What's New in Azure Active Directory for November 2017

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following new functionality for Azure Active Directory for November 2017:   What’s Planned Retiring ACS Service Category: ACS Product Capability: Access Control … Continue reading "What's New in Azure Active Directory for November 2017"

What’s New in Azure Active Directory for October 2017

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following new functionality for Azure Active Directory for October 2017:   What’s Planned Deprecating Azure AD reports Service Category: ReportingProduct Capability: Identity … Continue reading "What’s New in Azure Active Directory for October 2017"

Azure Multi-Factor Authentication Server 7.3.0.3 with lots of improvements

After January’s Azure Multi-Factor Authentication Server version 7.2.0.1 release, over the weekend, Microsoft released version 7.3.0.0 of its on-premises Azure Multi-Factor Authentication Server with a lot of performance improvements and other fixes. While the changes mentioned in the change log aren’t world shocking, this release should alleviate much of the problems you might have with … Continue reading "Azure Multi-Factor Authentication Server 7.3.0.3 with lots of improvements"

Whitepaper: What’s New in Active Directory Domain Services since Windows Server 2008 R2

The last couple of months, I have actively worked together with Veeam to profile their excellent Veeam Explorer for Active Directory and to help people get more out of their current investments in on-premises Active Directory Domain Services. One of the projects we’ve worked on is a whitepaper that details what’s new in Active Directory … Continue reading "Whitepaper: What’s New in Active Directory Domain Services since Windows Server 2008 R2"

New features in Active Directory Domain Services in Windows Server 2012 R2, Part 5: WorkPlace Join and Registered Device objects

Active Directory is a family of products. Besides the commonly known Active Directory Domain Services and Certificate Services siblings, the family consists of the Active Directory Lightweight Directory Services, Rights Management Services and Federation Services. The latter received a major overhaul in Windows Server 2012 R2. One of the new features offered by Active Directory … Continue reading "New features in Active Directory Domain Services in Windows Server 2012 R2, Part 5: WorkPlace Join and Registered Device objects"

New features in Active Directory Domain Services in Windows Server 2012 R2, Part 4: PowerShell Cmdlets

Managing an on-premises Active Directory Domain Services infrastructure through the Graphical User Interface (GUI) can get daunting. And boring. Luckily, for most repetitive tasks you can resort to the command line, or in more recent versions of Windows Server to PowerShell. Windows Server 2012 already comes equipped with PowerShell Cmdlets to manage your Active Directory … Continue reading "New features in Active Directory Domain Services in Windows Server 2012 R2, Part 4: PowerShell Cmdlets"

New features in Active Directory Domain Services in Windows Server 2012 R2, Part 3: Authentication Policies and Authentication Policy Silos

As we’ve dived into the Protected Users security group, we’ll dive into Authentication Policies and Authentication Policy Silos today, as these latter two features are greatly intertwined with the functionality of the Protected Users group and have much in common. But, as we’ll find out, Authentication policies and authentication policy silos also differ greatly from … Continue reading "New features in Active Directory Domain Services in Windows Server 2012 R2, Part 3: Authentication Policies and Authentication Policy Silos"

Ten things you need to be aware of before using the Protected Users Group

With Windows Server 2012 R2 and Windows 8.1, Microsoft introduced a feature in Active Directory Domain Services called the Protected Users group. You can use it to limit the availability of outdated authentication protocols, weak encryption algorithms and delegation to sensitive user accounts. Interesting stuff, but I feel there’s some things you should know about … Continue reading "Ten things you need to be aware of before using the Protected Users Group"

New features in Active Directory Domain Services in Windows Server 2012 R2, Part 2: Protected Users

In Active Directory, all Domain Controllers are equal, but some are more equal than others. As you gain experience in managing networking environments, you’ll find the same principle is true for user accounts: all user accounts are equal, but some are more equal than others… For instance, some colleagues to whom these accounts belong, require … Continue reading "New features in Active Directory Domain Services in Windows Server 2012 R2, Part 2: Protected Users"

New features in Active Directory Domain Services in Windows Server 2012 R2, Part 1: Introduction

Microsoft has invested three years of development time in Windows Server 2012 and has introduced a slew of Active Directory features, including claims-based authorization to files and folders, a new licensing solution, safe virtualization, Kerberos armoring, cross-forest KCD and group MSAs. I’ve published a whitepaper on this stuff last year. Hot on the heels of … Continue reading "New features in Active Directory Domain Services in Windows Server 2012 R2, Part 1: Introduction"