In the Azure Portal, Azure conveniently allows you to reset the password of the local Administrator on a Virtual Machine. To use this functionality it requires you to enter the username and the new password for this account. All good and well, you’d say. That’s what it is supposed to do after all. Color me… Continue reading Hidden features of “resetting” passwords of VMs in the Azure Portal
Tag: activity logs
Logging User Access Admin elevations to Microsoft Sentinel
This week I was surprised to figure out that elevation logs that indicate a Global Admin becoming a User Access Administrator don’t flow to Log Analytics. It’s not possible to enable diagnostics settings for it. TL;DR I built a Logic App that forwards those logs to Log Analytics so I can have Analytic rules in… Continue reading Logging User Access Admin elevations to Microsoft Sentinel