Pictures of the April 2017 IT Pro User Group at Microsoft Hrvatska in Zagreb

Last April, I was invited by the Microsoft IT Pro User Group to present a 75 minute session on Azure AD Join at Microsoft Croatia’s Headquarters in Zagreb.

Since I was spending some time in the region between Microsoft Bosnia and Hergovina’s Network event and the Croatian WinDays, I had no trouble finding the place.

Getting ready (click for larger photo)

I set up my demo environment (left) and opened my slides (right) to prepare for the session. As soon as I looked up, the room had filled up and it was time for Romeo Mlinar to provide a short introduction. There were many familiar faces in this room. It felt like having the home advantage. 

Then, I had 75 minutes to present the entire story on Active Directory and Azure Active Directory, in the light of coupling and managing devices for Single Sign-On (SSO) and Enterprise Mobility and Security.

Introduction (click for larger photo, by Romeo Mlinar)Making the case for lightweight device management (click for larger photo by Romeo Mlinar)Explaining the concept of Azure AD Join (click for larger photo by Goran Žarinac)

Afterwards, Romeo conducted their usual after-event raffle, where I was invited to hand out the presents to selected attendees: a Microsoft-branded USB stick, two Microsoft-branded water bottles and a Microsoft-branded key ring. Good stuff!

Afterwards, we had a drink at Eter Café, across the street from Microsoft Hrvatska, where I enjoyed a nice local beer.

Enjoying a local beer (click for larger photo by Romeo Mlinar)

I had a great time!

Hvala ma! Glimlach


Pictures of WinDays 17

Two weeks ago, I presented two sessions at WinDays at the Valamar Isabella Island Resort in Poreč, Croatia.

We drove from Zagreb to Poreč on Wednesday April 26th, to arrive around lunchtime at the event. We parked the car at the Valamar Diamant Hotel, that was reserved for speakers and hopped onto the boat that brought us to the Island affectionately known as ‘WinDays Island’.

The Valamar Island, not the best of weather (click for larger photo)

We shared lunch with attendees from both the WinDays Business and WinDays Technology conferences and then attended the Technology Keynote.

The WinDays Keynote Room (click for larger photo)During the WinDays Technology Keynote (click for larger photo)

After that we enjoyed dinner and the first of two WinDays parties. I didn’t stay long at the party, since my first presentation, on Azure AD Connect was up at 9:30 AM the next day.

I was present at my first session an hour and a half early to check the audio and video and the contrast, Since I was scheduled to deliver my session in Castle 4 (a tent), I wanted to experience the acoustics first hand.

Castle 4, a tent (click for larger photo)
Explaining the differences between Azure AD Connect and the Windows Azure Active Directory Connector for Forefront Identity Manager (picture from WinDays organization)Presenting on why we need Azure Active Directory (picture by WinDays organization)

Before my session, WinDays scheduled a Red Hat hands-on lab in Castle 4. I had the most pleasant chat with the guy from Red Hat, before and after his session, while I prepared for my demos.

I delivered my session while it was raining outside. It didn’t bother me, because the forecast mentioned we would see some sun after early showers. However, when thunder and lightning provided additional effects to my slides and presentations, I was getting more worried about making it back to the hotel without getting soaked. The person responsible for my audio cranked the volume up a bit and we were all fine.

After the session, it stopped raining.

Right before lunch, I delivered my second presentation. This session was scheduled in the other tent across the Valamar Castle; Castle 6.

Presenting at Castle 6 (picture by WinDays organization)

With my presentations done, I could start enjoying myself and start socializing a bit. 
During the remainder of the event I had great conversations over food and attended presentations from friends.

Aleksandar Nikolic presenting on Azure Automation (click for larger photo)'Hyper-V doctor' Romeo Mlinar sharing his Hyper-V Best Practices (click for larger photo)Luka Manojlovic sharing his throughts on Storage Spaces Direct (click for larger photo)


Thank you! Glimlach
(Hvala ma!)


Pictures of Microsoft Network 7

Back in April, I presented at Network 7, Microsoft Bosnia & Herzegovina’s yearly IT Pro event at the Grand Hotel in Neum at the Herzegovinian Adriatic coast.

Travelling to this location is not as easy as it sounds, so I decided to fly to Zagreb on Tuesday May 18, 2017 and join a road trip with several local Microsoft MVPs, both on the way in and on the way out. As we drove from Zagreb, passing Sveti Rok, we went from snow at 2° to sun at 14° Celsius. What a difference 30 minutes make…

Travelling to Neum. Almost there! (click for larger photo) View from the Balcony. Gotta love the Adriatic! ;-) (click for larger photo)
Enjoying The Sun (click for larger photo by Aleksandar Nikolic)
View from the Terrace (click for large photo)Beautiful weather, but still a little too cold for sunbathing, apparently (click for large photo)

Thursday April 20 had my session ‘Azure AD Connect, Inside Out’ scheduled in Room 3. I spend the larger part of the day to tweak the demos for this session, based on the latest version of Azure AD Connect


Presenting at Network 7 (click for larger photo by Romeo Mlinar)

After my session a couple of people approached me with questions. Then, it was basically time for dinner, followed by the ‘Head in the Cloud’ Party, sponsored by Sarajevo Brewery.

On Friday, Aleksandar and I kicked off with a visit to the (salt water) pool of the Hotel. We had some great conversations on conferences, our carreers, our contries and other topics during our swim laps. Then, I visited his session and Romeo’s.

The Pool at the Grand Hotel Neum (click for larger photo)Aleksander Nikolic presenting at Network 7 (click for larger photo)Romeo Mlinar presenting at Network 7 (click for larger photo)

To conclude Network, Luka Manojlovic, Aleksander Nikolic, Romeo Mlinar, Slavko Kukrika and me visited Krka National Park on Saturday on our ways to Zagreb, Slovenia and Serbia.

Aleksandarat the Car with all our stuff... (click for larger photo)Visiting the Fortress of Necven in Krka National Park (click for larger photo)
Krka National Park (click for larger photo)The MVP Lizards (click for larger photo)
Cheers! (click for larger photo)

Cheers! Martiniglas


Delivering the honest truth on Azure, this Wednesday with colleague Marc Westerink

SCCT, That's us!It’s no secret that we talk to a lot of organizations about Microsoft Azure. Most of the time, our focus is on Azure Active Directory, Hybrid Identity. We enjoy interacting with organizations on Microsofts holistic approach to Enterprise Mobility + Security (EM+S) and the Secure Productive Enterprise (SPE), but also on Digital Transformation and Modern Datacenter topics.

I’m confident we know our stuff.

There’s a difference though, between knowing and doing. We don’t just write proposals, we also deploy, upgrade, migrate and (unfortunately) phase out. With this quarters 100% success rate on our proposals, we owned the game.

We live, breath and even dream this stuff.

Yet, many organizations that we talk to have misconceptions, crazy ideas and even full-fledged conspiracy theories on Microsoft and its cloud. It’s amazing. Often, it allows us to surprise people in charge at these organizations with (almost) free functionality, and/or with functionality that allows them to get loads more done with their budgets, time, and talents.

We get a boost from these situations.

And that’s why we’ve decided to share our stories. Glimlach


Wednesday May 10, 2017

This Wednesday, for the Dutch Networking User Group (Ngi-NGN), my colleague Marc Westerink and I, present an evening filled with the honest truth on Microsoft Azure.


We’ll try to stick with the following agenda

18:00 – 18:00 Reception (with sandwiches)
18:30 – 18:40 Introduction
18:40 – 19:25 The functionality you always wanted, but never had… (Sander)
19:25 – 19:40 Break
19:40 – 20:25 Opportunities to further optimize your cloud spending (Marc)
20:25 – 20:40 Open discussion
20:45 – 21:30 Drinks


Yacht Netherlands has offered us to use their presentation space in Rotterdam again. Conveniently located next to Rotterdam city center, the location can be easily reached by car and public transportation. Parking is free.


Join us!

You can join us for free Dutch, when you already have an active Ngi-NGN membership.

I’m looking forward to this! Emoticon met brede lach


We’re hosting a series of free Veeam Days in the Netherlands in Q2 2017

As part of my initiative to speak in public every week, on average, in 2017, My employer has come up with the idea of hosting a series of events, focusing on Veeam’s solutions portfolio and our recent hybrid deployments, dubbed the SCCT Veeam Days.


About the SCCT Veeam Days

Our goal with the Veeam Days is to bring our customers, potential customers and fellow consultants up to date with what’s new in the world of Veeam.

We believe the Microsoft Cloud is the way forward for organizations.  Wile identity is a first great step for a lot of organizations, backup, restore and disaster recovery are higher up the agenda for other organizations. To us, it means it’s important to host the Veeam Days for free. On top of that, we even throw in a free lunch at our venues of choice: Van der Valk hotels.

Together with Kevin Kroese and Dimitry Janssen from Veeam, we’ll cover the history of Veeam, how their products address challenges your might face and meet requirements you might have. We’ll not merely focus on backup, restore and disaster recovery. Thinking outside of the box, we’re also showing you how we’ve helped organizations move away from costly on-premises providers, migrate on-premises resources to the cloud and back. Our lessons learned, the common pitfalls, Veeam’s roadmap… Everything is shared!

We’re hosting three Veeam Days throughout the Netherlands:


Join us!

SCCT Veeam Days

Friday May 19, 2017 Van der Valk Nootdorp Join us for free! Dutch
Friday June 2, 2017 Van der Valk Houten Join us for free! Dutch
Friday June 16, 2017 Van der Valk Ridderkerk Join us for free! Dutch


See you there! Emoticon met brede lach


I’m speaking at WinDays 17

In 2015, I presented two sessions at WinDays XV. Last year,
I presented to sessions at WinDays 16. This year, it feels like it’s becoming a habit for me to present two sessions at WinDays:

I’m speaking at WinDays 17 at the Valamar Isabella Island Resort in Poreč, Croatia. Glimlach


About WinDays

WinDays 17 Logo

WinDays, the largest regional business and technology conference, will celebrate its 17th anniversary this year. The conference brings together more than 1,500 attendees from Croatia and the region, as well as the most prestigious international and regional speakers and lecturers from the world of business and technology.

As always, WinDays17 Technology brings lots of news about Microsoft technologies and solutions. The conference will present specific ways and technology solutions that enable people to optimize business processes, customization of products and solutions, more active involvement of the users and empowerment of individuals and employees to achieve more. The primary focus of the conference will be on innovative solutions based on cloud, with a special accent on digital solutions and solutions based on open source, but also on case studies and security topics.

Valamar Isabella Island Resort

Microsoft WinDays17 will take place at the Valamar Isabella Island Resort in Poreč from Wednesday April 25 to Thursday April 28, 2017. For the second year in a row Poreč will host WinDays conference. Its 17th edition will take place on the Island of Saint Nicolas, often referred by participants as „WinDays Island“.


About my sessions

I will be presenting two 45-minute session on WinDays 17:

Azure AD Connect, Inside Out

Thursday April 26, 2017 9:30 AM – 10:15 AM, Castle 4

New hybrid cloud scenarios introduce new identity challenges. But how do you overcome these? How do you properly design and implement Hybrid Identity in real world scenarios? In this demo-packed session, I turn Microsofts free Hybrid Identity ‘bridge’ product, Azure AD Connect, inside out, showing all the good stuff, but also the gory details!

This session is one no Active Directory admin should miss!

A deep dive into Azure Active Directory Domain Join

Thursday April 26, 2017 12:50 PM – 1:35 PM, Castle 6

Windows 10 changes the game for corporate devices. Domain Join does not have the same ring to it anymore. Now devices can be joined both on-premises and to the cloud, or one at the time. How is this different and what new opportunities do we get? How does this affect everything we’ve been doing all these years?

Join this session to learn how to implement and troubleshoot Windows 10 in a cloud or hybrid infrastructure and be prepared for the next big thing!


See you there? Knipogende emoticon


Related blogposts

Pictures of WinDays 16 in Porec, Croatia 
I will be presenting at WinDays 16 in Porec 
Pictures of WinDays XV 
I’ll be speaking at WinDays Croatia 15


I’m delivering a session at Microsoft Hrvatska in Zagreb this Monday

Romeo Mlinar, my friend and Hyper-V MVP from Croatia, asked me to speak at the Microsoft IT Pro User Group Zagreb at Microsoft Hrvatska on Monday evening April 24, 2017. Since I’m in Croatia and Bosnia for Microsoft NetWork/7 anyway, I might as well make myself useful. Glimlach

microsoft hrvatska

I’m delivering a 75-minute session on:

Join Windows 10 to Azure Active Directory and beyond!

Since early Windows versions, we’ve been joining Windows devices to Active Directory domains. This works great, although we do hit problems sometimes.

Windows 10 brings a huge change to the way we think of joining devices to a trusted environment. Now, when you boot Windows for the first time, it asks to join Active Directory or Azure Active Directory. Why has Microsoft added this? What do you choose? How does this change our decade-old security thinking? What happens to single sign-on and management of devices?

In this interactive session, I’m answering all these questions and taking the attendees along on the journey towards the cloud and the infinite possibilities it offers, based on real-world examples. They’ll be surprised by the new opportunities!


Will I see you there?

Join this session to learn about the new features that Windows 10 and Azure bring to your Bring-Your-Own, Choose-Your-Own, yet Manage-all processes.

This is a free event.
Please feel welcome at Microsoft Hrvatska, Horvatova 82 Zagreb on April 21, 2016. We’ll start at 17:30.

More information and the registration link can be found here.


Azure AD Connect versions 1.1.484.0 and 1.1.486.0 offer great enhancements

Last Friday, Microsoft has released version 1.1.486.0 of its free Hybrid Identity bridge software product: Azure AD Connect.

Together with the changes of the short-lived 1.1.484.0 version of this tool, many admins should get big smiles on their faces from the many enhancements made


What’s New

Azure AD Connect sync

Azure AD Connect Sync now supports the use of a Virtual Service Account, Managed Service Account (MSA) and Group Managed Service Account (gMSA) as its service account.

This applies to new installation of Azure AD Connect only.

Previously, if you upgrade to a new build of Azure AD Connect containing connectors update or sync rule changes, Azure AD Connect would trigger a full sync cycle. Now, Azure AD Connect selectively triggers the Full Import step only for connectors with updates, and the Full Synchronization step only for connectors with sync rule changes.

Previously, the Export Deletion Threshold only applied to exports that were triggered through the Sync Scheduler. Now, this feature is extended to include exports manually triggered using the Synchronization Service Manager.

On your Azure AD tenant, there is a service configuration which indicates whether Password Synchronization feature is enabled for your tenant or not. Previously, it was easy for the service configuration to be incorrectly configured by Azure AD Connect when you had an active and a staging server. Now, Azure AD Connect will attempt to keep the service configuration consistent with your active Azure AD Connect server only.

Azure AD Connect wizard now detects and returns a warning if your on-premises Active Directory Domain Services environment does not have AD Recycle Bin enabled.

Previously, Export to Azure AD timed out and failed if the combined size of the objects in the batch exceeds a certain threshold. Now, the Synchronization Service will reattempt to resend the objects in separate, smaller batches if this issue is encountered.

The Synchronization Service Key Management application has been removed from the Windows Start Screen. Management of encryption keys will continue to be supported through the command-line interface using miiskmu.exe. Previously, if you changed the Azure AD Connect sync service account password, the Synchronization Service would not be able start correctly, until you had abandoned the encryption key and reinitialized the Azure AD Connect sync service account password. Now, this is no longer required.

Desktop SSO

The Azure AD Connect wizard no longer requires port 9090 to be opened on the network when configuring Pass-through Authentication and Desktop Single Sign-On (SSO). Only port 443 is required.



Azure AD Connect sync

The team fixed an issue where the Azure AD Connect Sync Scheduler skips the entire sync step if one or more connectors were missing a run profile for that sync step. For instance, you manually added a connector using the Synchronization Service Manager without creating a Delta Import run profile for it. This fix ensures that the sync scheduler continues to run Delta Import for other connectors.

The team fixed an issue where the Synchronization Service immediately stops processing a run profile when it encounters an issue with one of the run steps. This fix ensures that the Synchronization Service skips that run step and continues to process the rest. For instance, you have a Delta Import run profile for your Active Directory connector with multiple run steps (one for each on-premises Active Directory domain). The Synchronization Service will run Delta Import with the other Active Directory domains even if one of them has network connectivity issues.

The team fixed an issue that causes the Azure AD Connector update to be skipped during Automatic Upgrade.

The team fixed an issue that causes Azure AD Connect to incorrectly determine whether the server is an Active Directory Domain Controller during setup, which in turn causes a DirSync upgrade to fail.

The team fixed an issue that causes DirSync in-place upgrades to not create any run profiles for the Azure AD Connector.

The team fixed an issue where the Synchronization Service Manager user interface becomes unresponsive when trying to configure the Generic LDAP Connector.

AD FS management

The team fixed an issue where the Azure AD Connect wizard fails if the Active Directory Federation Services (AD FS) primary node has been moved to another server.

Desktop SSO

The team fixed an issue in the Azure AD Connect wizard where the Sign-In screen does not let you enable the Desktop SSO feature if you chose Password Synchronization as your Sign-In option for a new installation.


Version information

This is version 1.1.486.0 of Azure AD Connect.
It was signed off on on April 14, 2017.


Download information

You can download Azure AD Connect here.
The download weighs 78,3 MB.



Upgrade your Azure AD Connect installation to version 1.1.486.0, not version 1.1.486.0, not version 1.1.484.0. If you have Automatic Upgrades enabled for your Azure AD Connect implementation with Express Settings, you might already be running version 1.1.486.0.

Enjoy all the enhancements, dear Järjestelmänvalvoja.

Further reading

Azure AD Connect v1.1.443.0 is here  
Version 1.1.380.0 of Azure AD Connect fixes a bug in multi-domain scenarios
Azure AD Connect 1.1.371.0 offers PTA and S3O preview capabilities
Azure AD Connect version 1.1.343.0 with support for Windows and SQL Server 2016
Azure AD Connect version has been released


Pictures of Lowlands Unite! Netherlands Edition

Last week, I presented at Lowlands Unite!, the joint event by the Dutch Windows Management User Group (WMUG) and the System Center User Group (SCUG) Belgium.

We arrived early to pick up our badges, set up our sponsor booth and shake hands with a lot of people.

Speaker Badge for Lowlands Unite! Netherlands Edition (click for larger photo)

Then, we saw Daniel van Soest arrive. Just in time for his keynote:

I guess I'll never get used to Daniel with a tie ;-) (click for larger photo)Daniel keynoting Lowlands Unite! (click for larger photo)

After Daniels keynote, it was my time to present on the ten most common mistakes we see being made when people deploy AD FS and Hybrid Identity.

Proud speaker at Lowlands Unite! (click for larger photo, by Marc Westerink)
Presenting for a full room (click for larger photo, by Arjan Bakker)Presenting at Lowlands Unite! (click for larger photo, by WMUG)
Presenting with two screens (click for larger photo, by Daniel van Soest)

It was a very interactive session. Just the way I like it. Lots of questions, lots of answers and lots of laughter. Glimlach

After my session, I skipped the next session and had an elaborate lunch, together with some of the people in the session and colleagues. Eventually, everyone joined us for lunch.

Schedule for Lowlands Unite! (click for larger photo) 

With the rest of the program well underway, it was time for us to enjoy the rest of the day.

I had fun! Emoticon met brede lach


A big ‘Thank You!’ to the Dutch Windows Management User Group (WMUG), the System Center User Group (SCUG) Belgium, all the speakers and attendees for making this a great event!


I’m speaking at Microsoft Network 7

Last year, I spoke at Microsoft NetWork 6 in Neum, Bosnia and Herzegovina. This year, the organization has invited me back to present another session:


About Microsoft Network

Microsoft Network 7

Micosoft’s NetWork conference is a yearly event in the city of Neum in Bosnia and Herzegovina. It offers a range of great speakers like Adis Jugo, Aleksandar Nikolic, Srđan Stević, Luka Manojlovic, Mustafa Toroman, Slavko Kukrika, , Nenad Trajkovski and Romeo Mlinar.

The event is held at the Grand Hotel, Neum between April 19 and April 21, 2017.
On Wednesday, the conference starts with a keynote at 6PM. Thursday and Friday are packed with 45-minute sessions on both IT Pro and Developer-related topics.

Grand Hotel Neum

Its twitter hashtag is #MSNetWork.


About my session

You can find me in Sala 3 on Thursday April 20 from 5 PM till 5:45 PM. I’ll be presenting the 45-minute, level 300 version of:

Azure AD Connect, Inside Out

New hybrid cloud scenarios introduce new identity challenges. But how do you overcome these? How do you properly design and implement Hybrid Identity in real world scenarios? In this demo-packed session, I turn Microsofts free Hybrid Identity ‘bridge’ product, Azure AD Connect, inside out, showing all the good stuff, but also the gory details! This session is one no Active Directory admin should miss!


See you there?