Skip to Content

About: Sander Berkouwer

Sander Berkouwer is CTO at SCCT, a Dutch Microsoft Partner. He is the author of the Active Directory Administration Cookbook, speaker and blogger at and He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.

Recent Posts by Sander Berkouwer:

I’m a 2020 Veeam Vanguard

Written on March 27, 2020 at 5:56 PM, by

Today, I received an e-mail from Nikola Pejková from Veeam congratulating me with being selected for the 2020 Veeam Vanguard Program by the Veeam Vanguard team. For me, it means I successfully renewed my previous four Veeam Vanguard Awards, dating back to 2016 and can celebrate my first lustrum as a Veeam Vanguard. I feel […]

Explained: User Hard Matching and Soft Matching in Azure AD Connect

Written on March 27, 2020 at 5:01 PM, by

In Hybrid Identity implementations, where objects and their attributes are synchronized between on-premises Active Directory environments and Azure AD tenants, integrity is key; When user objects on both sides have different attributes, or exist multiple times at one side, information security drops to critical levels fast. To avoid this situation, Azure AD Connect matches user […]

Announced: Azure AD to offer more 3rd Party MFA features

Written on March 25, 2020 at 11:27 AM, by

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft announced a plan for change regarding Azure MFA.   What’s announced Microsoft is planning to replace the current Custom controls (preview) in Conditional Access […]

A closer look at Azure AD Connect’s Service Connection Point

Written on March 23, 2020 at 9:23 AM, by

Recent versions of Azure AD Connect deploy a Service Connection Point (SCP) into your Active Directory Domain Services (AD DS) environment(s). Let’s look a bit closer to what this SCP looks like, what it does by default and how you can use and tweak it to your advantage.   About Service Connection Points Active Directory […]

TODO: Enable Modern Authentication

Written on March 19, 2020 at 2:45 PM, by

Microsoft is in the process of deprecating basic authentication to its cloud services. While their announcements feel far away, I feel this is the best time to act, if you were one of the earlier adopters of Office 365 and Azure Active Directory.   What Microsoft is saying Microsoft is communicating clearly on the upcoming […]