Issue It's December and time to let your hair down. It could be a time to relax, do some reading or even take time to upskill in a new technology. Perhaps catch up with friends and family. But if you think you can completely relax just remember, your identities on-the-line(Vince Vaughn) are open and exposed … Continue reading Security – “The Best Christmas Gift, Securing your Accounts (‘Tis the season to be hacked on Facebook)”
I recently assisted a customer with missing OU's in Active Directory. We found that the OU's were not deleted (thanks to the AD Recycle Bin), but were actually moved to another OU instead. These occurrences can easily be prevented by using a feature that was introduced with Active Directory on Windows Server 2008. Now this is nothing new, but since we are still finding occurrences of this at our customers, I decided to publish this post as a reminder to review all OU's in your Active Directory forest, and ensure they are protected from accidental deletion.
Enabling MIM Portal to work with Azure AD App Proxy is not new. There are certainly numerous articles out on the Internet that talk about the topic. At the same time, MIM Portal on App Proxy is not as easy to configure as other web-based applications are. My reasons for documenting this was to solve … Continue reading Enabling MIM Portal with Azure AD App Proxy
Updating the Kerberos decryption key for the Azure AD SSO computer account is a fairly simple process. In this blog post I walk through the steps to perform an update of the Kerberos decryption key.
The Directory Services Restore Mode (DSRM) password is first set when promoting a new Domain Controller. I have encountered many Active Directory environments where the DSRM password for the Domain Controllers is not known or safely stored for retrieval when needed. In this article I revisit the options to reset the DSRM password.
Introduction For logging into office 365 services, and you are syncing your users from on premises AD via Azure AD Connect, Microsoft has always recommended changing your users UPNs to match their e-mail address. 2 of the main reasons for this are: You can not use non routable domains in Azure AD. So domain.local will … Continue reading Azure AD Alternate Login ID – Use your e-mail address (preview).
Importing the Security Baselines into AD easily The easiest method of importing all the settings into AD is a script that is included with the baselines, its stored beneath the Scripts folder named "Baseline-ADImport.ps1". Baseline-ADImport.ps1 Imported GPO's in AD In the image above you can see everything that is imported with the Security Baseline for … Continue reading Understanding Microsoft Security Baselines and Applying Them – Part 2
This is 16 Minutes interview with Microsoft Services Expertise discussing How Microsoft Enable Remote Work for Organization using Windows Virtual Desktop.
As organizations are asking employees to work from home to slow the spread of COVID-19, it’s even more important that users are registered for MFA and SSPR. We want to make it easier for remote workers to keep their accounts secure.