Category Archives: Systems Administration
The video of managing Active Directory like it's 2003 is now vailable on demand
On October 15th, 2025, Darryl Baker, senior solutions architect at Netwrix, and I presented a webinar titled 'Managing Active Directory Like It’s 2003 Leaves You Exposed in 2025' with the IT GRC Forum. Active Directory and Windows Server have evolved significantly, but many organizations still rely on outdated management practices. Since Microsoft enhanced replication and […]
Enterprise Certificate Pinning might hurt your Hybrid Identity security efforts this January (MC1193408)
While being touted as one of the more robust ways to prevent Adversary in the Middle (AitM) attacks against TLS-protected resources, for some admins, the Enterprise Certificate Pinning feature in Windows may lock out their entire organization. However, Enterprise Certificate Pinning is not advised for domain names outside of your organization, when their certificates are […]
Stop the Chaos, Save time, Cut costs and strengthen Hybrid AD with Cayosoft
Manual processes, privilege sprawl, and outdated tools aren’t just slowing you down — they’re creating hidden risks in your hybrid AD infrastructure. In this expert-led webinar, you’ll learn from Craig Birch (Technical Evangelist and Principal Security Engineer at Cayosoft) and me how leading organizations are cutting user onboarding time by 75%, reducing privileged accounts by […]
VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers
On June 25th, 2024, Broadcom made vSphere 8.0 Update 3 generally available. In the details of the Release Notes for vSphere 8.0 Update 3 and ESXi 8.0 Update 3, Broadcom announces PingFederate Support in vSphere Identity Federation. This is a huge update for Identity and Access admins using VMware's virtualization platform as it broadens their options […]
Some Domain Controllers may restart unexpectedly after applying the March 12, 2024 Updates
When installing updates, there is always the risk of rogue updates; updates that break functionality, unannounced, unexpected and unsettling. Microsoft is currently researching such a possible side-effect with the March 12, 2024 updates on Active Directory Domain Controllers. About the issue Domain Controllers may reboot unexpectedly and keep rebooting. Admins are reporting ballooning memory […]
The Azure ATP Portal is being decommissioned in February 2023
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP). Admins at many organizations that onboarded to the Defender for Identity functionality still manage it through the Azure ATP Portal. […]
Domain Controller Monitoring: Why, What, How?
There are many great Active Directory Monitoring solutions, however, there are not many great Domain Controller Monitoring solutions. What’s the difference? Not every Active Directory Monitoring solution is capable of monitoring what’s going on on the Domain Controllers. Active Directory Monitoring solutions that are part of bigger monitoring solutions even go as far as treating […]
HOWTO Extend the availability of Azure AD Password Protection Reporting Information
When working with the Azure AD Password Protection feature, you might want to take advantage of the event log management features on your Domain Controllers to make sure you get the right amount of events for password set and password failure audit events. About Azure AD Password Protection Azure AD Password Protection is an Azure […]
Eight Tips and Tricks for Backing up and Restoring virtual Domain Controllers with Altaro VM Backup v8
As Active Directory, its Domain Controllers and their inner workings were originally designed in the late 90s, some of the technologies and processes can be somewhat incompatible with technologies and ways of work that were introduced since. I haven’t stumbled upon physical Domain Controllers in a while, so I guess I can conclude that Virtual […]
KnowledgeBase: You can’t use the AzureADKerberos PowerShell Module on Azure AD Connect installations in a custom installation location
During the installation of Azure AD Connect, you can select the option to use an alternative location. In this case, the Microsoft Azure AD Sync folder is stored in the alternative location, but the Microsoft Azure AD Connect folder isn’t. The situation When you work with Hybrid Cloud Trust, you need the AzureAdKerberos PowerShell module. […]
Login