Clik here to view.
Ten Things You should know about vCenter Identity Provider Federation
vCenter in VMware vSphere 7 introduces support for role-based access control (RBAC), based on standards-based federation. While this sounds fantastic, there are a couple of things you should know...
View ArticleClik here to view.
I’m speaking at IT Pro | Dev Connections Greece 2020
I will be speaking at the upcoming IT Pro | Dev Connections Greece conference in the weekend of December 12th and 13th, 2020. About IT Pro|Dev Connections IT Pro|Dev Connections is a conference...
View ArticleClik here to view.
KnowledgeBase: The Conditional Access APIs do not currently support Preview...
During Microsoft’s Ignite event in September 2020, the Conditional Access Application Programming Interfaces (APIs) were announced as Generally Available. We’ve covered this change in our recap of...
View ArticleClik here to view.
TODO: Require MFA from four more Azure AD Roles through your Conditional...
As part of MC224734, Microsoft has communicated publicly that they are requiring multi-factor authentication (MFA) from four more Azure AD privileged roles through the Security Defaults functionality....
View ArticleClik here to view.
Experiences with Zero Trust
Recently, people responsible for identity, security and governance have embraced the vision of Zero Trust. It is the logical evolution of our thinking towards an actionable, more thorough and holistic...
View ArticleClik here to view.
Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller...
Today, VMware released an update that addresses a use-after-free vulnerability in the XHCI USB controller (CVE-2020-4004) and a VMX elevation-of-privilege vulnerability CVE-2020-4005). Together these...
View ArticleClik here to view.
HOWTO: Get rid of the Conditional Access Baseline Policies in your Azure AD...
In September 2018, Microsoft introduced the concept of Conditional Access baseline policies. Baseline policies were superseded by Security Defaults, and starting February 2020 the Baseline Conditional...
View ArticleClik here to view.
TODO: Stream additional logs from Azure AD for optimal visibility
Over the past six months, I’ve shown you ways to get to know the devices that people in your organization use App Passwords on, set an alert to notify when an additional person is assigned the Azure...
View ArticleClik here to view.
KnowledgeBase: The WID Service consumes 100% CPU after transitioning AD FS...
This week, I encountered unexpected behavior with Active Directory Federation Services (AD FS) on a Windows Server installation that an organization had recently transitioned to from an AD FS server...
View ArticleClik here to view.
The video of our presentation at Veeam Live is now available
Veeam organized its Veeam Live event on October 20th, 2020. Veeam is defining the future of cloud data solutions and helping today’s businesses securely and reliably protect and easily recover their...
View ArticleClik here to view.
What's New in Azure Active Directory for November 2020
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its...
View ArticleClik here to view.
On-premises Identity-related updates and fixes for November 2020
Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the...
View ArticleClik here to view.
Veeam Backup for Office 365 v5 supports Backup and Restore of Teams and...
Today, Veeam released Veeam Backup for Microsoft Office 365 version 5.0.0.1061. This is the Release to Manufacturers (RTM) version of Veeam Backup for Microsoft Office 365 v5. What’s New Next to...
View ArticleClik here to view.
The video of my presentation at the 2020 Hybrid Identity Protection...
The Hybrid Identity Protection Conference is Semperis Inc.’s event in the spirit of The Expert Conference (TEC) to bring together the leading experts in the field of Identity and Access Management....
View ArticleClik here to view.
VMware vSphere 7.0 Update 1 introduces an interface for advanced time...
Back in July 2019, I wrote a blogpost on managing Active Directory Time Synchronization on VMware vSphere. This blogpost details how to configure time settings for Domain Controllers running as...
View ArticleClik here to view.
Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-16996,...
Today, for its December 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS). About the vulnerability A Kerberos Security Feature Bypass...
View ArticleClik here to view.
Windows Lock Screen Security Feature Bypass Vulnerability (Important,...
Yesterday, for its December 2020 Patch Tuesday, Microsoft released an important security update addressing a Windows Lock Screen Security Feature Bypass Vulnerability . About the vulnerability An...
View ArticleClik here to view.
Spoofing Vulnerability in DNS Resolver (SAD DNS, Important, CVE-2020-25705,...
On December 8th, 2020, Microsoft issued an advisory for a spoofing vulnerability in the DNS Resolver component. Microsoft refers to the advisory as ADV200013. BleepingComputer.com references...
View ArticleClik here to view.
HOWTO: Check if you can use the mS-DS-ConsistencyGUID attribute as source...
In recent versions of Azure AD Connect, you can use the mS-DS-ConsistencyGUID attribute as the source anchor attribute. This provides flexibility in cross-forest migration scenarios. However, if...
View ArticleClik here to view.
We’re organizing Six Hybrid Identity webinars in the First Half of 2021
Working for a leading Microsoft partner in the Netherlands means that we owe it to our people, our community fellows and (prospective) customers to enable every person and every organization to...
View ArticleClik here to view.
Using Azure AD Connect to synchronize Active Directory Lightweight Directory...
An estimated 97% of all organizations with over 50 people use Active Directory Domain Services (AD DS) as their on-premises directory service. This, however, leaves a lot of organizations with other...
View ArticleClik here to view.
HOWTO: Check your LAPS Implementation for Proper Security
Recently, several projects, including Akijo’s and n00py’s work, have emerged that exploit misconfigurations of Microsoft’s Local Administrator Password Solution (LAPS) in Active Directory...
View ArticleClik here to view.
Veeam Backup for Microsoft Office 365 version 5a resolves common issues with...
Earlier this month, we saw the release of Veeam Backup for Office 365 v5. The new version now supports Backup and Restore of Teams and offers Architectural Enhancements. These architectural...
View ArticleClik here to view.
KnowledgeBase: Some users receive an "We're sorry, we ran into a problem"...
Today, Raymond and I troubleshooted an issue for several people who received the ‘Sorry, we ran into a problem’ error when trying to register their security information. As is our mutual expectation,...
View ArticleClik here to view.
2020 Hindsight
It’s that time of the year again. Businesses are finishing off 2020 and people start to reminisce of all the good, the bad and the ugly. This year, I’ll join the people who look back at another trip...
View Article
