TODO: Periodically reset the password for the KRBTGT_AzureAD account when using Hybrid Cloud Trust

Microsoft offers Hybrid Cloud Trust as a way to offer people with synchronized Work or School accounts on Azure AD-joined device seamless single sign-on access to Active Directory-integrated resources. When they sign in with Windows Hello for Business (WHfB), the Active Directory-integrated functionality doesn’t prompt for username and password. How Hybrid Cloud Trust works Under … Continue reading "TODO: Periodically reset the password for the KRBTGT_AzureAD account when using Hybrid Cloud Trust"

What's New in Azure Active Directory for July 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for July 2022: What’s New Here’s what’s new: No more waiting, provision … Continue reading "What's New in Azure Active Directory for July 2022"

Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts

This week, Microsoft announced the availability of Passwordless Phone Sign-in for multiple Work or School accounts in the Microsoft Authenticator app on Apple iOS-based devices. For the Public Preview of this feature, meet the following requirements to be able to use the Authenticator App for Passwordless Sign-ins to multiple Work or School accounts during the … Continue reading "Requirements to use Passwordless Phone Sign-in for multiple Work or School accounts"

A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise

On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant.   About Netwrix Netwrix empowers information security and governance professionals … Continue reading "A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise"

The Second Edition of the Active Directory Administration Cookbook is now available

Slightly over three years ago, my first book was published. These past few months, I've been working with Packt to write my second book: the Active Directory Administration Cookbook, Second Edition. Starting today, July 15th 2022, you can find physical copies of it on shelves at Amazon. What you'll find is 696 pages filled with … Continue reading "The Second Edition of the Active Directory Administration Cookbook is now available"

What's New in Azure Active Directory for June 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for June 2022: What’s New Temporary Access Pass is now available General … Continue reading "What's New in Azure Active Directory for June 2022"

An Out-of-Band Update addresses Azure AD sign-in problems on Windows ARM-based devices

After installing the June 2022 Cumulative update on a Windows ARM-based device, people might be unable to sign in using Azure Active Directory (Azure AD). Now there is an update available to address this issue, without having to resort to uninstalling the June 2022 Cumulative update or without having to rely on the web-based versions … Continue reading "An Out-of-Band Update addresses Azure AD sign-in problems on Windows ARM-based devices"

HOWTO: Identify Azure AD-integrated apps and services that still rely on ADAL

While initially communicated for June 30th, 2022, the deprecation of the Azure Active Directory Authentication Library (ADAL) has been postponed to December 2022. No doubt, this has to do with the continued use of the Azure Active Directory Authentication library (ADAL) in many apps and services. Since this month, Microsoft has made an Azure AD … Continue reading "HOWTO: Identify Azure AD-integrated apps and services that still rely on ADAL"

What's New in Azure Active Directory for May 2022

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for May 2022: What’s Planned Tenant-based service outage notifications General Availability Service … Continue reading "What's New in Azure Active Directory for May 2022"

The FusterCluck that is Power Platform’s Identity and Delegation model

Recently, I had some experiences with the Power Platform. As an identity guy, I was appalled at what I found as Microsoft’s identity and delegation model for these services. Let me tell you why.   About the Power Platform Microsoft’s Power Platform consists of four distinct products and services: Power BI Through dashboards, Power BI … Continue reading "The FusterCluck that is Power Platform’s Identity and Delegation model"