KnowledgeBase: You can’t manage AD FS with non-domain-joined Azure AD Connect installations

Azure AD Connect is Microsoft's free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. One of the neat tricks Azure AD Connect has up its sleeve is the ability to implement Active Directory Federation Services (AD … Continue reading "KnowledgeBase: You can’t manage AD FS with non-domain-joined Azure AD Connect installations"

On-premises Microsoft Identity-related updates and fixes for May 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for May 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4556813 May 12, 2020 The May … Continue reading "On-premises Microsoft Identity-related updates and fixes for May 2020"

KnowledgeBase: To manage non-domain-joined Web Application Proxies with Azure AD Connect you need additional configuration on both sides

Azure AD Connect is Microsoft's free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. However, you can also use it to set up and manage your organization’s Active Directory Federation Services (AD FS) implementation. This works … Continue reading "KnowledgeBase: To manage non-domain-joined Web Application Proxies with Azure AD Connect you need additional configuration on both sides"

A Real-world tested Approach for Transitioning Web Application Proxy Servers

We’ve migrated many AD FS implementations from Windows Server 2012 R2 to Windows Server 2016 and beyond. This blogpost intends to share our experiences during these migrations, so you can take advantage of them during your migrations.   How we migrate In general, we migrate Web Application Proxy servers by adding additional Web Application Proxies … Continue reading "A Real-world tested Approach for Transitioning Web Application Proxy Servers"

A Real-world tested Approach for Transitioning AD FS Servers

We’ve migrated many Active Directory Federation Services (AD FS) implementations from Windows Server 2012 R2 to Windows Server 2016 and beyond. This blogpost intends to share our experiences during these migrations, so you can take advantage of them during your migrations.   How we migrate In general, we migrate AD FS servers by adding additional … Continue reading "A Real-world tested Approach for Transitioning AD FS Servers"

KnowledgeBase: You receive error ‘AADSTS5000812: The SAML 1.1 credential must contain exactly one or zero claims of type ImmutableID’ when signing into Azure AD-integrated resources

In Hybrid Identity implementations, Active Directory Domain Services (AD DS), Active Directory Federation Services (AD FS) and Azure AD work together to authenticate people in your organization, so that they can work with Azure AD-integrated resources like Office 365. Sometimes, the constellation fails and you get an error page, instead of reaching the desired application, … Continue reading "KnowledgeBase: You receive error ‘AADSTS5000812: The SAML 1.1 credential must contain exactly one or zero claims of type ImmutableID’ when signing into Azure AD-integrated resources"

On-premises Identity updates & fixes for February 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for February 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4537764 February 11, 2020 The February … Continue reading "On-premises Identity updates & fixes for February 2020"

On-premises Identity updates & fixes for January 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for January 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4534271 January 14, 2020 The … Continue reading "On-premises Identity updates & fixes for January 2020"

Active Directory, AD FS and Azure AD in terms of Data Privacy

Today is data privacy day. Today, I’d like to talk about Active Directory and data privacy, because it is an issue that is looming on the horizon for many organizations. I won’t be talking about Domain Controllers getting popped all around the globe, not about the various attacks against Active Directory and how to detect, … Continue reading "Active Directory, AD FS and Azure AD in terms of Data Privacy"

Requirements per Windows Hello for Business Deployment Type

Windows Hello for Business is awesome technology, that allows for multi-factor authenticated sign-in on Windows 10 devices.   About Windows Hello for Business In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to … Continue reading "Requirements per Windows Hello for Business Deployment Type"