Ten things you should know about Azure AD Connect and Azure AD Sync

Azure Active Directory powers Microsoft Online Services, ranging from Office 365 to Intune, in terms of identity. While this compels to organizations in a strong way, Microsoft even offers hybrid identity options to organizations running on-premises Windows Server Active Directory  to stretch their identity layer to the cloud. The tool from Microsoft to support its … Continue reading "Ten things you should know about Azure AD Connect and Azure AD Sync"

KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview (Release Notes)

At the same time Microsoft released the Windows Server 2016 Technical Preview 3 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft TechNet. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server 2016 … Continue reading "KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview (Release Notes)"

AD FS Certificates Best Practices, Part 3: Cryptographic Next Generation (CNG)-generated Private Keys

Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward certificates as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation… That’s right, you won’t … Continue reading "AD FS Certificates Best Practices, Part 3: Cryptographic Next Generation (CNG)-generated Private Keys"

AD FS Certificates Best Practices, Part 2: Key size

Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear … Continue reading "AD FS Certificates Best Practices, Part 2: Key size"

AD FS Certificates Best Practices, Part 1: Hashing Algorithms

Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear … Continue reading "AD FS Certificates Best Practices, Part 1: Hashing Algorithms"

Choosing the right Azure MFA authentication methods

A couple of weeks ago, I took interest in Azure Multi-factor Authentication (MFA) and wrote a series on 4Sysops, detailing the Azure MFA Service and the on-premises Multi-Factor Authentication Server: Azure Multi-Factor Authentication – Part 1: Introduction Azure Multi-Factor Authentication – Part 2: Components Azure Multi-Factor Authentication – Part 3: Configuring Azure Multi-Factor Authentication – … Continue reading "Choosing the right Azure MFA authentication methods"

KnowledgeBase: Install-ADCSCertificationAuthority fails without a network adapter present

An issue has been identified in situations where you would configure a Windows Server installation as an Offline Root Certification Authority (CA). The Install-ADCSCertificationAuthority Windows PowerShell Cmdlet would error out, while you could achieve the scenario without problems using the Graphical User Interface (GUI).    The situation In multi-tier Public Key Infrastructure (PKI) implementations, you … Continue reading "KnowledgeBase: Install-ADCSCertificationAuthority fails without a network adapter present"

KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 2 (Release Notes)

At the same time Microsoft released the Windows Server 2016 Technical Preview 2 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft Download Center. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server … Continue reading "KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 2 (Release Notes)"

KnowledgeBase: You receive a "Your request could not be processed" error when using Azure Self-service Password Reset (SSPR)

Recently, after deploying Azure Self-service Password Reset (SSPR) for a customer, I discovered some odd behavior. After we worked through the error tree, we finally worked out the issue. Since it wasn’t documented yet (many other errors are!) at Microsofts KnowledgeBase, here it is.   The situation In an organization with an on-premises Active Directory … Continue reading "KnowledgeBase: You receive a "Your request could not be processed" error when using Azure Self-service Password Reset (SSPR)"

KnowledgeBase: Important Issues in Windows Server 2012 R2 (Release Notes)

At the same time Microsoft released the Windows 8.1 and Windows Server 2012 R2 bits to TechNet and MSDN subscribers, they also released the Release Notes for Windows Server 2012 R2 on a page on the Microsoft Download Center. On this page you can a document (*.docx format) with the critical issues, that have currently … Continue reading "KnowledgeBase: Important Issues in Windows Server 2012 R2 (Release Notes)"