As a guy who really likes to script things, I was very happy to read this today:

http://blogs.technet.com/b/ad/archive/2015/10/20/azure-ad-powershell-public-preview-of-support-for-azure-mfa-new-device-management-commands.aspx

Firstly, my Powershell scripts / sessions can now be secured using MFA, without having to rewrite my scripts, except those where I built the Credential object with preset credentials….but that’s old anyway.

Secondly, I can now finally manage Registered Devices with the same Module, allowing me to use these commands:

• Get-MsolDevice
• Enable-MsolDevice
• Disable-MsolDevice
• Remove-MsolDevice

You can use either the owner’s UPN or the device ID with these commands.

Now isn’t this awesome?

Azure finally announces full support for all services that use Domain Controllers, natively! No more building your domain controllers on VM’s in Azure, it’s become an actual service with these (and more) features:

• Native support (works like a real domain controller) for all protocols (kerberos, ntlm, ldap)
• Group policies
• Domain joins for devices
• Compatible with and linked to Azure AD
• Priced per hour

If you have your own domain, don’t forget to set up AADConnect with password sync enabled.

And this is a bit inconvenient, but if you’re running on Azure AD only, you’ll have to expire the passwords of all your users first.

But still, a much requested and anticipated feature we can finally start playing with!