Fun with ADSI: Shortcuts for Binding to Active Directory Objects
David Conners
October 6, 2021
Shortcuts for when you’re building scripts to work with AD or working on servers with limited access to tools.
[blog]
The authority on identity and security in Microsoft
Does securing your business keep you up at night? Sleep better staying in the know – read our experts’ unique takes on trends in cybersecurity.
Password Spray Attack Defense with Entra ID
Brian Desmond
September 23, 2021
Until passwordless authentication is a more viable option, we must take steps to defend against password spray attacks. Azure Active Directory can help.
Entra ID Connect Installation with Granular Permissions
Tony Brzoskowski
September 16, 2021
Azure Active Directory Connect (AADC) installation creates a set of permissions that in most cases does not follow the concept of least privilege.
AD Roles: Enterprise Admins and Schema Admins
Andy Schneider
September 7, 2021
The first domain in an AD forest is unique. There are two groups in this domain that we must be aware of: Enterprise Admins and Schema Admins.
Protect Your Windows Network from the PetitPotam Exploit
Tony LaGrassa
August 23, 2021
The PetitPotam exploit can be used to completely own an environment, with very few prerequisites—but mitigation is within reac
Entra ID Connect Installation Strategies
Thomas Garrity
July 29, 2021
If organizations don’t properly plan the synchronization solution for their cloud identities, which Microsoft calls Azure AD Connect, users will have poor experiences in the cloud. Because identity is central to security in the cloud, it’s critical to properly plan and implement Azure AD Connect.
Where to Host Active Directory FSMO Roles
Tony Brzoskowski
July 21, 2021
The size and complexity of the organization are critical factors when determining how and where to host FSMO roles.
4 Essential Practices for Automating the Termination of Hybrid Users
Thomas Garrity
July 1, 2021
When an identity from Active Directory (AD) is synchronized with a cloud-based identity platform such as Azure AD, those identities are classified as being hybrid. When user accounts are terminated in an inconsistent manner, certain aspects of the termination process may fall through the cracks, which can result in security risks for an organization.
Components of a PKI, Part 5: Hardware Security Modules
Miles Gratz
June 23, 2021
Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it integrates directly with their existing Active Directory environment…
Components of a PKI, Part 4: Active Directory Certificate Services
Miles Gratz
June 23, 2021
Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it integrates directly with their existing Active Directory environment…
Components of a PKI, Part 3: Certificate Revocation
Miles Gratz
June 16, 2021
One important function of Certificate Authorities that’s mentioned briefly in Part 2 of our “Components of a PKI” blog series is the ability to perform certificate revocation, or the CA’s ability to revoke certificates it issued previously.
Components of a PKI, Part 2: Certificate Authorities and CA Hierarchies
Miles Gratz
June 16, 2021
In Part 1 of our “Components of a PKI” blog series, we defined several PKI terms that are useful for understanding Certificate Authorities (CAs—also known as Certification Authorities) and CA hierarchies…
