A Recap of Identity-related Announcements from Microsoft Ignite 2021 Spring Edition

Another Microsoft Ignite event comes to a close. Microsoft’s latest Ignite event was organized as a free digital event between Tuesday March 2nd and Thursday March 4th, 2021, labeled the 2021 Spring Edition. During Microsoft Ignite 2021 Spring Edition, Microsoft made the following Identity-related announcements, next to the announcements on their monthly recurring release notes … Continue reading "A Recap of Identity-related Announcements from Microsoft Ignite 2021 Spring Edition"

What's New in Azure Active Directory for February 2021

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for February 2021: What’s Planned Email one-time passcode authentication on by default … Continue reading "What's New in Azure Active Directory for February 2021"

Windows PKU2U Elevation of Privilege Vulnerability (CVE-2021-25195, Critical)

Yesterday, for its February 2021 Patch Tuesday, Microsoft released a critical security update for PKU2U. This vulnerability is known as CVE-2021-25195 and rated with CVSSv3.0 scores of 7.8/6.8.   About PKU2U Authentication PKU2U is a peer-to-peer authentication protocol. This setting prevents online identities from authenticating to domain-joined systems. Authentication will be centrally managed with Windows … Continue reading "Windows PKU2U Elevation of Privilege Vulnerability (CVE-2021-25195, Critical)"

Five Things of Notice in the ‘State of Apps by Microsoft Identity 2020’ Report

Microsoft issued a 19-page report, titled ‘The state of apps by Microsoft identity 2020’. In this document, Microsoft shares it analysis of enterprise cloud app usage. It shows how and what applications organizations are securing with Azure AD. It also shares insights into how app usage shifted in 2020 compared to the years prior. Note: … Continue reading "Five Things of Notice in the ‘State of Apps by Microsoft Identity 2020’ Report"

What's New in Azure Active Directory for January 2021

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for January 2021:   What’s planned Secret token will be a mandatory … Continue reading "What's New in Azure Active Directory for January 2021"

HOWTO: Install Azure AD Connect behind an Internet Proxy

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In many environments, tier 0 systems like Azure AD Connect installations are only allowed Internet access through one … Continue reading "HOWTO: Install Azure AD Connect behind an Internet Proxy"

Azure Active Directory Pod Identity Spoofing Vulnerability (CVE-2021-1677)

Today, for its January 2021 Patch Tuesday, Microsoft released an important security update for Azure Active Directory Pod Identities. This vulnerability is known as CVE-2021-1677 and rated with CVSSv3.0 scores of 5.5/4.8 About the vulnerability The Azure AD pod identity feature enables users to assign identities to pods in Kubernetes clusters and fetch them from … Continue reading "Azure Active Directory Pod Identity Spoofing Vulnerability (CVE-2021-1677)"

HOWTO: Set the Retention Period for the Azure Log Analytics Workspace where you stream Azure AD logs to

When you stream Azure AD logs to an Azure Log Analytics workspace, you might just do it to get an alert to notify when an additional person is assigned the Azure AD Global Administrator role or when an Azure AD emergency access account is used. For these purposes, the default retention period for an Azure … Continue reading "HOWTO: Set the Retention Period for the Azure Log Analytics Workspace where you stream Azure AD logs to"

What's New in Azure Active Directory for December 2020

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for December 2020:   What’s New Azure AD B2C Phone Sign-up and … Continue reading "What's New in Azure Active Directory for December 2020"

KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA

Today, Raymond and I troubleshooted an issue for several people who received the ‘Sorry, we ran into a problem’ error when trying to register their security information. As is our mutual expectation, I decided to document the issue. When you run into the same situation, you might find it helpful.   The situation An Azure … Continue reading "KnowledgeBase: Some users receive an "We're sorry, we ran into a problem" error when registering Azure MFA"