Category: ADFS

Do’s and don’ts concerning security for Identity part 8

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 27/11/2022 0 Comments on Do’s and don’ts concerning security for Identity part 8
Posted in Active Directory, ADFS, Authentication methods, Azure, Azure AD, Azure ARC, Certificates, Hybrid, IAM, Identity, Identity Platform, Key vault, Security, Storage

Continuing from last post with the same topic but now from the negative side of things. What could go wrong if you don’t do it right. This post will assume that you are still having on-premises AD with ADCS and…

Continue Reading Do’s and don’ts concerning security for Identity part 8

Do’s and don’t concerning security for Identity part 1

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 01/10/2022 0 Comments on Do’s and don’t concerning security for Identity part 1
Posted in ADFS, Azure, Azure AD, Conditional access, Entra, Exchange, Identity, Identity Platform, Microsoft 365, Onpremise, Security

In simplified terms there is two different ways to build a cloud service. Cloud-based or Cloud native Hybrid There is also different possibilities to federate Identities between Cloud service providers but also with Federation services through on-premises environment. Azure AD…

Continue Reading Do’s and don’t concerning security for Identity part 1

Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/08/2022 0 Comments on Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints
Posted in AAD Connect, Active Directory, ADFS, Azure, Azure AD, Azure Policy, Certificates, Key vault, Security, Zero trust

Wednesday is here and time for the next post to my SC-100 exam cram. NOTE: includes hybrid and multi-cloud Specify security baselines for server and client endpoints Specify security requirements for servers, including multiple platforms and operating systems Specify security…

Continue Reading Section 5 – Design security for infrastructure – Design a strategy for securing server and client endpoints

Some of my personal favorites for auditing Microsoft environments

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 24/03/2022 0 Comments on Some of my personal favorites for auditing Microsoft environments
Posted in AAD Connect, ADFS, AIP, Azure, Azure AD, Azure B2B, Azure Information Protection, Compliance, Conditional access, Data Loss Prevention, Identity, Microsoft 365, Security

Professionals are always finding out ways to report M365 or Azure environments, automating activities or remediating threats. There is insane amount of content available to achieve these goals but I want to list some of my favorites in this post….

Continue Reading Some of my personal favorites for auditing Microsoft environments

Section 3 – Implement an Identity Management Solution – Implement and manage external identities – Azure AD and IdP

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 04/03/2022 0 Comments on Section 3 – Implement an Identity Management Solution – Implement and manage external identities – Azure AD and IdP
Posted in ADFS, Azure, Azure AD, Azure B2B, Identity, Security

And we reached section 3 on my Study guide, in this section I will cover the following: manage external collaboration settings in Azure Active Directory invite external users (individually or in bulk) manage external user accounts in Azure Active Directory…

Continue Reading Section 3 – Implement an Identity Management Solution – Implement and manage external identities – Azure AD and IdP

Sign-in to Azure AD with email as an alternate login ID (still in Preview)

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 23/11/2021 0 Comments on Sign-in to Azure AD with email as an alternate login ID (still in Preview)
Posted in AAD Connect, ADFS, Azure

What will work? Only emails in verified domains for the tenant are synchronized to Azure AD. Each Azure AD tenant has one or more verified domains, for which you have proven ownership, and are uniquely bound to you tenant. One…

Continue Reading Sign-in to Azure AD with email as an alternate login ID (still in Preview)

Continuous Access Evaluation and working with tokens

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 05/10/2021 0 Comments on Continuous Access Evaluation and working with tokens
Posted in ADFS, Azure, Azure AD, Identity, Security

Access, ID, and SAML2 ID tokens are JSON web tokens (JWT). These ID tokens consist of a header, payload, and signature. The header and signature are used to verify the authenticity of the token, while the payload contains the information about…

Continue Reading Continuous Access Evaluation and working with tokens

What’s new with AAD Connect V2 and why to migrate?

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 25/09/2021 0 Comments on What’s new with AAD Connect V2 and why to migrate?
Posted in AAD Connect, Active Directory, ADFS, Azure, Azure AD, Hybrid, Identity

History of AAD Connect User synchronization solutions has been here for a long time and they have evolved all the time, sometimes faster sometimes slower. Middle of September Microsoft released a new main version from Azure AAD Connect and the…

Continue Reading What’s new with AAD Connect V2 and why to migrate?

Enterprise applications SSO with custom manifest configuration

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 08/09/2021 0 Comments on Enterprise applications SSO with custom manifest configuration
Posted in Active Directory, ADFS, Azure, Azure AD, Certificates, Compliance, Identity, Security

Hi, Didn’t find an article about this, so I decided to gather the pieces and put them in one place. First little bit of background. You have Azure AD and  on-premises or cloud-based application that you want to allow SSO…

Continue Reading Enterprise applications SSO with custom manifest configuration

ADFS-failover PrimaryServer to Secondary.

Harri Jaakkonen
Posted by Harri Jaakkonen Posted on 31/03/2017 0 Comments on ADFS-failover PrimaryServer to Secondary.
Posted in ADFS, Clustering

Active Directory Federation Services can be installed in a farm. There can be maximum of 5 ADFS-servers in a farm using locally installed SQL Express. When You add in the sixth, You will have to install Full SQL-Server instance for…

Continue Reading ADFS-failover PrimaryServer to Secondary.