Category Archives: Recommended Practices

Best Active Directory Monitoring tool

Today, Active Directory is still the cornerstone of most networking infrastructure environments. In Hybrid Identity environments, where on-premises Active Directory is coupled with Azure AD, the reliance on Active Directory is enormous. In these environments, the answers to the question ‘What if something would happen to Active Directory?’ range from ‘Everything goes down’ to ‘Game […]


You're invited to the IT-University Masterclass – Adequately Securing Active Directory

On February 6th, 2023, I will be presenting a masterclass, together with Raymond Comvalius for Dutch Raymond and I will be presenting on a topic that is close to my heart: Active Directory. Active Directory has captivated the hearts of adversaries. Some ransomware gangs just simply lose interest want the device of a potential victim […]


TODO: Upgrade the Certificates for your Windows Server 2016-based Domain Controllers (and up) to enable Windows Hello for Business Hybrid Scenarios

While many Active Directory environments use the default settings from 2003, other environments have adapted to enable new functionality, like Windows Hello for Business. To do so, the default Domain Controllers certificates and certificate templates need to be replaced, as they do not fulfill all of the requirements set out for them. This blogpost shows […]


A Critical Vulnerability in Netwrix' Auditor may lead to Active Directory and Azure AD compromise

On June 6th, 2022, Netwrix released Auditor v10.5. In this version, a remote code execution vulnerability is addressed. Since Auditor is typically executed with extensive privileges in an Active Directory environment, an attacker would be able to compromise the Active Directory forest and/or Azure AD tenant.   About Netwrix Netwrix empowers information security and governance professionals […]


The End of Mainstream Support is a Time to make an important Decision about Windows Server 2016

Today, January 12th 2022, the Mainstream Support on Windows Server 2016 ended. This Windows Server Operating System (OS) has been with us for the past five years and will remain with us for the next five years, just not as it used to. Therefore, today is a time to make an important decision. The most […]


Hornetsecurity’s 365 Threat Monitor: Get rid of unwanted and potentially dangerous messages

Any messaging administrator will tell you that it’s hard to fight against spam. As we read about most cybersecurity incidents starting with (spear)phishing attacks, it also becomes increasingly clear messaging administrators in small and medium-sized business need to work harder or smarter to protect their colleagues. Messaging in the modern age Many organizations started their […]


Microsoft 365 Backup in terms of your organization’s exit scenario

Organizations flocking to Microsoft 365 services like Exchange Online, SharePoint Online and Teams have many reasons to make this transition.   Reasons to transition to the Microsoft cloud Whether it’s upgrading the IT real estate to the 21st century, the desire to eliminate technical debt, avoiding the upfront cost of a renewed on-premises implementation, or […]


Choosing the right Passwordless sign-in method for your colleagues

Passwordless is Microsoft’s strategy to improve enterprise security and enable end-user convenience at the same time. The era of passwords is slowly coming to an end and Microsoft offers readily-available solutions for your colleagues to sign-in to their devices and services. However, with its many passwordless methods, Microsoft isn’t making it easy for identity admins […]


Deprecation of older Azure AD Connect versions announced for November 1, 2020

This, week, the Azure AD Connect team made the following announcement on the Azure AD Connect: Version release history page: Starting on November 1st, 2020, we will begin implementing a deprecation process whereby versions of Azure AD Connect that were released more than 18 months ago will be deprecated. At that time we will begin […]


Why Lifecycle Management can’t be a mere afterthought anymore

The world we live in has changed significantly over the past few years. We can no longer afford to use our traditional approach to IT. We need to adopt a new way of thinking. In my opinion, this way of thinking doesn’t end with maintenance, but starts with lifecycle management.   The traditional approach Enterprises […]