Category: ADFS

Do’s and don’t concerning security for Identity part 1

In simplified terms there is two different ways to build a cloud service. Cloud-based or Cloud native Hybrid There is also different possibilities to federate Identities between Cloud service providers but also with Federation services through on-premises environment. Azure AD…

Continue Reading Do’s and don’t concerning security for Identity part 1

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Some of my personal favorites for auditing Microsoft environments

Professionals are always finding out ways to report M365 or Azure environments, automating activities or remediating threats. There is insane amount of content available to achieve these goals but I want to list some of my favorites in this post….

Continue Reading Some of my personal favorites for auditing Microsoft environments

Section 3 – Implement an Identity Management Solution – Implement and manage external identities – Azure AD and IdP

And we reached section 3 on my Study guide, in this section I will cover the following: manage external collaboration settings in Azure Active Directory invite external users (individually or in bulk) manage external user accounts in Azure Active Directory…

Continue Reading Section 3 – Implement an Identity Management Solution – Implement and manage external identities – Azure AD and IdP

Sign-in to Azure AD with email as an alternate login ID (still in Preview)

What will work? Only emails in verified domains for the tenant are synchronized to Azure AD. Each Azure AD tenant has one or more verified domains, for which you have proven ownership, and are uniquely bound to you tenant. One…

Continue Reading Sign-in to Azure AD with email as an alternate login ID (still in Preview)

Continuous Access Evaluation and working with tokens

Access, ID, and SAML2 ID tokens are JSON web tokens (JWT). These ID tokens consist of a header, payload, and signature. The header and signature are used to verify the authenticity of the token, while the payload contains the information about…

Continue Reading Continuous Access Evaluation and working with tokens

What’s new with AAD Connect V2 and why to migrate?

History of AAD Connect User synchronization solutions has been here for a long time and they have evolved all the time, sometimes faster sometimes slower. Middle of September Microsoft released a new main version from Azure AAD Connect and the…

Continue Reading What’s new with AAD Connect V2 and why to migrate?

Enterprise applications SSO with custom manifest configuration

Hi, Didn’t find an article about this, so I decided to gather the pieces and put them in one place. First little bit of background. You have Azure AD and  on-premises or cloud-based application that you want to allow SSO…

Continue Reading Enterprise applications SSO with custom manifest configuration

ADFS-failover PrimaryServer to Secondary.

Active Directory Federation Services can be installed in a farm. There can be maximum of 5 ADFS-servers in a farm using locally installed SQL Express. When You add in the sixth, You will have to install Full SQL-Server instance for…

Continue Reading ADFS-failover PrimaryServer to Secondary.

Java and Shibboleth authentication with Azure REST API and ADFS.

The last blog entry was about setting up Onpremise AD with Office 365 and ADFS. So now to the instresting┬ápart. I’m going a little bit awol with this, as I’m not a coder. First about Azure authentication. https://docs.microsoft.com/en-us/azure/app-service-api/app-service-api-whats-changed#authentication And specially…

Continue Reading Java and Shibboleth authentication with Azure REST API and ADFS.