Active Directory (AD) domain controllers (DCs) have been around since Windows 2000. At that time, virtualization was in its infancy and almost every server was physical. And many of those servers weren’t even housed in a typical datacenter or server closet. Virtualization started to take off in the early to mid-2000s. It enabled the use […]
Virtual Machine Generation ID with Active Directory Domain Controllers Read More »
If you work in a higher education environment, there exists a set of standards that must be implemented to allow students and faculty to collaborate on projects at other schools or to use higher education specific services. One of these standards is the eduPerson schema, which provides storage for widely used education-specific attributes about a
Deploying the eduPerson Schema to Active Directory Read More »
In previous blog posts (Part 1, Part 2), we discussed a powerful feature in Entra ID (formerly Azure Active Directory) known as dynamic membership rules. In short, Entra ID’s dynamic membership rules feature allows you to use any attributes from Entra ID’s base set or custom extension properties to construct groups that automatically add and
Flattening Group Memberships to a Single Group Read More »
In a previous blog post, we discussed taking advantage of Entra (formerly Azure Active Directory) Application Proxies to allow access to on-premises applications without a dependency on traditional tools such as a VPN. That blog includes a few great points that should be highlighted again. For example, in most organizations an Entra Application Proxy: Sounds
In the past few years, we’ve seen a rapid expansion in remote and remote-hybrid workforces. Remote employees primarily use cloud-native services to manage their daily workloads from the comfort of their home (or public) internet. This has caused a great deal of stress for IT departments, especially those that rely heavily on their internal infrastructure.
3 Components of Cloud Authentication: Enterprise SSO, Zero Trust, Passwordless Read More »
In Part 1 of this blog post, we looked at what goes into thinking about and designing your automated access policies. As discussed, we want to first think about our policies in “natural language” before we dive into the technical implementation. We also covered the dynamic membership rules feature in Entra ID (formerly Azure Active
How to Use Dynamic Group Memberships in Entra ID: Part 2 Read More »
Many organizations control access to internal systems by simply relying on whether or not an account is enabled. However, users often change roles throughout their careers within a single organization. For example, a user might start as an intern in one department and then be hired full-time in another department. After a few years, they
How to Use Dynamic Group Memberships in Entra ID: Part 1 Read More »
In this post learn how to implement claims-based application access control when Azure AD B2C is federated with another identity provider.
Application Access Control Restrictions via Claims in Azure AD B2C Read More »
Inactive accounts that aren’t disabled in a timely manner threaten your AD environment. Cleanup of these accounts is crucial to keeping an organization secure.
Identifying Inactive Users in a Remote Hybrid World Read More »
Azure Active Directory Connect (AADC) installation creates a set of permissions that in most cases does not follow the concept of least privilege.
Entra ID Connect Installation with Granular Permissions Read More »
Ravenswood Technology Group is based in Chicago, IL but with customers around the world. We help companies, universities, and other organizations with less than 100 employees to over 500,000 build secure, hybrid infrastructure that enable their users to work from anywhere.
[Recent Blog Posts]
[Expertise]
© Ravenswood Technology Group, LLC
