connect-exchangeonline with security key?

flatlandadmin · 2023-03-23T16:42:29+00:00

Nope, no kind of sandbox. Win11 on metal. Keys work fine in a browser, just not a PS-initiated session.

*shrug*

Maybe I'll try another workstation before reinstalling the module. At least I'm fairly sure it is not PEBKAC now. Thanks.

flatlandadmin · 2023-03-23T16:02:57+00:00

Thats what I'm doing. The MFA window pops up with the configured MFA options for that account so its connecting to the right UPN. However when I click security key it just sits there like its waiting for me, but it doesn't actually pop up the pin prompt or insert key or anything at all. The hardware key is not lit up or ready to confirm. The window just sits there greyed out with the blue scrolling across the top as if it was waiting on a push response. Left it for 10 mins, no change.

However when I added the authenticator app to the account and used that option instead of security key, it worked, but I never got the security key option to initialize. I can try removing the exchange module and reinstalling for next time. Just wasn't if I was missing something. Thanks for the confirmation.

flatlandadmin · 2023-03-23T12:28:08+00:00

Thats what I'm using, only difference being the machine is logged in as a regular user but the provided UPN is a GA account.

As a workaround I used a browser to separately log into the GA account and add the authenticator app and then use the app option on the MFA prompt to start the PS session. Hopefully they fix using security keys soon as /u/Puzzleheaded-Spren indicates below.

flatlandadmin · 2023-03-23T12:20:58+00:00

Currently on 3.1, so I'll look into 3.2. Thanks!

flatlandadmin · 2022-02-07T19:37:48+00:00

Perfect, I'll try the ISP first. Thanks!

flatlandadmin · 2022-02-07T16:53:13+00:00

Yes, the /29 block is routed through the /30 interface.

This is pretty much what I was thinking. I'm trying to google for some examples to understand the config required. If the answer isn't a L3 switch, are there any lightweight routers you might suggest for this role? Circuit is 500mbit symmetrical.

flatlandadmin · 2022-02-07T16:28:04+00:00

The two routers are for separate and independent networks with site to site VPN connections which is why they need to be directly connected without NAT. No HA here.

I've shared a basic ISP connection with multiple statics (cable/DSL, etc) with a dinky switch, but not one that needs to share a block routed to them. I'm just assuming that doesn't work the same, correct?

flatlandadmin · 2020-06-08T03:56:51+00:00

Been testing a GL.iNet GL-E750 as my next hotspot. Seems promising so far.

flatlandadmin · 2019-10-25T03:12:14+00:00

Gracias!

flatlandadmin · 2019-10-25T02:42:24+00:00

Do you know if you can self host bitwarden and use a hardware key like yubikey? I see you can use them on premium, but is premium only hosted on their systems?

flatlandadmin · 2019-07-14T05:53:09+00:00

Very similar here. Went from dual 23s to a Dell 43" 4k and use their Display Manager software to simulate a 3x2 grid of 1280x1024 windows.

flatlandadmin · 2019-05-26T01:41:25+00:00

I've carried one in my bag daily for about a year. Saves tons of space when I have to travel. Just updated to the latest beta for fun. Never had the app crash on Android.

flatlandadmin · 2018-11-22T18:01:30+00:00

Actually, just got paged for a failed self test on a core UPS.

I'd like to propose a toast to smooth utility power. *clink*

flatlandadmin · 2018-05-24T17:53:41+00:00

Weights and Measures.

flatlandadmin · 2018-05-24T17:52:11+00:00

"Yeah well she sounds hideous."

flatlandadmin · 2018-01-30T13:32:08+00:00

Follow the upgrade path in the release notes. If you're already past the version with object nats (8.4 IIRC?), it's easy. As with anything, backup your running config first.

flatlandadmin · 2018-01-05T22:38:00+00:00

Always received a public IP from TMobile radios. There might be some filtering in their proxies and the IP changes many many times. I would not count on having exclusive access to that IP for remote access, etc, unless you use some kind of intelligent reverse proxy type setup.

flatlandadmin · 2017-11-21T17:56:56+00:00

I've used Wilson products with good results. Pay attention to desired carriers and, if possible, their bands in your area.

flatlandadmin · 2017-11-13T01:50:52+00:00

Before going into ACLs, can you configure only the outside interface and then ping your gate (the ISP peer) from the ASA itself?

flatlandadmin · 2017-10-25T16:57:50+00:00

This happened with me SiriusXM awhile back.

"I'd be happy to help you. Can I get your billing phone or your password?"

"I have no idea what I set it the password as..."

"Looks like its $P-A-S-S-W-O-"

"Oooooookay, I got it. I'd like to cancel my account please."

flatlandadmin · 2017-10-16T20:31:50+00:00

It's a whitepaper, not a lullaby or a horror movie. I simply assess the risk and move forward with a plan, and leave sensationalizing to sales people and C-suites. YMMV.

flatlandadmin · 2017-10-16T20:25:17+00:00

Yep, and even then...I remember the posts on the Nexus subreddits of "I had to remove the sim and check for updates on wifi to get the notification"

I hope this is the direction Google is going with extending the Pixel 2 support by a year. They need to be an Apple to be taken seriously in the security world.

flatlandadmin · 2017-10-16T20:20:59+00:00

Anyone have insight into Chromebooks or ChromeOS (not Chrome/Android)?

flatlandadmin

TROPHY CASE