Blog

Virtual Machine Generation ID with Active Directory Domain Controllers

Active Directory (AD) domain controllers (DCs) have been around since Windows 2000. At that time, virtualization was in its infancy and almost every server was physical. And many of those servers weren’t even housed in a typical datacenter or server closet. Virtualization started to take off in the early to mid-2000s. It enabled the use …

Virtual Machine Generation ID with Active Directory Domain Controllers Read More »

Deploying the eduPerson Schema to Active Directory

If you work in a higher education environment, there exists a set of standards that must be implemented to allow students and faculty to collaborate on projects at other schools or to use higher education specific services. One of these standards is the eduPerson schema, which provides storage for widely used education-specific attributes about a …

Deploying the eduPerson Schema to Active Directory Read More »

Flattening Group Memberships to a Single Group

In previous blog posts (Part 1, Part 2), we discussed a powerful feature in Entra ID (formerly Azure Active Directory) known as dynamic membership rules. In short, Entra ID’s dynamic membership rules feature allows you to use any attributes from Entra ID’s base set or custom extension properties to construct groups that automatically add and …

Flattening Group Memberships to a Single Group Read More »

Securing On-Premises Access Is Easier Than You Think: Utilizing the Entra Application Proxy

In a previous blog post, we discussed taking advantage of Entra (formerly Azure Active Directory) Application Proxies to allow access to on-premises applications without a dependency on traditional tools such as a VPN. That blog includes a few great points that should be highlighted again. For example, in most organizations an Entra Application Proxy: Sounds …

Securing On-Premises Access Is Easier Than You Think: Utilizing the Entra Application Proxy Read More »

Win32 App Deployment with Intune Supersedence Rules

There are several ways to deploy applications to users or devices that are managed by Microsoft Intune. In addition to application types, you must also take into consideration the method of assignment and how it will affect you long term from a management and maintenance standpoint. Deploying an application installer via Intune is usually accomplished …

Win32 App Deployment with Intune Supersedence Rules Read More »

Manage Entra Groups with the Graph API

In my previous blog [Win32 App Deployment with Intune Supersedence Rules] I explained how to update Win32 applications deployed within Microsoft Intune by using the supersedence feature. Although the process is typically straightforward and simple, the requirement of keeping a security group populated with all user or device objects can make the task time-consuming. This …

Manage Entra Groups with the Graph API Read More »

3 Components of Cloud Authentication: Enterprise SSO, Zero Trust, Passwordless

In the past few years, we’ve seen a rapid expansion in remote and remote-hybrid workforces. Remote employees primarily use cloud-native services to manage their daily workloads from the comfort of their home (or public) internet. This has caused a great deal of stress for IT departments, especially those that rely heavily on their internal infrastructure.   …

3 Components of Cloud Authentication: Enterprise SSO, Zero Trust, Passwordless Read More »

Network Time Protocol Configurations: A Deeper Dive

In my previous blog post we reviewed why time synchronization is important, as well as proper time synchronization configuration of domain controllers (DCs) holding the Primary Domain Controller Emulator (PDCe) role. We were able to properly configure Network Time Protocol (NTP) settings through the use of Windows Management Instrumentation (WMI) filters and Group Policy. Like …

Network Time Protocol Configurations: A Deeper Dive Read More »

Active Directory Forest Recovery: Plan to Eliminate Downtime

Active Directory (AD) is still the predominant identity and management platform for tens of thousands of organizations worldwide. Larger organizations with hundreds to even thousands of applications continue to rely on AD, even as they transition to a cloud-first or AD-minimized environment. The reason? Unraveling all the AD-related technology and applications an organization has invested …

Active Directory Forest Recovery: Plan to Eliminate Downtime Read More »