As part of MC224734, Microsoft has communicated publicly that they are requiring multi-factor authentication (MFA) from four more Azure AD privileged roles through the Security Defaults functionality. Organizations leveraging Conditional Access to require MFA from privileged accounts should take note. About Security Defaults Security Defaults is an Identity security feature. When enabled, it requires … Continue reading "TODO: Require MFA from four more Azure AD Roles through your Conditional Access Policies"
KnowledgeBase: The Conditional Access APIs do not currently support Preview conditions
During Microsoft’s Ignite event in September 2020, the Conditional Access Application Programming Interfaces (APIs) were announced as Generally Available. We’ve covered this change in our recap of Identity-related Announcements from Microsoft Ignite 2020. Barbara Forbes and I are in the process of creating several solutions for Conditional Access administrators, that rely on the Conditional Access … Continue reading "KnowledgeBase: The Conditional Access APIs do not currently support Preview conditions"
I’m speaking at IT Pro | Dev Connections Greece 2020
I will be speaking at the upcoming IT Pro | Dev Connections Greece conference in the weekend of December 12th and 13th, 2020. About IT Pro|Dev Connections IT Pro|Dev Connections is a conference organized by the largest Greek communities for everyone in the Computer and Information Technology industry. The content focuses on products, technologies … Continue reading "I’m speaking at IT Pro | Dev Connections Greece 2020"
Ten Things You should know about vCenter Identity Provider Federation
vCenter in VMware vSphere 7 introduces support for role-based access control (RBAC), based on standards-based federation. While this sounds fantastic, there are a couple of things you should know about this vCenter Identity Provider Federation feature, before you blindly implement it. vCenter 7.0 or later The vCenter Identity Provider Federation feature is only available … Continue reading "Ten Things You should know about vCenter Identity Provider Federation"
Command-line switches for Azure AD Connect
After you install Azure AD Connect, but before you configure the product through the Microsoft Azure Active Directory Connect wizard, you can fiddle with the Azure AD Connect installer. Below is a list of command-line switches that you can use: Note: The below list is based on Azure AD Connect version 1.5.45.0. AzureADConnect.exe /UseExistingDatabase … Continue reading "Command-line switches for Azure AD Connect"
Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049, CVSSv3 6.6)
Yesterday, for its November 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS). About the vulnerability A Kerberos Security Feature Bypass vulnerability exists in Microsoft’s implementation of the Kerberos network authentication protocol. This vulnerability is described in detail in CVE-2020-17049. A security feature bypass vulnerability exists in … Continue reading "Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049, CVSSv3 6.6)"
KnowledgeBase: LSASS on Windows 10 version 20H2 crashes and reboots unexpectedly on systems with renamed built-in administrator or guest accounts
On October 20th, 2020, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing Service Center. This version is also known as Windows 10 ‘October 2020 Update’. Last week, Microsoft acknowledged an issue causing forced restarts on devices running Windows … Continue reading "KnowledgeBase: LSASS on Windows 10 version 20H2 crashes and reboots unexpectedly on systems with renamed built-in administrator or guest accounts"
The video of my talk at the European SharePoint Office 365 and Azure Conference is now available
The European SharePoint, Office 365 & Azure Conference (ESPC) is Europe’s leading online community, providing educational resources and encouraging collaboration. Therefore, I was more than happy to announce that I was returning as a speaker for the European SharePoint, Office 365 and Azure Conference (ESPC) 2020. On October 15th, while my pre-recorded presentation was playing, … Continue reading "The video of my talk at the European SharePoint Office 365 and Azure Conference is now available"
I’m speaking at the 2020 NT Konferenca
The 2020 NT Konferenca, known as NT Remote 2020, the 25th edition of the NT Konferenca, kicks off in two weeks. I have been invited to deliver two sessions. About NT Konferenca NT Konferenca is the biggest Slovenian technological conference. Last year the event was visited by over two thousand attendees. NT Konferenca is not … Continue reading "I’m speaking at the 2020 NT Konferenca"
VMware updated the patch for CVE-2020-3992 to completely address the Remote Code Execution Vulnerability (Critical, CVSSv3 9.8)
In October 2020, VMware published update VMSA-2020-0023 that claimed to fix the CVE-2020-3992 vulnerability in OpenSLP service in ESXi. OpenSLP is used for service location. This component has a use-after-free issue, that could allow a malicious person who has access to port 427 on an ESXi machine remote code execution. The vulnerability was rated with … Continue reading "VMware updated the patch for CVE-2020-3992 to completely address the Remote Code Execution Vulnerability (Critical, CVSSv3 9.8)"