Skip to Content

About: Sander Berkouwer

Sander Berkouwer is CTO at SCCT, a Dutch Microsoft Partner. He is the author of the Active Directory Administration Cookbook, speaker and blogger at and He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert. Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.

Recent Posts by Sander Berkouwer:

HOWTO: Enable Windows Hello for Business FIDO2 Key sign-in without Microsoft Intune

Written on January 22, 2020 at 3:43 PM, by

The official Microsoft documentation teaches us that Microsoft Intune is an optional requirement to configure Windows Hello for Business to show the option to display the FIDO security key sign-in method as part of the Sign-in options on the Windows Logon Screen. However, a method to achieve the same goal without Microsoft Intune is not […]

Citrix’ NetScaler patch may break the Azure MFA NPS Extension for people who use text messages as their method

Written on January 21, 2020 at 8:54 PM, by

The Internet has been on fire for the last week, as a vulnerability in Citrix appliances was actively attacked. In the Netherlands, the National Cyber Security Center advised organizations to switch off Citrix networking appliances. Dutch  Now that organizations are switching them back on to patch the affected systems, they may be in for another surprise […]

I’m speaking at the 2020 Nordic Infrastructure Conference

Written on January 20, 2020 at 2:53 PM, by

After a year’s absence, I’m proud to announce I’m back at the Nordic Infrastructure Conference speaking on Active Directory, Azure Active Directory and Active Directory Federation Services.    About the Nordic Infrastructure Conference The Nordic Infrastructure Conference (NICConf) provides IT and business professionals with unmissable networking and learning experiences from the leading Global IT experts. […]

HOWTO: Deploy AD FS with SQL Server to gain Artifact Resolution and Replay Detection

Written on January 17, 2020 at 7:20 AM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at the benefits of implementing AD FS with a back-end […]

TODO: Install the January 2020 Cumulative Update in your networking infrastructure

Written on January 16, 2020 at 12:41 AM, by

This Tuesday, Microsoft released an update that fixes a critical vulnerability in Windows and Windows Server. I urge you to install this update as soon as possible.   About the vulnerability The vulnerability, labeled CVE-2020-0601 was responsibly disclosed by the NSA to Microsoft. It is dubbed ‘NSACrypt’. A spoofing vulnerability exists in the way Windows […]