Windows Server 2016’s March 2018 Quality Update brings two Active Directory Domain Services fixes

Windows Server 2016’s March 2018’s Cumulative Quality Update, bringing the OS version to 14393.2155, offers two fixes for issues you might be experiencing on Windows Server 2016-based Active Directory Domain Controllers.   About Windows Server 2016 Updates Microsoft issues two major updates each month for Windows Server 2016, as outlined in the Patching with Windows … Continue reading "Windows Server 2016’s March 2018 Quality Update brings two Active Directory Domain Services fixes"

Windows Server 2016’s February 2018 Quality Update comes highly recommended for AD FS Servers and Web Application Proxies

Windows Server 2016’s February 2018’s Cumulative Quality Update, bringing the OS version to 14393.2097, offers several fixes for Secure Token Servers (STSs) running Active Directory Federation Services (AD FS) and Web Application Proxies.   About Windows Server 2016 Updates Microsoft issues two major updates each month for Windows Server 2016, as outlined in the Patching … Continue reading "Windows Server 2016’s February 2018 Quality Update comes highly recommended for AD FS Servers and Web Application Proxies"

Windows Server 2016’s February 2018 Quality Update fixes empty Attribute value in EventID 5136 for Directory Services Changes

Windows Server 2016’s February 2018’s Cumulative Quality Update, bringing the OS version to 14393.2097, offers a fix you might be experiencing with empty values for Attribute in EventID 5136 for Directory Services Changes on Windows Server 2016-based Active Directory Domain Controllers.   About Windows Server 2016 Updates Microsoft issues two major updates each month for … Continue reading "Windows Server 2016’s February 2018 Quality Update fixes empty Attribute value in EventID 5136 for Directory Services Changes"

Windows Server 2016’s January 2018 Quality Update fixes several AD FS issues

Windows Server 2016’s January 2018’s Cumulative Quality Update, bringing the OS version to 14393.2034, offers several fixes for Secure Token Servers (STSs) running Active Directory Federation Services (AD FS).   About Windows Server 2016 Updates Microsoft issues two major updates each month for Windows Server 2016, as outlined in the Patching with Windows Server 2016 … Continue reading "Windows Server 2016’s January 2018 Quality Update fixes several AD FS issues"

Windows Server 2016’s January 2018 Quality Update fixes several AD CS issues

Windows Server 2016’s January 2018’s Cumulative Quality Update, bringing the OS version to 14393.2034, offers several fixes for Certification Authorities (CAs) running Active Directory Certificate Services (AD CS).   About Windows Server 2016 Updates Microsoft issues two major updates each month for Windows Server 2016, as outlined in the Patching with Windows Server 2016 blogpost. … Continue reading "Windows Server 2016’s January 2018 Quality Update fixes several AD CS issues"

Using Azure AD Connect with a gMSA

Since version 1.1.443.0, you can use Azure AD Connect with a group Managed Service Account (gMSA) as its service account. I thought it was time to show you how to configure Azure AD Connect with a gMSA.   The problem with service accounts We all use service accounts in our environments. These accounts allow us … Continue reading "Using Azure AD Connect with a gMSA"

Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability

It feels like only a couple of months ago, but actually only half a year ago, Microsoft released a version of Azure AD Connect that fixed a critical security vulnerability related to password resets. Yesterday, Microsoft released a new version of Azure AD Connect that does the same thing, but actually in a different feature. … Continue reading "Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability"

Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)

Last Tuesday, during Microsoft’s July 2017 Patch Tuesday, Microsoft released a security update for all supported Operating Systems to address an elevation of privilege vulnerability that exists when Kerberos falls back to NT LAN Manager (NTLM) Authentication Protocol as the default authentication protocol.   About the vulnerability In a remote attack scenario, an attacker could … Continue reading "Security Thoughts: Vulnerability in NTLM Credentials Forwarding with LDAPS could allow Elevation of Privilege (CVE-2017-8563, Important)"

Azure AD Connect v1.1.553.0 addresses a critical security vulnerability … and offers new functionality, too

Yesterday, Microsoft released a new version of Azure AD Connect, its free tool to synchronize objects from your on-premises Active Directory Domain Services environment to Azure Active Directory. It addresses a critical security vulnerability, but also offers new functionality, like delegate write-back from Exchange Online to Exchange Server on-premises.,   Vulnerability could allow Elevation of … Continue reading "Azure AD Connect v1.1.553.0 addresses a critical security vulnerability … and offers new functionality, too"

Important Update for Active Directory Federation Services (MS17-019, KB4010320, CVE-2017-0043)

Today, for its March 2017 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). The security update addresses a vulnerability that could allow information disclosure if an attacker sends a specially crafted request to an ADFS server, allowing the attacker to read sensitive information about the target system..   … Continue reading "Important Update for Active Directory Federation Services (MS17-019, KB4010320, CVE-2017-0043)"