The wonderful people at Netwrix have asked me to join their panel discussion on Microsoft Copilot readiness. In this online webinar we plan to discuss data discovery, data classification and access control with the help of Artificial Intelligence. About the webinar With Microsoft 365 services like SharePoint, Teams, and OneDrive generating and storing vast … Continue reading "Get all your Microsoft Copilot data readiness questions answered by Netwrix and me in our upcoming panel discussion"
Category: Active Directory
Active Directory
Happy 25th Birthday, Active Directory!
Today, The DirTeam.com / ActiveDir.org Weblogs are celebrating the 25-year anniversary of Active Directory Domain Services as a released product. Windows 2000 Server The introduction of Active Directory to the world was part of the release of Windows 2000 Server on February 17, 2000.
From the field: You receive error ‘AADSTS9090561 The endpoint only accepts POST requests. Received a GET request’ when signing in
Sometimes, you hit error messages that are just too vague to troubleshoot. I like these kinds of situations. I’ve hit errors before and their origins were always interesting. Let’s see what’s happening today causing the error ‘AADSTS9090561 The endpoint only accepts POST requests. Received a GET request’ when signing in. The situation An organization is … Continue reading "From the field: You receive error ‘AADSTS9090561 The endpoint only accepts POST requests. Received a GET request’ when signing in"
VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3
Today, Broadcom issued a second update to VMSA-2024-003 for VMware ESXi, specifically to address the vulnerability CVE-2024-37085. This vulnerability, with a CVSSv3 base score of 6.8 out of 10 (Moderate), allowed an adversary with sufficient Active Directory permissions to gain full access to ESXi hosts. About the vulnerability For an adversary to abuse this … Continue reading "VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3"
On-premises Identity-related updates and fixes for July 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for July 2024: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for July 2024"
Sympathy for the devil, empathy for the Identity professional
Working with Microsoft-focused identity admins, I noticed a couple of common themes with these fellow identity people that make them feel like they can't make any right decisions anymore, they got stuck somehow and feel miserable all the time… In their minds, a perfect storm is raging. Identity professionals in this state are experienced as … Continue reading "Sympathy for the devil, empathy for the Identity professional"
On-premises Identity-related updates and fixes for June 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for June 2024: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for June 2024"
On-premises Identity-related updates and fixes for May 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for May 2024: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for May 2024"
A Denial of Service vulnerability threatens the availability of virtual Domain Controllers on VMware ESXi (VMSA-2024-0011, Important, CVE-2024-22273)
This week, Broadcom VMware released an update that addresses a vulnerability in ESXi. This vulnerability could be abused to negatively impact the availability of virtual Domain Controllers running on ESXi hosts. Note: The vulnerability exists in VMware Cloud Foundation, too. The vulnerability was responsibly disclosed to Broadcom VMware. About the DoS vulnerability The vulnerability … Continue reading "A Denial of Service vulnerability threatens the availability of virtual Domain Controllers on VMware ESXi (VMSA-2024-0011, Important, CVE-2024-22273)"
On-premises Identity-related updates and fixes for April 2024
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for April 2024: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for April 2024"