Nathan McNulty

April 15, 2025 8 min read Blog

Comprehensive Guide to Configuring Advanced Auditing

This post provides everything you need to ensure Advanced Auditing is fully configured and auditing everything we possibly can for both existing and new users. I recently shared guidance for this via social media (see below), and it felt like a perfect time to revisit my previous posts and combine everything into one comprehensive guide :) You likely aren't collecting all available events to the Unified Audit Log First, not all events are enabled or retained optimally. Consider creating this policy in the Purview portal (leave users and record types blank to collect everything). Retention is based on license... pic.twitter.com/IEKKfrkpI8

April 3, 2025 4 min read Blog

Managing Restricted Groups with Access Packages

Access Packages Entitlement Management Entra PIM

👮 Restricted Management Admin Units (RMAU) in #EntraID Hackers HATE This Hidden Entra ID Feature Most Admins Never Use@NathanMcNulty breaks it down for us 👇 🎧 Get the full podcast episode at https://t.co/gnvH23WorW pic.twitter.com/nxBwCQ6BwS — Merill Fernando (@merill) March 29, 2025 I recently had a chance to discuss Restricted Management Administrative Units (RMAUs) with Merill, and one of my favorite uses for these is to protect groups that are used in Conditional Access policies so they aren’t accidentally modified or deleted. I’m also a big fan of using Access Packages to control membership of these groups for things like exclusions from geofencing policies, user action policies, blocking policies, etc.

March 27, 2025 1 min read Media

Entra Chat with Merill Fernando

It was such an honor to join Merill Fernando on Entra Chat, and I hope to join him again in the future. Be sure to check out Entra Chat: https://entra.news/p/operational-groups-in-entra-with

March 29, 2024 1 min read Media

Trimarc Happy Hour

I had a great time hanging out and talking about a little bit of everything with some of the Trimarc folks. Thanks to Brandon for inviting me on! :)

May 4, 2023 6 min read Blog

Lab - Certificate Authority Setup

PKI Azure

This step-by-step tutorial is ideal for those looking to experiment with Certificate Authority setups in a lab environment. Learn how to configure an offline CA using OpenSSL, use it to sign an Enterprise ADCS Intermediate CA, and publish CRLs in an Azure Static Web App.

May 1, 2023 9 min read Blog

Intune - Microsoft Tunnel VPN Gateway

Intune

Note This article was last updated on 01/30/2025 for readability and updated URLs. I am working on updating this for the UI changes that have been made to Intune :)

April 22, 2023 7 min read Blog

Azure Automation - Device Cleanup v2

Entra Azure Automation

Note This article was last updated on 01/30/2025 for readability and updated URLs. We no longer need to manually load modules as shown, and this article will be completely overhauled to include backup of LAPS passwords and BitLocker keys to Azure Key Vault as well :)

April 5, 2023 6 min read Blog

Intune - Discover Defender AV exclusions using Proactive Remediation

Intune Defender

Note This article was last updated on 01/30/2025 for readability and updated URLs. I am working on updating this for the UI changes that have been made to Intune :)

April 3, 2023 2 min read Blog