On-premises Identity-related updates and fixes for May 2022

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates. This is the list of Identity-related updates and fixes we saw for May 2022:   Windows Server 2016 We observed the following update for Windows Server … Continue reading "On-premises Identity-related updates and fixes for May 2022"

Pictures of Techorama Belgium 2022

Last week, I presented at Techorama Belgium 2022, the Las Vegas Edition. The event was held at Kinepolis Cinemas in Antwerp, Belgium. After a Monday at one of my more colorful customers in Helmond, I drove to Antwerp to meet up with Aleksandar Nikolic and John Craddock to have dinner on Antwerp’s Grote Markt. After … Continue reading "Pictures of Techorama Belgium 2022"

HOWTO: Detect Apps and Services using LDAP instead of LDAPS

Active Directory Domain Services (AD DS) offers many ways to integrate applications and services. Traditionally, the Lightweight Directory Access Protocol (LDAP) was used by software developers to integrate. While Kerberos-based Integrated Windows Authentication (IWA) can also be used, LDAP has kept a certain foothold for software solutions, as it is also available on non-Windows and … Continue reading "HOWTO: Detect Apps and Services using LDAP instead of LDAPS"

The FusterCluck that is Power Platform’s Identity and Delegation model

Recently, I had some experiences with the Power Platform. As an identity guy, I was appalled at what I found as Microsoft’s identity and delegation model for these services. Let me tell you why.   About the Power Platform Microsoft’s Power Platform consists of four distinct products and services: Power BI Through dashboards, Power BI … Continue reading "The FusterCluck that is Power Platform’s Identity and Delegation model"

An Out of Band Update resolves the Authentication issues introduced by the May 10 2022 Windows Updates

Ever since the news broke that the May 2022 Windows Updates cause Active Directory Authentication Failures in environments where certificate-based authentication is in use, many organizations have held off on installing these updates on their domain controllers. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) even went as far as advising against installing the updates … Continue reading "An Out of Band Update resolves the Authentication issues introduced by the May 10 2022 Windows Updates"

I’m speaking at NIC X

For its tenth edition, the annual Nordic Infrastructure Conference (NICConf) has invited Raymond Comvalius and me to deliver a session again. It’s our sixt edition of this fantastic event and we’re looking forward to it! About the Nordic Infrastructure Conference The Nordic Infrastructure Conference (NICConf) provides IT and business professionals with unmissable networking and learning … Continue reading "I’m speaking at NIC X"

Identity-related sessions at Microsoft Build 2022

Microsoft organizes Microsoft Build 2022 as a free digital event between Monday May 24th 5 PM CEST and Thursday May 26th 11 AM CEST. Microsoft Build is Microsoft’s annual conference event, aimed at software engineers and web developers using Windows, Microsoft Azure and other Microsoft technologies. First held in 2011, it serves as a successor … Continue reading "Identity-related sessions at Microsoft Build 2022"

The May 2022 Windows Updates may cause Active Directory Authentication Failures

The May 2022 updates for all supported versions of Windows Server may cause Active Directory authentication failures. Microsoft is investigating the issue. A workaround is available for organizations experiencing issues. The situation The Windows updates of May 10th, 2022, address several vulnerabilities on Domain Controllers, including several of the ten LDAP Remote Code Execution vulnerabilities … Continue reading "The May 2022 Windows Updates may cause Active Directory Authentication Failures"

I’m speaking at Techorama Belgium 2022

I’m proud to share that I’ll be presenting at Techorama Belgium for the fourth time as an accepted speaker for Techorama Belgium 2022. About Techorama Techorama Belgium is a yearly international technology conference that takes place at Kinepolis Metropolis Antwerp. Techorama welcomes 1700 attendees, a healthy mix between developers, IT Professionals, Data Professionals and SharePoint … Continue reading "I’m speaking at Techorama Belgium 2022"

The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)

When looking at the May 2022 Patch Tuesday today, I noticed an update that specifically addresses an LSA Spoofing vulnerability. This vulnerability is specific to Domain Controllers (in the default configuration), so this sparked my interest in the update. About the vulnerability A spoofing vulnerability exists in the Windows Local Security Authority (LSA). This vulnerability … Continue reading "The May 2022 Patch Tuesday addresses an LSA Spoofing vulnerability (Important, CVE-2022-26925, CVSSv3 8.1-9.8)"