Category Archives: Setup and Deployment

KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview (Release Notes)

At the same time Microsoft released the Windows Server 2016 Technical Preview 3 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft TechNet. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server 2016 […]

0  

AD FS Certificates Best Practices, Part 3: Cryptographic Next Generation (CNG)-generated Private Keys

This entry is part 3 of 4 in the series AD FS Certificates Best Practices

Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward certificates as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation… That’s right, you won’t […]

4  

AD FS Certificates Best Practices, Part 2: Key size

This entry is part 2 of 4 in the series AD FS Certificates Best Practices

Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear […]

0  

AD FS Certificates Best Practices, Part 1: Hashing Algorithms

This entry is part 1 of 4 in the series AD FS Certificates Best Practices

Because Active Directory Federation Services (AD FS) rely heavily on certificates, you’ll want the most straightforward SSL/TLS certificate as the Service Communications Certificate throughout your Active Directory Federation Services (AD FS) implementation. Notice however, that I’m not recommending to use the strongest certificates for your Active Directory Federation Services (AD FS) implementation? You won’t hear […]

0  

Choosing the right Azure MFA authentication methods

A couple of weeks ago, I took interest in Azure Multi-factor Authentication (MFA) and wrote a series on 4Sysops, detailing the Azure MFA Service and the on-premises Multi-Factor Authentication Server: Azure Multi-Factor Authentication – Part 1: Introduction Azure Multi-Factor Authentication – Part 2: Components Azure Multi-Factor Authentication – Part 3: Configuring Azure Multi-Factor Authentication – […]

22  

KnowledgeBase: Install-ADCSCertificationAuthority fails without a network adapter present

An issue has been identified in situations where you would configure a Windows Server installation as an Offline Root Certification Authority (CA). The Install-ADCSCertificationAuthority Windows PowerShell Cmdlet would error out, while you could achieve the scenario without problems using the Graphical User Interface (GUI).    The situation In multi-tier Public Key Infrastructure (PKI) implementations, you […]

0  

KnowledgeBase: Important Issues in Windows Server 2016 Technical Preview 2 (Release Notes)

At the same time Microsoft released the Windows Server 2016 Technical Preview 2 bits to MSDN subscribers, they also released the Release Notes on a page on the Microsoft Download Center. On this page you can view the critical issues, that have currently been identified, that might require avoidance or workaround to get Windows Server […]

1  

KnowledgeBase: You receive a "Your request could not be processed" error when using Azure Self-service Password Reset (SSPR)

Recently, after deploying Azure Self-service Password Reset (SSPR) for a customer, I discovered some odd behavior. After we worked through the error tree, we finally worked out the issue. Since it wasn’t documented yet (many other errors are!) at Microsofts KnowledgeBase, here it is.   The situation In an organization with an on-premises Active Directory […]

5  

I’ll be speaking at Ngi-NGNs ‘Systems Management: Beyond Control’ event

I’ve been associated with the Dutch Networking User Group (NGN) for almost five years now. I’ve been speaking at their events and have helped others achieve the same goal. NGN has recently joined forces with the Dutch Platform for IT Professionals (Ngi), and an old tradition has been dusted off: We’re organizing a Windows Server-themed […]

0  

KnowledgeBase: Update adds support for Windows 8.1 and Windows Server 2012 R2 clients to Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, and Windows Server 2012 KMS hosts

I’ve written before on Active Directory-based Activation. This new activation method allows domain-joined Windows 8 clients, Windows 8.1 clients, Windows Server 2012 and Windows Server 2012 R2-based member servers to be activated and deactivated automatically based on their domain membership. I’m very fond of this feature. However, for many enterprise organizations, Active Directory-based Activation is […]

0