Yesterday, Microsoft released version 1,1.561.0 of Azure AD Connect, its free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments to Azure Active Directory. This version is hot on the heels of version 1.1.557.0, because it features some fixes for organization who recently made the … Continue reading "Azure AD Connect 1.1.561.0 finalizes Automatic Upgrade scenario changes and the move to mS-DS-ConsistencyGuid"
Month: July 2017
Top Five reasons why Identity Admins should look at Windows Server Insider Preview Build 16237
Yesterday, Microsoft made Windows Server Insider Preview Build 16237 available to the Windows Insiders and Windows Insiders for Business programs. This is the first preview build of the Redstone 3 (RS3) release of Windows Server vNext. I’ve looked at this release, and as an Identity Admin, I feel this build has a lot to offer. … Continue reading "Top Five reasons why Identity Admins should look at Windows Server Insider Preview Build 16237"
Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)
Last Tuesday, during Microsoft’s July 2017 Patch Tuesday, Microsoft released a security update for all supported Operating Systems to address an elevation of privilege vulnerability that exists when Kerberos falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol. About the vulnerability In a remote attack scenario, an attacker could … Continue reading "Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)"
Azure AD Connect: objectGUID vs. mS-DS-ConsistencyGuid, Part 1
The Azure AD Connect Team has decided to move Azure AD Connect’s default source anchor attribute in on-premises Active Directory Domain Services (AD DS) environments from objectGUID to mS-DS-ConsistencyGuid for user objects in Azure AD Connect version 1.1.553.0, and up. When you’ve been using Azure AD Connect to synchronize objects between your on-premises Active Directory … Continue reading "Azure AD Connect: objectGUID vs. mS-DS-ConsistencyGuid, Part 1"
Azure AD Connect 1.1.557.0 is good news for highly-regulated and highly-secure organizations
Microsoft released version 1.1.557.0 yesterday, hot on the heels of last week’s important 1.1.553.0 release that for the first time fixed a critical security issue in Azure AD Connect. With new features for Azure Government cloud and Azure Germany available in this release, and PTA not automatically enabling PHS, this release is particularly appealing to … Continue reading "Azure AD Connect 1.1.557.0 is good news for highly-regulated and highly-secure organizations"
Creating an MFA Provider when you have CSP or DreamSpark
Microsoft is working hard to migrate all management activities from the ‘classic’ Windows Azure Management website (manage.windowsazure.com) to the ‘new’ Azure Portal (portal.azure.com). Some of Microsoft’s new subscriptions, like its DreamSpark and CSP-style subscriptions, don’t offer access to the ‘classic’ Windows Azure Management website. But alas, some of the management tasks for implementing Multi-factor Authentication … Continue reading "Creating an MFA Provider when you have CSP or DreamSpark"