
AD Roles: Enterprise Admins and Schema Admins
The first domain in an AD forest is unique. There are two groups in this domain that we must be aware of: Enterprise Admins and Schema Admins.
Does securing your business keep you up at night? Sleep better staying in the know – read our experts’ unique takes on trends in cybersecurity.
The first domain in an AD forest is unique. There are two groups in this domain that we must be aware of: Enterprise Admins and Schema Admins.
The PetitPotam exploit can be used to completely own an environment, with very few prerequisites—but mitigation is within reac
If organizations don’t properly plan the synchronization solution for their cloud identities, which Microsoft calls Azure AD Connect, users will have poor experiences in the cloud. Because identity is central to security in the cloud, it’s critical to properly plan and implement Azure AD Connect.
The size and complexity of the organization are critical factors when determining how and where to host FSMO roles.
When an identity from Active Directory (AD) is synchronized with a cloud-based identity platform such as Azure AD, those identities are classified as being hybrid. When user accounts are terminated in an inconsistent manner, certain aspects of the termination process may fall through the cracks, which can result in security risks for an organization.
User attributes are important metadata that should be treated with care. Some organizations do not take user attributes seriously enough, which creates problems when the company tries to automate system access.
Several high-risk events have recently highlighted the importance of a fully functional and secure Active Directory environment to a company’s business operations.
Migrating your Active Directory Federation Services (AD FS) integrated SaaS applications to Azure Active Directory (Azure AD) provides many benefits. For example, Azure AD B2B lets you give your business partners and customers access to your organization’s applications without creating a user account in AD or Azure AD.
One of the most important security controls in an Active Directory (AD) forest is the prevention of privilege escalation paths. The tiered access model for AD introduces a significant number of technical controls that reduce the risk of privilege escalation.
The workstation an administrator uses to perform privileged tasks such as managing Active Directory (AD) is a high-value target for a potential adversary. By providing administrators with a clean keyboard, PAWs isolate privileged accounts from the risks of a compromised workstation.