Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP). Admins at many organizations that onboarded to the Defender for Identity functionality still manage it through the Azure ATP Portal. … Continue reading "The Azure ATP Portal is being decommissioned in February 2023"
There are many great Active Directory Monitoring solutions, however, there are not many great Domain Controller Monitoring solutions. What’s the difference? Not every Active Directory Monitoring solution is capable of monitoring what’s going on on the Domain Controllers. Active Directory Monitoring solutions that are part of bigger monitoring solutions even go as far as treating … Continue reading "Domain Controller Monitoring: Why, What, How?"
When working with the Azure AD Password Protection feature, you might want to take advantage of the event log management features on your Domain Controllers to make sure you get the right amount of events for password set and password failure audit events. About Azure AD Password Protection Azure AD Password Protection is an Azure … Continue reading "HOWTO Extend the availability of Azure AD Password Protection Reporting Information"
As Active Directory, its Domain Controllers and their inner workings were originally designed in the late 90s, some of the technologies and processes can be somewhat incompatible with technologies and ways of work that were introduced since. I haven’t stumbled upon physical Domain Controllers in a while, so I guess I can conclude that Virtual … Continue reading "Eight Tips and Tricks for Backing up and Restoring virtual Domain Controllers with Altaro VM Backup v8"
During the installation of Azure AD Connect, you can select the option to use an alternative location. In this case, the Microsoft Azure AD Sync folder is stored in the alternative location, but the Microsoft Azure AD Connect folder isn’t. The situation When you work with Hybrid Cloud Trust, you need the AzureAdKerberos PowerShell module. … Continue reading "KnowledgeBase: You can’t use the AzureADKerberos PowerShell Module on Azure AD Connect installations in a custom installation location"
Microsoft offers Hybrid Cloud Trust as a way to offer people with synchronized Work or School accounts on Azure AD-joined device seamless single sign-on access to Active Directory-integrated resources. When they sign in with Windows Hello for Business (WHfB), the Active Directory-integrated functionality doesn’t prompt for username and password. How Hybrid Cloud Trust works … Continue reading "TODO: Periodically reset the password for the KRBTGT_AzureAD account when using Hybrid Cloud Trust"
The world is different from five years ago. After the successful SolarWinds attack in 2020, where attackers gained access to Microsoft’s systems, Microsoft aligned itself with NIST’s approach towards a zero-trust architecture. This changes everything. In contrast to previous security models, in Microsoft’s defense in depth approach Identity and Access is the first layer of … Continue reading "ENow Software provides the ideal basis for your Active Directory Zero Trust Journey"
Admins who are using Azure AD Connect are currently receiving email notifications when there are synchronization errors in the Azure AD Connect synchronization process. However, after mid-June 2022, admins who have not enabled Azure AD Connect Health email notifications will no longer receive synchronization error notification emails for their tenants. Microsoft has migrated this functionality … Continue reading "TODO: Configure Azure AD Connect Health email notifications to continue to receive notifications when synchronization errors occur"
Active Directory Domain Services (AD DS) offers many ways to integrate applications and services. Before Windows 2000 Server and Active Directory, in the Windows NT era when servers were beige and server racks from wood, authentication on networks was NTLM-based. Windows 2000 Server introduced Microsoft’s Kerberos implementation, but even today NTLM continues to be used. … Continue reading "HOWTO: Detect NTLMv1 Authentication"
While initially communicated for June 30th, 2022, the deprecation of the Azure Active Directory Authentication Library (ADAL) has been postponed to December 2022. No doubt, this has to do with the continued use of the Azure Active Directory Authentication library (ADAL) in many apps and services. Since this month, Microsoft has made an Azure AD … Continue reading "HOWTO: Identify Azure AD-integrated apps and services that still rely on ADAL"