We’ve migrated many AD FS implementations from Windows Server 2012 R2 to Windows Server 2016 and beyond. This blogpost intends to share our experiences during these migrations, so you can take advantage of them during your migrations. How we migrate In general, we migrate Web Application Proxy servers by adding additional Web Application Proxies … Continue reading "A Real-world tested Approach for Transitioning Web Application Proxy Servers"
We’ve migrated many Active Directory Federation Services (AD FS) implementations from Windows Server 2012 R2 to Windows Server 2016 and beyond. This blogpost intends to share our experiences during these migrations, so you can take advantage of them during your migrations. How we migrate In general, we migrate AD FS servers by adding additional … Continue reading "A Real-world tested Approach for Transitioning AD FS Servers"
Multi-factor authentication is the current solution to the problem of inadequate information security in today’s world of user names and passwords. When you have enabled multi-factor authentication in Microsoft Azure and Office 365, you might need app passwords to allow for certain access to not disrupt the business. The situation As an organization, you … Continue reading "KnowledgeBase: App Passwords are only available to users with a non-Conditional Access MFA requirement"
Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft announced a plan for change regarding Azure MFA. What’s announced Microsoft is planning to replace the current Custom controls (preview) in Conditional Access … Continue reading "Announced: Azure AD to offer more 3rd Party MFA features"
In a domain that is configured to use the File Replication Service, the SYSVOL folder is not shared after you in-place upgrade a Windows Server 2019-based Domain Controller from an earlier version of Windows. Until this directory is shared, Domain Controllers do not respond to DCLOCATOR requests for LDAP, Kerberos, and other Domain Controller workloads. … Continue reading "Knowledgebase: In-place Upgrading Domain Controllers to Windows Server 2019 while still using NTFRS breaks SYSVOL Replication and DSLocator"
Microsoft has introduced an impressive array of technologies and an awesome vision on Hybrid Identity: Their vision entails seamless access to corporate resources, services and applications for people, no matter where these resources, services and apps are located (either on-premises or in the cloud) while in the mean time allowing for strong authentication and granular … Continue reading "Default checks to perform when implementing Hybrid Identity, Part 4: Groups with large memberships"
Microsoft has introduced an impressive array of technologies and an awesome vision on Hybrid Identity: One of the parts of your organization’s journey in implementing Hybrid Identity, might be to migrate from DirSync to Azure AD Connect with Azure AD Sync. After you export and import the configuration, you might expect to see the same … Continue reading "Default checks when implementing Hybrid Identity, Part 3: Linked Mailboxes"
At the same time Microsoft released the Windows Server 2016 Technical Preview 2 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft Download Center. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server … Continue reading "KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 2 (Release Notes)"
I’ve referred to the Windows Server 2003 Domain Functional Level (DFL) as the ‘golden’ functional level a couple of times. Dave has a blogpost where he concludes the same from an Exchange Server point of view. However, from an Active Directory point of view, the Windows Server 2008 Domain Functional Level (DFL) gains much traction … Continue reading "Checking replication of raising the Domain Functional Level to Windows Server 2008 in a pragmatic and programmatic way"
In six months time, on July 14 2015, Microsoft ends the extended support for Windows Server 2003. After 11 years and 6 months (Windows Server 2003 became generally available on May 28th, 2003) the plug is pulled on updates to the product and the support information on TechNet, MSDN and its KnowledgeBase. Running Active Directory on Operating … Continue reading "Advances in Active Directory since Windows Server 2003"