Category Archives: Best Practices

The video of our presentation at Veeam Live is now available

Veeam organized its Veeam Live event on October 20th, 2020. Veeam is defining the future of cloud data solutions and helping today’s businesses securely and reliably protect and easily recover their data. At Veeam Live, they offered data protection management guidance, showed how to up your data protection game and allowed to connect with like-minded […]

0  

HOWTO: Harden Remote Desktop connections to Domain Controllers

Workstations that are allowed to communicate to Domain Controllers pose a risk of lateral movement. To mitigate some of these risks, we can harden the Remote Desktop connections to Domain Controllers. Note: For organizations that have implemented the Active Directory administrative tier model, or are striving to embrace, their Privileged Access Workstations (PAWs) pose a […]

0  

Why DCPromo removes the passwords from your answer files after usage

One of the recommended practices for configuring Domain Controllers is to use an answer file to promote the server from a domain-joined server to a Domain Controller.   Benefits of using an answer file The benefit is using an answer file is that the file can be reused for multiple promotions. This way, Domain Controllers […]

0  

TODO: Enable the new My Apps and My Profile Experiences

Microsoft will be updating the current Azure AD Apps and Profile experiences on July 20th 2020. This means that from that data onward your colleagues will be automatically switched over to the updated My Apps and My Account experiences. Note: The updated My Apps and My Account offer the same functionality as the current experiences, […]

1  

I’m presenting three webinars with Netwrix focusing again on the best recipes from the AD Administration Cookbook

On April 22nd, 28th and 30th, 2020, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demonstrated from me and Netwrix’ Jeff Melnick!   About the webinars I feel webinars are a great way to show people the potential of technology. […]

0  

I’m presenting two live Active Directory webinars with Veeam’s Andrey Zhelezko

On March 5th 2020, I’m presenting two webinars with Andrey Zhelezko, technical product analyst at Veeam Software, on Active Directory Best Practices in terms of administration and disaster recovery. Active Directory has been around for two decades. This decade, a secure and resilient Active Directory is needed more than ever. AD has been a part […]

2  

From the field: The case of the overloaded Primary Domain Controller Emulator

Troubleshooting Active Directory Domain Services is fun. Today, I cover a more esoteric Active Directory troubleshooting case about an overloaded Domain Controller holding the Primary Domain Controller Emulator role. The cause has nothing to do with Active Directory, of course, but I was called in because the machine affected was a Domain Controller.    About […]

0  

I’m presenting three Webinars with Netwrix focusing on the best recipes from the AD Administration Cookbook

On September 24th, 25th and 26th, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demo’ed! Tip! These courses may be of specific interest to CISSPs, as these courses allow you to earn Continuing Professional Education (CPE) credits.   About the […]

0  

I’m presenting my Active Directory 101 course with Netwrix again

Whether you are an Active Directory novice or an experienced IT professional, enroll in my upcoming free online course for step-by-step instructions and industry best practices for Active Directory management. These sessions are also a great way to get ready for Exam 70-742. Note:These webinars cover only 3 out of 5 topics for Microsoft exam […]

2  

Veeam Backup for Office 365 now offers support for the Baseline Policy ‘Require MFA for Admins’

Today’s release of version 3.0.0.422 of Veeam Backup for Office 365 (VBO) offers many new features and benefits, but none as significant as the ability to use multi-factor authentication for the admin account when configuring and reconfiguring VBO. Let me explain why.   Azure AD Privileged access, today Microsoft is working hard to further harden […]

1