Category Archives: Active Directory

Identity-related Sessions at Microsoft Inspire 2020

Microsoft Inspire is Microsoft’s annual event where it kicks off its fiscal year with its partner community. Inspire is Microsoft’s way to explain what’s coming in the year ahead and work together to find shared solutions for customers. As all of Microsoft’s events will have a focus on online events until July 2021, Microsoft Inspire […]

Posted on July 14, 2020 by Sander Berkouwer in Active Directory, Azure Active Directory

0  

KnowledgeBase: If one of the address families on a dual stack Domain Controller is not enabled, adding VMware ESXi hosts to the domain might randomly fail

There is an issue in VMware ESXi 7.0, where adding ESXi hosts to Active Directory Domain Services fails randomly in networks with both IPv4 and IPv6 enabled.               The situation In many environments, VMware vCenter environments or VMware ESXi hosts are added to Active Directory Domain Services to allow for single sign-on with domain accounts […]

Posted on July 9, 2020 by Sander Berkouwer in Active Directory, VMware, VMware vExpert

0  

Keeping virtual Domain Controllers apart on trusted VMware vSphere hosts

Virtualizing Domain Controllers introduces risks that are not present when running non-virtualized Domain Controllers. Two of these problems –running Domain Controllers on hosts with the wrong time and running all Domain Controllers on the same host –can be addressed with one VMware vSphere feature: VM/Host Rules.   Additional challenges when running virtualized Domain Controllers We’ve […]

Posted on July 3, 2020 by Sander Berkouwer in Active Directory, VMware, VMware vExpert

0  

On-premises Microsoft Identity-related updates and fixes for June 2020

Even though Microsoft's Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the updates and fixes we saw for June 2020:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB4561616 June 9, 2020 The […]

Posted on June 30, 2020 by Sander Berkouwer in Active Directory, Group Policy, Microsoft Windows Server 2016, Microsoft Windows Server 2019, Security Updates

0  

TODO: Upgrade from ADAL to MSAL

Last week, Microsoft has announced the deprecation of the Azure Active Directory Authentication Library (ADAL). Going forward, the Microsoft Authentication Library (MSAL) is the supported way to provide authentication with Active Directory and Azure AD in applications.                                                                     What will happen? Let’s look at the timeline shared by Microsoft: For the next two years, applications […]

Posted on June 29, 2020 by Sander Berkouwer in Active Directory, Azure Active Directory, Migration and Integration

0  

Protecting virtual Domain Controllers on vSphere with VM Encryption

This entry is part 8 of 8 in the series Virtualizing Domain Controllers on vSphere

In the previous post in this series, we looked at Virtualization-based Security and how it may benefit virtualized Domain Controllers. However, VMware vSphere 6.5 and newer versions of vSphere, offer one more feature to virtualized Domain Controllers that you might want to look into from both an Active Directory as a Virtualization Platform management point […]

Posted on June 16, 2020 by Sander Berkouwer in Active Directory, VMware, VMware vExpert

0  

Group Policy Elevation of Privilege Vulnerability (CVE-2020-1317, Important)

This Tuesday, Microsoft released updates for all supported versions of Windows and Windows Server to address an elevation of privilege vulnerability in Group Policy, marked as important. Its official common vulnerabilities and exposures (CVE) id is CVE-2020-1317.   About the vulnerability An elevation of privilege vulnerability exists when Group Policy improperly checks access. An attacker […]

Posted on June 11, 2020 by Sander Berkouwer in Active Directory, Group Policy, Security Updates

0  

Protecting virtual Domain Controllers on vSphere with Virtualization-based Security

This entry is part 7 of 8 in the series Virtualizing Domain Controllers on vSphere

VMware vSphere 6.7 offers the ability to enable virtualization-based security (VBS) for virtual machines. Let’s find out what kind of protection this setting provides, what’s needed to get it going and how to configure a virtual Domain Controller to use it.   About Virtualization-based Security Virtualization-based Security (VBS) uses virtualization features to create and isolate […]

Posted on June 2, 2020 by Sander Berkouwer in Active Directory, VMware, VMware vExpert

0  

Recordings of the webinars with Netwrix are now available

Last month, on April 22nd, 28th and 30th, I hosted three 60-minute webinars with Netwrix on my three favorite chapters in my Active Directory Administration Cookbook. Over 1800 people have registered for these webinars. Now, a mere week after the last webinar, the Netwrix team has done everyone a huge favor by already placing the […]

Posted on May 7, 2020 by Sander Berkouwer in Active Directory, Azure Active Directory, Community

0  

Choosing the right Passwordless sign-in method for your colleagues

Passwordless is Microsoft’s strategy to improve enterprise security and enable end-user convenience at the same time. The era of passwords is slowly coming to an end and Microsoft offers readily-available solutions for your colleagues to sign-in to their devices and services. However, with its many passwordless methods, Microsoft isn’t making it easy for identity admins […]

Posted on April 30, 2020 by Sander Berkouwer in Active Directory, Azure Active Directory, Multi-Factor Authentication, Recommended Practices, Systems Administration

0