The video of my Netwrix webinar on migrating to the Cloud is now available

Yesterday, I presented a 75-minute session on the three approaches to migrating to the cloud, together with Netwrix’ Russel McDermott. Now, a mere working day after the webinar, the Netwrix team has done everyone a huge favor by already placing the video recording online for everyone to watch: https://try.netwrix.com/3_approaches_to_cloud_migration_emea   Enjoy! Simply press the red … Continue reading "The video of my Netwrix webinar on migrating to the Cloud is now available"

TODO: Change apps, scripts, alerts and policies to cover the new role names in the Microsoft Graph API

Starting today, Microsoft is making changes to resolve the inconsistent naming of built-in role names between the Microsoft 365 admins center, the Azure AD portal and the Microsoft Graph API. In total, 10 role names will be changed, and this impacts any application, script, alerts and/or policies that may refer to any of these role … Continue reading "TODO: Change apps, scripts, alerts and policies to cover the new role names in the Microsoft Graph API"

Happy Birthday, Windows 10!

On July 29th, 2015, Microsoft made Windows 10 generally available to people worldwide. Today, we celebrate Windows 10’s 5th anniversary! At its release, Windows 10 offered many new features, including its new release schedule, Cortana, the Action Center and Microsoft Edge. Its identity, security and management features make a lot of difference for large organizations, … Continue reading "Happy Birthday, Windows 10!"

HOWTO: Determine your Azure AD tenant’s object limit and count

Azure Active Directory is Microsoft’s Identity as a Service platform. It is a global service, used by millions of organizations worldwide. To make the service useable for all of these organizations, Microsoft works with limits. In Azure Active Directory, one such limit it the object limit. All Azure AD’s limits are described on the Azure … Continue reading "HOWTO: Determine your Azure AD tenant’s object limit and count"

HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In the pervious post of this series, we discussed encrypting traffic between AD FS Servers, servers running Azure … Continue reading "HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases"

What’s New in Identity from Microsoft Inspire 2020

Microsoft Inspire is Microsoft’s annual event where it kicks off its fiscal year with its partner community. Inspire is Microsoft’s way to explain what’s coming in the year ahead and work together to find shared solutions for customers. This year’s Inspire event brought us the following Identity-related news:   New Surface Hub OS featuring Azure … Continue reading "What’s New in Identity from Microsoft Inspire 2020"

Achieving Active Directory-as-a-Service with VMware vRealize Orchestrator

VMware’s vRealize Orchestrator is a product used by many virtualization admins to automate common tasks. Today, we’re looking at using vRealize Orchestrator to enable automation of common Active Directory tasks, so Active Directory admins may benefit from this solution using the publicly available blueprints for Active Directory.   About vRealize Orchestrator vRealize Orchestrator helps simplify … Continue reading "Achieving Active Directory-as-a-Service with VMware vRealize Orchestrator"

HOWTO: Set an alert to notify when an additional person is assigned the Azure AD Global Administrator role

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. User objects with the Global administrator role are the highest privileged objects in Azure AD and should be monitored.   The challenge with Global Admins Some organizations have opted for a Technical State … Continue reading "HOWTO: Set an alert to notify when an additional person is assigned the Azure AD Global Administrator role"

TODO: Move from the Azure AD Graph API to the Microsoft Graph API

Last month, Microsoft has announced the deprecation of the Azure Active Directory Graph API (graph.windows.net). Going forward, the Microsoft Graph API (graph.microsoft.com) is the supported way to gain access to Azure Active Directory programmatically.   What will happen? Let’s look at the timeline shared by Microsoft: For the next two years, applications and tools communicating … Continue reading "TODO: Move from the Azure AD Graph API to the Microsoft Graph API"

HOWTO: Perform an Azure AD Connect Swing Migration

Azure AD Connect is a crucial component in today’s Hybrid Identity strategies. This tool takes care of the synchronization of objects and their attributes from an on-premises Active Directory environment to Azure AD. In some scenarios, it also takes care of authentication when accessing Azure AD-integrated applications. As with any system in a networking infrastructure, … Continue reading "HOWTO: Perform an Azure AD Connect Swing Migration"