From the Field: the Case of the Active Directory trust without DNS Suffixes

Today has been one of those days, where I get to meet a new organization with a new intriguing issue, that no one has a solution for. The brief error description I got handed down read “They can’t get the Active Directory trust to work.”. Troubleshooting time!   The situation An organization that has been … Continue reading "From the Field: the Case of the Active Directory trust without DNS Suffixes"

Hashing password hashes in Azure AD Connect and Sync per scenario

Azure AD Connect is Microsoft’s solution to connect on-premises Windows Server Active Directory Domain Services implementations to an Azure Active Directory tenant. With Azure AD Connect and its underlying Azure AD Sync installation, Microsoft offers four authentication implementation scenarios: Password Sync Password Sync & Federation Password Sync & Azure AD Domain Services (currently in preview) … Continue reading "Hashing password hashes in Azure AD Connect and Sync per scenario"

Pictures of Experts Live 2015

Last week, the collective of Dutch technical communities organized the Experts Live 2015 event in CineMec in Ede, the Netherlands. After an uneventful drive, I arrived early at the venue and got settled at the speaker room. I enjoyed some coffee while with contacts form large organizations in the business track and got some early … Continue reading "Pictures of Experts Live 2015"

KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 4 (Release Notes)

At the same time Microsoft released the Windows Server 2016 Technical Preview 4 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft TechNet. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server 2016 … Continue reading "KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 4 (Release Notes)"

Windows Server 2016 TP4 is here!

Microsoft is working on the next version of Windows Server, dubbed Windows Server 2016. Today, while at Experts Live 2015, Microsoft released the fourth Technical Preview (TP4) of it.   About Windows Server 2016 TP4 Windows Server 2016 is the successor to Windows Server 2012 R2, which was released in September 2013. Windows Server 2016 … Continue reading "Windows Server 2016 TP4 is here!"

AD FS Certificates Best Practices, Part 4: Configuring the AD FS Token Signing and -Decrypting Certs for a longer lifetime

Microsoft Active Directory Federation Services implementations, typically, use three certificates for its functionality: Service communication certificate Token-signing certificate Token-decrypting certificate In the past three parts of this series, I’ve discussed the best practices I use when choosing the settings for my service communication certificate (request). Today, I’ll share my best practices for the token-signing certificate … Continue reading "AD FS Certificates Best Practices, Part 4: Configuring the AD FS Token Signing and -Decrypting Certs for a longer lifetime"

Security Thoughts: Security Update for Kerberos to Address Security Feature Bypass (KB3105256, MS15-122, CVE-2015-6095, Important)

During BlackHat Europe 2015 in Amsterdam, last week, Ian Haken, a security researcher at Synopsis, presented a session titled Bypassing Local Windows Authentication to Defeat Full Disk Encryption. The accompanying Research paper (PDF) detailed an ‘evil maid’ attack vector specifically targeting BitLocker Drive Encryption. The most interesting part of the session was the way Ian … Continue reading "Security Thoughts: Security Update for Kerberos to Address Security Feature Bypass (KB3105256, MS15-122, CVE-2015-6095, Important)"

Visit Microsoft Netherlands’ FutureProef

Microsoft Netherlands is organizing an inspiring 10-day event to promote the launch of Windows 10, the eminent Dutch launch of  Windows 10-powered hardware and Microsofts 40th anniversary: Microsoft FutureProef. Located at Theater M-Lab in Amsterdam, Microsoft has created an exhibition showing off innovation of the past and the innovation coming to the Netherlands, like Microsoft’s … Continue reading "Visit Microsoft Netherlands’ FutureProef"

I’ll be co-presenting two sessions at Experts Live 2015

As I’ve presented at Experts Live for a couple of years in a row, it should not come as a surprise that I’ve been picked as a speaker for Experts Live 2015. To keep the tradition alive, I’ve opted for co-presenting again, but this time with both a familiar face, and a new colleague from … Continue reading "I’ll be co-presenting two sessions at Experts Live 2015"

A new version of Azure AD Connect was released today

Today, Microsoft released a new version of Azure AD Connect and Azure AD Sync. This release brings new features to the table. I can only assume these features are welcome to many Azure AD Connect customers, since Azure AD Connect and Azure AD Sync pose some serious challenges for organizations using these solutions. Note: Known … Continue reading "A new version of Azure AD Connect was released today"