Yesterday, for its September 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Federation Services (AD FS). About the vulnerability A spoofing vulnerability exists when Active Directory Federation Services (AD FS) on Windows Server 2016 and Windows Server 2019 improperly handles multi-factor authentication requests. This vulnerability is described in detail in CVE-2020-0837. … Continue reading "An important update addresses a Spoofing Vulnerability in AD FS"
When looking at the September 2020 Patch Tuesday today, I noticed five updates that specifically address vulnerabilities in DNS. Two of these vulnerabilities are specific to Domain Controllers running DNS Server, so this sparked my interest in these updates. DNS Server-related updates For Active Directory Domain Controllers acting as DNS Servers, the following vulnerabilities are … Continue reading "The September 2020 Patch Tuesday addresses five important vulnerabilities for Domain Controllers running as DNS Servers"
Microsoft is working hard to add features to Windows Server vNext, but is not forgetting about the vast majority of organizations that run Windows Server 2019 and might like the same functionality. The feature that I want to discuss with you today is SMB compression with robocopy.exe. SMB Compression with Robocopy The announcement for Windows … Continue reading "RoboCopy supports Copying Files over SMB with Compression on Windows Server 2019, and beyond"
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for August 2020: What’s Planned Updates to Azure Multi-Factor Authentication Server firewall … Continue reading "What’s New in Azure Active Directory in August 2020"
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for August 2020: Windows Server 2016 We observed the following updates for Windows Server 2016: KB4571694 August 11, 2020 The … Continue reading "On-premises Identity updates & fixes for August 2020"
Swimming against the stream of all Azure Roles being available in the Roles and administrators pane of the Azure AD Portal, the Device administrator role is missing here. Now, let’s explore how to add additional administrators to Azure AD-joined devices. About Azure AD Join Organization-owned Windows-based devices used to be joined to Active Directory. … Continue reading "KnowledgeBase: The Device Administrator Role is not available on the Roles and Administrators pane in the Azure Portal"
Roughly 6 months ago, on February 26th, 2020, we saw the release of Microsoft Multi-factor Authentication Server (MFA Server) version 8.0.4. Now it’s time for an update to Microsoft’s product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. This week, Microsoft released version 220.127.116.11. What’s … Continue reading "Azure Multi-Factor Authentication Server 18.104.22.168 is here"
Microsoft is working on the next version of Windows Server, beyond Windows Server 2019. Now, we can all enjoy the first preview version of what’s to come. About Windows Server vNext build 20201.1000 Windows Server vNext is the successor to Windows Server 2019. It is a Long-Term Servicing Channel (LTSC) release that contains both … Continue reading "Windows Server vNext Preview build 20201 is now available"
A typical headache for Microsoft Exchange Server administrators is to setup load-balancing with port 25. They face the issue that, typically in these setups, they no longer see the source client IPs of the actual clients; All traffic is translated and is presented to the SMTP service with the load balancer IP as source. This … Continue reading "Field notes: Make the actual source client IP visible for a load-balanced SMTP service"
Last week, Alex Simons announced on behalf of his team the Public Preview of assigning groups to Azure AD roles with a blogpost titled Assigning groups to Azure AD roles is now in public preview! on the Microsoft Tech Community. Ten things you need to know Assigning groups to Azure AD Roles sounds perfect, but … Continue reading "Ten things you need to know about Assigning Groups to Azure AD Roles"