Category Archives: Uncategorized

Azure AD Connect v2.1.20.0 offers to synchronize to Azure AD’s employeeLeaveDateTime attribute

With Microsoft introducing the Lifecycle Workflows functionality Public Preview at its Microsoft Ignite event last month, some things are definitely changing… Azure AD is now poised to become the leading identity management plane and Active Directory to become a mere authentication store.However, to make that dream work, Azure AD Connect needs to offer additional functionality […]


HOWTO: Detect Kerberos tickets that are encrypted using RC4

When it comes to encryption, many weak algorithms and ciphers are still heavily used and relied upon in Active Directory environments everywhere. One of the typical weak algorithms used in encrypting Kerberos tickets is RC4; the cipher RC4-HMAC to be precise. Typically, RC4 is used by legacy systems, over misconfigured Active Directory trusts, and by […]


Defender for Identity sensors will no longer be supported on Windows Server 2008 R2

Starting June 15 2022, Microsoft will no longer support Microsoft Defender for Identity sensors on servers running Windows Server 2008 R2. Microsoft recommends that admins identify any remaining domain controllers (DCs),  AD FS servers and AD FS Proxy servers that are still running Windows Server 2008 R2 as an operating system and make plans to […]


HOWTO: Provide access to Employees Only in Azure AD

Azure Active Directory is extremely versatile and offers profound ways to share applications, data and functionality with people outside your organization. However, sometimes you don't want to share things with people outside your organization. Here's how.   The problem with All Users One of the first things you need to realize in Azure AD when […]


Setting up Hybrid Identity with AD FS through Azure AD Connect

When Active Directory on-premises and Azure AD work together, it’s called Hybrid Identity. Hybrid Identity is relatively easy to setup, when you use the Express Settings for Azure AD Connect. However, setting up Hybrid Identity with Active Directory Federation Services (AD FS) is not that hard either. I’ll show you how to achieve this goal […]


The video of my presentation at IT Pro|Dev Connections is now available

IT Pro|Dev Connections is a conference organized by the largest Greek communities for everyone in the Computer and Information Technology industry. The content focuses on products, technologies and services that are "hot" or up and coming and provide valuable knowledge to the participants. On December 13th, 2020, I presented the following 50-minute session at the […]


Windows Server 2019’s January 2019 Quality Update fixes the issue with Domain Controller Promotions for new domains

Windows Server 2019’s January 2019 Cumulative Quality Update, bringing the OS version to 17763.292 , offers a fix for the issue you might be experiencing on your Windows Server 2016 and Windows Server 2019-based Domain Controllers.   About Windows Server 2019 Updates Microsoft issues two major updates each month for Windows Server 2019, as outlined […]


Which version of ADMT is most appropriate for your migration scenario?

Microsoft has released various versions of the Active Directory Migration Tool (ADMT) in the last couple of years. With it, you can migrate user accounts and groups from one domain (the source domain) to an Active Directory target domain. However, when looking closer at the various versions of ADMT, you’ll notice that Microsoft has not […]


I’m hosting three (sold-out) Windows Server 2012 R2 IT Camps with Daniel van Soest

Remember when I hosted a Microsoft Windows Server IT Camp with Tony Krijnen in December of 2012? Now, as part of my virtual Technical Evangelist (vTE) role within Microsoft Netherlands, I’m hosting IT Camps again. Last time, I had a good time and the pictures to show it. So, it should not come as a […]


High Five! – 2013 MVP Directory Services

Today I received an e-mail message titled      “Congratulations 2013 Microsoft MVP!” This means I’ve been renewed for the fourth time. 2013 will be my fifth consecutive year as a Microsoft Most Valuable Professional (MVP) in the Directory Services area, as I’ve been awarded on January 1, in 2009, 2010, 2011 and 2012 before.