Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In many environments, tier 0 systems like Azure AD Connect installations are only allowed Internet access through one … Continue reading "HOWTO: Install Azure AD Connect behind an Internet Proxy"
Azure AD Connect is Microsoft’s free tool to synchronize objects and their attributes from Active Directory Domain Services (AD DS) implementations to Azure Active Directory tenants. Many millions of organizations depend on Azure Active Directory and the APIs that the tool connects to. Azure AD Connect’s v2 Endpoint Microsoft has deployed a new endpoint (API) … Continue reading "Azure AD Connect’s v2 endpoint is now Generally Available (GA)"
Azure AD Connect is a crucial component in today’s Hybrid Identity strategies. This tool takes care of the synchronization of objects and their attributes from an on-premises Active Directory environment to Azure AD. In some scenarios, it also takes care of authentication when accessing Azure AD-integrated applications. In version 188.8.131.52, Microsoft introduced Import and Export … Continue reading "Configuration Items that are part of Azure AD Connect’s Export and Import functionality"
Sometimes, the installation of Azure AD Connect can mess up your project deadlines in mere seconds. In this blogpost, I want to share an error that kept the admins of an organization occupied for several days, while it was relatively (har har) easy to fix. The situation An organization wants to configure Azure AD Connect. … Continue reading "KnowledgeBase: You receive error ‘The directory service was unable to allocate a relative identifier’ when installing Azure AD Connect"
Recently, I showed you how to synchronize an Active Directory Lightweight Directory Services (AD LDS) or an LDAP v3-compatible directory to Azure AD using Azure AD Connect. In that blogpost, I listed as one of the requirements that you need a service account that is part of the LDAP tree and has sufficient permissions to … Continue reading "HOWTO: Create an LDAP Connector account in AD LDS for Azure AD Connect"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for December 2020: What’s New Azure AD B2C Phone Sign-up and … Continue reading "What's New in Azure Active Directory for December 2020"
An estimated 97% of all organizations with over 50 people use Active Directory Domain Services (AD DS) as their on-premises directory service. This, however, leaves a lot of organizations with other directories, that are largely LDAPv3-compatible. How would these organizations embrace Azure Active Directory, as the world and Microsoft’s investments shift to cloud-based directory services? … Continue reading "Using Azure AD Connect to synchronize Active Directory Lightweight Directory Services (AD LDS) and other LDAPv3 directories to Azure Active Directory"
Working for a leading Microsoft partner in the Netherlands means that we owe it to our people, our community fellows and (prospective) customers to enable every person and every organization to achieve more. That’s why we’re organizing six Hybrid Identity webinars in the first six months of 2021. We want to show you the different … Continue reading "We’re organizing Six Hybrid Identity webinars in the First Half of 2021"
In recent versions of Azure AD Connect, you can use the mS-DS-ConsistencyGUID attribute as the source anchor attribute. This provides flexibility in cross-forest migration scenarios. However, if another solution in the networking environment has already claimed the mS-DS-ConsistencyGUID attribute for its purposes, Azure AD Connect won’t allow you to use this attribute and instead default … Continue reading "HOWTO: Check if you can use the mS-DS-ConsistencyGUID attribute as source anchor for Azure AD Connect"
The Hybrid Identity Protection Conference is Semperis Inc.’s event in the spirit of The Expert Conference (TEC) to bring together the leading experts in the field of Identity and Access Management. The event offers a unique opportunity to spend time with peers, whose day-to-day job is to architect, manage, and protect identity management in the … Continue reading "The video of my presentation at the 2020 Hybrid Identity Protection Conference is now available"