Skip to Content

HOWTO: Enable Windows Hello for Business FIDO2 Key sign-in without Microsoft Intune

Written on January 22, 2020 at 3:43 PM, by

The official Microsoft documentation teaches us that Microsoft Intune is an optional requirement to configure Windows Hello for Business to show the option to display the FIDO security key sign-in method as part of the Sign-in options on the Windows Logon Screen. However, a method to achieve the same goal without Microsoft Intune is not […]

Citrix’ NetScaler patch may break the Azure MFA NPS Extension for people who use text messages as their method

Written on January 21, 2020 at 8:54 PM, by

The Internet has been on fire for the last week, as a vulnerability in Citrix appliances was actively attacked. In the Netherlands, the National Cyber Security Center advised organizations to switch off Citrix networking appliances. Dutch  Now that organizations are switching them back on to patch the affected systems, they may be in for another surprise […]

I’m speaking at the 2020 Nordic Infrastructure Conference

Written on January 20, 2020 at 2:53 PM, by

After a year’s absence, I’m proud to announce I’m back at the Nordic Infrastructure Conference speaking on Active Directory, Azure Active Directory and Active Directory Federation Services.    About the Nordic Infrastructure Conference The Nordic Infrastructure Conference (NICConf) provides IT and business professionals with unmissable networking and learning experiences from the leading Global IT experts. […]

HOWTO: Deploy AD FS with SQL Server to gain Artifact Resolution and Replay Detection

Written on January 17, 2020 at 7:20 AM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at the benefits of implementing AD FS with a back-end […]

TODO: Install the January 2020 Cumulative Update in your networking infrastructure

Written on January 16, 2020 at 12:41 AM, by

This Tuesday, Microsoft released an update that fixes a critical vulnerability in Windows and Windows Server. I urge you to install this update as soon as possible.   About the vulnerability The vulnerability, labeled CVE-2020-0601 was responsibly disclosed by the NSA to Microsoft. It is dubbed ‘NSACrypt’. A spoofing vulnerability exists in the way Windows […]

We are disabling TLS 1.0 and TLS 1.1 in three months’ time

Written on January 15, 2020 at 10:56 AM, by

Today marks the end of support for Windows Vista, Windows 7, Windows Server 2008 and Windows Server 2008 R2 from Microsoft. From a website perspective, these Operating Systems were the last Operating Systems not supporting TLS 1.2 out of the box. We regularly see visits from these Operating System and recognize the value we have […]

Sweet Sixteen, DirTeam!

Written on January 13, 2020 at 2:37 PM, by

On January 12, 2004, Carlos Magalhaes registered the DirTeam.com DNS domain name. That day, he conceived the DirTeam.com / ActiveDir.org Weblogs, as you’ve come to know it today as your one-stop website for all Microsoft Identity-related information. With great please, I congratulate DirTeam.com with its 16th birthday!    The early days In the early days, […]

HOWTO: Design a networking infrastructure for Hybrid Identity components

Written on January 10, 2020 at 5:45 PM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. For many organizations the Active Directory administrative tier model is a reality, or at least something they strive […]

Field Notes: How has your Azure AD Connect been configured?

Written on January 10, 2020 at 11:11 AM, by

As a consultant, I see a lot of different environments. Often, I need to know the answer to one of the most important questions: What did you select during the setup of Azure AD Connect? The answers vary: A colleague did the setup and has left the company, department… A external supplier did the setup […]

Is the Authenticator App required for free Azure MFA?

Written on January 8, 2020 at 12:23 PM, by

At Microsoft Ignite 2019, Microsoft announced free Azure Multi-factor Authentication for all through the new Security Defaults feature for Azure Active Directory: Enable multi-factor authentication for free. Now, the official documentation shares more information on this feature and it implies that Azure Multi-factor Authentication (Azure MFA) is only free when it is enabled through the […]