AADSTS50131: Device is not in required device state

Banner for blogpost on how to resolve aadsts50131 error

The error "AADSTS50131: Device is not in required device state" is not encountered every day. But when it does occur, many are often at a loss. Not least because this error and its cause is hardly documented or difficult to find. You can find out how to fix the AADSTS50131 error here.

Defender for Servers without Azure Arc

Header for Blogpost "Defender for Cloud without Azure Arc

If you want to protect your servers from cyber threats, you may be relying on Defender for Servers from Microsoft, a leader in the Gartner Magic Quadrant. Microsoft has now announced the direct onboarding of Defender for Servers without Azure Arc and is now officially available. Direct onboarding is a new feature that allows you to add the servers you want to protect to Defender for Servers without needing Azure Arc for Servers. In this blog post, I'll explain what this means, the benefits of this option, and who can benefit from it. I will also compare the new option with Azure Arc for Servers.

Protecting AAD identities with the right MFA method

It's no secret: cyberattacks are becoming more frequent and more sophisticated. But even the simplest techniques often lead the attackers to success. After all, the weakest link in the defense against cyber attacks is the human being. In this post, I show how you can protect Azure Active Directory (AAD) identities with the right MFA method without neglecting the human factor. Not only is the security aspect important to consider, but also user acceptance.

Azure Files and Kerberos Support - A Cloud Story

AZ Files and Kerberos - Header

Back in 2021, Kerberos support for Azure AD was available as a preview. A lot has happened since then and the three-headed hellhound continues to make its way and shake up the cloud. This article is a collection of information on what Azure AD with Kerberos and Azure Files already provides and where the journey will go. This is because support for Azure Files with Kerberos has also recently been publicly communicated, although at the time of writing this article it is still in preview.

Application Gateway WAF v2 Custom Rules

Header - AppGW WAF v2 Custom Rules

The Application Gateway WAF v2 has brought some new features compared to v1, including the ability to create "WAF Custom Rules". In this short article I would like to discuss these "Custom Rules" and show how you can successfully create them. I have added some hints to the article that are difficult or impossible to find in the Microsoft documentation.

Free SSL Certificate for your Azure App Service

Azure App Service Free SSL Cert

As is generally known, all services on the Internet must be encrypted. The SSL certificates of your trusted provider serve this purpose. Such certificates are often not inexpensive and / or associated with recurring administrative effort due to their renewal. However, Microsoft offers a free SSL Certificate for your Azure App Service. In this article, I go into more detail about the advantages and disadvantages. In addition, you can find a HowTo video on how to get a free App Service Certificate yourself or read about it directly at Microsoft Docs.

Automatically audit and deploy Azure Resource Locks with Azure Policies

Banner - Auto Azure RG Lock with policies

You can create resources very easily on the Azure platform. This is great, but it also provides a few risks. For example, you can delete resources or entire environments just as easily. What is very helpful for tests and demos can be very dangerous for integration and production environments. So you don't have to manage this manually, I wrote an Azure Policy code. This defines the automatic auditing and provisioning of Azure Resource Locks with Azure Policies.

ARM template deployment – Hub and Spoke with Bastion

ARM Template Hub and Spoke with Bastion

With an Azure Resource Manager (ARM) template, you can create a specific infrastructure on Azure with the click of a button. The template defines the infrastructure as code and Azure is thereby told the target state of the resources. I have created such a template and published it via Github. The ARM template deployment includes a hub and spoke network topology with a central Azure bastion for secure access to VMs. This post shows you step by step how to use the template for yourself.

en_GBEnglish