Active Directory

Microsoft is gradually introducing multifactor authentication (MFA) for all organizational accounts in Azure Active Directory. In this article, I look at the new Security Defaults setting and how to enable it.

Google makes it easier for enterprises to move apps that rely on Windows Server Active Directory to Google Cloud.

I did think about calling this the typo edition – I just bought a Microsoft Sculpt ergonomic keyboard and it might be preventing physical strain but my mental state as a result of the change is a whole other matter.

This month sees a bumper crop of 99 patches from Microsoft, including a fix for the IE zero-day announced last month and a change in default configuration for new Windows Server Active Directory deployments.

In the second part of this two-part series, I show you how to synchronize password hashes between AAD and Domain Services, and how to join a Windows Server VM to the new domain.

This month sees yet more changes to Microsoft’s Windows 10 servicing schedule, problems for users after April’s Patch Tuesday quality update, the new version of Edge released for Insiders, and new minimum disk space requirements for upgrading to the Windows 10 May 2019 Update.

In today’s Ask the Admin, I discuss whether federated authentication is really the most secure way to set up hybrid authentication between Windows Server Active Directory and Office 365.

The recent exposure of a privilege elevation vulnerability that exists in the control Exchange has over Active Directory and EWS push notifications is fixed by cumulative updates for Exchange 2013, Exchange 2016, and Exchange 2019 and a roll-up update for Exchange 2010 SP3. These changes mark an architectural modification for Exchange, something that Microsoft is loathe to do outside major releases. Install the updates now!

Understanding how Kerberos delegation works in Active Directory is key to keeping your systems secure.

Windows 10 version 1809 is rereleased but users still face problems, Microsoft issues security advisory for devices with self-encrypting SSDs, Windows 10 gets support for 64-bit ARM apps, and researcher finds Active Directory forest trust security bug.