Collaboration helps organizations increase their effectiveness in their (supply) chain by allowing people in other organization to work together in shared functionality. In the Microsoft Cloud, specifically, it allows people with Azure AD accounts to access Microsoft 365 and Microsoft Azure functionality. With all the new settings, I've identified 100+ different ways to collaborate, but … Continue reading "Eight things you should know about Azure AD Cross-tenant Synchronization"
Azure AD Connect Sync v2.2.1.0 offers functional changes and bug fixes
Azure AD Connect v2.1.15.0 was the first v2.x to be announced with Automatic Upgrades functionality, on July 6th 2022. However, Azure AD Connect installations with custom synchronization rules fell out of scope for this feature, as were v1.x installations in the past. Azure AD Connect v2.2.1.0 offers to correct this oversight. Actually, this version is … Continue reading "Azure AD Connect Sync v2.2.1.0 offers functional changes and bug fixes"
Join us for a Webinar on Securing and Monitoring Active Directory
On Tuesday June 6th, 2023, I will be presenting a free 60-minute webinar on Active Directory, together with Jay Gundotra of ENow fame. About this webinar Many large organizations use Active Directory as their primary Identity and Access Management (IAM) solution, synchronizing objects to Azure AD from there. Other organizations keep Active Directory around … Continue reading "Join us for a Webinar on Securing and Monitoring Active Directory"
A recent Microsoft change might prompt you to reconsider guest access policies
While Active Directory and AD FS admins may feel that they are on top of things as new Operating Systems versions only typically appear every 3 years. However, when adding Azure AD to the mix, a constellation emerges where the change rate of Azure AD may suddenly wreak havoc… A recent change Recently, Microsoft … Continue reading "A recent Microsoft change might prompt you to reconsider guest access policies"
An LDAP Remote Code Execution Vulnerability affects your Domain Controllers (CVE-2023-28283, Critical CVSSv3 8.1/7.1)
Yesterday, for its May 2023 Patch Tuesday, Microsoft released a critical security update for Domain Controllers and Windows Server installations offering Active Directory Lightweight Directory Services. This vulnerability is known as CVE-2023-28283 and rated with CVSSv3.1 scores of 8.1/7.1. A remote code execution vulnerability exists in the Windows Lightweight Directory Access Protocol (LDAP). An adversary … Continue reading "An LDAP Remote Code Execution Vulnerability affects your Domain Controllers (CVE-2023-28283, Critical CVSSv3 8.1/7.1)"
What's New in Azure Active Directory for April 2023
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory and through the Microsoft 365 Message Center, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for April 2023: What's Planned … Continue reading "What's New in Azure Active Directory for April 2023"
Join me for my Tech Talk at VeeamON 2023 in Miami
I'm excited to announce that I will be hosting one of the Tech Talks at VeeamON in Miami this year. About VeeamON VeeamON is Veeam's yearly community event tailored for Data Recovery experts. Just like other conferences, it offers technical sessions. However VeeamON also features celebrations, LabWarz, a playground and the community hub to … Continue reading "Join me for my Tech Talk at VeeamON 2023 in Miami"
On-premises Identity-related updates and fixes for April 2023
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for April 2023: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for April 2023"
The April 2023 Updates provide further urgency to Netlogon RPC Sealing
With the November 2022 Updates for Windows Server, Microsoft implemented Netlogon protocol changes as part of mitigating the vulnerability associated with CVE-2022-38023. With the April 2023 Updates for Windows Server, another vulnerability is addressed in the same context. About CVE-2022-38023 (November 2022) Through this vulnerability, an authenticated adversary could leverage cryptographic protocol vulnerabilities in … Continue reading "The April 2023 Updates provide further urgency to Netlogon RPC Sealing"
Ten DNS Server vulnerabilities could lead to Remote Code Execution and Information Disclosure on Domain Controllers with default configurations
When looking at the April 2023 Patch Tuesday today, I noticed ten updates that specifically address vulnerabilities in DNS Server. These vulnerabilities are specific to Domain Controllers running DNS Server (in the default configuration), so this sparked my interest in these updates. About the vulnerabilities Nine DNS Server remote code execution vulnerabilities were addressed: … Continue reading "Ten DNS Server vulnerabilities could lead to Remote Code Execution and Information Disclosure on Domain Controllers with default configurations"