Microsoft provides guidance for Managing action accounts for Microsoft Defender for Identity, but this documentation is severely lacking from my point of view: It actually lacks the information on creating the actual group Managed Service Account (gMSA) for the action account, itself. It provides guidance to delegating permissions in Active Directory to an individual account, … Continue reading "HOWTO: Programmatically add a Microsoft Defender for Identity Action Account to Active Directory"
Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. Azure AD Connect needs to be installed on a Windows Server with Desktop Experience, but this does not mean there aren’t some … Continue reading "An overview of Azure AD Connect’s PowerShell Modules and Cmdlets"
For many organizations, the reality is that their on-premises systems need to communicate to Microsoft cloud services. Whether it is for Azure AD Connect, Azure AD Connect Health, Azure AD Password Protection, or the Azure MFA NPS extension, you’ll need to install either or both the MSOnline or AzureAD PowerShell modules. On Windows Server 2016-based … Continue reading "Knowledgebase: You receive error ‘Unable to download’ when you try to install the AzureAD or MSOnline PowerShell Module"
Currently, there’s four Windows PowerShell modules to manage settings and objects in Microsoft’s Azure Active Directory: MSOnline AzureAD AzureADPreview AzureAD.Standard.Preview MSOnline The MSOnline Module, with its *-MSOL* cmdlets, was the first Windows PowerShell Module for Azure Active Directory. It started life as a PowerShell Module to manage all Microsoft Online Services, hence the name. … Continue reading "The state of Azure AD PowerShell today"
Some of you may have wondered why I was somewhat quiet. The reason was that during the last year (and a half?) I was writing a book with MVP Damian Scoles. That book is now available as an PDF and Apple iBook! The physical paperback is now also available in our shop and includes a … Continue reading "Practical PowerShell Exchange Server 2016 aka Writing a book"
On this blog, and in several other places, I’ve shared my experiences with Azure Multi-Factor Authentication. While this information meanly focuses on the on-premises Azure Multi-Factor Authentication Server, I did encounter the occasional implementation of the cloud-based Azure Multi-Factor Authentication. For one such implementation, I had the pleasure of migrating it from the cloud to … Continue reading "Getting to know the colleagues using Azure Multi-Factor Authentication"
Last week, Microsoft announced a new preview version of the Azure Active Directory Windows PowerShell Module. This is good news! Let me tell you why. About the Azure AD PowerShell Module Using the Azure Active Directory Windows PowerShell Module, Azure AD Admins can manage several aspects of Azure Active Directory for their organizations and/or … Continue reading "Why the Azure Active Directory Windows PowerShell Module is good news"
Today, I ran into an issue, where the people I was talking to couldn’t tell me if their Azure Active Directory tenant had one or more Directory Synchronization Tool (DirSync) or Azure Active Directory Sync Tool (AADSync) installations associated with it. Additionally, these people showed me an Azure Active Directory Sync Tool (AADSync) installation, but … Continue reading "Knowledgebase: How to check if your Azure Active Directory Tenant has a DirSync or AADSync installation syncing to it"
An issue has been identified in situations where you would configure a Windows Server installation as an Offline Root Certification Authority (CA). The Install-ADCSCertificationAuthority Windows PowerShell Cmdlet would error out, while you could achieve the scenario without problems using the Graphical User Interface (GUI). The situation In multi-tier Public Key Infrastructure (PKI) implementations, you … Continue reading "KnowledgeBase: Install-ADCSCertificationAuthority fails without a network adapter present"
Last week, we discussed the new Active Directory Domain Services-related PowerShell Cmdlets in Windows Server 2012 R2. In the requirements I mentioned that you needed at least one system with the Windows Server 2012 R2 or Windows 8.1 version of the Active Directory Module for Windows PowerShell feature installed. However, as Aleksandar Nikolic (PowerShell MVP) … Continue reading "Using the new Active Directory PowerShell Cmdlets on down-level and module-less systems"