Azure Active Directory

Microsoft recently made changes to Azure Active Directory (Azure AD) to mitigate an issue where private key data stored in an Azure AD application or service principal could be read in clear text. Some Azure services were incorrectly storing private key data in Azure AD in the keyCredentials property when creating applications for customers. Microsoft… Read More

The Hybrid Identity Protection (HIP) Conference is the premier educational forum for IT pros tasked with managing identity and securing hybrid cloud environments. As the global health pandemic and move to digitalization change the way enterprises work, the HIP Conference helps IT pros to learn and implement technology that mitigates new business risks. The conference… Read More

  In this article, I'm going to show you how to audit security in Microsoft 365 with Access Reviews in Azure Active Directory (AAD). I'll show you how to set up and run Access Reviews from the Azure management portal and using the Microsoft Graph and PowerShell. Azure Active Directory enables core collaboration with users… Read More

Microsoft has issued an out-of-band emergency update fix to patch an authentication issue that was caused by the November 9th cumulative update for Windows Server. The bug affects Windows Server 2008 SP2 through to Windows Server 2019. The November 9th Patch Tuesday cumulative update (CU) for Windows Server causes a problem that can cause authentication… Read More

Microsoft announced September 22nd that Azure Virtual Desktop now supports Azure Active Directory (AD) joined virtual machines (VM). With this update you can now: Join Azure Virtual Desktop VMs directly to Azure AD Connect to VMs from any device with a username and password And automatically enroll VMs with Microsoft Endpoint Manager (MEM) Before the… Read More

Microsoft recently announced that their Ignite (online only) conference will be running again on November 2-4. That means we are approaching peak season for announcements, new public preview releases, and general availability. “Q3” in announcements and roadmaps will often mean between early September and maybe the third week of October – a code freeze will… Read More

Azure AD Connect is a free tool from Microsoft that's used for synchronizing objects between on-premises Windows Server Active Directory (AD) and Azure Active Directory. Microsoft announced in August the availability of Azure AD Connect V2.0. And in this article, I'm going to discuss the major changes in this new release. Here are the major… Read More

On-premises Active Directory domain-joined PCs have typically been managed with tools such as Group Policy.  At larger scales, you may have Configuration Manager or third-party tools.  The availability of Intune (part of Endpoint Manager) in Microsoft 365 subscriptions such as Business Premium and E3 has opened up an alternative.  The benefit many are seeing over… Read More

Microsoft announced at its Ignite conference, which ran March 2nd – 4th 2021, that passwordless authentication is now generally available. Microsoft has been pushing passwordless over the past couple of years as a more secure way to provide access than passwords and multifactor authentication. Now that passwordless authentication is generally available, organizations can roll out… Read More

At Microsoft's Ignite conference this week, there was a series of announcements for new Azure Active Directory features either entering general availability or released in public preview. AWS Single Sign-On (SSO) The Azure Active Directory (Azure AD) app gallery now includes AWS Single Sign-On (SSO). AWS SSO is a cloud service that is designed to… Read More

Security Assertion Markup Language (SAML) is an open standard that facilitates user logon to on-premises and cloud services.

The Cybersecurity and Infrastructure Security Agency (CISA) recently released a PowerShell-based tool to help organizations detect compromised accounts and applications in Microsoft Azure and 365.

Microsoft has updated 10 role names in Azure AD and if your script is broken, this is likely why.

Windows Hello and FIDO2 security keys both provide passwordless authentication. But which is best depends on your organization's existing infrastructure and user needs.

Faster synchronization, on-demand user provisioning, and attribute mapping come to Azure AD Connect and cloud provisioning.