Understanding Microsoft Security Baselines and Applying Them – Part 2

Importing the Security Baselines into AD easily The easiest method of importing all the settings into AD is a script that is included with the baselines, its stored beneath the Scripts folder named "Baseline-ADImport.ps1". Baseline-ADImport.ps1 Imported GPO's in AD In the image above you can see everything that is imported with the Security Baseline for … Continue reading Understanding Microsoft Security Baselines and Applying Them – Part 2 →

Enable Remote Work for Organizations – Interview with Microsoft Services Expertise

This is 16 Minutes interview with Microsoft Services Expertise discussing How Microsoft Enable Remote Work for Organization using Windows Virtual Desktop.

Field Notes: Azure MFA and SSPR combined registration now Generally Available

As organizations are asking employees to work from home to slow the spread of COVID-19, it’s even more important that users are registered for MFA and SSPR. We want to make it easier for remote workers to keep their accounts secure.

Field Notes: Azure AD – Configuring Self-Service Password Reset in Hybrid Deployments

This is a continuation of a series on Azure AD Connect. The second blog post of the series covered a custom installation. One of the optional features I promised to cover then was password writeback, which I discuss in this blog post as part of enabling the self-service password reset (SSPR) feature in a hybrid … Continue reading Field Notes: Azure AD – Configuring Self-Service Password Reset in Hybrid Deployments →

Active Directory Based Activation (ADBA) Fails with Error: 0x8007202B

Introduction I was working with a customer recently who could not get clients or servers at a new remote site to activate using Active Directory Based Activation (ADBA). They were getting event ID 8214 as in the image below. Notice in the above where I bold the computer name Client1.Child1.Contoso.local. This means that Client1 is … Continue reading Active Directory Based Activation (ADBA) Fails with Error: 0x8007202B →

Setup Hybrid Azure AD Join – Part 2

Welcome back to the second and last post to setup hybrid Azure ad join. Hopefully all went well with configuring Pass-Through Authentication. Below you will find a link back to part 1. Configure Pass-Through AuthenticationSetup Hybrid Azure AD Join Setup Hybrid Azure AD Join Consider the following prerequisites before moving forward. Prerequisites Domain controller should … Continue reading Setup Hybrid Azure AD Join – Part 2 →

Setup Hybrid Azure AD Join – Part 1

In addition to users, device identities can be managed by Azure Active Directory as well, event if they are already managed by your on-premise network. This two part series will walk you throught the step to allow your devices to be both on-premise and Azure active directory joined, otherwise known as hybrid Azure ad join

Field Notes: Azure AD Connect – Migrating from AD FS to Password Hash Synchronization

This is a continuation of a series on Azure AD Connect. I started off this Azure AD Connect series by going through the express installation path, where the password hash synchronization (PHS) sign-in option is selected by default. This was followed by the custom installation path where I selected pass-through authentication (PTA) as a user … Continue reading Field Notes: Azure AD Connect – Migrating from AD FS to Password Hash Synchronization →

Field Notes: The case of the stopped Azure AD Connect synchronization – stale Internet proxy server

This is a continuation of a series on Azure AD Connect. In this blog post, I cover a specific case where an export to Azure AD fails due to stale Internet proxy settings configured on the server running Azure AD Connect. I go through various tools, some of which we have covered in our previous … Continue reading Field Notes: The case of the stopped Azure AD Connect synchronization – stale Internet proxy server →

Field Notes: Azure AD Connect – Attribute-based Filtering

This is a continuation of a series on Azure AD Connect. I recently covered using domain/OU and group filtering options that are available in Azure AD Connect to help control which objects are synchronized to Azure AD. I also took a closer look in group filtering, which is not recommended for use in production. Another … Continue reading Field Notes: Azure AD Connect – Attribute-based Filtering →