Category Archives: Best Practices

I’m presenting two live Active Directory webinars with Veeam’s Andrey Zhelezko

On March 5th 2020, I’m presenting two webinars with Andrey Zhelezko, technical product analyst at Veeam Software, on Active Directory Best Practices in terms of administration and disaster recovery. Active Directory has been around for two decades. This decade, a secure and resilient Active Directory is needed more than ever. AD has been a part […]


From the field: The case of the overloaded Primary Domain Controller Emulator

Troubleshooting Active Directory Domain Services is fun. Today, I cover a more esoteric Active Directory troubleshooting case about an overloaded Domain Controller holding the Primary Domain Controller Emulator role. The cause has nothing to do with Active Directory, of course, but I was called in because the machine affected was a Domain Controller.    About […]


I’m presenting three Webinars with Netwrix focusing on the best recipes from the AD Administration Cookbook

On September 24th, 25th and 26th, I’ll present three 1-hour webinars with Netwrix. Tune in to get the best in Active Directory security, Hybrid Identity and Azure AD Hardening demo’ed! Tip! These courses may be of specific interest to CISSPs, as these courses allow you to earn Continuing Professional Education (CPE) credits.   About the […]


I’m presenting my Active Directory 101 course with Netwrix again

Whether you are an Active Directory novice or an experienced IT professional, enroll in my upcoming free online course for step-by-step instructions and industry best practices for Active Directory management. These sessions are also a great way to get ready for Exam 70-742. Note:These webinars cover only 3 out of 5 topics for Microsoft exam […]


Veeam Backup for Office 365 now offers support for the Baseline Policy ‘Require MFA for Admins’

Today’s release of version of Veeam Backup for Office 365 (VBO) offers many new features and benefits, but none as significant as the ability to use multi-factor authentication for the admin account when configuring and reconfiguring VBO. Let me explain why.   Azure AD Privileged access, today Microsoft is working hard to further harden […]


Ten things you need to know about Pass-through Authentication

For Azure AD, Microsoft offers and recommends to use Pass-through Authentication (PTA) as the authentication method. This method is then used to authenticate to applications, services and systems connected to Azure AD, like Office 365, Intune and Power BI. However, there are a couple of things you should know:   Only outbound connections When using […]


Passing Microsoft Exam 70-742: Identity with Windows Server 2016

There is a good and free way to prepare for Microsoft exam 70-742: Identity with Windows Server 2016. In the past years, I conducted webinars that can serve as a primer on Active Directory in terms of forests, domains, trusts, security and on Group Policy. They are not and were never intended as the sole […]


Assessing the impact that the new Baseline Policy for Admins in Azure AD might have

Microsoft is working hard to further harden Azure Active Directory tenants, so the roughly 13 million organization depending on it, don’t get disappointed by Azure AD-based security breaches and don’t have to worry about attacks on their infrastructure. One of the newest technologies Microsoft is developing is Baseline Policies. Using baseline policies, fields of attention […]


Pictures of our Security session at Graafschap College

As I mentioned a couple of weeks ago, Raymond Comvalius and I were scheduled for an ‘Inspire Me’ session at Graafschap College last week. Our challenge was to inspire their High School students in their 3rd year for their future as systems administrators with information security. For me, this presentation followed on a flight from […]


Do you know all the objects, attributes and configured settings in your Azure Active Directory Tenant?

The role of Azure Active Directory in an Hybrid Identity environment seems hard to understand. Azure AD is not a 100% slave to Active Directory. There are objects and attributes in Azure AD that have no relationship with on-premises objects or attributes in Active Directory Domain Services. We’ve come across many admins in organizations, who […]