An important update addresses a Spoofing Vulnerability in AD FS

Yesterday, for its September 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). About the vulnerability A spoofing vulnerability exists when Active Directory Federation Services (AD FS) on Windows Server 2016 and Windows Server 2019 improperly handles multi-factor authentication requests. This vulnerability is described in detail in CVE-2020-0837. … Continue reading "An important update addresses a Spoofing Vulnerability in AD FS"

RoboCopy supports Copying Files over SMB with Compression on Windows Server 2019, and beyond

Microsoft is working hard to add features to Windows Server vNext, but is not forgetting about the vast majority of organizations that run Windows Server 2019 and might like the same functionality. The feature that I want to discuss with you today is SMB compression with robocopy.exe. SMB Compression with Robocopy The announcement for Windows … Continue reading "RoboCopy supports Copying Files over SMB with Compression on Windows Server 2019, and beyond"

On-premises Identity updates & fixes for August 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for August 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4571694 August 11, 2020 The … Continue reading "On-premises Identity updates & fixes for August 2020"

On-premises Identity updates & fixes for July 2020

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for July 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4565511 July 14, 2020 The July … Continue reading "On-premises Identity updates & fixes for July 2020"

HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In the pervious post of this series, we discussed encrypting traffic between AD FS Servers, servers running Azure … Continue reading "HOWTO: Enable Extended Protection for Authentication on the SQL Servers hosting the AD FS and Azure AD Connect databases"

On-premises Microsoft Identity-related updates and fixes for June 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for June 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4561616 June 9, 2020 The … Continue reading "On-premises Microsoft Identity-related updates and fixes for June 2020"

On-premises Microsoft Identity-related updates and fixes for May 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for May 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4556813 May 12, 2020 The May … Continue reading "On-premises Microsoft Identity-related updates and fixes for May 2020"

On-premises Microsoft Identity-related updates and fixes for April 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for April 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4550929 April 14, 2020 The … Continue reading "On-premises Microsoft Identity-related updates and fixes for April 2020"

HOWTO: Encrypt traffic between AD FS Servers, servers running Azure AD Connect and SQL Servers hosting their databases

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. Implementing AD FS with SQL Server provides access to Artifact Resolution and Replay Detection. Implementing Azure AD Connect … Continue reading "HOWTO: Encrypt traffic between AD FS Servers, servers running Azure AD Connect and SQL Servers hosting their databases"

I’m presenting three webinars with Netwrix focusing again on the best recipes from the AD Administration Cookbook

On April 22nd, 28th and 30th, 2020, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demonstrated from me and Netwrix’ Jeff Melnick!   About the webinars I feel webinars are a great way to show people the potential of technology. … Continue reading "I’m presenting three webinars with Netwrix focusing again on the best recipes from the AD Administration Cookbook"