Cloud Business Logo - white

Success stories

Our customers come in all shapes and sizes.

We work with organisations from all walks of life, with different ambitions and requirements. Explore how we’ve helped them reimagine everyday, and align technology with their culture and business goals.

What is Microsoft Azure and is it safe?

Many enterprises and SMEs are migrating their IT infrastructure to the Microsoft Cloud. Which begs the question "how secure is Azure?"
View case study >
Azure Active Directory error

AAD Sync Error: Deletion Threshold Reached

Solution to an Azure Active Directory sync error. Learn what to do when the you reach the deletion threshold.
View case study >
Azure Active Directory error

AAD Sync / AAD Connect – Passwords not syncing with attribute filtering

Some AAD Sync and AAD Connect customers using Attribute Filtering are experiencing an error. Learn how to set up a script to automate a full password sync to work around this behaviour.
View case study >

What is Microsoft Azure and is it safe?

More businesses than ever are migrating to the cloud. Companies need more security, flexibility and scalability than ever before, whilst benefiting from lower costs and reducing or eliminating the need to maintain hardware.

Most of the big tech players – and many smaller firms – are providing cloud-based solutions for businesses. You can do everything from file your annual returns to run your telephony systems through cloud software. 

Microsoft, one of the largest, most well-established providers on the market, launched Azure in 2010, an Infrastructure as a Service (IaaS) cloud platform. Over 90% of the US Fortune 500 uses services within the Microsoft cloud. Microsoft Azure is a cloud brand that encompasses over 100 different services where enterprises and SMEs can combine and scale as many services as they need to create the technology infrastructure that their organisations require.

What can we do with Microsoft Azure?

Anything and everything.

Whatever you’ve been running in-house can be moved to the cloud. Made bigger, more secure and more effective. Scale up and down according to operational needs. And most importantly, improve on what you’ve been doing. Save costs and become more efficient. 

  • Infrastructure as a Service (IaaS). Microsoft Azure provides a secure technology environment to create and deploy cloud-based applications. Either create your own – work with an in-house team or external developers – or integrate services you’re already using.
  • Azure also includes Platform and Software (PaaS and SaaS) solutions, making it easier than ever to scale and deploy the technology your organisation needs without complications. It has never been easier, quicker or more cost-effective to create an application and roll it out for team members or customers.
  • Storage and databases. Organisations are producing more data than ever before. Cloud storage is an essential operational feature that most organisations can’t manage without. Microsoft provides a range of solutions, including Virtual Machines (Microsoft or Linux), managed databases, and storage offerings that go down in price when you don’t need to access some of your data very often. 

Azure is plugged into a marketplace of apps and complimentary services. So whether you are looking for a new CRM or design software for the marketing team, chances are you should be able to find it through Azure. Of course, what we’ve outlined here is merely the tip of the iceberg. Ready to start your Azure journey? Find out more about our Azure Migrate packaged services here >

However, before you do, we know you may have a question about security.

How secure is Azure?

As a global technology leader, Microsoft knows it represents an attractive target for cyber criminals and hackers. If they can exploit a weakness, they will. Keeping customers secure is a top priority for Microsoft, which is why they invest $1 billion every year into security, which includes protecting the Azure infrastructure.

Here are a few of the security precautions Microsoft takes to protect Azure customers:

  • Automatic encryption. Everything sent within the Azure environment is automatically encrypted. The Azure network has automatic detection to prevent distributed denial-of-service (DDoS) attacks, similar to some of the largest services on the Internet, such as Xbox and Microsoft’s Office 365.
  • Other safeguards include automated smart traffic monitoring and profiling. It is easier to detect and deflect threats when systems know when something looks out of the ordinary, reducing the risk any threats pose that may have breached external security systems.
  • Smart access control. Management (admin) accounts are run over separate networks than most team members. Managers can also control and restrict access to a limited time period, device, or even a specific document.
  • Microsoft goes to great lengths to protect hardware and firmware, constantly reviewing and revising code, even creating hardware that can automatically detect threats before software is loaded and active. If anything malicious is detected, it can pause software activity until the threat is removed.
  • Azure is the first cloud platform to support both software and hardware-based Trusted Execution Environments (TEEs). TEEs ensure that encrypted data – whether it is stored, in transit or inactive is – safe from unauthorised access and tampering.
  • Operational security is serious business. Microsoft employs 3,500 cybersecurity experts, including 200 who continually look for weaknesses. Any that are found are input into the operational security procedures Azure uses to improve against potential external threats.
  • You don’t even need to worry if you are working off-site and need secure access. With ExpressRoute, you can access to Azure through an encrypted Virtual Private Network (VPN), wherever you are in the world. 

Providing you are always sensible about password use and storage, Azure is one of the most secure working environments that organisations could use for software, data storage and numerous other uses. In fact, it may be more secure than your current on-premise IT infrastructure…

If you would like to talk to us about migrating to the cloud and learn more about Microsoft Azure, please get in touch.

View Case Study

Azure Active Directory error

AAD Sync Error: Deletion Threshold Reached

I ran into a problem recently with a customer running AAD Connect. When we were trying to Export to the Azure Active Directory, the status of the Connector Operations showed “stopped-server-down”.

stopped-server-down

At the same time, I was called by the technical contact who said he had received a strange email from MSOnlineServicesTeam with the following message:

At Thursday, 19 November 2015 13:58:10 GMT the Identity synchronization service detected that the number of deletions exceeded the configured deletion threshold for Company Name [tanantname.onmicrosoft.com]. A total of 789 objects were sent for deletion in this Identity synchronization run. This met or exceeded the configured deletion threshold value of 500 objects.

We need you to provide confirmation that these deletions should be processed before we will proceed.

We are currently completing the rollout of AAD Connect with the customer and helping them remove any erroneous accounts from the scope in order to keep numbers on Office 365 down. Hence the large number of deletions!

Despite the long winded and unclear errors, the solution to this problem is quite simple. You can either disable the threshold completely by running the following command, and provide credentials for a global admin account for Office 365 when prompted:

Import-Module ADSync
Disable-ADSyncExportDeletionThreshold

Alternatively you could change the threshold to allow your changes using the following command:

Import-Module ADSync
Enable-ADSyncExportDeletionThreshold -DeletionThreshold $number

If you do disable your deletion threshold completely, remember to re-enable the threshold again afterwards running:

Enable-ADSyncExportDeletionThreshold

Hopefully this will save you some time when you run in to this issue in your environments!

To have a look at my other blogs on a similar topic, you can see them here;  AAD sync and connect – passwords not syncing with attribute filtering

Book a discovery call advert
View Case Study

Azure Active Directory error

AAD Sync / AAD Connect – Passwords not syncing with attribute filtering

After the release of AAD Sync and AAD Connect (Azure Active Directory Sync and Azure Active Directory Connect) we have noticed several customers using Attribute Filtering are experiencing an error
when bringing people into the scope of synchronisation with the appropriate attribute.Microsoft describe this here as expected behaviour.

Users are moved between filtered and unfiltered scopes

In this scenario, the user is moved to a scope that now allows the user to be synced. This could be when filtering is set up for domains, organisational units, or attributes.

To resolve this, see the ‘How to perform a full password sync’ section of the ‘More Information‘ section.

Below is steps to set up a script to automate a full password sync to work around this behaviour.

The Script

First you need to save a script that contains the code to run a full password sync. This is as follows:

$adConnector  = “addomain.com”

$aadConnector = “tenantname.onmicrosoft.com – AAD”

 

Import-Module adsync

$c = Get-ADSyncConnector -Name $adConnector

$p = New-Object Microsoft.IdentityManagement.PowerShell.ObjectModel.ConfigurationParameter “Microsoft.Synchronize.ForceFullPasswordSync”, String, ConnectorGlobal, $null, $null, $null

$p.Value = 1

$c.GlobalParameters.Remove($p.Name)

$c.GlobalParameters.Add($p)

$c = Add-ADSyncConnector -Connector $c

 

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $false

Set-ADSyncAADPasswordSyncConfiguration -SourceConnector $adConnector -TargetConnector $aadConnector -Enable $true

Once you have this saved on your AAD Connect server you can then set up a scheduled task to run every time there is a successful directory synchronisation (Event ID 114).

First you need to know that this isn’t a bug, and is expected behaviour! Once you know this, the solution is an easy fix.

Hopefully with the above instructions you can save your service desk time troubleshooting password issues in your organisation!

If you’have any other Active Directory problems, have a look here – Error installing Exchange – this user account isn’t a member of the schema admins or enterprise admins group 

Book a discovery call advert
View Case Study

Cloud Business Logo - white
Microsoft Gold Partner Logo - Cloud Business

Cloud Business Limited
8 North Street
Guildford
GU1 4AF

0845 680 8538
hello@cloudbusiness.com

Twitter Linkedin-in
Microsoft Gold Partner Logo - Cloud Business

2023 © Cloud Business Limited
Registered Company in England and Wales 06798438

Technology

Get connected

Work smarter

Stay safe

Who we help

Success stories

Legal

Public sector

Who we are

About us

Leadership team

Technology partners

Work for us

Resources

Blog

Knowledge hub

Get in touch

Contact us