Skip to Content

About: Sander Berkouwer

Sander Berkouwer is CTO at SCCT, a Dutch Microsoft Partner. He is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.

Recent Posts by Sander Berkouwer:

Active Directory Virtualization Safeguards with VM-GenerationID on VMware vSphere

Written on August 20, 2019 at 3:05 PM, by

Arriving at the fifth part of this series on Virtualizing Domain Controllers on vSphere, I managed to gather some feedback on these blogposts. One question that emerged after writing the last blogpost on Replication considerations for Domain Controllers running on VMware vSphere was: Isn’t Windows Server 2012 supposed to solve all these challenges with virtualizing […]

HOWTO: Enable Auditing and Logging for AD FS Servers and the AD FS Farm

Written on August 15, 2019 at 11:26 AM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at auditing and logging settings on AD FS Servers. Note: […]

Replication considerations for Domain Controllers running on VMware vSphere

Written on August 13, 2019 at 11:56 AM, by

Active Directory utilizes a multi-master replication model. It’s great that each Domain Controller provides read and write access to the Active Directory database, but it comes with a big drawback: Domain Controllers need to be in sync to provide consistent data to clients, independent of the Domain Controller communicated to. A big question to ask […]

What’s New in Azure Active Directory for July 2019

Written on August 9, 2019 at 11:02 AM, by

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for July 2019:   What’s Planned Application Proxy service update to support […]

HOWTO: Disable unnecessary AD FS endpoints

Written on August 6, 2019 at 8:07 PM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll harden the AD FS Server installations, by disabling unnecessary endpoints they […]