The 2020 Hybrid Identity Protection Conference (HIPConf) was originally planned for April 2020. As New York and other cities around the globe helped us combat the COVID-19 pandemic, this was not a good time to gather and discuss our topics in person. However, organizations worldwide need our guidance more than ever. Cyber crime evolves through … Continue reading "I’ve joined the Semperis Hybrid Identity Protection Podcast"
Many organizations are adopting Azure AD Join as the mechanism to create a trust relationship between their Windows 10-based devices and their Identity solution. In the obligatory joiners/workers/leavers processes, however, it might make sense to repurpose an Azure AD-joined devices to another person in the organization. In this blogpost I’ll explain how to achieve this … Continue reading "HOWTO: Repurpose an Azure AD-joined device in an organization without Intune"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory and on its blog, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for July 2020: What’s Planned Targeting client apps … Continue reading "What’s New in Azure Active Directory in July 2020"
Yesterday, I presented a 75-minute session on the three approaches to migrating to the cloud, together with Netwrix’ Russel McDermott. Now, a mere working day after the webinar, the Netwrix team has done everyone a huge favor by already placing the video recording online for everyone to watch: https://try.netwrix.com/3_approaches_to_cloud_migration_emea Enjoy! Simply press the red … Continue reading "The video of my Netwrix webinar on migrating to the Cloud is now available"
Starting today, Microsoft is making changes to resolve the inconsistent naming of built-in role names between the Microsoft 365 admins center, the Azure AD portal and the Microsoft Graph API. In total, 10 role names will be changed, and this impacts any application, script, alerts and/or policies that may refer to any of these role … Continue reading "TODO: Change apps, scripts, alerts and policies to cover the new role names in the Microsoft Graph API"
Azure Active Directory is Microsoft’s Identity as a Service platform. It is a global service, used by millions of organizations worldwide. To make the service useable for all of these organizations, Microsoft works with limits. In Azure Active Directory, one such limit it the object limit. All Azure AD’s limits are described on the Azure … Continue reading "HOWTO: Determine your Azure AD tenant’s object limit and count"
Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In the pervious post of this series, we discussed encrypting traffic between AD FS Servers, servers running Azure … Continue reading "HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. User objects with the Global administrator role are the highest privileged objects in Azure AD and should be monitored. The challenge with Global Admins Some organizations have opted for a Technical State … Continue reading "HOWTO: Set an alert to notify when an additional person is assigned the Azure AD Global Administrator role"
Last month, Microsoft has announced the deprecation of the Azure Active Directory Graph API (graph.windows.net). Going forward, the Microsoft Graph API (graph.microsoft.com) is the supported way to gain access to Azure Active Directory programmatically. What will happen? Let’s look at the timeline shared by Microsoft: For the next two years, applications and tools communicating … Continue reading "TODO: Move from the Azure AD Graph API to the Microsoft Graph API"
Microsoft Inspire is Microsoft’s annual event where it kicks off its fiscal year with its partner community. Inspire is Microsoft’s way to explain what’s coming in the year ahead and work together to find shared solutions for customers. As all of Microsoft’s events will have a focus on online events until July 2021, Microsoft Inspire … Continue reading "Identity-related Sessions at Microsoft Inspire 2020"