Category Archives: Active Directory

Default checks to perform when implementing Hybrid Identity, Part 5: Groups with non-linked-value replication-enabled members

This entry is part of 5 in the series Default checks when implementing Hybrid Identity

Microsoft has introduced an impressive array of technologies and an awesome vision on Hybrid Identity. Their vision entails seamless access to corporate resources, services and applications for people, no matter where these resources, services and apps are located (either on-premises or in the cloud) while in the mean time allowing for strong authentication and granular […]


On-premises Identity-related updates and fixes for April 2021

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for April 2021: Windows Server 2016 We observed the following update for Windows Server 2016: KB5001347 April 13, 2021 The […]


I’m presenting two Active Directory and Azure AD Better Together webinars with Netwrix

On May 18th, 2021 and May 20th, 2021 I’ll present 1-hour webinar sessions with Netwrix. Together with Netwrix, I’ll discuss how Active Directory and Azure AD are better together. You’ll learn how you can benefit from integrating your on-premises Active Directory Domain Services environment with Azure AD, how to harden your hybrid environment, how to […]


KnowledgeBase: VMware Tools Quiescence corrupts Active Directory backups

Sometimes, IT issues are not what they seem to be. A strange issue reared its ugly head last week regarding something I hold dearly: Active Directory backups. The situation An organization runs Active Directory Domain Controllers virtually on top of VMware vSphere. The VMware Tools are installed on the virtual machine. The organization creates backups […]


From the field: A colleague encounters error “AADSTS50107 Requested federation realm object does not exist.”

Sometimes, you hit error messages that are just too vague to troubleshoot. I like these kinds of situations. I’ve hit this particular error before, but Microsoft fixed the issue with the 515 rID a long time ago… Let’s see what’s happening today causing the same error. The situation An organization has recently restructured. Today, all […]


I was a guest on the 425Show talking Active Directory with Daniel Stefaniak

Yesterday, I spent some time talking with Daniel Stefaniak about Active Directory. Daniel is one of the hosts of the 425Show, so we decided to record  and publicly share an hour of our regular 'Old guys yelling at cloud' discussions for this show.   About the 425Show The 425Show is a Twitch live stream, run […]


Your Active Directory Pre-production environment: Restore from Backup or Deploy as Code?

Active Directory Domain Services act as the cornerstone of every on-premises Microsoft-oriented networking infrastructure. It is important to get things right when it comes to your Domain Controllers, user objects and access controls. An obvious solution to getting things right the first time is offering one or more pre-production environments to develop and test scripts, […]


New versions of ADFind and ADMod are now available

Joe Richards has published new versions of his independent ADFind and ADMod tools. Long before Windows Server came with Windows PowerShell, Joe published the first versions of these tools. Now, the latest versions are here for you to enjoy. About Joe Richards Joe Richards currently works as Enterprise Technical Expert CyberSecurity InfoSec Identity and Directory […]


How Hot Patch for Windows Server Azure Edition helps secure Domain Controllers

At Microsoft Ignite 2021 Spring Edition, Microsoft introduces the Public Preview of Hot Patching for Windows Server Azure Edition. About hot patching for Windows Server Azure Edition Microsoft announced new capabilities at Microsoft Ignite 2021 Spring edition for Azure Automanage to simplify operations for Windows Server-based virtual machines (VMs). Azure Automanage helps organizations to reduce […]


The March 2021 Cumulative Update addresses seven Windows Server DNS vulnerabilities

Today, for its March 2021 Patch Tuesday, Microsoft released a security update that addresses seven vulnerabilities in DNS Servers running Windows Server: About the vulnerabilities The vulnerabilities are described as followed:    CVE-2021-26877 Windows DNS Server Remote Code Execution Vulnerability Critical A remote code execution vulnerability, identified as CVE-2021-26877, exists in Windows Domain Name System […]