Azure AD Connect is Microsoft’s latest tool to support your latest hybrid identity scenarios and synchronize object information from an on-premises Windows Server Active Directory environment to Azure Active Directory. One of its components is Azure AD Sync, responsible for the synchronization itself. Azure AD Connect became generally available on June 24, 2015. Azure AD … Continue reading "How the IDs for Azure AD Sync’s service accounts are created"
Azure Active Directory powers Microsoft Online Services, ranging from Office 365 to Intune, in terms of identity. While this compels to organizations in a strong way, Microsoft even offers hybrid identity options to organizations running on-premises Windows Server Active Directory to stretch their identity layer to the cloud. The tool from Microsoft to support its … Continue reading "Ten things you should know about Azure AD Connect and Azure AD Sync"
A couple of weeks ago, I took interest in Azure Multi-factor Authentication (MFA) and wrote a series on 4Sysops, detailing the Azure MFA Service and the on-premises Multi-Factor Authentication Server: Azure Multi-Factor Authentication – Part 1: Introduction Azure Multi-Factor Authentication – Part 2: Components Azure Multi-Factor Authentication – Part 3: Configuring Azure Multi-Factor Authentication – … Continue reading "Choosing the right Azure MFA authentication methods"
Today, I ran into an issue, where the people I was talking to couldn’t tell me if their Azure Active Directory tenant had one or more Directory Synchronization Tool (DirSync) or Azure Active Directory Sync Tool (AADSync) installations associated with it. Additionally, these people showed me an Azure Active Directory Sync Tool (AADSync) installation, but … Continue reading "Knowledgebase: How to check if your Azure Active Directory Tenant has a DirSync or AADSync installation syncing to it"
This week, I was working with a customer to onboard Azure Active Directory for Office 365. Since this is a rather large customer, I opted to use the IdFix DirSync Error Remediation Tool to scan for possible problems way ahead of time. About IdFix The Office 365 IdFix Error Remediation Tool identifies errors such … Continue reading "Exporting from the IdFix Eror Remediation Tool like a pro"
Microsoft Ignite in Chicago, IL, is only two weeks away and many of us have begun filling their session builder with interesting sessions, corresponding to our interests and knowledge. Since I dream Active Directory and Hybrid Identity, I decided to compile a list of the Active Directory and Hybrid Identity related sessions at Microsoft Ignite, … Continue reading "Active Directory-related sessions at Microsoft Ignite"
Windows 10 brings a huge change when it comes to joining the trusted environment. How does the virtualization of the join change the security paradigm that we got so used to over the past decade. What happens to single sign-on and management of the workplace? Where are the new boundaries of the virtualized territory? How … Continue reading "Video: Join the Virtualized!"
The speaker season for 2015 is about to start. Of course, we're kicking off with the Nordic Infrastructure Conference (NICConf) in Oslo, Norway. I'll be copresenting two sessions with Raymond Comvalius at NIC's 4th edition. As our session on Experts Live 2014 on the pitfalls when virtualizing Domain Controllers was a huge success, we will … Continue reading "I will be speaking at Nordic Infrastructure Conference 4th Edition"
Recently, after deploying Azure Self-service Password Reset (SSPR) for a customer, I discovered some odd behavior. After we worked through the error tree, we finally worked out the issue. Since it wasn’t documented yet (many other errors are!) at Microsofts KnowledgeBase, here it is. The situation In an organization with an on-premises Active Directory … Continue reading "KnowledgeBase: You receive a "Your request could not be processed" error when using Azure Self-service Password Reset (SSPR)"
This week, the Internet was abuzz with HeartBleed,a vulnerability in OpenSSL. This meant many secure websites and webservices, protected by OpenSSL, suddenly became a security risk and OpenSSL (and open source software, in general) suddenly became a lot less trustworthy. About HeartBleed The HeartBleed bug is a serious vulnerability in the popular OpenSSL cryptographic software … Continue reading "Implications of the HeartBleed vulnerability on Single Sign-On and Federation implementations"