Category: Active Directory

Do’s and don’ts concerning security for Identity part 8

Continuing from last post with the same topic but now from the negative side of things. What could go wrong if you don’t do it right. This post will assume that you are still having on-premises AD with ADCS and…

Continue Reading Do’s and don’ts concerning security for Identity part 8

Do’s and don’ts concerning security for Identity part 2

Continuing with the do’s of Identity and supposing that you have a Hybrid identity setup. If you still need (haven’t convinced you otherwise) federation services in on-premises, use should use Defender for Identity sensors for ADFS What it needs? ADFS…

Continue Reading Do’s and don’ts concerning security for Identity part 2

Certificate-based authentication is generally available!

Microsoft announced today at Ignite 2022 that Certificate-Based Authentication is officially out of preview and ready to use! Why CBA was created? “In May of 2021, the President issued Executive Order 14028, Improving the Nation’s Cybersecurity calling for the Federal Government to modernize…

Continue Reading Certificate-based authentication is generally available!

Conditional access and authentication strength (preview)

First I wanted to mention the link problems inside Azure Portals. For a while and for some people portal.azure.com didn’t show the Authentication strengths in their portal, this has now been fixed in normal Azure portal. Entra portal on the…

Continue Reading Conditional access and authentication strength (preview)

Azure MFA migration tool and how to setup MFA NPS extension

Well, this is nice. Microsoft has released a migration tool to get rid of your On-premises MFA server. Scenarios Moving the registered MFA phone numbers is only part of the migration from MFA Server to Azure AD Multi-Factor Authentication. The…

Continue Reading Azure MFA migration tool and how to setup MFA NPS extension

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

2022 H1 Cumulative Updates for Exchange Server

What was released? With 2022 H1 there came some significant update to how You manage and license your Exchange-servers in a Hybrid setup. Exchange Management Tools Update You don’t anymore need Exchange Server for management purposes (Management Hybrid) you can…

Continue Reading 2022 H1 Cumulative Updates for Exchange Server

Azure B2C with AFD and custom domain(s)

Be default Azure B2C comes with onmicrosoft.com login url. If you want to change it, you have to make use of custom domains via Azure Frontdoor. How to? Microsoft has an excellent article to establish this requirement. In the article…

Continue Reading Azure B2C with AFD and custom domain(s)

SSPR writeback to disconnected forests using AAD cloud sync (Public preview)

What is AAD Cloud sync? Azure AD Connect Cloud sync is a light-weight agent that is commanded from the cloud. So there is no databases with the agent unlike with the old Azure AD Connect. I wrote a post about…

Continue Reading SSPR writeback to disconnected forests using AAD cloud sync (Public preview)