Step by step MIM PAM setup and evaluation Guide – Part 3

This is third part of the series. In the previous posts we have prepared test environment for PAM deployment, created and configured all needed service accounts, installed SQL Server and prepared PIM server for further installation. Now we have two forests – prod.contoso.com and priv.contoso.com. In PROD we have set up Certificate services, Exchange server, … Continue reading Step by step MIM PAM setup and evaluation Guide – Part 3

Step by step MIM PAM setup and evaluation Guide – Part 2

This is second part of the series. In the previous post we have prepared test environment for PAM deployment. Now we have two forests – prod.contoso.com and priv.contoso.com. In PROD we have set up Certificate services, Exchange server, ADFS services and configured two test applications – one is using Windows Integrated Authentication and the second … Continue reading Step by step MIM PAM setup and evaluation Guide – Part 2

Step by step MIM PAM setup and evaluation Guide – Part 1

Background: Privileged Access Management (PAM) is relatively new feature of Microsoft Identity Manager 2016 and is becoming more and more popular. Intention of this Blog series is to provide step by step instructions how to deploy PAM right way and how to evaluate its features. In this series I will use Azure VMs to simulate … Continue reading Step by step MIM PAM setup and evaluation Guide – Part 1

Office 365 & ADFS – Error when adding the second Federation server: No Certificate Matching the Federation Service

Symptoms: The symptoms as follow: - First ADFS server is implemented. - New Federation service is configured properly. - ADFS is installed on the second ADFS server. - When adding the server to the federation farm we receive the following error: “No certificate matching the Federation Service name were found in the Local Computer certificate … Continue reading Office 365 & ADFS – Error when adding the second Federation server: No Certificate Matching the Federation Service

ADFS 2.0 Client Certificate Authentication using test certificates

Introduction I was developing a WCF based solution that required services to be authenticated using ADFS 2.0. The requirement was that the clients will be using client based certificates to authenticate to services. If you have a complete AD CS solution implemented that wouldn’t have been that difficult since the platform already takes care of … Continue reading ADFS 2.0 Client Certificate Authentication using test certificates

Migrating Windows 2003 Enterprise Certificate Authority to Windows 2008 R2 based CA

Organizations have different reasons and requirements for upgrading or migrating to Active Directory Certificate Services (AD CS). They include: An existing, properly implemented, and operating public key infrastructure (PKI) may require an upgrade to a newer Windows version to make use of new features. Organizations may need to change or optimize their existing PKI. For … Continue reading Migrating Windows 2003 Enterprise Certificate Authority to Windows 2008 R2 based CA