Michael Mardahl

Michael Mardahl

Cloud Architect @APENTO | Microsoft MVP | Swiss Army Brain

Ballerup, Denmark

Michael is a dual Microsoft MVP in the "Enterprise Mobility" and "Security" categories.
He holds a plethora of Microsoft certifications and the title of Cloud Architect with the Microsoft Elite Partner APENTO, in Denmark.
He specialises in customer journeys from classic Infrastructure to Cloud consumption with a strong focus on security and identity. He has been a Microsoft IT Pro for more than 25 years, where he started as a Network Administrator in the logistics industry after getting his degree.
His career has led him to work within industries that requires a heavy focus on legal and regulatory compliance worldwide.
Michael was very early to adopt the Microsoft cloud technologies and blogs passionately about them on MSEndpointMgr.com


Area of Expertise

  • Information & Communications Technology


  • Enterprise Mobility and Security
  • Identity and Access Management
  • Microsoft 365 Security
  • Cloud Security
  • Azure Security
  • IT Security
  • Information Security

SSO to domain resources from Azure AD Joined Devices

In this session we will cover the basic concepts of Kerberos Authentication from Azure AD Joined Devices. An overview of the synced attributes that are required with the PRT to enable Kerberos and NTLM will help you understand if your environment is setup for SSO. We will also deep-dive in the logs, show some tools you can use to troubleshoot Kerberos and also demonstrate the requirement for SSO with Kerberos when using Windows Hello for Business. At the end of the session, viewers should have a good understanding of the mechanics of SSO to domain resources from Azure AD Joined Devices.

Secure your hybrid workforce with Intune and Windows 11

Windows 11 delivers the most secure experience for all Windows Devices, hybrid, virtual or Cloud, but only if they are managed correctly!!
In this session we're going deep on how you should use the new security features like Advanced Phishing Protection, Device Control, Windows Autopatch but also know features like Application Guard, Application Control and more as they are heavily underutilized.
In this session you will see lots of demos of how to use these feature with Windows 11, Windows 365 and Microsoft Intune.

ChatGPT: The Secret Weapon for IT Pros Who Hate Repetitive Tasks

As an IT professional, you know firsthand how tedious and time-consuming some tasks can be. That's where ChatGPT comes in. This state-of-the-art language model can help you automate and streamline your work with Microsoft Endpoint Management. In this session, we'll show you how to use ChatGPT to free up your time for more important things (like, you know, actually enjoying your job). So come join us and discover the power of ChatGPT - just don't be surprised if we throw in a little bit of wit and humor along the way and pull you into the fire.

What you will learn:
- Skynet is NOT here (YET)
- GPT models can help with tedious typing and initial build of scripts
- ChatGPT is SUPER fun if understood and used correctly
- You are not going to be out of a job!

Cloud Kerberos Trust: The Ultimate SSO Solution for On-Prem Resources

Are you tired of juggling multiple login credentials for your on-premises resources? Well, we've got some good news for you! Microsoft MVPs Michael Mardahl and Ben Withmore are here to introduce you to the world of Cloud Kerberos Trust - the ultimate single sign-on (SSO) solution for your on-premises resources. With Cloud Kerberos Trust, you can use your Azure AD credentials and Windows Hello for Business to seamlessly access your on-premises resources. No more complicated Enterprise PKI systems, Azure AD takes care of the heavy lifting and converts your Windows Hello for Business sign-in into a Kerberos ticket. So join us for a fun-filled journey as we dive into the world of Cloud Kerberos Trust and explore its endless possibilities!

What you will learn:

- The evolution of Windows Hello for Business and how Cloud Kerberos Trust fits into the picture

- How to enable Cloud Kerberos Trust, with live labs and demos

- The ins and outs of Kerberos and how tickets play a crucial role

- Tips and tricks for troubleshooting broken Cloud Kerberos Trust configurations

This session will be developed by us, one we get confirmed for the event.
We promise to put on a good show!

Unlocking the Power of Azure AD with Enterprise App Single Sign-On and App Proxy

Maximize security, compliance and user experience by leveraging Azure AD Enterprise Apps.
In this demo-packed session, you'll learn how to use Azure App Proxy and Single Sign-On to securely manage and grant access to web apps that don't support Modern SSO. Say goodbye to manual login headaches and hello to a more streamlined, secure access solution. Discover the full potential of Azure AD Enterprise Apps beyond the gallery apps and consider replacing your VPN solution.

Some orgs. think they know these features. but countless meetings tell me they don't. and they always end up saying WOW. and Now we don't need VPN for everyone any more!
I will give real good examples that are useable in almost all companies right now.

Modernising Authentication Methods like a Boss

In this session, we will explore the process of modernizing authentication methods in Azure AD, focusing on strategies and best practices for migrating away from the classic MFA and SSPR portals.

We will discuss the benefits of the new centralized management approach, such as improved security and simplified management, and how it can help organizations meet the changing needs of today's workforce.

Attendees will learn about key considerations for planning and executing a migration to the new Azure AD portal, including how to assess and prepare for the impact on users and IT staff.

We will also cover best practices for troubleshooting common issues and maintaining compliance during the transition.

This session will provide a detailed-level overview of the new centralized management approach and will be a demonstration and talk about authentication strategies.

This will be almost like a free consulting session, with tons of knowledge sharing and reassurances of how all the gears turn.

Microsoft Ignite 2022 Afterparty

Identity Governance new features - lifecycle workflows etc.

November 2023 Copenhagen, Denmark

WorkPlace Ninja Summit 2022

September 2022 Luzern, Switzerland

NIC X Edition

June 2022 Oslo, Norway

NIC 2020

Troubleshooting Intune
Autopilot, dot let perfect be the enemy of better

January 2020 Oslo, Norway

Michael Mardahl

Cloud Architect @APENTO | Microsoft MVP | Swiss Army Brain

Ballerup, Denmark