Microsoft 365 security, Intune, and Entra ID
for enterprise IT teams.
// real production experience, documented from the field, so you skip the trial and error.
Himanshu Arora has spent 11+ years in the Microsoft ecosystem — from frontline cloud support at a Microsoft vendor to delivering enterprise-grade M365 security, Intune, and Entra ID projects for organisations globally. He documents everything: the real fixes, the actual scripts, and the root causes that never make it into the official docs.
From the blog.
Field notes from real production work on Microsoft 365, Intune, and Entra ID. Short, practical, no marketing fluff.
Microsoft 365 PowerShell authentication failures: three bugs, one fix.
The Graph SDK and Exchange Online module fight each other in three different ways: an MSAL assembly clash on PowerShell 5.1, a Graph SDK module load failure when the order is reversed, and a confirmed SDK bug where v2.34+ device-code tokens cache as null. A test matrix across PS 5.1 and PS 7, and the certificate-based fix that works in every order.
read post →How I Built a PowerShell Toolkit That Audits Your Entire Microsoft 365 Tenant in Minutes
Two PowerShell scripts that connect to your tenant via certificate-based app authentication and produce self-contained HTML reports. Tenant audit covers identity, email, endpoint, app registrations, and licensing. Mailbox report shows per-mailbox storage with quota tracking.
read post →WLapsAdmin or Administrator? Auditing Windows LAPS at fleet scale.
The reason some devices show Administrator instead of WLapsAdmin in the recovery portal is one Windows 11 build number nobody talks about. The end-to-end Microsoft Graph PowerShell audit, with cross-reference, OS eligibility, and the per-device account name lookup Microsoft blocks in bulk.
read post → New · M365 Audit Toolkit: PowerShell scripts for tenant security and mailbox auditing →