Multi-Factor Authentication Server version 8.1.1.1 offers migration functionality to seamlessly switch to Azure MFA

On August 30th, 2022, Microsoft released version 8.1.1.1 of its Azure MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. What’s New The release notes mention one change: MFA Server Migration Utility Public Preview The MFA Server Migration Utility helps synchronize multi-factor authentication registrations … Continue reading "Multi-Factor Authentication Server version 8.1.1.1 offers migration functionality to seamlessly switch to Azure MFA"

HOWTO Extend the availability of Azure AD Password Protection Reporting Information

When working with the Azure AD Password Protection feature, you might want to take advantage of the event log management features on your Domain Controllers to make sure you get the right amount of events for password set and password failure audit events. About Azure AD Password Protection Azure AD Password Protection is an Azure … Continue reading "HOWTO Extend the availability of Azure AD Password Protection Reporting Information"

Manage the use of your AD FS MFA Adapter towards Azure AD with the new federatedIdpMfaBehavior setting

Last month, Microsoft introduced a new setting in Azure AD to protect against by-passing of Azure MFA for organizations who have federated between Azure AD and their on-premises environment. In most cases, organizations who have federated one or more DNS domains with Microsoft 365 (and thus Azure AD) use AD FS to host the ‘Microsoft … Continue reading "Manage the use of your AD FS MFA Adapter towards Azure AD with the new federatedIdpMfaBehavior setting"

I’m co-organizing the KNVI Knowledge BBQ in Rotterdam

On Wednesday September 7th, 2022, I’m co-organizing KNVI’s Knowledge BBQ Dutch at ZiPPERZ in Rotterdam. Fellow speakers Raymond Comvalius and Erwin Derksen complete the line-up for this Microsoft-inspired event. About KNVI The Dutch Professional Association of Information and IT Professionals (KNVI) is an independent platform for sharing professional knowledge and expanding the personal networks of … Continue reading "I’m co-organizing the KNVI Knowledge BBQ in Rotterdam"

TODO: Periodically reset the password for the KRBTGT_AzureAD account when using Hybrid Cloud Trust

Microsoft offers Hybrid Cloud Trust as a way to offer people with synchronized Work or School accounts on Azure AD-joined device seamless single sign-on access to Active Directory-integrated resources. When they sign in with Windows Hello for Business (WHfB), the Active Directory-integrated functionality doesn’t prompt for username and password. How Hybrid Cloud Trust works Under … Continue reading "TODO: Periodically reset the password for the KRBTGT_AzureAD account when using Hybrid Cloud Trust"

What's New in Azure Active Directory for July 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for July 2022: What’s New Here’s what’s new: No more waiting, provision … Continue reading "What's New in Azure Active Directory for July 2022"

Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts

This week, Microsoft announced the availability of Passwordless Phone Sign-in for multiple Work or School accounts in the Microsoft Authenticator app on Apple iOS-based devices. For the Public Preview of this feature, meet the following requirements to be able to use the Authenticator App for Passwordless Sign-ins to multiple Work or School accounts during the … Continue reading "Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts"

A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise

On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant.   About Netwrix Netwrix empowers information security and governance professionals … Continue reading "A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise"

The Second Edition of the Active Directory Administration Cookbook is now available

Slightly over three years ago, my first book was published. These past few months, I've been working with Packt to write my second book: the Active Directory Administration Cookbook, Second Edition. Starting today, July 15th 2022, you can find physical copies of it on shelves at Amazon. What you'll find is 696 pages filled with … Continue reading "The Second Edition of the Active Directory Administration Cookbook is now available"

What's New in Azure Active Directory for June 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for June 2022: What’s New Temporary Access Pass is now available General … Continue reading "What's New in Azure Active Directory for June 2022"