I’m presenting two Active Directory and Azure AD Better Together webinars with Netwrix

On May 18th, 2021 and May 20th, 2021 I’ll present 1-hour webinar sessions with Netwrix. Together with Netwrix, I’ll discuss how Active Directory and Azure AD are better together. You’ll learn how you can benefit from integrating your on-premises Active Directory Domain Services environment with Azure AD, how to harden your hybrid environment, how to … Continue reading "I’m presenting two Active Directory and Azure AD Better Together webinars with Netwrix"

KnowledgeBase: VMware Tools Quiescence corrupts Active Directory backups

Sometimes, IT issues are not what they seem to be. A strange issue reared its ugly head last week regarding something I hold dearly: Active Directory backups. The situation An organization runs Active Directory Domain Controllers virtually on top of VMware vSphere. The VMware Tools are installed on the virtual machine. The organization creates backups … Continue reading "KnowledgeBase: VMware Tools Quiescence corrupts Active Directory backups"

From the field: A colleague encounters error “AADSTS50107 Requested federation realm object does not exist.”

Sometimes, you hit error messages that are just too vague to troubleshoot. I like these kinds of situations. I’ve hit this particular error before, but Microsoft fixed the issue with the 515 rID a long time ago… Let’s see what’s happening today causing the same error. The situation An organization has recently restructured. Today, all … Continue reading "From the field: A colleague encounters error “AADSTS50107 Requested federation realm object does not exist.”"

I was a guest on the 425Show talking Active Directory with Daniel Stefaniak

Yesterday, I spent some time talking with Daniel Stefaniak about Active Directory. Daniel is one of the hosts of the 425Show, so we decided to record  and publicly share an hour of our regular 'Old guys yelling at cloud' discussions for this show.   About the 425Show The 425Show is a Twitch live stream, run … Continue reading "I was a guest on the 425Show talking Active Directory with Daniel Stefaniak"

Your Active Directory Pre-production environment: Restore from Backup or Deploy as Code?

Active Directory Domain Services act as the cornerstone of every on-premises Microsoft-oriented networking infrastructure. It is important to get things right when it comes to your Domain Controllers, user objects and access controls. An obvious solution to getting things right the first time is offering one or more pre-production environments to develop and test scripts, … Continue reading "Your Active Directory Pre-production environment: Restore from Backup or Deploy as Code?"

New versions of ADFind and ADMod are now available

Joe Richards has published new versions of his independent ADFind and ADMod tools. Long before Windows Server came with Windows PowerShell, Joe published the first versions of these tools. Now, the latest versions are here for you to enjoy. About Joe Richards Joe Richards currently works as Enterprise Technical Expert CyberSecurity InfoSec Identity and Directory … Continue reading "New versions of ADFind and ADMod are now available"

How Hot Patch for Windows Server Azure Edition helps secure Domain Controllers

At Microsoft Ignite 2021 Spring Edition, Microsoft introduces the Public Preview of Hot Patching for Windows Server Azure Edition. About hot patching for Windows Server Azure Edition Microsoft announced new capabilities at Microsoft Ignite 2021 Spring edition for Azure Automanage to simplify operations for Windows Server-based virtual machines (VMs). Azure Automanage helps organizations to reduce … Continue reading "How Hot Patch for Windows Server Azure Edition helps secure Domain Controllers"

The March 2021 Cumulative Update addresses seven Windows Server DNS vulnerabilities

Today, for its March 2021 Patch Tuesday, Microsoft released a security update that addresses seven vulnerabilities in DNS Servers running Windows Server: About the vulnerabilities The vulnerabilities are described as followed:    CVE-2021-26877 Windows DNS Server Remote Code Execution Vulnerability Critical A remote code execution vulnerability, identified as CVE-2021-26877, exists in Windows Domain Name System … Continue reading "The March 2021 Cumulative Update addresses seven Windows Server DNS vulnerabilities"

HOWTO: Hunt for abuse of Azure AD Connect’s AD Connector account

Azure AD Connect Sync’s uses three separate accounts. Its AD Connector account is an account that has several permissions that warrant a closer look at how the account can be abused. Of course, we’ll need command lines to hunt for any misuse. About the AD Connector account Since Azure AD Connect version 1.4.18.0, the use … Continue reading "HOWTO: Hunt for abuse of Azure AD Connect’s AD Connector account"

HOWTO: Find out the capabilities Domain Controllers may offer your device

One of the hard nuts to crack in Active Directory is meeting the requirements for the infrastructure features your organization’s business needs to operate reliably, securely and smooth. About Active Directory requirements Throughout Microsoft’s recent history, features have been introduced in all sorts of products that have certain Active Directory requirements. The perfect example is … Continue reading "HOWTO: Find out the capabilities Domain Controllers may offer your device"