Updates from: 01/20/2023 02:05:22
Service Microsoft Docs article Related commit history on GitHub Change details
active-directory How To Connect Modify Group Writeback https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/hybrid/how-to-connect-modify-group-writeback.md
To configure directory settings to disable automatic writeback of newly created
- PowerShell: Use the [Microsoft Graph PowerShell SDK](/powershell/microsoftgraph/installation?view=graph-powershell-1.0&preserve-view=true). For example: ```PowerShell
- # Import Module
- Import-Module Microsoft.Graph.Identity.DirectoryManagement
-
- #Connect to MgGraph with necessary scope and select the Beta API Version
- Connect-MgGraph -Scopes Directory.ReadWrite.All
- Select-MgProfile -Name beta
-
+ # Import Module
+ Import-Module Microsoft.Graph.Identity.DirectoryManagement
+
+ #Connect to MgGraph with necessary scope and select the Beta API Version
+ Connect-MgGraph -Scopes Directory.ReadWrite.All
+ Select-MgProfile -Name beta
+
+ # Verify if "Group.Unified" directory settings exist
+ $DirectorySetting = Get-MgDirectorySetting | Where-Object {$_.DisplayName -eq "Group.Unified"}
+
+ # If "Group.Unified" directory settings exist, update the value for new unified group writeback default
+ if ($DirectorySetting) {
+ $DirectorySetting.Values | ForEach-Object {
+ if ($_.Name -eq "NewUnifiedGroupWritebackDefault") {
+ $_.Value = "false"
+ }
+ }
+ Update-MgDirectorySetting -DirectorySettingId $DirectorySetting.Id -BodyParameter $DirectorySetting
+ }
+ else
+ {
+ # In case the directory setting doesn't exist, create a new "Group.Unified" directory setting
# Import "Group.Unified" template values to a hashtable $Template = Get-MgDirectorySettingTemplate | Where-Object {$_.DisplayName -eq "Group.Unified"} $TemplateValues = @{}
To configure directory settings to disable automatic writeback of newly created
# Update the value for new unified group writeback default $TemplateValues["NewUnifiedGroupWritebackDefault"] = "false"
+
# Create a directory setting using the Template values hashtable including the updated value $params = @{} $params.Add("TemplateId", $Template.Id)
To configure directory settings to disable automatic writeback of newly created
$params.Values += @(@{Name = $_; Value = $TemplateValues[$_]}) } New-MgDirectorySetting -BodyParameter $params
+ }
``` > [!NOTE]
active-directory Memo 22 09 Multi Factor Authentication https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/active-directory/standards/memo-22-09-multi-factor-authentication.md
The memo requires organizations to change password policies that are proven inef
* Use [password protection](..//authentication/concept-password-ban-bad.md) to enforce a common list of weak passwords that Microsoft maintains. You can also add custom banned passwords.
-* Use [self-service password protection](..//authentication/tutorial-enable-sspr.md) to enable users to reset passwords as needed, such as after an account recovery.
+* Use [self-service password reset](..//authentication/tutorial-enable-sspr.md) to enable users to reset passwords as needed, such as after an account recovery.
* Use [Azure AD Identity Protection](..//identity-protection/concept-identity-protection-risks.md) to be alerted about compromised credentials so you can take immediate action.
aks Azure Cni Overlay https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/aks/azure-cni-overlay.md
Ingress connectivity to the cluster can be achieved using an ingress controller
Like Azure CNI Overlay, Kubenet assigns IP addresses to pods from an address space logically different from the VNet but has scaling and other limitations. The below table provides a detailed comparison between Kubenet and Azure CNI Overlay. If you do not want to assign VNet IP addresses to pods due to IP shortage, then Azure CNI Overlay is the recommended solution. | Area | Azure CNI Overlay | Kubenet |
-| -- | :--: | -- |
+| -- | -- | -- |
| Cluster scale | 1000 nodes and 250 pods/node | 400 nodes and 250 pods/node | | Network configuration | Simple - no additional configuration required for pod networking | Complex - requires route tables and UDRs on cluster subnet for pod networking | | Pod connectivity performance | Performance on par with VMs in a VNet | Additional hop adds minor latency |
azure-monitor Prometheus Metrics Enable https://github.com/MicrosoftDocs/azure-docs/commits/main/articles/azure-monitor/essentials/prometheus-metrics-enable.md
Use any of the following methods to install the Azure Monitor agent on your AKS
- Register the `AKS-PrometheusAddonPreview` feature flag in the Azure Kubernetes clusters subscription with the following command in Azure CLI: `az feature register --namespace Microsoft.ContainerService --name AKS-PrometheusAddonPreview`. - The aks-preview extension needs to be installed using the command `az extension add --name aks-preview`. For more information on how to install a CLI extension, see [Use and manage extensions with the Azure CLI](/cli/azure/azure-cli-extensions-overview).-- Azure CLI version 2.41.0 or higher is required for this feature.
+- Aks-preview version 0.5.122 or higher is required for this feature. You can check the aks-preview version using the `az version` command.
#### Install metrics addon
The output will be similar to the following:
### Prerequisites - Register the `AKS-PrometheusAddonPreview` feature flag in the Azure Kubernetes clusters subscription with the following command in Azure CLI: `az feature register --namespace Microsoft.ContainerService --name AKS-PrometheusAddonPreview`.
+- If the Azure Managed Grafana instance is in a subscription other than the Azure Monitor Workspaces subscription, then please register the Azure Monitor Workspace subscription with the `Microsoft.Dashboard` resource provider following this [documentation](/azure-resource-manager/management/resource-providers-and-types#register-resource-provider.md#register-resource-provider).
- The Azure Monitor workspace and Azure Managed Grafana workspace must already be created. - The template needs to be deployed in the same resource group as the Azure Managed Grafana workspace.