Add usersdf
  2. Select “Users and groups”
  3. Assign

Resources

AnyConnect Authentication Methods – Cisco Meraki

AnyConnect Azure AD SAML Configuration – Cisco Meraki

Exchange Online: Upgrade DKIM keys to 2048-bit

Manuallly upgrade existing DKIM keys from 1024-bit to 2048-bit

Connect to Exchange online using powershell

Import-Module ExchangeOnlineManagement
Connect-ExchangeOnline

Upgrade key to 2048-bit

Rotate-DkimSigningConfig -KeySize 2048 -Identity {domain name}

Example

Rotate-DkimSigningConfig -KeySize 2048 -Identity productivv.be

Result

Get-DkimSigningConfig -identity productivv.be | Select Selector1KeySize

This new 2048-bit key takes effect on the RotateOnDate, and will send emails with the 1024-bit key in the interim. After four days, you can test again with the 2048-bit key (that is, once the rotation takes effect to the second selector).

Get-DkimSigningConfig -identity productivv.be | Select RotateOnDate

Sources:

Connect to Exchange Online PowerShell | Microsoft Learn