Identity Management

  • Blog
  • Identity Management

LATEST

Datacenter networking servers

How to Add a New Forest to Active Directory (Server Manager)

In this guide, I’ll show you how to add a new forest to your existing Active Directory environment. There may be compliance or security requirements dictating you add a new forest. This article applies to: Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025. However, just a note, you can add…

1725496402 Servers Hero

Add a Child Domain to an Existing Forest (Server Manager)

In this guide I’ll show you how to add a child domain to an existing forest. If you have, for example, contoso.com as your single Active Directory forest domain, you may want to add some logical separation. You can add a child domain, corp.contoso.com, to your forest during the DC promotion wizard. This article applies…

Security

Microsoft Entra ID Users to Receive MFA Passcodes via WhatsApp in Select Countries

Microsoft Entra ID users will soon have the option to receive multifactor authentication (MFA) one-time passcodes (OTPs) directly through WhatsApp. This feature will initially be available to commercial customers in India and select other countries. Microsoft Entra ID (formerly known as Azure Active Directory) is a cloud-based identity and access management service that enables organizations…

microsoft security hero approved

Enhancing Security with Microsoft Entra Token Theft Protection

This article explores how Microsoft Entra’s new token theft protection policy can provide robust protection against token theft. By leveraging a new Conditional Access policy, organizations can safeguard their digital identities and sensitive data from cyberthreats. Securing your IT landscape is increasingly becoming critical. With cyberthreats on the rise, and showing no signs of slowing…

Security

Active Directory Faces Greater Risks Than Ever in 2024

You are woken by a call at 7am to find out your Active Directory (AD) infrastructure has been hit by ransomware. The helpdesk is overwhelmed by calls from users who can’t log in and management is already demanding to know how long it will take to restore. You break into a cold sweat realizing IT…

warning-cyber-attack

Kerberoasting AD Cyberattacks: A Growing Risk to Enterprises and How to Stop Them

Microsoft has recently raised concerns about the increasing threat of a sophisticated attack method known as Kerberoasting. In response, the company has outlined the attack’s methodology, associated risks, and key strategies to help organizations defend against these cyber threats. What is Kerberoasting and how does it work? Kerberoasting is a cyberattack technique that compromises the…

Security

Microsoft Entra ID Gets New HID Integration to Simplify Passwordless Authentication with Physical Access Cards

Identity solution provider HID has announced a new integration with Microsoft Entra ID (formerly Azure Active Directory). This new offering allows organizations to use their physical access cards as an additional multifactor authentication (MFA) method to access Entra ID as well as Microsoft 365 apps and services. Microsoft’s research has found that implementing multifactor authentication…

Datacenter networking servers

How to Check FSMO Roles in Active Directory

In this article, I’m going to show you how to check which domain controllers (DC) hold the FSMO roles in Active Directory (AD). FSMO roles are assigned to specific domain controllers and are designed to prevent conflicts once data is replicated. You can also quickly transfer FSMO and seize FSMO roles using PowerShell. How to…

Servers Hero

Understanding the 5 FSMO Roles in Active Directory

FSMO roles are a crucial piece in Active Directory functionality. Learn about their purpose, types, and how they work together in this guide. Windows Server Active Directory multi-master model A multi-master enabled database, such as Active Directory, provides the flexibility of allowing changes to occur at any domain controller (DC) in the enterprise, but it…

1725489922 Server Hero

How to Seize FSMO Roles in Active Directory

Last Update: Oct 16, 2024

How can I forcibly seize FSMO Roles from one domain controller (DC) to another? Windows Server Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation). The five FSMO roles are: Seize FSMO roles using PowerShell You can seize FSMO roles using the PowerShell Move-ADDirectoryServerOperationMasterRole cmdlet. The syntax for the…

Datacenter networking servers

How to Transfer FSMO Roles

Last Update: Oct 15, 2024

In this article, you will learn how to transfer FSMO roles in Active Directory quickly using the command lines tools and GUI. Windows Server Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation). In most cases an administrator can keep the FSMO role holders (all 5 of them) in…

Windows-11-notebook-tablet

Set Up Active Directory Federation Services – A Practical Example for Workplace Join

Last Update: Oct 15, 2024

In part one of this new series on Active Directory Federation Services (AD FS), learn to set up Workplace Join in Windows Server 2012 R2.

Go to page