Skip to Content

Azure AD Connect 1.1.561.0 finalizes Automatic Upgrade scenario changes and the move to mS-DS-ConsistencyGuid

Written on July 24, 2017 at 2:30 PM, by

Yesterday, Microsoft released version 1,1.561.0 of Azure AD Connect, its free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments to Azure Active Directory. This version is hot on the heels of version 1.1.557.0, because it features some fixes for organization who recently made the […]

Top Five reasons why Identity Admins should look at Windows Server Insider Preview Build 16237

Written on July 14, 2017 at 3:24 PM, by

Yesterday, Microsoft made Windows Server Insider Preview Build 16237 available to the Windows Insiders and Windows Insiders for Business programs. This is the first preview build of the Redstone 3 (RS3) release of Windows Server vNext. I’ve looked at this release, and as an Identity Admin, I feel this build has a lot to offer. […]

Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)

Written on July 13, 2017 at 11:07 AM, by

Last Tuesday, during Microsoft’s July 2017 Patch Tuesday, Microsoft released a security update for all supported Operating Systems to address an elevation of privilege vulnerability that exists when Kerberos falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol.   About the vulnerability In a remote attack scenario, an attacker could […]

Azure AD Connect: objectGUID vs. mS-DS-ConsistencyGuid, Part 1

Written on July 12, 2017 at 4:36 PM, by

The Azure AD Connect Team has decided to move Azure AD Connect’s default source anchor attribute in on-premises Active Directory Domain Services (AD DS) environments from objectGUID to mS-DS-ConsistencyGuid for user objects in Azure AD Connect version 1.1.553.0, and up. When you’ve been using Azure AD Connect to synchronize objects between your on-premises Active Directory […]

Azure AD Connect 1.1.557.0 is good news for highly-regulated and highly-secure organizations

Written on July 6, 2017 at 5:56 PM, by

Microsoft released version 1.1.557.0 yesterday, hot on the heels of last week’s important 1.1.553.0 release that for the first time fixed a critical security issue in Azure AD Connect. With new features for Azure Government cloud and Azure Germany available in this release, and PTA not automatically enabling PHS, this release is particularly appealing to […]

Creating an MFA Provider when you have CSP or DreamSpark

Written on July 3, 2017 at 12:24 PM, by

Microsoft is working hard to migrate all management activities from the ‘classic’ Windows Azure Management website ( to the ‘new’ Azure Portal ( Some of Microsoft’s new subscriptions, like its DreamSpark and CSP-style subscriptions, don’t offer access to the ‘classic’ Windows Azure Management website. But alas, some of the management tasks for implementing Multi-factor Authentication […]

Azure AD Connect v1.1.553.0 addresses a critical security vulnerability … and offers new functionality, too

Written on June 28, 2017 at 9:47 AM, by

Yesterday, Microsoft released a new version of Azure AD Connect, its free tool to synchronize objects from your on-premises Active Directory Domain Services environment to Azure Active Directory. It addresses a critical security vulnerability, but also offers new functionality, like delegate write-back from Exchange Online to Exchange Server on-premises.,   Vulnerability could allow Elevation of […]

KnowledgeBase: When you activate the Microsoft Authenticator App on Android 5.x you receive “Your device does not trust the activation URL”

Written on June 26, 2017 at 10:11 AM, by

The mobile world is still a fragmented world, where various versions of Apple’s iOS and Google’s Android compete for usage share. With people still getting accustomed to today’s throw-away society and handset manufacturers and vendors tailoring to their needs, there’s people using three years old Operating Systems on mobile phones they just purchased.   The […]

KnowledgeBase: When you activate the Microsoft Authenticator App you receive “The remote server returned an error: NotFound”

Written on June 19, 2017 at 9:24 AM, by

I’ve written about the Multi-Factor Authentication server quite extensively. I’ve been pretty content with text messages for authentication, but since DRAFT NIST Special Publication 800-63B, Out-of-Band (OOB) using the PSTN (SMS or voice) is deprecated (ref I’ve been taking a closer look at the Microsoft Authenticator app.   The situation Microsoft’s on-premises Multi-Factor Authentication […]

Pictures of CSN Academy 2017

Written on June 16, 2017 at 10:39 AM, by

I was invited to co-present with my colleague Carlo Schaeffer at CSN Group’s CSN Academy 2017 event at the campus of the Royal Dutch Football Association (KNVB) in Zeist, the Netherlands. I arrived on time at the venue, to enjoy the lunch and Frank Smilda’s keynote on cyber security. Then, after the inspiring keynote, it […]