It’s that time of the year again. Businesses are finishing off 2020 and people start to reminisce of all the good, the bad and the ugly. This year, I’ll join the people who look back at another trip around our sun on our beautiful planet Earth. Let’s look back! January 2020 At work, I’m still … Continue reading "2020 Hindsight"
Today, Raymond and I troubleshooted an issue for several people who received the ‘Sorry, we ran into a problem’ error when trying to register their security information. As is our mutual expectation, I decided to document the issue. When you run into the same situation, you might find it helpful. The situation An Azure … Continue reading "KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA"
Earlier this month, we saw the release of Veeam Backup for Office 365 v5. The new version now supports Backup and Restore of Teams and offers Architectural Enhancements. These architectural enhancements are the result of many major under-the-hood changes in this release. Veeam operates a model where they stage releases and where they keep a … Continue reading "Veeam Backup for Microsoft Office 365 version 5a resolves common issues with version 5"
Recently, several projects, including Akijo’s and n00py’s work, have emerged that exploit misconfigurations of Microsoft’s Local Administrator Password Solution (LAPS) in Active Directory environments. This begs the question: how to make sure their LAPS implementation is secure? It’s a solution to manage passwords for privileged accounts. If this breaks, like cpassword values in Group Policy … Continue reading "HOWTO: Check your LAPS Implementation for Proper Security"
An estimated 97% of all organizations with over 50 people use Active Directory Domain Services (AD DS) as their on-premises directory service. This, however, leaves a lot of organizations with other directories, that are largely LDAPv3-compatible. How would these organizations embrace Azure Active Directory, as the world and Microsoft’s investments shift to cloud-based directory services? … Continue reading "Using Azure AD Connect to synchronize Active Directory Lightweight Directory Services (AD LDS) and other LDAPv3 directories to Azure Active Directory"
Working for a leading Microsoft partner in the Netherlands means that we owe it to our people, our community fellows and (prospective) customers to enable every person and every organization to achieve more. That’s why we’re organizing six Hybrid Identity webinars in the first six months of 2021. We want to show you the different … Continue reading "We’re organizing Six Hybrid Identity webinars in the First Half of 2021"
In recent versions of Azure AD Connect, you can use the mS-DS-ConsistencyGUID attribute as the source anchor attribute. This provides flexibility in cross-forest migration scenarios. However, if another solution in the networking environment has already claimed the mS-DS-ConsistencyGUID attribute for its purposes, Azure AD Connect won’t allow you to use this attribute and instead default … Continue reading "HOWTO: Check if you can use the mS-DS-ConsistencyGUID attribute as source anchor for Azure AD Connect"
On December 8th, 2020, Microsoft issued an advisory for a spoofing vulnerability in the DNS Resolver component. Microsoft refers to the advisory as ADV200013. BleepingComputer.com references CVE-2020-25705 in relationship to this vulnerability. In the advisory notice, Microsoft guides DNS admins to limit the DNS UDP packet size to stop DNS cache poisoning attacks leveraging this … Continue reading "Spoofing Vulnerability in DNS Resolver (SAD DNS, Important, CVE-2020-25705, ADV200013)"
Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability . About the vulnerability An authenticated user has signed into a device and locks his or her active session. An attacker with physical access could then perform actions that would allow them … Continue reading "Windows Lock Screen Security Feature Bypass Vulnerability (Important, CVE-2020-17099, CVSSv3 6.8/5.9)"
Today, for its December 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS). About the vulnerability A Kerberos Security Feature Bypass vulnerability exists in Microsoft’s implementation of the Kerberos network authentication protocol. This vulnerability is described in detail in CVE-2020-16996. If you use Protected Users and Resource-Based … Continue reading "Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-16996, CVSSv3 6.5/5.7)"