Category Archives: Azure Active Directory

Hybrid Identity features per Active Directory Domain Services Domain Controller Operating System, Domain Functional Level, Forest Functional Level and Schema version

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. These components have requirements of Active Directory Domain Services (AD DS) in terms of the schema, the Windows Server versions on the Domain Controllers an organization runs, the Domain Functional Level (DFL) and the […]

1  

Configuring the Azure AD Connect Health Agent for AD FS on Server Core

When you get serious about security in Hybrid Identity implementations, you would opt to implement AD FS servers and Web Application Proxies as Server Core installations. However, this poses a slight problem with the Azure AD Connect Health Agent for AD FS, because at first glance, you can’t configure it on Server Core installations of […]

0  

What’s New in Azure Active Directory for January 2018

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following new functionality for Azure Active Directory for January 2018:   What’s New New Federated Apps available in Azure AD App gallery […]

0  

Configuring Geo-Redundancy for AD FS on-premises with Azure Traffic Manager

Last week, I showed you how to perform a simple Hybrid Identity implementation with AD FS on-premises. While this scenario is easy and fast to deploy, it also has a couple of downsides. One of them is the risk of ‘AD FS Unavailability’ and the inability to authenticate to cloud resources when the on-premises environment […]

0  

Performing a simple Hybrid Identity implementation with AD FS on-premises

In this blogpost, I’ll explain how to install and configure Active Directory Federation Services (AD FS) and Azure AD Connect to achieve Hybrid Identity with Azure Active Directory, based on Windows Server 2016. The implementation outlined in this blogpost is relevant for one on-premises datacenter and an Active Directory Domain Services environment, consisting of one […]

4  

Installing Multi-Factor Authentication Server with the new Portal Experience

Per this week, Azure Active Directory is no longer available in the ‘Old’ Portal experience. Previously, I’ve shared with you how to download, install and configure Microsoft’s on-premises Multi-Factor Authentication Server, while using the old Portal Experience. Now, let me show you how to download, install and configure it with the ‘New’ Portal. In this […]

2  

I’m co-presenting a second webinar on tracking changes in Hybrid Identity

On Wednesday January 24, 2018 I’m co-presenting a webinar on tracking changes in Hybrid Identity environments, based on Active Directory Domain Services (AD DS) and Azure AD. The session is sponsored by Netwrix, who I think have a stellar solution for tackling this challenge. This expert webinar is scheduled for a convenient time for my […]

0  

What’s New in Azure Active Directory for December 2017

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following new functionality for Azure Active Directory for December 2017:   What’s New Review of Terms of use in the access panel […]

0  

Using Azure AD Connect with a gMSA

Since version 1.1.443.0, you can use Azure AD Connect with a group Managed Service Account (gMSA) as its service account. I thought it was time to show you how to configure Azure AD Connect with a gMSA.   The problem with service accounts We all use service accounts in our environments. These accounts allow us […]

0  

Azure AD Connect version 1.1.654.0 addresses a critical security vulnerability

It feels like only a couple of months ago, but actually only half a year ago, Microsoft released a version of Azure AD Connect that fixed a critical security vulnerability related to password resets. Yesterday, Microsoft released a new version of Azure AD Connect that does the same thing, but actually in a different feature. […]

0