One of the hard nuts to crack in Active Directory is meeting the requirements for the infrastructure features your organization’s business needs to operate reliably, securely and smooth. About Active Directory requirements Throughout Microsoft’s recent history, features have been introduced in all sorts of products that have certain Active Directory requirements. The perfect example is … Continue reading "HOWTO: Find out the capabilities Domain Controllers may offer your device"
Troubleshooting stories from the field are the best. That’s why I like writing them down. Although, sometimes they might appear as straight cases of schadenfreude, I feel there are lessons to be learned for anyone, if you’re willing to look closely and listen carefully. Last month, I experienced an issue with an AD FS farm, … Continue reading "From the field: The Case of the Unstable AD FS Farm"
We’ve helped organizations embrace Microsoft’s Advanced Threat Analytics (ATA) solution to protect their Active Directory environments from attacks. On January 12th, 2021, mainstream support for this product ends. ATA version 1.9.3, released on September 14th, 2020 is the final update as part of mainstream support. It’s time to move on to Microsoft Defender for Identity. … Continue reading "Mainstream support for Microsoft Advanced Threat Analytics (ATA) ends in three months"
Passwordless is Microsoft’s strategy to improve enterprise security and enable end-user convenience at the same time. The era of passwords is slowly coming to an end and Microsoft offers readily-available solutions for your colleagues to sign-in to their devices and services. However, with its many passwordless methods, Microsoft isn’t making it easy for identity admins … Continue reading "Choosing the right Passwordless sign-in method for your colleagues"
On April 22nd, 28th and 30th, 2020, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demonstrated from me and Netwrix’ Jeff Melnick! About the webinars I feel webinars are a great way to show people the potential of technology. … Continue reading "I’m presenting three webinars with Netwrix focusing again on the best recipes from the AD Administration Cookbook"
Troubleshooting stories from the field are the best. That’s why I like writing them down. Although, sometimes they might appear as straight cases of schadenfreude, I feel there are lessons to be learned for anyone, if you’re willing to look closely and listen carefully. Last week I experienced an issue with Azure AD Connect at … Continue reading "From the Field: The case of the unreachable forest on a domain-joined Azure AD Connect installation"
Troubleshooting Active Directory Domain Services is fun. Today, I cover a more esoteric Active Directory troubleshooting case about an overloaded Domain Controller holding the Primary Domain Controller Emulator role. The cause has nothing to do with Active Directory, of course, but I was called in because the machine affected was a Domain Controller. About … Continue reading "From the field: The case of the overloaded Primary Domain Controller Emulator"
On September 24th, 25th and 26th, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demo’ed! Tip! These courses may be of specific interest to CISSPs, as these courses allow you to earn Continuing Professional Education (CPE) credits. About the … Continue reading "I’m presenting three Webinars with Netwrix focusing on the best recipes from the AD Administration Cookbook"
Azure AD’s Dynamic Memberships for Groups and Assigning Licenses to Groups features can be used to circumvent the overlap that might occur when user accounts are assigned both an Azure AD P1 and Azure AD P2 license. In this blogpost, I’ll walk you through the scenario. About Azure AD licensing Today, Azure Active Directory … Continue reading "Using Azure AD’s Dynamic Memberships for Groups to Assign Mutually Exclusive P1 and P2 licenses"
Azure AD Connect offers the Staging Mode functionality. This feature is often touted as a way to bring disaster recovery to Azure AD Connect, but I don’t feel this is the actual strength of this feature. I believe offering release management capabilities is the best use of the Staging Mode feature. Release Management Release … Continue reading "Leveraging Azure AD Connect Staging Mode for Release Management"