Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAPv3-based identity platforms to Azure Active Directory. During installation, Azure AD Connect offers a choice. This is the first choice and also the most fundamental choice for Azure AD … Continue reading "Azure AD Connect Custom Settings vs Express Settings"
Category: Active Directory
Active Directory
Azure AD Connect v1.1.749.0 adds Privacy and Security Controls
Last week, Microsoft released version 1.1.749.0 of Azure AD Connect, its free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments to Azure Active Directory. This version adds privacy controls, additional security controls, a wizard page for device write-back and other miscellaneous fixes. What’s … Continue reading "Azure AD Connect v1.1.749.0 adds Privacy and Security Controls"
Windows Server 2016’s February 2018 Quality Update fixes empty Attribute value in EventID 5136 for Directory Services Changes
Windows Server 2016’s February 2018’s Cumulative Quality Update, bringing the OS version to 14393.2097, offers a fix you might be experiencing with empty values for Attribute in EventID 5136 for Directory Services Changes on Windows Server 2016-based Active Directory Domain Controllers. About Windows Server 2016 Updates Microsoft issues two major updates each month for … Continue reading "Windows Server 2016’s February 2018 Quality Update fixes empty Attribute value in EventID 5136 for Directory Services Changes"
In-place upgrading an Active Directory Domain Controller to Windows Server build 17093 might fail
Last week, Microsoft announced the latest Windows Server Insider Preview build, nicknamed Build 17093, referencing its 10.0.17093.1000 version number. This Windows Server version was released to Windows Server Insiders on February 13, 2018. About Windows Server Preview Build 17093 This build is a preview build of the next Semi-Annual Channel (SAC) release of Windows … Continue reading "In-place upgrading an Active Directory Domain Controller to Windows Server build 17093 might fail"
Hybrid Identity features per Active Directory Domain Services Domain Controller Operating System, Domain Functional Level, Forest Functional Level and Schema version
Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. These components have requirements of Active Directory Domain Services (AD DS) in terms of the schema, the Windows Server versions on the Domain Controllers an organization runs, the Domain Functional Level (DFL) and the … Continue reading "Hybrid Identity features per Active Directory Domain Services Domain Controller Operating System, Domain Functional Level, Forest Functional Level and Schema version"
Configuring Geo-Redundancy for AD FS on-premises with Azure Traffic Manager
Last week, I showed you how to perform a simple Hybrid Identity implementation with AD FS on-premises. While this scenario is easy and fast to deploy, it also has a couple of downsides. One of them is the risk of ‘AD FS Unavailability’ and the inability to authenticate to cloud resources when the on-premises environment … Continue reading "Configuring Geo-Redundancy for AD FS on-premises with Azure Traffic Manager"
Performing a simple Hybrid Identity implementation with AD FS on-premises
In this blogpost, I’ll explain how to install and configure Active Directory Federation Services (AD FS) and Azure AD Connect to achieve Hybrid Identity with Azure Active Directory, based on Windows Server 2016. The implementation outlined in this blogpost is relevant for one on-premises datacenter and an Active Directory Domain Services environment, consisting of one … Continue reading "Performing a simple Hybrid Identity implementation with AD FS on-premises"
I’m co-presenting a second webinar on tracking changes in Hybrid Identity
On Wednesday January 24, 2018 I’m co-presenting a webinar on tracking changes in Hybrid Identity environments, based on Active Directory Domain Services (AD DS) and Azure AD. The session is sponsored by Netwrix, who I think have a stellar solution for tackling this challenge. This expert webinar is scheduled for a convenient time for my … Continue reading "I’m co-presenting a second webinar on tracking changes in Hybrid Identity"
Using Azure AD Connect with a gMSA
Since version 1.1.443.0, you can use Azure AD Connect with a group Managed Service Account (gMSA) as its service account. I thought it was time to show you how to configure Azure AD Connect with a gMSA. The problem with service accounts We all use service accounts in our environments. These accounts allow us … Continue reading "Using Azure AD Connect with a gMSA"
Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability
It feels like only a couple of months ago, but actually only half a year ago, Microsoft released a version of Azure AD Connect that fixed a critical security vulnerability related to password resets. Yesterday, Microsoft released a new version of Azure AD Connect that does the same thing, but actually in a different feature. … Continue reading "Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability"