Troubleshooting stories from the field are the best. That’s why I like writing them down. Although, sometimes they might appear as straight cases of schadenfreude, I feel there are lessons to be learned for anyone, if you’re willing to look closely and listen carefully. This week I experienced an issue at an organization, while they were … Continue reading "From the field: The Case of Protected Users being shut out of RDP after removing the last Windows Server 2019 Domain Controller"
Category: Systems Administration
Systems Administration
A Practical Approach to Monitoring the Entra Provisioning Service
Organizations who choose to leverage Entra's identity governance and administration (IGA) capabilities – in stead of the more mainstream SailPoint and Saviynt solutions, but perhaps as a logical successor to Microsoft Identity Manager – may notice that the Entra Provisioning Service lacks a service level agreement (SLA) and is missing from Microsoft's Status dashboard. As … Continue reading "A Practical Approach to Monitoring the Entra Provisioning Service"
The video of managing Active Directory like it's 2003 is now vailable on demand
On October 15th, 2025, Darryl Baker, senior solutions architect at Netwrix, and I presented a webinar titled 'Managing Active Directory Like It’s 2003 Leaves You Exposed in 2025' with the IT GRC Forum. Active Directory and Windows Server have evolved significantly, but many organizations still rely on outdated management practices. Since Microsoft enhanced replication and … Continue reading "The video of managing Active Directory like it's 2003 is now vailable on demand"
Enterprise Certificate Pinning might hurt your Hybrid Identity security efforts this January (MC1193408)
While being touted as one of the more robust ways to prevent Adversary in the Middle (AitM) attacks against TLS-protected resources, for some admins, the Enterprise Certificate Pinning feature in Windows may lock out their entire organization. However, Enterprise Certificate Pinning is not advised for domain names outside of your organization, when their certificates are … Continue reading "Enterprise Certificate Pinning might hurt your Hybrid Identity security efforts this January (MC1193408)"
Stop the Chaos, Save time, Cut costs and strengthen Hybrid AD with Cayosoft
Manual processes, privilege sprawl, and outdated tools aren’t just slowing you down — they’re creating hidden risks in your hybrid AD infrastructure. In this expert-led webinar, you’ll learn from Craig Birch (Technical Evangelist and Principal Security Engineer at Cayosoft) and me how leading organizations are cutting user onboarding time by 75%, reducing privileged accounts by … Continue reading "Stop the Chaos, Save time, Cut costs and strengthen Hybrid AD with Cayosoft"
VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers
On June 25th, 2024, Broadcom made vSphere 8.0 Update 3 generally available. In the details of the Release Notes for vSphere 8.0 Update 3 and ESXi 8.0 Update 3, Broadcom announces PingFederate Support in vSphere Identity Federation. This is a huge update for Identity and Access admins using VMware's virtualization platform as it broadens their options … Continue reading "VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers"
Some Domain Controllers may restart unexpectedly after applying the March 12, 2024 Updates
When installing updates, there is always the risk of rogue updates; updates that break functionality, unannounced, unexpected and unsettling. Microsoft is currently researching such a possible side-effect with the March 12, 2024 updates on Active Directory Domain Controllers. About the issue Domain Controllers may reboot unexpectedly and keep rebooting. Admins are reporting ballooning memory … Continue reading "Some Domain Controllers may restart unexpectedly after applying the March 12, 2024 Updates"
The Azure ATP Portal is being decommissioned in February 2023
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP). Admins at many organizations that onboarded to the Defender for Identity functionality still manage it through the Azure ATP Portal. … Continue reading "The Azure ATP Portal is being decommissioned in February 2023"
Domain Controller Monitoring: Why, What, How?
There are many great Active Directory Monitoring solutions, however, there are not many great Domain Controller Monitoring solutions. What’s the difference? Not every Active Directory Monitoring solution is capable of monitoring what’s going on on the Domain Controllers. Active Directory Monitoring solutions that are part of bigger monitoring solutions even go as far as treating … Continue reading "Domain Controller Monitoring: Why, What, How?"
HOWTO Extend the availability of Azure AD Password Protection Reporting Information
When working with the Azure AD Password Protection feature, you might want to take advantage of the event log management features on your Domain Controllers to make sure you get the right amount of events for password set and password failure audit events. About Azure AD Password Protection Azure AD Password Protection is an Azure … Continue reading "HOWTO Extend the availability of Azure AD Password Protection Reporting Information"