Category Archives: Setup and Deployment
Configuring the ClaimsApp Demo for Azure Active Directory Authentication
Most people who have attended one of my sessions, know I love to show off the power of claims using the ClaimsApp. This web app is not very fancy, but it does a heck of a job, just by displaying all the claimtypes possible, or configured for the Relying Party Trust (RPT) in Active Directory […]
Supported Azure MFA Server Deployment Scenarios and their pros and cons
Just like Microsoft is able to differentiate between different sizes and maturity levels of customers in its licensing, so is Microsoft’s on-premises Azure Multi-Factor Authentication (MFA) Server product. Azure MFA Server allows for four Microsoft-supported deployment scenarios: Simple Deployment One All-in-one Multi-Factor Authentication Server implementation Redundant Deployment Two All-in-one Multi-Factor Authentication Servers with replication Stretched […]
KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 4 (Release Notes)
At the same time Microsoft released the Windows Server 2016 Technical Preview 4 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft TechNet. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server 2016 […]
AD FS Certificates Best Practices, Part 4: Configuring the AD FS Token Signing and -Decrypting Certs for a longer lifetime
Microsoft Active Directory Federation Services implementations, typically, use three certificates for its functionality: Service communication certificate Token-signing certificate Token-decrypting certificate In the past three parts of this series, I’ve discussed the best practices I use when choosing the settings for my service communication certificate (request). Today, I’ll share my best practices for the token-signing certificate […]
Ten things you should know about Azure AD Connect and Azure AD Sync
Azure Active Directory powers Microsoft Online Services, ranging from Office 365 to Intune, in terms of identity. While this compels to organizations in a strong way, Microsoft even offers hybrid identity options to organizations running on-premises Windows Server Active Directory to stretch their identity layer to the cloud. The tool from Microsoft to support its […]
KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview (Release Notes)
At the same time Microsoft released the Windows Server 2016 Technical Preview 3 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft TechNet. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server 2016 […]
AD FS Certificates Best Practices, Part 3: Cryptographic Next Generation (CNG)-generated Private Keys
Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward certificates as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation… That’s right, you won’t […]
AD FS Certificates Best Practices, Part 2: Key size
Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear […]
AD FS Certificates Best Practices, Part 1: Hashing Algorithms
Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear […]
Choosing the right Azure MFA authentication methods
A couple of weeks ago, I took interest in Azure Multi-factor Authentication (MFA) and wrote a series on 4Sysops, detailing the Azure MFA Service and the on-premises Multi-Factor Authentication Server: Azure Multi-Factor Authentication – Part 1: Introduction Azure Multi-Factor Authentication – Part 2: Components Azure Multi-Factor Authentication – Part 3: Configuring Azure Multi-Factor Authentication – […]
Login