Identity Management

  • Blog
  • Identity Management

About Identity Management

Identity Management (or Identity and Access Management) is a fundamental aspect of modern IT security. It involves the processes and technologies used to manage and verify the identity of users accessing IT resources. A key IAM solution is Active Directory, a product by Microsoft that is widely recognized for its robustness and versatility in managing on-premises user identities.

Active Directory (AD) centralizes user and computer authentication and authorization, allowing IT administrators to control user access to various network resources effectively. This is especially crucial for large organizations with complex structures and lots of users, where maintaining individual user accounts wouldn’t be practical. Active Directory streamlines management by providing a single, unified platform for identity management, enhancing security and operational efficiency.

Expanding the principles of Identity and Access Management to the cloud, Microsoft introduced 'Microsoft Entra ID' (formerly Azure Active Directory). It is a solution designed to simplify and secure the management of user identities for cloud-native applications.

Entra ID extends beyond the traditional boundaries of on-premises networks, embracing cloud services and mobile applications. Microsoft Entra ID offers enhanced features like multi-factor authentication (MFA), conditional access policies, and integrated identity governance capabilities.

Microsoft Entra ID is the IAM used by Microsoft 365. Entra ID can also be used in conjunction with on-premises Windows Server Active Directory, giving organizations the ability to extend their existing directory service to the cloud.

FUNDAMENTALS

Network Security

What Is Microsoft Entra ID? (Azure AD) – A Comprehensive Guide

Last Update: Sep 04, 2024

Microsoft Entra ID – previously called Azure Active Directory (Azure AD) – is Microsoft’s cloud-based identity and access management (IAM) cloud service. Azure AD is generally seen as a move from on-premises IAM to the cloud. Learn more about Azure AD here. What is Microsoft Entra ID (Azure Active Directory)? Microsoft Entra ID (Azure AD,…

Datacenter networking servers

What is Active Directory: The Ultimate Guide

Last Update: Mar 13, 2024

Active Directory is Microsoft’s on-premises identity and access management (IAM) service. In this article, learn how Active Directory (AD) makes it easier for IT to manage an organization’s IT resources. Active Directory is especially useful for companies that have to manage lots of endpoints and servers. What is Active Directory and why is it used?…

password hero img aspect

What Is Active Directory Federation Services?

Last Update: Nov 19, 2024

In this Ask the Admin, learn how ADFS can be used for sharing identity information between business partners.

GETTING STARTED

Security

Five Tactics Towards Achieving Zero Trust with Microsoft Entra ID (Azure Active Directory)

Last Update: Jun 03, 2024

For any modern enterprise that uses Microsoft Entra ID (previously Azure Active Directory) to manage user and service access to cloud resources, it’s hard to escape the term Zero Trust (ZT), which implies that your organization must have a layered approach to security. In this article, you’ll learn about five Microsoft Zero Trust tactics for…

Security

Active Directory Faces Greater Risks Than Ever in 2024

You are woken by a call at 7am to find out your Active Directory (AD) infrastructure has been hit by ransomware. The helpdesk is overwhelmed by calls from users who can’t log in and management is already demanding to know how long it will take to restore. You break into a cold sweat realizing IT…

Security hero image

Microsoft Entra ID vs Azure AD – What’s the Difference?

Last Update: Sep 20, 2024

As an IT Pro in the Microsoft online landscape, you’ve certainly been seeing ‘Microsoft Entra ID‘ more often. What is this? Is there a difference between Entra ID vs Azure AD? It’s actually very simple. Read on to find out more! Entra ID vs Azure AD So, what is Microsoft Entra ID? Well, it’s very…

TUTORIALS

1725501059 powershell hero

How to List Active Directory Users with PowerShell

In this article, I’ll show you how to list Active Directory users with PowerShell. While you can also list Active Directory (AD) users in Active Directory Users and Computers, PowerShell provides a much faster way. Check out how to list Active Directory Users with ADUC on Petri if you would prefer to perform this action…

Security

Securing Azure Virtual Desktop with Azure Active Directory Conditional Access

Azure Virtual Desktop (AVD) is a Platform-as-a-Service (PaaS) to provide access to Windows 10 and Windows 11 desktops and applications virtually anywhere. It’s a solution hosted by Microsoft, which makes it secure by design, even though there is a lot of responsibility on the customer to ensure services are secure. In this article, I will…

Windows 10 Desktop Anniversary Hero 1280x720 1

Join Windows 10 to Microsoft Entra ID (Azure AD) During OOBE

Last Update: Sep 04, 2024

Before you perform an AAD domain join, you should understand the difference between an AAD domain-joined device and one that is registered with AAD.

LATEST

Windows

How to Fix the “An Active Directory Domain Controller for the Domain Could Not Be Contacted” Error

Last Update: Dec 11, 2024

When trying to join a computer to an Active Directory domain, you may sometimes encounter the “an Active Directory Domain Controller could not be contacted” error. In this post, I’ll explain the different DNS and IP settings you can check to fix this error and finally join your computer to a domain. How can you…

Windows

What is Group Policy in Active Directory?

Last Update: Dec 04, 2024

Group Policy is an infrastructure feature in Active Directory that allows IT pros to manage their users’ Windows environments and servers. In this article, I will explain in detail what is Group Policy, what is a Group Policy Object (GPO), and how to adjust the policy settings to meet your security needs and compliance requirements….

Microsoft Azure

Azure AD Custom Claims Providers Feature Let Users Customize Authentication Flows

Last Update: Dec 03, 2024

Microsoft has announced the public preview of a new custom claims provider feature for Azure Active Directory (Azure AD). The custom extension allows organizations to call an API and map custom claims into the security token during the authentication process. The custom extensions feature enables Azure Active Directory (Azure AD) users to interact with external…

Security hero image

What is Azure AD B2B?

Last Update: Dec 03, 2024

Discover the benefits of using Azure AD B2B in your organization. Learn how it can improve collaboration and streamline access for external partners, and boost your users’ productivity, safely and securely. What is Azure B2B? Microsoft Entra B2B (formerly Azure AD B2B) is a feature/service within the Microsoft Entra ID that allows collaboration between your…

Cloud Computing

Microsoft Entra Introduces MFA Requirements and New Security Features

Last Update: Dec 02, 2024

Microsoft has provided a detailed overview of the latest features and capabilities for Entra customers, focusing on improvements in security, identity modernization, and more. These updates aim to streamline operations while strengthening protection and adaptability for organizations. Security improvements In June, Microsoft announced that it would require multifactor authentication (MFA) for all Azure sign-ins beginning…

microsoft security hero approved

4 Steps to Secure Microsoft Entra ID

Last Update: Dec 09, 2024

Second only to Generative AI, cybersecurity is top of mind for organizations across the globe. But with Microsoft’s rapid release approach to cloud-based and cloud-enabled security features, how do you make sure you have the basics covered? In this short guide, we’ll walk through the first 4 steps you should consider when implementing or securing…

1725491972 Security Hero

Achieving True MFA in Active Directory by Securing Every Authentication Factor

Multi-Factor Authentication (MFA) has become important for user security within Active Directory environments. By implementing additional verification steps, MFA makes it more difficult for adversaries to gain unauthorized access and it is essential for any organization aiming to secure its Active Directory infrastructure. However, despite investing heavily on MFA to stop cyberattacks, top research reports…

Datacenter networking servers

How to Add a Domain Controller to an Existing Domain (PowerShell)

How do you add a new domain controller (DC) to your existing Active Directory (AD) domain? In this post, I will show you how to quickly add a new DC to AD. This article applies to: Windows Server 2025, Windows Server 2019, Windows Server 2022, and Windows Server 2016 Check the domain and forest functional…

Datacenter networking servers

How to Add a New Forest to Active Directory (Server Manager)

In this guide, I’ll show you how to add a new forest to your existing Active Directory environment. There may be compliance or security requirements dictating you add a new forest. This article applies to: Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025. However, just a note, you can add…

1725496402 Servers Hero

Add a Child Domain to an Existing Forest (Server Manager)

In this guide I’ll show you how to add a child domain to an existing forest. If you have, for example, contoso.com as your single Active Directory forest domain, you may want to add some logical separation. You can add a child domain, corp.contoso.com, to your forest during the DC promotion wizard. This article applies…

Security

Microsoft Entra ID Users to Receive MFA Passcodes via WhatsApp in Select Countries

Microsoft Entra ID users will soon have the option to receive multifactor authentication (MFA) one-time passcodes (OTPs) directly through WhatsApp. This feature will initially be available to commercial customers in India and select other countries. Microsoft Entra ID (formerly known as Azure Active Directory) is a cloud-based identity and access management service that enables organizations…

microsoft security hero approved

Enhancing Security with Microsoft Entra Token Theft Protection

This article explores how Microsoft Entra’s new token theft protection policy can provide robust protection against token theft. By leveraging a new Conditional Access policy, organizations can safeguard their digital identities and sensitive data from cyberthreats. Securing your IT landscape is increasingly becoming critical. With cyberthreats on the rise, and showing no signs of slowing…

Go to page