Skip to Content

What’s New in Azure Active Directory for August 2019

Written on September 2, 2019 at 10:34 PM, by

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for August 2019:   What’s Planned Deprecation of the Power BI content […]

Using Azure AD’s Dynamic Memberships for Groups to Assign Mutually Exclusive P1 and P2 licenses

Written on August 29, 2019 at 8:30 PM, by

Azure AD’s Dynamic Memberships for Groups and Assigning Licenses to Groups features can be used to circumvent the overlap that might occur when user accounts are assigned both an Azure AD P1 and Azure AD P2 license. In this blogpost, I’ll walk you through the scenario.   About Azure AD licensing Today, Azure Active Directory […]

Field notes: Azure AD Identity Protection

Written on August 29, 2019 at 3:40 PM, by

I’m managing several Azure AD tenants with a wide variety of licenses and settings. I’ve had a focus on Azure AD Identity Protection for the last weeks, so I’m sharing my field notes with you. What is Azure AD Identity Protection? Let’s start with a little introduction. Microsoft has a lot of experience with identities […]

KnowledgeBase: Azure AD Connect version 1.3.20.0 and up enables Auto Upgrades in AD FS Scenarios

Written on August 28, 2019 at 3:22 PM, by

Organizations, leveraging Azure AD Connect Staging Mode for release management, might find themselves with automatically upgrading Azure AD Connect installations after the initial upgrade to Azure AD Connect version 1.3.20.0, and up.   Azure AD Connect Release Management As described in the blogpost Leveraging Azure AD Connect Staging Mode for Release Management, Staging Mode can […]

HOWTO: Install VASCO’s DIGIPASS Authentication for AD FS

Written on August 27, 2019 at 3:29 PM, by

Today, I had the pleasure of installing and configuring OneSpan’s (formerly Vasco’s) DIGIPASS Authentication for Microsoft Active Directory Federation Services (AD FS). Microsoft Docs offers links to documentation for 3rd-party providers with MFA offerings currently available for AD FS, but just like CensorNet’s SMS PASSCODE AD FS Agent, OneSpan’s installation and configuration manual is not […]

On-premises Microsoft Identity-related updates and fixes for July 2019

Written on August 23, 2019 at 4:51 PM, by

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for July 2019:                     Windows Server 2016 We observed the following updates for Windows Server 2016: KB4507459 July 16, 2019 The […]

Active Directory Virtualization Safeguards with VM-GenerationID on VMware vSphere

Written on August 20, 2019 at 3:05 PM, by

Arriving at the fifth part of this series on Virtualizing Domain Controllers on vSphere, I managed to gather some feedback on these blogposts. One question that emerged after writing the last blogpost on Replication considerations for Domain Controllers running on VMware vSphere was: Isn’t Windows Server 2012 supposed to solve all these challenges with virtualizing […]

HOWTO: Enable Auditing and Logging for AD FS Servers and the AD FS Farm

Written on August 15, 2019 at 11:26 AM, by

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll look at auditing and logging settings on AD FS Servers. Note: […]

Replication considerations for Domain Controllers running on VMware vSphere

Written on August 13, 2019 at 11:56 AM, by

Active Directory utilizes a multi-master replication model. It’s great that each Domain Controller provides read and write access to the Active Directory database, but it comes with a big drawback: Domain Controllers need to be in sync to provide consistent data to clients, independent of the Domain Controller communicated to. A big question to ask […]

What’s New in Azure Active Directory for July 2019

Written on August 9, 2019 at 11:02 AM, by

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for July 2019:   What’s Planned Application Proxy service update to support […]