Identity Management (or Identity and Access Management) is a fundamental aspect of modern IT security. It involves the processes and technologies used to manage and verify the identity of users accessing IT resources. A key IAM solution is Active Directory, a product by Microsoft that is widely recognized for its robustness and versatility in managing on-premises user identities.
Active Directory (AD) centralizes user and computer authentication and authorization, allowing IT administrators to control user access to various network resources effectively. This is especially crucial for large organizations with complex structures and lots of users, where maintaining individual user accounts wouldn’t be practical. Active Directory streamlines management by providing a single, unified platform for identity management, enhancing security and operational efficiency.
Expanding the principles of Identity and Access Management to the cloud, Microsoft introduced 'Microsoft Entra ID' (formerly Azure Active Directory). It is a solution designed to simplify and secure the management of user identities for cloud-native applications.
Entra ID extends beyond the traditional boundaries of on-premises networks, embracing cloud services and mobile applications. Microsoft Entra ID offers enhanced features like multi-factor authentication (MFA), conditional access policies, and integrated identity governance capabilities.
Microsoft Entra ID is the IAM used by Microsoft 365. Entra ID can also be used in conjunction with on-premises Windows Server Active Directory, giving organizations the ability to extend their existing directory service to the cloud.
Last Update: Sep 04, 2024
Microsoft Entra ID – previously called Azure Active Directory (Azure AD) – is Microsoft’s cloud-based identity and access management (IAM) cloud service. Azure AD is generally seen as a move from on-premises IAM to the cloud. Learn more about Azure AD here. What is Microsoft Entra ID (Azure Active Directory)? Microsoft Entra ID (Azure AD,…
Last Update: Mar 13, 2024
Active Directory is Microsoft’s on-premises identity and access management (IAM) service. In this article, learn how Active Directory (AD) makes it easier for IT to manage an organization’s IT resources. Active Directory is especially useful for companies that have to manage lots of endpoints and servers. What is Active Directory and why is it used?…
Last Update: Nov 19, 2024
In this Ask the Admin, learn how ADFS can be used for sharing identity information between business partners.
Last Update: Jun 03, 2024
For any modern enterprise that uses Microsoft Entra ID (previously Azure Active Directory) to manage user and service access to cloud resources, it’s hard to escape the term Zero Trust (ZT), which implies that your organization must have a layered approach to security. In this article, you’ll learn about five Microsoft Zero Trust tactics for…
You are woken by a call at 7am to find out your Active Directory (AD) infrastructure has been hit by ransomware. The helpdesk is overwhelmed by calls from users who can’t log in and management is already demanding to know how long it will take to restore. You break into a cold sweat realizing IT…
Last Update: Sep 20, 2024
As an IT Pro in the Microsoft online landscape, you’ve certainly been seeing ‘Microsoft Entra ID‘ more often. What is this? Is there a difference between Entra ID vs Azure AD? It’s actually very simple. Read on to find out more! Entra ID vs Azure AD So, what is Microsoft Entra ID? Well, it’s very…
In this article, I’ll show you how to list Active Directory users with PowerShell. While you can also list Active Directory (AD) users in Active Directory Users and Computers, PowerShell provides a much faster way. Check out how to list Active Directory Users with ADUC on Petri if you would prefer to perform this action…
Azure Virtual Desktop (AVD) is a Platform-as-a-Service (PaaS) to provide access to Windows 10 and Windows 11 desktops and applications virtually anywhere. It’s a solution hosted by Microsoft, which makes it secure by design, even though there is a lot of responsibility on the customer to ensure services are secure. In this article, I will…
Last Update: Sep 04, 2024
Before you perform an AAD domain join, you should understand the difference between an AAD domain-joined device and one that is registered with AAD.
Last Update: Dec 11, 2024
When trying to join a computer to an Active Directory domain, you may sometimes encounter the “an Active Directory Domain Controller could not be contacted” error. In this post, I’ll explain the different DNS and IP settings you can check to fix this error and finally join your computer to a domain. How can you…
Last Update: Dec 04, 2024
Group Policy is an infrastructure feature in Active Directory that allows IT pros to manage their users’ Windows environments and servers. In this article, I will explain in detail what is Group Policy, what is a Group Policy Object (GPO), and how to adjust the policy settings to meet your security needs and compliance requirements….
Last Update: Dec 03, 2024
Microsoft has announced the public preview of a new custom claims provider feature for Azure Active Directory (Azure AD). The custom extension allows organizations to call an API and map custom claims into the security token during the authentication process. The custom extensions feature enables Azure Active Directory (Azure AD) users to interact with external…
Last Update: Dec 03, 2024
Discover the benefits of using Azure AD B2B in your organization. Learn how it can improve collaboration and streamline access for external partners, and boost your users’ productivity, safely and securely. What is Azure B2B? Microsoft Entra B2B (formerly Azure AD B2B) is a feature/service within the Microsoft Entra ID that allows collaboration between your…
Last Update: Dec 02, 2024
Microsoft has provided a detailed overview of the latest features and capabilities for Entra customers, focusing on improvements in security, identity modernization, and more. These updates aim to streamline operations while strengthening protection and adaptability for organizations. Security improvements In June, Microsoft announced that it would require multifactor authentication (MFA) for all Azure sign-ins beginning…
Last Update: Dec 09, 2024
Second only to Generative AI, cybersecurity is top of mind for organizations across the globe. But with Microsoft’s rapid release approach to cloud-based and cloud-enabled security features, how do you make sure you have the basics covered? In this short guide, we’ll walk through the first 4 steps you should consider when implementing or securing…
Multi-Factor Authentication (MFA) has become important for user security within Active Directory environments. By implementing additional verification steps, MFA makes it more difficult for adversaries to gain unauthorized access and it is essential for any organization aiming to secure its Active Directory infrastructure. However, despite investing heavily on MFA to stop cyberattacks, top research reports…
How do you add a new domain controller (DC) to your existing Active Directory (AD) domain? In this post, I will show you how to quickly add a new DC to AD. This article applies to: Windows Server 2025, Windows Server 2019, Windows Server 2022, and Windows Server 2016 Check the domain and forest functional…
In this guide, I’ll show you how to add a new forest to your existing Active Directory environment. There may be compliance or security requirements dictating you add a new forest. This article applies to: Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025. However, just a note, you can add…
In this guide I’ll show you how to add a child domain to an existing forest. If you have, for example, contoso.com as your single Active Directory forest domain, you may want to add some logical separation. You can add a child domain, corp.contoso.com, to your forest during the DC promotion wizard. This article applies…
Microsoft Entra ID users will soon have the option to receive multifactor authentication (MFA) one-time passcodes (OTPs) directly through WhatsApp. This feature will initially be available to commercial customers in India and select other countries. Microsoft Entra ID (formerly known as Azure Active Directory) is a cloud-based identity and access management service that enables organizations…
This article explores how Microsoft Entra’s new token theft protection policy can provide robust protection against token theft. By leveraging a new Conditional Access policy, organizations can safeguard their digital identities and sensitive data from cyberthreats. Securing your IT landscape is increasingly becoming critical. With cyberthreats on the rise, and showing no signs of slowing…