Category Archives: Azure Active Directory

What’s New in Azure Active Directory for June 2019

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for June 2019:                          What’s New New riskDetections API for Microsoft Graph […]

0  

HOWTO: Disable Unnecessary Services and Scheduled Tasks on AD FS Servers

This entry is part 2 of 2 in the series Hardening Hybrid Identity

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. In this part of the series, we’ll harden the AD FS Server installations, by disabling unnecessary services running […]

2  

HOWTO: Disable Unnecessary Services on Web Application Proxies

This entry is part 1 of 2 in the series Hardening Hybrid Identity

Most Microsoft-based Hybrid Identity implementations use Active Directory Federation Services (AD FS) Servers, Web Application Proxies and Azure AD Connect installations. In this series, labeled Hardening Hybrid Identity, we’re looking at hardening these implementations, using recommended practices. Let’s harden the Web Application Proxy installations, by disabling unnecessary services running on it. This way, we lower […]

0  

Knowledgebase: Azure AD Connect’s Seamless SSO breaks when you disable RC4_HMAC_MD5

It’s a recommended practice to disable weak ciphers and encryption algorithms. Some standards require this. As technology evolves, the list of available ciphers and their priority in encryption negotiations changes. This limits the risk of losing confidentiality on communications between systems, applications and (cloud) services. While you’ve probably heard of disabling 3DES and all versions […]

0  

What’s New in Azure Active Directory for May 2019

Azure Active Directory is Microsoft’s Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for May2019:                     What’s Planned Future support for only TLS 1.2 protocols […]

1  

HOWTO: Disable account enumeration in Azure Active Directory

To celebrate the availability of the Active Directory Administration Cookbook, I decided to write a blogpost in the typical structure of a recipe in this book:     Disabling account enumeration Use this recipe to disable account enumeration for an Azure Active Directory tenant. After completing this recipe, people with user accounts in the tenant will […]

2  

Creating the ‘Microsoft Office 365 Identity Platform’ Relying Party Trust manually

There are several methods to create the Relying Party Trust (RPT) between Active Directory Federation Services (AD FS) and Azure Active Directory automatically: Using Azure AD Connect with the Use an existing AD FS farm option or the Configure a new AD FS farm option, when configuring Federation with AD FS as the authentication method. […]

0  

KnowledgeBase: Azure AD Connect upgrade is not reflected in the Office 365 Portal

Microsoft’s Azure AD Connect version 1.3.20 was quickly superseded by version 1.3.21.0 to fix an elevation of privilege vulnerability, but it appears to exhibit unexpected behavior for some organization running it.        The situation You have an Active Directory Domain Services (AD DS) environment, and you synchronize objects to an Azure AD tenant, leveraging Azure […]

2  

Azure AD Connect version 1.3.21.0 fixes an elevation of privilege vulnerability (CVE-2019-1000)

Hot on the heels of Azure AD Connect version 1.3.20.0, Microsoft released version 1.3.21.0 earlier this week to address an elevation of privilege vulnerability. Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure […]

0  

Get your copy of the Active Directory Administration Cookbook today

The new Active Directory Administration Cookbook is now available. [Packt] [Amazon] [Tomlinsons] [Fnac] [Lehmanns] [ManagementBoek] For the last seven months, I worked with Packt Publishing to write the fourteen chapters in this 620-page book, containing all the essential howtos  and their gotchas for managing both on-premises Active Directory and Azure AD. It has been an […]

4