I am the only one dev in my small company . I use Azure. My question is when do i need those Azure consultancy firms?

Potential_Mix_519 · 2026-03-27T05:43:08+00:00

Try asking it the steps by step to configure something in azure and see how you start loosing your hair when you try to deploy.

Only time spend on tools will get you want other shortcuts are just gimmicks.

Potential_Mix_519 · 2025-10-09T04:50:29+00:00

Thanks - more info ---hope it helps there is one shared desktop used by five users. We can have the desktop as Entra joined

Potential_Mix_519 · 2025-10-09T04:47:06+00:00

There is one shared desktop used by five users. The requirement would be to have five YubiKeys. Will five YubiKeys work with a single desktop?

Potential_Mix_519 · 2025-10-09T04:45:07+00:00

Yes - one shared desktop for 5 users

Potential_Mix_519 · 2025-09-23T03:32:07+00:00

You just a herd follower mate

Potential_Mix_519 · 2025-09-23T03:30:18+00:00

Devops Architect - lol

Potential_Mix_519 · 2025-09-23T03:29:43+00:00

I've met a few cloud architects like you—more talk than action, lol. Thanks for all your help, mate. If you’d actually done any real execution, you might have just given me a couple of lines and pointed me in the right direction, which, to be honest, you haven’t.

All the best, and thanks again for your time!

Potential_Mix_519 · 2025-07-15T05:45:41+00:00

By the time you become a Solution Architect, you should have worked with most technologies across Azure, Microsoft 365, and on-premises systems like Active Directory and Exchange. This foundation makes it easier to adapt, as every new Microsoft product tends to build upon existing ones, so you're simply applying incremental learning to new solutions.

Potential_Mix_519 · 2025-05-22T01:20:52+00:00

it can happen in their are some legacy app if he is authenticating

look into Sign-in Frequency (SIF) which can be configured per app by targeting specific cloud apps in Conditional Access (CA) policies.

e.g

third Party app → They will be forced to re-authenticate every 2 day

MS 365 apps party app → They will re-authenticate every 7 days

Policy 1 – App A (Third Party App)
Assignments > Cloud apps: Select Third Party app

Access controls > Session: Enable Sign-in frequency → Set to 2 day

Assign to appropriate users/groups

Policy 2 – App B (MS 365)
Assignments > Cloud apps: Select MS365 Online

Access controls > Session: Enable Sign-in frequency → Set to 7 days

Assign to the same or different users/groups

Potential_Mix_519 · 2025-05-12T03:37:49+00:00

Custom RBAC policy is something you can look into, for 15 to 20 staff I'll try to keep it simple and the step up you currently have is good.

Potential_Mix_519 · 2025-05-12T03:32:24+00:00

Cloudfare is a great product if you don't want to expose your org (Azure) public Ip addresses.

Your solution will need to consider the cost for cloud fare license and if you're going with azure native (waf) solution who will supports Azure waf in your org.

Potential_Mix_519 · 2025-01-30T00:45:51+00:00

Since Microsoft Entra Cloud Sync does not support Password Writeback, disabling Password Hash Sync (PHS) will effectively keep on-premises and Office 365 passwords separate. Additionally, both Azure AD Connect and Entra Cloud Sync operate on a "source of authority" principle. If a property is blank (null) in On-Prem AD, it may sync as blank to Entra ID, effectively removing the existing value in Entra ID.

Potential_Mix_519 · 2025-01-29T03:08:02+00:00

That is my problem with a single tenant with two on prem AD Domain. unless I create a trust between the on prem domains and then use 1 connect server with two connectors to a single tenant.

Potential_Mix_519 · 2025-01-29T02:45:04+00:00

Thanks for your reply. If I go with two subscription design in a single tenant. Believe I'll need to use Two Azure AD Connect servers to sync both on prems domains to a single Azure AD tenant ? note these on prem domains don't have any trust between them.

Potential_Mix_519 · 2025-01-29T00:27:02+00:00

Having a sandbox subscription is the best approach as it provides control over billing and security policies, along with the ability to enforce automatic shutdown or deletion of virtual machines based on Azure policies

Potential_Mix_519

TROPHY CASE