Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear … Continue reading "AD FS Certificates Best Practices, Part 1: Hashing Algorithms"
A couple of weeks ago, I took interest in Azure Multi-factor Authentication (MFA) and wrote a series on 4Sysops, detailing the Azure MFA Service and the on-premises Multi-Factor Authentication Server: Azure Multi-Factor Authentication – Part 1: Introduction Azure Multi-Factor Authentication – Part 2: Components Azure Multi-Factor Authentication – Part 3: Configuring Azure Multi-Factor Authentication – … Continue reading "Choosing the right Azure MFA authentication methods"
An issue has been identified in situations where you would configure a Windows Server installation as an Offline Root Certification Authority (CA). The Install-ADCSCertificationAuthority Windows PowerShell Cmdlet would error out, while you could achieve the scenario without problems using the Graphical User Interface (GUI). The situation In multi-tier Public Key Infrastructure (PKI) implementations, you … Continue reading "KnowledgeBase: Install-ADCSCertificationAuthority fails without a network adapter present"
At the same time Microsoft released the Windows Server 2016 Technical Preview 2 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft Download Center. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server … Continue reading "KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 2 (Release Notes)"
Recently, after deploying Azure Self-service Password Reset (SSPR) for a customer, I discovered some odd behavior. After we worked through the error tree, we finally worked out the issue. Since it wasn’t documented yet (many other errors are!) at Microsofts KnowledgeBase, here it is. The situation In an organization with an on-premises Active Directory … Continue reading "KnowledgeBase: You receive a "Your request could not be processed" error when using Azure Self-service Password Reset (SSPR)"
At the same time Microsoft released the Windows 8.1 and Windows Server 2012 R2 bits to TechNet and MSDN subscribers, they also released the Release Notes for Windows Server 2012 R2 on a page on the Microsoft Download Center. On this page you can a document (*.docx format) with the critical issues, that have currently … Continue reading "KnowledgeBase: Important Issues in Windows Server 2012 R2 (Release Notes)"
This week, Microsoft has released KnowledgeBase article 2872882 today, detailing a situation where you’d receive an “Organization Preparation FAILED” error when you try to Prepare the Active Directory for Exchange Server 2007 or Exchange Server 2010.
Windows 8 offers many new features, compared to Windows XP, Windows Vista and even Windows 7. Some of these features are fantastic, but come with a top of the bill hardware price tag. In this blogpost I’ll explain why you’ll need to scour the specifications of your hardware components for these five acronyms
The new Domain Controller Promotion process in Windows Server 2012 with the Active Directory Domain Services Configuration Wizard, is a nice new way to promote Windows Server 2012-based hosts to Domain Controllers, since it enables: Remote promotion of Windows Server 2012-based hosts to Domain Controllers Promotion of a group of Windows Server 2012-based hosts to … Continue reading "Options that are only available when you promote Windows Server 2012 to a Domain Controller with PowerShell"