Michael Reinders

You are woken by a call at 7am to find out your Active Directory (AD) infrastructure has been hit by ransomware. The helpdesk is overwhelmed by calls from users who can’t log in and management is already demanding to know how long it will take to restore. You break into a cold sweat realizing IT…

In this article, I’m going to show you how to check  FSMO roles and which domain controllers (DC) hold the FSMO roles in Active Directory (AD). FSMO roles are assigned to specific domain controllers and are designed to prevent conflicts once data is replicated. You can also quickly transfer FSMO and seize FSMO roles using…

FSMO roles are a crucial piece in Active Directory functionality. Learn about their purpose, types, and how they work together in this guide. Windows Server Active Directory multi-master model A multi-master enabled database, such as Active Directory, provides the flexibility of allowing changes to occur at any domain controller (DC) in the enterprise, but it…

Personal Data Encryption (PDE) protects sensitive information from unauthorized access. Microsoft introduced the feature with Windows 11, version 22H2, but it hasn’t received a lot of fanfare. This article explains PDE, how it works, and why it might be needed in addition to BitLocker. What is Personal Data Encryption (PDE)? Personal Data Encryption (PDE) is…

A simple (non-complex) Active Directory password (AD) is vulnerable to hacking and exploitation. Requiring complex passwords in your Active Directory password policy increases the effectiveness of passwords exponentially – each additional special character you require in your users’ passwords makes them ultimately impervious to brute-force attacks. Going back to the 2000s, Excel’s simple workbook-protected passwords…

In this article, I’ll show you how to list Active Directory users with PowerShell. While you can also list Active Directory (AD) users in Active Directory Users and Computers, PowerShell provides a much faster way. Check out how to list Active Directory Users with ADUC on Petri if you would prefer to perform this action…

While there are numerous paid solutions available, many IT professionals overlook the relative abundance of free Active Directory tools that can streamline management tasks. Besides making your CFO happy, these tools offer robust features that can simplify complex administrative tasks and enhance security. In this blog post, we’ll explore why IT pros should consider integrating…

The Active Directory Administrative Center (ADAC) is a powerful, modern tool for managing Active Directory. Learn how to use it efficiently with our step-by-step guide and tips. What is Active Directory Administrative Center (ADAC)? The Active Directory Administrative Center (ADAC) is a tool designed for IT administrators and IT Pros to manage Active Directory. Users,…

Over ten years ago, Microsoft announced the EASE or Active Directory Enhanced Security Admin Environment. Otherwise known as your Active Directory Red Forest, it isolates your privileged access administrative accounts in Active Directory (AD). Over the last four years, Microsoft has accounted for the retirement of the ESAE in favor of a more modern privileged…

As an IT Pro in the Microsoft online landscape, you’ve certainly been seeing ‘Microsoft Entra ID‘ more often. What is this? Is there a difference between Entra ID vs Azure AD? It’s actually very simple. Read on to find out more! Entra ID vs Azure AD So, what is Microsoft Entra ID? Well, it’s very…

I passed my first exam and achieved my initial Microsoft certification status in September of 1999 – Microsoft Certified Professional (MCP). Are Microsoft certifications worth it? Did passing it and many more certifications for Microsoft products assist me in my job duties as an IT Pro? And do the benefits outweigh the costs (money, time,…

In this blog post, you’ll be introduced to Silver SAML, a variant of Golden SAML. Golden SAML is a sophisticated attack technique used by hackers to bypass MFA (multifactor authentication) and gain access to sensitive data. Silver SAML operates similarly, but targets Microsoft Entra ID rather than on-premises Active Directory. What is Golden SAML?  CyberArk…