In order to setup Azure MFA as Primary Authentication with ADFS, this does require you to move to Azure MFA (cloud-based version). I have not deployed Azure Multi-Factor Authentication Server (on-prem/hybrid version) in a few years for anyone as pretty much everyone I work with has moved on to cloud-based Azure MFA. Feature parity is pretty close to the same at this point and in my opinion, the days of Azure MFA Server on-prem are numbered. If you’re still on the on-prem Azure MFA Server, it is very easy to migrate to the cloud-based Azure MFA.  I’m going to assume you have a working ADFS environment already that is federated with Azure AD using Azure AD Connect for this blogpost for a step by step guide.

1. Log into your ADFS server. In my example, I am using ADFS 4.0 with a Farm Behavior Level (FBL) set to 3 which means Windows Server 2016 and an Active Directory 2016 schema. You can always run the PowerShell cmdlet “Get-AdfsFarmInformation” on your ADFS server to show your FBL version. Go ahead and open the AD FS console:

​Azure Application Gateway is a web traffic load balancer that enables you to manage traffic to your web applications. Traditional load balancers operate at the transport layer (OSI layer 4 – TCP and UDP) and route traffic based on source IP address and port, to a destination IP address and port.

​Prerequisites

• The NSG on the Application Gateway subnet and the backend server is allowing inbound access to ports 65503-65534 (v1 SKU) or 65200-65535 (v2 SKU) from “Internet.”
• The NSG on the Application Gateway subnet and backend server subnet must allow port 443 from any source.
• The User Defined Route (UDR) on the Application Gateway subnet is set to the default route (0.0.0.0/0) and the next hop is specified as “Internet.”
• The Application Gateway Subnet must be associated with the UDR.
• The next of the public IP address range of the Application Gateway must be specified as “Internet.”
• The Application Gateway must not connect a virtual network which as a default route advertised by an ExpressRoute/VPN connection to a virtual network over BGP.
• The custom DNS server is configured on a virtual network that must resolve public domain names.
• For a public IP, you can create a new public IP address or use an existing public IP in the same location as the application gateway.
• For a private IP, you can specify a private IP address from the subnet where the application gateway is created.
• You configure SSL policy to control SSL protocol versions. You can configure an application gateway to deny TLS1.0, TLS1.1, and TLS1.2. Leave it default.

​We know that renaming a Channel in Teams breaks the associated SharePoint link. It creates a new folder in SharePoint but when you access the files from Teams, it takes you back to the original folder.  Confusing and messy!!

However, I have a process to rename a Channel in Teams without breaking the link to SharePoint.

Before I change things, I want to show how my current Team is setup.

​We all know by now that we can invite guests in Microsoft Teams if the settings are in place.  Well, that depends on how settings are configured in your tenant.

As you can see that guest access is enabled in Microsoft Teams Admin Portal.  And, yes, this setting has been enabled for several weeks.

​When Teams owners or members invite guests from public Teams, they get this message:

​Teams owners share the same experience as the image above when trying to invite guests from private Teams.

​I ran into something I have not experienced before when creating a new Teams channel.

Aside from not being able to add these special characters (~#%&*{}+/\:<>?|'”..), I discovered that Teams allows only 50 characters for “Channel name”.

In my example below, it truncates “This is a very long channel description with 50 characters” to “This is a very long channel description with 50 ch”

This solution is based on the letsencrypt-webapp-renewer. It uses the same core library than the Azure Lets Encrypt site extension, but it is run as a WebJob. It can (should) be installed on its own web app, and supports multiple target websites.

The author of the letsencrypt-webapp-renewer has made thorough instructions, so I won't copy them here. When granting the service principal rights, you may want to only add Website Contributor and Web Plan Contributor instead of Contributor rights. The only thing needed in addition to those instructions is the support by the web app itself.

As you may already know, the Office 365 Video service is being replaced by Microsoft Stream.  If you have been using Office 365 Video to publish videos, you can now start migrating it to Microsoft Stream using the self-service migration tool. If you don’t see it, you can request to register your tenant using the form available here https://aka.ms/O365VideoEarlyMigration

When you logon to your Office 365 Video portal you will see the migration banner to start the migration process

This will open a new window (https://web.microsoftstream.com/officemigration)

This is one of the most controversial topics of SharePoint Online and everyone seems to have a theory. For some it works like a charm and they never get to experience the pain while others even open up tickets with Microsoft Premium Support and still the issue remain unresolved.

Yes i am referring to the great file attachment and upload sizes. When you go online to look for the right answer, all you get is confusion with out dated information. For example old articles, new ones, One Drive for Business sync tools, classic vs modern and you will get unsure exactly what sizes to recommend to a client. So, I decided to do some testing with various large dummy file sizes around what I was reading the limitations to be. The results were close to Microsoft’s article, but with a very interesting caveat .

There are a few factors when you want to know max file sizes:

• Classic interface
• Modern interface
• List Attachments
• Document Libraries
• Drag and Drop
• Upload Multiple