Category Archives: Active Directory

Today, The DirTeam.com / ActiveDir.org Weblogs are celebrating the 20-year anniversary of Active Directory Domain Services as a released product.   Windows 2000 Server The introduction of Active Directory to the world was part of the release of Windows 2000 Server on February 17, 2000. At the launch event, Bill Gates ushered in the Next […]

In many Active Directory Domain Services environments, LDAP is a common protocol to provide access to objects and their attributes in the directory. The Lightweight Directory Access Protocol (LDAP) is an open protocol for use with various directory services, including Active Directory. Over the years, Microsoft has been made aware about vulnerabilities in the way […]

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for January 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4534271 January 14, 2020 The […]

This, week, the Azure AD Connect team made the following announcement on the Azure AD Connect: Version release history page: Starting on November 1st, 2020, we will begin implementing a deprecation process whereby versions of Azure AD Connect that were released more than 18 months ago will be deprecated. At that time we will begin […]

Today is data privacy day. Today, I’d like to talk about Active Directory and data privacy, because it is an issue that is looming on the horizon for many organizations. I won’t be talking about Domain Controllers getting popped all around the globe, not about the various attacks against Active Directory and how to detect, […]

Windows Hello for Business is awesome technology, that allows for multi-factor authenticated sign-in on Windows 10 devices.   About Windows Hello for Business In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to […]

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at the benefits of implementing AD FS with a back-end […]

This Tuesday, Microsoft released an update that fixes a critical vulnerability in Windows and Windows Server. I urge you to install this update as soon as possible.   About the vulnerability The vulnerability, labeled CVE-2020-0601 was responsibly disclosed by the NSA to Microsoft. It is dubbed ‘NSACrypt’. A spoofing vulnerability exists in the way Windows […]

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. For many organizations the Active Directory administrative tier model is a reality, or at least something they strive […]

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at the security headers for AD FS implementations. Note: This […]