Externsions | Stephen Hackers Blog

26/02/2021

Azure Conditional Access Integration with Google Chrome

By Steve inAzure Security, Cloud Security, Conditional Access, Externsions, Google, Group Policy, Microsoft, Microsoft Azure, Office Apps & Services Tag Azure AD Joined, Azure SignIn, Block, Chrome, Chrome Extension, Google, Join Type, Managed Device, Non Compliant Device, Windows 10 Accounts

Scenario: Anyone using MCAS, Conditional Access, Window 10 Endpoints and Google Chrome.

Challenge: How do you get Google Chrome to be recognised by Azure Conditional Access policies.

Issue : Azure Sign In’s, by default will not see Google Chrome as Azure AD Joined.

Browser = Chrome & Joined Type = [Blank]

However, by default Microsoft Edge does report as Azure AD Joined

Browser = Edge & Joined Type = Azure AD Joined

Solution : chrome://extensions/

Conditions in Conditional Access policy – Azure Active Directory | Microsoft Docs

“For Chrome support in Windows 10 Creators Update (version 1703) or later, install the Windows 10 Accounts extension. This extension is required when a Conditional Access policy requires device-specific details.

To automatically deploy this extension to Chrome browsers, create the following registry key:”

Path HKEY_LOCAL_MACHINE\Software\Policies\Google\Chrome\ExtensionInstallForcelist

Name 1

Type REG_SZ (String)

Data ppnbnpeolgkicgegkbkbjmhlideopiji;https://clients2.google.com/service/update2/crx

Or Add manually

Extension now appears for Windows 10 Accounts show below

Then the next Azure/265 Sign in with show Azure AD Joined using Google Chrome

22/06/2020

Microsoft Azure Security – Study Notes

By Steve inAdvisor, Alerts, Alerts, App Service, Azure AD, Azure Container Registry, Azure Monitor, Azure Security, Blueprint, Cloud & Datacenter Management, Cloud Security, Conditional Access, Content Trust, Cyber Security, Enterprise Security, Enterprise Security, Externsions, Hot Wired IT Solutions, IAM, Identity Protection, Key Vault, Kubernetes, Logs, Management Locks, Microsoft, Microsoft Azure, Networks, Powershell, Roles, Users and Groups, Security & Compliance, Security Center, Storage Tag AZ-500, AZ500, Azure, Azure Security, Exam, Microsoft, Microsoft Azure Security Technologies, Prep, Study Notes

A collection of all my study notes and lab work while working towards passing the badge Microsoft Certified Security Engineer Associate by passing the AZ-500 exam

These notes are in no order and are not focused towards any exam content other than sharing my experience of configuring and automating security within Azure in the run up to the final exam.

24/05/2020

Azure – Install and Configure Antimalware On A Virtual Machine

By Steve inAzure Security, Cloud & Datacenter Management, Cloud Security, Cyber Security, Enterprise Security, Enterprise Security, Externsions, Microsoft, Microsoft Azure Tag Anitmalware, Azure Security, Configure, Deploy, Error, Extensions, Failed, How to, Install Agents, Microsoft

A Virtual machine must be running.

If a virtual machine is stopped your deployment will fail

Note a Charge

Steps to Install Extension for Microsoft Antimalware

Select Virtual Machine > Extensions > New Resource > Microsoft Antimalware > Install Extension

Set date and Scan time is set in minutes from midnight 60 = 1am, 120 = 2am etc

Deployment in progress

Installed and Configuration completed

Category Externsions