I'm presenting at Azure Saturday Netherlands

Azure Saturday Netherlands

I’m proud to share that I’ll be presenting at Azure Saturday Netherlands near Amsterdam on Saturday October 7th 2023!

 

About Azure Saturday Netherlands

Azure Saturday Netherlands is a community-driven event to share knowledge and experiences about Microsoft Azure.

The first edition of the Azure Saturday Netherlands event is organized on Saturday October 7th, 2023. It is sponsored by Shuberg Philis.

Azure Saturday brings together Azure experts and professionals from the region and the rest of Europe, with the same goal; learn  and have fun. It's no wonder that people like Aleksandar Nikolic and Mustafa Toroman present their hugely popular and educating presentations.

 

About my session

I’ll present a 45-minute session on:

Just apply the basics in Entra ID (Azure AD)!

Saturday October 7th 2023, 1 PM – 1:45 PM, DNA Room

With Microsoft's focus on Defender for * and Entra ID Premium P2 features, you might start to believe that you can't be successful in your identity and zero trust journeys when you don't have these products and licenses. The opposite is true: without doing the basics, all these advanced products don't perform as well as you'd think…

It's the basics that most organizations seem to have forgotten, but without these basic measures, their Azure services are at risk in terms of security, privacy, and productivity. For most organizations applying these basics is trivial and relatively easy to start with, but there are caveats!

Come to this session to learn the basics and then apply 'em to your Entra ID (Azure AD).

 

I’m looking forward to it!

I’m looking forward to joining my friends AleksandarMustafa, and Vladimir again. We’re bound to have some fun!

Reserve your free ticket today!

0  

I'm co-presenting at AppManagEvent 2023

SuperNova at the MediaPlaza

After last year's AppManagEvent, Coert Bosker asked Raymond and me to present a session at AppManagEvent 2023. Of course! As a result, we’re back at this awesome event in Utrecht.

 

About AppManagEvent

AppManagEvent is the annual industry event around application management. The event provides its visitors a status update and a future update on the leading technology, tools, strategies, insights and trends around Application Management.

The 17th edition will take place on October 6, 2023 where attendees get updated around the themes Deployment, Security, Application Virtualization, MSIX, Win10/11/365 management, Identity Management, IT Infra and much more.

AppManagEvent delivers one day with great speakers, tech content and solution vendors in a professional atmosphere and inspiring location: Jaarbeurs, Super Nova, Utrecht, The Netherlands.

 

About our session

Raymond Comvalius and I will present a 45-minute session:

Just apply the basics in your Entra ID tenant!

3 PM – 3:45 PM

With Microsoft's focus on Defender for * and Entra ID Premium P2 features, you might start to believe that you can't be successful in your identity and zero trust journeys when you don't have these products and licenses. The opposite is true: without doing the basics in your Entra ID tenant, all these advanced products don't perform as well as you'd think…

After numerous Entra ID security assessments, Sander and Raymond have identified the basics that most organizations seem to have forgotten. Without these basic measures, their Microsoft 365 services are at risk in terms of security, privacy, and productivity.

For most organizations applying these basics is trivial and relatively easy to start with. Come to this session to learn the basics, their many caveats and then apply the basics to your Entra ID tenant!

 

Join us!

There is still time to register for AppManagEvent 2023. Tickets are available for € 198 per ticket.

0  

I'm speaking at NT Konferenca 2023

NT Konferenca 2023

I’m proud to announce that I’ll be presenting two sessions at this year’s NT Konferenca in Slovenia later this month.

 

About NT Konferenca

NT Konferenca is the biggest Slovenian technological conference. NT Konferenca is not just about IT trends and solutions. It is also about the ways to include them in everyday business processes and how to effectively use them in business challenges in order to reach objectives in a more rapid, time-efficient and affordable way.

The 28th NT Konferenca event takes place from September 25th to September 27th, 2023 in Grand Hotel Bernardin in Portorož, along Slovenia’s coastline. With fantastic speakers, many I call friends, like Ljubo Brodaric, Slavko Kukrika, Tomislav Lulic, Paula Januszkiewicz, and Aleksandar Nikolic, the 2023 edition of NTK shapes up to be another fantastic event.

 

About my sessions

I’ll present two 45-minute sessions:

 

Turn the table on Identity: From Entra ID to AD

Wednesday September 27th, 10 AM – 10:45 AM, Room Emerald 1, Level 300

Microsoft has been promising admins that they can effectively manage all aspects of on-premises access for their organization through Entra.

This session shows you how to actually do it! This session includes three real-world scenarios for organizations that have turned the table on Identity. No longer do they manage access, apps, or strong authentication from Active Directory (AD) and sync to Entra ID (formerly known as Azure AD)… No. They manage specific parts of their on-premises access from Entra ID.

Join this session to learn how to put dynamic groups, access reviews, access packages, Windows Hello for Business, on-premises protocols like SCIM and LDAP, and your on-premises SQL servers into good use for managing aspects of access from Entra ID to manage on-premises AD-integrated functionality.

For organizations using both Active Directory and Entra ID, new possibilities allow them to do more with less; getting more value from both identity platforms with less administrative effort.

 

Under the hood of Entra ID Connect Sync

Wednesday September 27th, 2 PM – 2:45 PM, Room Europa A+C, Level 300

Did you ever wonder how Entra ID Connect Sync (previously known as Azure AD Connect) works?

Do you want to know what connector spaces, the metaverse, tens of rules, attribute flows, soft matching, write-back and source anchors do and how they help you synchronize objects and their attributes between Active Directory Domain Services, LDAP stores and Entra ID (formerly known as Azure AD)?

After attending this session you'll have the tools to meet the hardest Entra ID Connect Sync challenges out there. Knowing Sander Berkouwer (15-fold Microsoft MVP), you'll also have laughed really loud.

 

Join us! Thumbs up

Tickets are limited, but still available for NT Konferenca.
Register here and join me for these sessions.

0  

What's New in Microsoft Defender for Identity in August 2023

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.

It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory, AD FS, and Certification Authority (CA) admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.

Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).

 

What's New

New sensor type for Active Directory Certificate Services (AD CS)

Defender for Identity now supports the new ADCS sensor type for a dedicated server with Active Directory Certificate Services (AD CS) configured.

Admins can find the new sensor type identified on the Settings > Identities > Sensors page in Microsoft 365 Defender.

 

Certification Authority-related Alerts and Secure Score Reports

Defender for Identity also now provides AD CS-related alerts and Secure Score reports.

To view the new alerts and Secure Score reports, make sure that the required events are being collected and logged on Certification Authorities (CAs).

Active Directory Certificate Services (AD CS) is a Windows Server role that issues and manages public key infrastructure (PKI) certificates in secure communication and authentication protocols.

 

Four new releases

The Defender for Identity team performed four new releases:

  • v2.210
  • v2.211
  • v2.211
  • v2.213

These versions include improvements and bug fixes for cloud services and the Defender for Identity sensor.

0  

What's New in Entra ID (Azure Active Directory) for August 2023

Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID and through the Microsoft 365 Message Center, Microsoft communicated the following planned, new and changed functionality for Entra ID for August 2023:

 

What's New

Tenant Restrictions v2 General Availability

Service category: Authentications (Sign-ins)
Product capability: Identity Security & Protection

v2 of the Tenant Restrictions functionality is now generally available for authentication plane via proxy. It allows organizations to enable safe and productive cross-company collaboration while containing data exfiltration risk. Admins can control what external tenants people in the organization can access from the organization's devices or network, using externally issued identities and provide granular access control on a per organisation, user, group, and application basis.

v2 of the Tenant Restrictions functionality uses the cross-tenant access policy, and offers both authentication and data plane protection. It enforces policies during user authentication, and on data plane access with:

  • Exchange Online
  • SharePoint Online
  • Teams
  • MSGraph

Note:
While data plane support with Windows Group Policy and Global Secure Access is still in public preview, authentication plane support with proxy is now generally available.

 

Continuous Access Evaluation for Workload Identities available in Public and Gov clouds General Availability

Service category: Continuous Access Evaluation
Product capability: Identity Security & Protection

Real-time enforcement of risk events, revocation events, and Conditional Access location policies are now generally available for workload identities. Service principals on line of business (LoB) applications are now protected on access requests to the Microsoft Graph.

 

Real-Time Strict Location Enforcement Public Preview

Service category: Continuous Access Evaluation
Product capability: Access Control

With real-time strict location enforcement, admins can strictly enforce Conditional Access policies in real-time using Continuous Access Evaluation towards services like Microsoft Graph, Exchange Online, and SharePoint Online to block access requests from disallowed locations as part of a layered defense against token replay and other unauthorized access.

 

Cross-tenant access settings supports custom RBAC roles and protected actions Public Preview

Service category: Business to Business (B2B)
Product capability: External  Collaboration

Cross-tenant access settings can be managed with custom roles defined by your organization. This enables admins to define finely-scoped roles to manage cross-tenant access settings instead of using one of the built-in roles for management. Admins can also now protect privileged actions inside of cross-tenant access settings using Conditional Access. For example, admins can require multi-factor authentication (MFA) before allowing changes to default settings for Business to Business (B2B) collaboration.

 

Service category: App Provisioning
Product capability: 3rd Party Integration

Microsoft has added the following new applications in the Entra ID Application Gallery with Provisioning support. Organizations can now automate creating, updating, and deleting of user accounts for these newly integrated apps:

 

What's Changed

Additional settings in Entitlement Management auto-assignment policy General Availability

Service category: Entitlement Management
Product capability: Entitlement Management

In the Entra ID Governance entitlement management auto-assignment policy, there are three new settings. This allows an organization to select to:

  • not have the policy create assignments
  • not remove assignments
  • delay assignment removal

 

Setting for guest losing access Public Preview

Service category: Entitlement Management
Product capability: Entitlement Management

An admin can configure that when a guest brought in through entitlement management has lost their last access package assignment, they're deleted after a specified number of days.

0  

On-premises Identity-related updates and fixes for August 2023

Windows Serrer

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses.

This is the list of Identity-related updates and fixes we saw for August 2023:

 

Windows Server 2016

We observed the following update for Windows Server 2016:

KB5029242 August 8, 2023

The August 8, 2023, update for Windows Server 2016 (KB5029242), updating the OS build number to 14393.6167, is a monthly cumulative update and includes one Identity-related improvement. This update addresses an issue that affects Kerberos constrained delegation (KCD). It fails on read-write domain controllers. This occurs after you install the November 2022 security updates. The error message is:

KRB_AP_ERR_MODIFIED

 

Windows Server 2019

We observed the following update for Windows Server 2019:

KB5029247 August 8, 2023

The August 8, 2023, update for Windows Server 2019 (KB5029247), updating the OS build number to 17763.4737, is a monthly cumulative update and includes three Identity-related improvements:

  • This update addresses an issue that affects Kerberos constrained delegation (KCD). It fails on read-write domain controllers. This occurs after you install the November 2022 security updates. The error message is:

KRB_AP_ERR_MODIFIED

  • This update addresses an issue that affects Active Directory Federation Services (AD FS). It might take several attempts to sign in to AD FS successfully. This is because the time calculation for the expiration of a Single Sign-on (SSO) cookie is wrong.
  • This update addresses an issue that affects the Active Directory Domains and Trusts MMC snap-in. It fails to enumerate domain trusts. The error message is:

The parameter is incorrect

 

Windows Server 2022

We observed the following update for Windows Server 2022:

KB5029250 August 8, 2023

The July 11, 2023, update for Windows Server 2022 (KB5029250), updating the OS build number to 20348.1906, is a monthly cumulative update and includes two Identity-related improvements:

  • This update addresses an issue that affects Active Directory Federation Services (AD FS). It might take several attempts to sign in to AD FS successfully. This is because the time calculation for the expiration of a Single Sign-on (SSO) cookie is wrong.
  • This update addresses an issue that affects the Active Directory Domains and Trusts MMC snap-in. It fails to enumerate domain trusts. The error message is:

The parameter is incorrect

0  

I'm co-presenting a session at the 2023 Cloud Identity Summit

2023 Cloud Identity Summit

I'm proud to announce that Raymond Comvalius and I are presenting a session at the 2023 Cloud Identity Summit.

 

About the Cloud Identity Summit

The Cloud Identity Summit focuses on Cloud Identity Management, various aspects such as identity protection, managing external accounts, passwordless and much more. The Cloud Identity Summit is a free event that focuses on the exchange between the participants. The International group of participants comes from different areas and industries.

The Azure Meetup Bonn Team, consisting of Thomas Naunheim, René Wasel and Gregor Reimling, runs the event.

The fourth Cloud Identity Summit will take place on September 7th, 2023. After the first two virtual conferences, The organization again offers the 4th edition as a hybrid and free event at the Debeka Innovation Center in Koblenz.

 

About our session

Raymond and I will present a 60-minute session:

Just apply the basics in your Entra ID (Azure AD) tenant!

Thursday September 7, 2023, 2:20 PM – 3:20 PM, 2nd Floor Creativity Lab

With Microsoft's focus on Defender for * and Azure AD Premium P2 features, you might start to believe that you can't be successful in your identity and zero trust journeys when you don't have these products and licenses. The opposite is true: without doing the basics in your Entra ID (Azure AD) tenant, all these advanced products don't perform as well as you'd think…

From their extensive experience, Sander Berkouwer and Raymond Comvalius have identified the basics that most organizations seem to have forgotten. Without these basic measures, their Microsoft 365 services are at risk in terms of security, privacy, and productivity. For most organizations applying these basics is trivial and relatively easy to start with. Come to this session to learn the basics, their caveats and then confidently apply the basics to your Entra ID (Azure AD) tenant!

 

Join us!

Registration is available while tickets last. Claim your (virtual) seat, today!

Raymond and I hope to see you on Thursday September 7th 2023 in Koblenz, Germany.

0  

I'm speaking at the 2023 Global Hybrid Identity Protection Conference

This August, I’m joining many of my technical friends at the Hybrid Identity Protection Conference.

 

About the Hybrid Identity Protection Conference

he Hybrid Identity Protection Conference is Semperis Inc.’s event in the spirit of The Expert Conference (TEC) to bring together the leading experts in the field of Identity and Access Management. The event offers a unique opportunity to spend two days on-site in New York with peers, whose day-to-day job is to architect, manage, and protect identity management in the hybrid enterprise.

Attendees are able to meet face-to-face with the leading experts of their field, acquire in-depth technical knowledge, and be exposed to the latest innovation.

The 2023 Hybrid Identity Protection Conference takes place on Wednesday August 23rd and Thursday August 24th at Microsoft's Times Square offices in New York, NY.

 

About my presentation

I’ll present a 30-minute session:

August 23rd, 2023, 1:30 PM – 2PM EST

Microsoft has been promising admins that they can effectively manage all aspects of on-premises access for their organization in the Entra portal. This session shows you how to actually do it!
This session includes three real-world scenarios for organizations who have turned the table on Identity. No longer do they manage access, apps or strong authentication from AD and sync to Entra ID (Azure AD)… No. They manage specific parts of their on-premises access from the Entra portal.
Join this session to learn how to put dynamic groups, access reviews, access packages, Windows Hello for Business, on-premises protocols like SCIM and LDAP and your on-premises SQL servers into good use for managing aspects of access from Azure AD to manage on-premises functionality.
For organizations using both Active Directory and Azure AD, new possibilities allow to do more with less; getting more value from both identity platforms with less administrative effort.

 

Join us!

The Hybrid Identity Protection Conference is a free event.
All you need to do to attend the event is to register in advance.

The 2023 Hybrid Identity Protection Conference uses AccelEvents as the delivery platform. By registering you confirm you intend to interact with and disclose personal information to Semperis and AccelEvents.

0  

Download the Active Directory Security Playbook for 2023 (Free)

Active Directory Security Playbook for 2023

I have worked together with ENow software to develop the Active Directory Security Playbook for 2023.

 

Based on my Cookbook recipes

The Playbook includes five of the recipes from my Active Directory Administration Cookbook: Proven Solutions to Everyday Identity and Authentication Challenges for Both On-Premises and the Cloud. It also includes a sixth, brand new recipe which addresses specific pain points and simplifies monitoring Domain Controllers for performance and behavior problems.

 

How we help you

Collectively, all six recipes are prudent and provide absolute focus and valuable information for administrators to action upon:

  • We begin our Playbook with two recipes and the solution to the question, “What can I do today to get back from – and prevent – erroneous changes to Active Directory objects and Domain Controllers?”
  • Our Playbook then enlightens and enables you to take action on what you can implement today as an administrator, to secure your Active Directory infrastructure.
  • Lastly, the brand new sixth recipe provides a solution and answers the question, “What's actually going on with my Domain Controllers?”

 

Download now!

Time to see what you can whip up and action on with these carefully curated Active Directory Security recipes for 2023!

Download it here.

2  

What's New in Microsoft Defender for Identity in July 2023

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures.

It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate and remediate (potential) breaches related to advanced threats, compromised identities and malicious insider actions.

Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP) and Advanced Threat Analytics (ATA).

 

What's New

New security posture reports

Defender for Identity's identity security posture assessments proactively detect and recommend actions across your on-premises Active Directory configurations.

The following new security posture assessments are now available in Microsoft Secure Score:

 

Automatic redirection for the classic Defender for Identity portal

The Microsoft Defender for Identity portal experience and functionality have been converged into Microsoft’s extended detection and response (XDR) platform, Microsoft 365 Defender. As of July 6, 2023, customers using the classic Defender for Identity portal are automatically redirected to Microsoft 365 Defender, with no option to revert back to the classic portal.

 

Search for Active Directory groups in Microsoft 365 Defender Preview

The Microsoft 365 Defender global search now supports searching by Active Directory group name. Any groups found are shown in the results on a separate Groups tab. Select an Active Directory group from the search results to see more details, including:

  • Type
  • Scope
  • Domain
  • SAM name
  • SID
  • Group creation time
  • The first time an activity by the group was observed
  • Groups that contain the selected group
  • A list of all group members

 

Defender for Identity report downloads and scheduling in Microsoft 365 Defender Preview

Now, admins can download and schedule periodic Defender for Identity reports from the Microsoft 365 Defender portal, creating parity in report functionality with the classic Defender for Identity portal.

Download and schedule reports in Microsoft 365 Defender from the Settings > Identities > Report management page.

 

Defender for Identity release 2.209

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

 

Defender for Identity release 2.208

This version includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

 

Defender for Identity release 2.207

This version provides the new AccessKeyFile installation parameter. Use the AccessKeyFile parameter during a silent installation of a Defender for Identity sensor, to set the workspace Access Key from a provided text path.

It also includes improvements and bug fixes for cloud services and the Defender for Identity sensor.

0