Howtos – Page 2 – Ryan Dorman's IT Blog

Azure AD Conditional Access Standard

By Ryan Dorman | June 24, 2021June 28, 2021 by Ryan Dorman

Based on the excellent work in this blog article I implemented a standard for conditional access that we plan to use across clients. It attempts to balance the security lock down with breaking as few things as possible. You need to create and populate the following groups CA-Excluded No Conditional Access rules applied to members CA-Service Accounts Can only authenticate from trusted IP named locations CA-International Users Users who can connect from pre-defined trusted countries…

Howtos

Creating a Secure Boot UEFI compatible Windows USB Key

By Ryan Dorman | January 20, 2021June 24, 2021 by Ryan Dorman

Background Creating a USB bootable Windows key with Rufus results in a system that can’t startup with Secure Boot which is required for proper BitLocker activation. UEFI/Secure Boot USB sticks must be FAT32 not NTFS formatted. FAT32 volumes have a limit of 32GB. You must partition the device with a volume smaller than 32GB to proceed. FAT32 volumes have a file size limit of 4GB. One of the Windows installer files is over 4GB and…

Howtos

Palo Alto GlobalProtect HIP Checks on iOS with JAMF

By Ryan Dorman | November 24, 2020December 19, 2020 by Ryan Dorman

If, like me, you use Palo Alto GlobalProtect to ensure the safety of your network you may wish to extend that protection to iOS devices like iPhones and iPads. One of the best features of GlobalProtect is HIP checks which can ensure that only devices that meet your management and security standards can connect to your VPN. In order to facilitate HIP checks with iOS devices you must use MDM to push the VPN profile.…