Category Archives: Systems Administration

Mainstream support for Microsoft Advanced Threat Analytics (ATA) ends in three months

We’ve helped organizations embrace Microsoft’s Advanced Threat Analytics (ATA) solution to protect their Active Directory environments from attacks. On January 12th, 2021, mainstream support for this product ends. ATA version 1.9.3, released on September 14th, 2020 is the final update as part of mainstream support. It’s time to move on to Microsoft Defender for Identity. […]


Choosing the right Passwordless sign-in method for your colleagues

Passwordless is Microsoft’s strategy to improve enterprise security and enable end-user convenience at the same time. The era of passwords is slowly coming to an end and Microsoft offers readily-available solutions for your colleagues to sign-in to their devices and services. However, with its many passwordless methods, Microsoft isn’t making it easy for identity admins […]


I’m presenting three webinars with Netwrix focusing again on the best recipes from the AD Administration Cookbook

On April 22nd, 28th and 30th, 2020, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demonstrated from me and Netwrix’ Jeff Melnick!   About the webinars I feel webinars are a great way to show people the potential of technology. […]


From the Field: The case of the unreachable forest on a domain-joined Azure AD Connect installation

Troubleshooting stories from the field are the best. That’s why I like writing them down. Although, sometimes they might appear as straight cases of schadenfreude, I feel there are lessons to be learned for anyone, if you’re willing to look closely and listen carefully. Last week I experienced an issue with Azure AD Connect at […]


From the field: The case of the overloaded Primary Domain Controller Emulator

Troubleshooting Active Directory Domain Services is fun. Today, I cover a more esoteric Active Directory troubleshooting case about an overloaded Domain Controller holding the Primary Domain Controller Emulator role. The cause has nothing to do with Active Directory, of course, but I was called in because the machine affected was a Domain Controller.    About […]


I’m presenting three Webinars with Netwrix focusing on the best recipes from the AD Administration Cookbook

On September 24th, 25th and 26th, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demo’ed! Tip! These courses may be of specific interest to CISSPs, as these courses allow you to earn Continuing Professional Education (CPE) credits.   About the […]


Using Azure AD’s Dynamic Memberships for Groups to Assign Mutually Exclusive P1 and P2 licenses

Azure AD’s Dynamic Memberships for Groups and Assigning Licenses to Groups features can be used to circumvent the overlap that might occur when user accounts are assigned both an Azure AD P1 and Azure AD P2 license. In this blogpost, I’ll walk you through the scenario.   About Azure AD licensing Today, Azure Active Directory […]


Leveraging Azure AD Connect Staging Mode for Release Management

Azure AD Connect offers the Staging Mode functionality. This feature is often touted as a way to bring disaster recovery to Azure AD Connect, but I don’t feel this is the actual strength of this feature. I believe offering release management capabilities is the best use of the Staging Mode feature.   Release Management Release […]


Assessing the impact that the new Baseline Policy for Admins in Azure AD might have

Microsoft is working hard to further harden Azure Active Directory tenants, so the roughly 13 million organization depending on it, don’t get disappointed by Azure AD-based security breaches and don’t have to worry about attacks on their infrastructure. One of the newest technologies Microsoft is developing is Baseline Policies. Using baseline policies, fields of attention […]


Your Exchange Online Contingency Plan is here with Veeam Backup for Office 365

As an organization delivering the full stack of the Secure Productive Enterprise (SPE) to large international customers in highly-regulated verticals, we often get the question on an ‘exit strategy’ or ‘contingency plan’ for cloud services, like Office 365. Being a Microsoft partner and Veeam partner with a Microsoft cloud focus makes us unique and allows […]