TODO: Upgrade the Certificates for your Windows Server 2016-based Domain Controllers (and up) to enable Windows Hello for Business Hybrid Scenarios

While many Active Directory environments use the default settings from 2003, other environments have adapted to enable new functionality, like Windows Hello for Business. To do so, the default Domain Controllers certificates and certificate templates need to be replaced, as they do not fulfill all of the requirements set out for them. This blogpost shows … Continue reading "TODO: Upgrade the Certificates for your Windows Server 2016-based Domain Controllers (and up) to enable Windows Hello for Business Hybrid Scenarios"

A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise

On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant.   About Netwrix Netwrix empowers information security and governance professionals … Continue reading "A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise"

The End of Mainstream Support is a Time to make an important Decision about Windows Server 2016

Today, January 12th 2022, the Mainstream Support on Windows Server 2016 ended. This Windows Server Operating System (OS) has been with us for the past five years and will remain with us for the next five years, just not as it used to. Therefore, today is a time to make an important decision. The most … Continue reading "The End of Mainstream Support is a Time to make an important Decision about Windows Server 2016"

Hornetsecurity’s 365 Threat Monitor: Get rid of unwanted and potentially dangerous messages

Any messaging administrator will tell you that it’s hard to fight against spam. As we read about most cybersecurity incidents starting with (spear)phishing attacks, it also becomes increasingly clear messaging administrators in small and medium-sized business need to work harder or smarter to protect their colleagues. Messaging in the modern age Many organizations started their … Continue reading "Hornetsecurity’s 365 Threat Monitor: Get rid of unwanted and potentially dangerous messages"

Microsoft 365 Backup in terms of your organization’s exit scenario

Organizations flocking to Microsoft 365 services like Exchange Online, SharePoint Online and Teams have many reasons to make this transition.   Reasons to transition to the Microsoft cloud Whether it’s upgrading the IT real estate to the 21st century, the desire to eliminate technical debt, avoiding the upfront cost of a renewed on-premises implementation, or … Continue reading "Microsoft 365 Backup in terms of your organization’s exit scenario"

Choosing the right Passwordless sign-in method for your colleagues

Passwordless is Microsoft’s strategy to improve enterprise security and enable end-user convenience at the same time. The era of passwords is slowly coming to an end and Microsoft offers readily-available solutions for your colleagues to sign-in to their devices and services. However, with its many passwordless methods, Microsoft isn’t making it easy for identity admins … Continue reading "Choosing the right Passwordless sign-in method for your colleagues"

Deprecation of older Azure AD Connect versions announced for November 1, 2020

This, week, the Azure AD Connect team made the following announcement on the Azure AD Connect: Version release history page: Starting on November 1st, 2020, we will begin implementing a deprecation process whereby versions of Azure AD Connect that were released more than 18 months ago will be deprecated. At that time we will begin … Continue reading "Deprecation of older Azure AD Connect versions announced for November 1, 2020"

Why Lifecycle Management can’t be a mere afterthought anymore

The world we live in has changed significantly over the past few years. We can no longer afford to use our traditional approach to IT. We need to adopt a new way of thinking. In my opinion, this way of thinking doesn’t end with maintenance, but starts with lifecycle management.   The traditional approach Enterprises … Continue reading "Why Lifecycle Management can’t be a mere afterthought anymore"

Recommended Practices for your Hybrid Identity Admin accounts

I’ve been involved in quite some Microsoft Hybrid Identity implementations: Big and small implementations, with and without AD FS next to Azure AD Connect, with Azure AD Connect and 3rd party tooling. One thing though, all these implementations had in common was the admin account(s) they needed done right. You can dial a lot of … Continue reading "Recommended Practices for your Hybrid Identity Admin accounts"