Skip to Content

Category Archives: Azure Active Directory

Azure Active Directory

Active Directory, AD FS and Azure AD in terms of Data Privacy

Written on January 28, 2020 at 10:00 PM, by

Today is data privacy day. Today, I’d like to talk about Active Directory and data privacy, because it is an issue that is looming on the horizon for many organizations. I won’t be talking about Domain Controllers getting popped all around the globe, not about the various attacks against Active Directory and how to detect, […]

Requirements per Windows Hello for Business Deployment Type

Written on January 27, 2020 at 10:35 PM, by

Windows Hello for Business is awesome technology, that allows for multi-factor authenticated sign-in on Windows 10 devices.   About Windows Hello for Business In Windows 10, Windows Hello for Business replaces passwords with strong two-factor authentication on PCs and mobile devices. This authentication consists of a new type of user credential that is tied to […]

HOWTO: Enable Windows Hello for Business FIDO2 Key sign-in without Microsoft Intune

Written on January 22, 2020 at 3:43 PM, by

The official Microsoft documentation teaches us that Microsoft Intune is an optional requirement to configure Windows Hello for Business to show the option to display the FIDO security key sign-in method as part of the Sign-in options on the Windows Logon Screen. However, a method to achieve the same goal without Microsoft Intune is not […]

Citrix’ NetScaler patch may break the Azure MFA NPS Extension for people who use text messages as their method

Written on January 21, 2020 at 8:54 PM, by

The Internet has been on fire for the last week, as a vulnerability in Citrix appliances was actively attacked. In the Netherlands, the National Cyber Security Center advised organizations to switch off Citrix networking appliances. Dutch  Now that organizations are switching them back on to patch the affected systems, they may be in for another surprise […]

HOWTO: Deploy AD FS with SQL Server to gain Artifact Resolution and Replay Detection

Written on January 17, 2020 at 7:20 AM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at the benefits of implementing AD FS with a back-end […]

HOWTO: Design a networking infrastructure for Hybrid Identity components

Written on January 10, 2020 at 5:45 PM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. For many organizations the Active Directory administrative tier model is a reality, or at least something they strive […]

Is the Authenticator App required for free Azure MFA?

Written on January 8, 2020 at 12:23 PM, by

At Microsoft Ignite 2019, Microsoft announced free Azure Multi-factor Authentication for all through the new Security Defaults feature for Azure Active Directory: Enable multi-factor authentication for free. Now, the official documentation shares more information on this feature and it implies that Azure Multi-factor Authentication (Azure MFA) is only free when it is enabled through the […]

What’s New in Azure Active Directory in December 2019

Written on January 7, 2020 at 12:09 PM, by

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for December 2019:   What’s New Integrate SAP SuccessFactors provisioning into Azure […]

HOWTO: Change the Security Response Headers on AD FS

Written on December 19, 2019 at 4:05 PM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at the security headers for AD FS implementations. Note: This […]

What’s New in Azure Active Directory for November 2019

Written on December 11, 2019 at 8:29 AM, by

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for November 2019:    What’s Planned Support for the SameSite attribute and […]