Contents Jump to section
_ _ (_)_ __ | |__ __ _ ___ ___ | | '_ \| '_ \ / _` / __|/ _ \ | | |_) | | | | (_| \__ \ __/ |_| .__/|_| |_|\__,_|___/\___| |_| .dk
iphase.dk
Microsoft cloud notes from a professional on-prem destroyer.
whoami
- Operator
- Michael Mardahl
- Role
- Senior Cloud Architect
- Award
- Microsoft MVP
- Work
- Security, Identity, Intune, Azure
Fresh notes
RSS- Taking Back Control: Windows LAPS and Local Admin Management via Intune
A simple, opinionated guide to deploying Windows LAPS to cloud-native devices and reclaiming control of the local Administrators group using Intune.
- The Outlook Issue That Wasn't Outlook: A NetScaler LAS Licensing War Story
How an Outlook connectivity incident that looked like Exchange or TLS trouble turned out to be a NetScaler license drop after Citrix LAS migration.
- Autopilot Hybrid Entra Join via Entra Kerberos (Preview): The Fix We've Been Waiting For?
A complete guide to the new Entra Kerberos based Hybrid Join. Is it enough to save Hybrid Autopilot, or should we all just go Cloud Native?
- Multi Admin Approval in Intune: Because One Admin Shouldn't Rule Them All
A practical guide to setting up Multi Admin Approval in Microsoft Intune — what it protects, how to configure it, how to harden it with Restricted Administrative Units, and why your future self will thank you for not letting a single compromised account nuke your tenant.
- The IT Admin's Guide to Horses: What Equines Can Teach Us About Enterprise Architecture
A lighthearted exploration of what horses and horsemanship can teach IT professionals about building resilient, scalable, and well-managed enterprise environments.
- No VPN, No Internet: Building a Windows Firewall Kill Switch for FortiClient with Intune
How to prevent Windows 11 devices from accessing the internet when not connected to corporate VPN using Windows Firewall and Intune — and all the things that go wrong along the way.
- Passkeys and the Personal Phone Problem – An MFA Update for 2026
An update on MFA in 2026: Microsoft's mandatory MFA enforcement, passkey types (synced vs device-bound), addressing personal phone resistance, and self-enrollment capabilities.