People familiar with Microsoft's plans say that the company moving to streamline or remove certain Copilot integrations across in-box apps like Notepad and Paint in 2026, after pushback from users.
There is one last major bit once you have RMM and EDR in place - centralized identify. Until Okta, Ping, Azure, and Google all have a pam module that allows for remote identity management without depending on LDAP, enterprise endpoints are restricted to desktop/server machines (or orgs where you can get a waiver and only have local login).
Google has a variety of IDM methods including Ubuntu Authd and Secure Cloud LDAP. There’s also 3rd party tools like JumpCloud, ScaleOrange, etc.
Okta appears to have ASA and OPA although I’m not familiar with either of them. Ping has PingID and Ping Federate, although again I haven’t used either of them.
So depending on your cloud and needs the IdM / IAM is either available NOW or it will be very soon. 😀
Ohh that’s super exciting. I haven’t realized Microsoft made one.
Okta’s offering was garbage last I attempted to poke it. And 3rd party IAM tooling can be completely hit or miss (and let’s not even start about LDAP over the web…)
I dunno if it’s exciting but I do have and use an Entra joined and InTune managed Linux Mint laptop with a full security stack loaded as described above. It works.
There is one last major bit once you have RMM and EDR in place - centralized identify. Until Okta, Ping, Azure, and Google all have a pam module that allows for remote identity management without depending on LDAP, enterprise endpoints are restricted to desktop/server machines (or orgs where you can get a waiver and only have local login).
Yep but…
Here’s Microsoft - https://learn.microsoft.com/en-us/entra/identity/devices/sso-linux?tabs=debian-install%2Cdebian-update%2Cdebian-uninstall
Google has a variety of IDM methods including Ubuntu Authd and Secure Cloud LDAP. There’s also 3rd party tools like JumpCloud, ScaleOrange, etc.
Okta appears to have ASA and OPA although I’m not familiar with either of them. Ping has PingID and Ping Federate, although again I haven’t used either of them.
So depending on your cloud and needs the IdM / IAM is either available NOW or it will be very soon. 😀
Ohh that’s super exciting. I haven’t realized Microsoft made one.
Okta’s offering was garbage last I attempted to poke it. And 3rd party IAM tooling can be completely hit or miss (and let’s not even start about LDAP over the web…)
I dunno if it’s exciting but I do have and use an Entra joined and InTune managed Linux Mint laptop with a full security stack loaded as described above. It works.