KnowledgeBase: You cannot manage the Desktop SSO feature with the Hybrid Identity Administrator role

On March 19th, 2021, Microsoft introduced Azure AD Connect version 1.6.2.4 to incorporate the lessons learned and distribute the fixes Microsoft made to the larger public. As part of its version release history, Microsoft added the following line to the release notes for this version: Azure AD Connect now supports the Hybrid Identity Administrator role … Continue reading "KnowledgeBase: You cannot manage the Desktop SSO feature with the Hybrid Identity Administrator role"

HOWTO: Get an overview of the Privileged roles assigned within an Azure AD tenant

Unless you’re using the Azure AD Privileged Identity Management (PIM) portal features from your tenant’s Azure AD Premium P2 licenses, you might have a hard time to get an overview of the Privileged roles assigned within an Azure AD tenant. There is, however, a free, easy and Microsoft-supported way, using the AzureADIncidentResponse Windows PowerShell module. … Continue reading "HOWTO: Get an overview of the Privileged roles assigned within an Azure AD tenant"

HOWTO: Enable Seamless Single Sign-on when AD FS is Configured as Sign-in Method

Microsoft has introduced the Staged Rollout functionality to convert the sign-in method for people in your organization from federated authentication to managed authentication. However, there is one slight issue with single sign-on. In this blogpost, I’ll address the issue of having both Seamless Single Sign-on and Federation enabled in Azure AD Connect. About Staged Rollout … Continue reading "HOWTO: Enable Seamless Single Sign-on when AD FS is Configured as Sign-in Method"

Availability of Azure AD Connect’s v2 endpoint

For the past year, Microsoft has been offering the new ‘version 2’ endpoint for Azure AD Connect. This endpoint replaces the ‘version 1’ endpoint we’ve come to use ever since DirSync. About Azure AD Connect’s v2 endpoint Microsoft has deployed a new endpoint (API) for Azure AD Connect that improves the performance of the synchronization … Continue reading "Availability of Azure AD Connect’s v2 endpoint"

KnowledgeBase: A Sign-in Window appears while configuring Azure AD Connect and configuration fails

Sometimes, the installation of Azure AD Connect can mess up your project deadlines in mere seconds. In this blogpost, I want to share an error that kept the admins of an organization occupied for several days, while it was easy to fix.   The situation An organization uses Azure AD and Azure AD Connect. After … Continue reading "KnowledgeBase: A Sign-in Window appears while configuring Azure AD Connect and configuration fails"

Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092, Important)

Today, for its April 2021 Patch Tuesday, Microsoft released an important security update for the Azure AD web sign-in feature in Windows and Windows Server. This vulnerability is known as CVE-2021-27092 and rated with CVSSv3.0 scores of 6.8/5.9. About Azure AD Web Sign-in Web Sign-in is a new way of signing into a Windows system. … Continue reading "Azure AD Web Sign-in Security Feature Bypass Vulnerability (CVE-2021-27092, Important)"

HOWTO: Get an overview of Azure AD Application Permissions

Applications in Azure AD offer people access to functionality that is integrated into your Azure AD tenant. The default behavior in Azure AD is that everyone can register applications and grant access to their data to applications. Microsoft now offers functionality to streamline the process of application management. When onboarding to this new functionality, admins … Continue reading "HOWTO: Get an overview of Azure AD Application Permissions"

Your Active Directory Pre-production environment: Restore from Backup or Deploy as Code?

Active Directory Domain Services act as the cornerstone of every on-premises Microsoft-oriented networking infrastructure. It is important to get things right when it comes to your Domain Controllers, user objects and access controls. An obvious solution to getting things right the first time is offering one or more pre-production environments to develop and test scripts, … Continue reading "Your Active Directory Pre-production environment: Restore from Backup or Deploy as Code?"

On-premises Identity-related updates and fixes for March 2021

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for March 2021:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB45000803 March 9, 2021 … Continue reading "On-premises Identity-related updates and fixes for March 2021"

What's New in Azure Active Directory for March 2021

Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for March 2021: What’s Planned Guidance on how to enable support for … Continue reading "What's New in Azure Active Directory for March 2021"