Troubleshooting Active Directory Domain Services is fun. Today, I cover a more esoteric Active Directory troubleshooting case about an overloaded Domain Controller holding the Primary Domain Controller Emulator role. The cause has nothing to do with Active Directory, of course, but I was called in because the machine affected was a Domain Controller. About … Continue reading "From the field: The case of the overloaded Primary Domain Controller Emulator"
On September 24th, 25th and 26th, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demo’ed! Tip! These courses may be of specific interest to CISSPs, as these courses allow you to earn Continuing Professional Education (CPE) credits. About the … Continue reading "I’m presenting three Webinars with Netwrix focusing on the best recipes from the AD Administration Cookbook"
Azure AD’s Dynamic Memberships for Groups and Assigning Licenses to Groups features can be used to circumvent the overlap that might occur when user accounts are assigned both an Azure AD P1 and Azure AD P2 license. In this blogpost, I’ll walk you through the scenario. About Azure AD licensing Today, Azure Active Directory … Continue reading "Using Azure AD’s Dynamic Memberships for Groups to Assign Mutually Exclusive P1 and P2 licenses"
Azure AD Connect offers the Staging Mode functionality. This feature is often touted as a way to bring disaster recovery to Azure AD Connect, but I don’t feel this is the actual strength of this feature. I believe offering release management capabilities is the best use of the Staging Mode feature. Release Management Release … Continue reading "Leveraging Azure AD Connect Staging Mode for Release Management"
Microsoft is working hard to further harden Azure Active Directory tenants, so the roughly 13 million organization depending on it, don’t get disappointed by Azure AD-based security breaches and don’t have to worry about attacks on their infrastructure. One of the newest technologies Microsoft is developing is Baseline Policies. Using baseline policies, fields of attention … Continue reading "Assessing the impact that the new Baseline Policy for Admins in Azure AD might have"
As an organization delivering the full stack of the Secure Productive Enterprise (SPE) to large international customers in highly-regulated verticals, we often get the question on an ‘exit strategy’ or ‘contingency plan’ for cloud services, like Office 365. Being a Microsoft partner and Veeam partner with a Microsoft cloud focus makes us unique and allows … Continue reading "Your Exchange Online Contingency Plan is here with Veeam Backup for Office 365"
This year, as a Veeam Vanguard, I’m hosting a series of three Active Directory Domain Services webinars, together with Timothy Dewin and hosted by Veeam. With the basics and most of the virtualization gotcha;s covered, on March 21, it’s time for the topic everyone has been waiting for: Backup and Recovery. It’s the last webinar … Continue reading "Join me for an Active Directory Backup and Recovery webinar, in cooperation with Veeam"
This morning I read a blogpost by John Arnold on the Intune Support TechNet Blog on a strange Intune-related error on Android Phones when accessing the Company Portal app. As it turned out, this is an Active Directory Federation Services (AD FS)-related certificate issue, so I thought I’d share it here as well. The … Continue reading "KnowledgeBase: Logging in to the Intune Company Portal App results in an error “Could not sign in” on Android phones with Chrome 56, and up"
As I wrote earlier, Microsoft ends support for implementations using the stand-alone Azure AD Sync tool and implementations of DirSync per April 13, 2017. As I write this, there is a mere three months left to take care of your migration to a recent version of Azure AD Connect and the implementation of lifecycle management … Continue reading "Only Three Months of Support remain for DirSync and Azure AD Sync"
Yesterday, I blogged on the entirely new Management Pack for Active Directory Domain Services on Windows Server 2016. What I didn’t notice, until now, is that a management pack for Active Directory Federation Services is also available, About the AD FS MP The Active Directory Federation Services (AD FS) Management Pack provides both proactive … Continue reading "Would you like to manage AD FS on Windows Server 2016, too? No problem!"