If you work in a higher education environment, there exists a set of standards that must be implemented to allow students and faculty to collaborate on projects at other schools or to use higher education specific services. One of these standards is the eduPerson schema, which provides storage for widely used education-specific attributes about a …
Deploying the eduPerson Schema to Active Directory Read More »
B2B user management is a challenge for many organizations that utilize it for collaboration. In this blog, we discuss how to address this challenge using cross-tenant synchronization. Cross-tenant synchronization connects two or more Entra ID (formerly Azure Active Directory) tenants and copies users between them while keeping attributes in sync. In intra-organization collaboration scenarios, such …
Improving Entra ID B2B User Management with Cross-Tenant Synchronization Read More »
In previous blog posts (Part 1, Part 2), we discussed a powerful feature in Entra ID (formerly Azure Active Directory) known as dynamic membership rules. In short, Entra ID’s dynamic membership rules feature allows you to use any attributes from Entra ID’s base set or custom extension properties to construct groups that automatically add and …
In the past few years, we’ve seen a rapid expansion in remote and remote-hybrid workforces. Remote employees primarily use cloud-native services to manage their daily workloads from the comfort of their home (or public) internet. This has caused a great deal of stress for IT departments, especially those that rely heavily on their internal infrastructure. …
3 Components of Cloud Authentication: Enterprise SSO, Zero Trust, Passwordless Read More »
Are you ready to make the move to Entra (formerly Azure Active Directory) single sign-on (SSO)? Do you want to avoid the complications of federated authentication for Microsoft 365? Are you unsure about switching your entire organization over at once? Entra ID’s cloud authentication staged rollout might be the answer. Background to Entra SSO Entra …
How to Use Staged Rollout to Migrate to Entra Single Sign-On Read More »
In Part 1 of this blog post, we looked at what goes into thinking about and designing your automated access policies. As discussed, we want to first think about our policies in “natural language” before we dive into the technical implementation. We also covered the dynamic membership rules feature in Entra ID (formerly Azure Active …
How to Use Dynamic Group Memberships in Entra ID: Part 2 Read More »
Many organizations control access to internal systems by simply relying on whether or not an account is enabled. However, users often change roles throughout their careers within a single organization. For example, a user might start as an intern in one department and then be hired full-time in another department. After a few years, they …
How to Use Dynamic Group Memberships in Entra ID: Part 1 Read More »
In this post learn how to implement claims-based application access control when Azure AD B2C is federated with another identity provider.
Remediating LDAP security issues is important because the default configurations on domain controllers (DCs) and clients are open to various attacks. Learn how to remediate those issues.
Applications that use Lightweight Directory Access Protocol (LDAP) are prevalent in virtually every organization that uses Active Directory (AD). Unfortunately, the default AD configuration provides opportunities for insecure LDAP connections. These defaults have come into focus because of common, widely available AD attack tools such as NTLMRelayX. (For more information about NTLMRelayX, see How to …
Ravenswood Technology Group is based in Chicago, IL but with customers around the world. We help companies, universities, and other organizations with less than 100 employees to over 500,000 build secure, hybrid infrastructure that enable their users to work from anywhere.
[Recent Blog Posts]
[Expertise]
© Ravenswood Technology Group, LLC
