Identity Archives

How to Use the Microsoft Azure Portal to Disable Basic Authentication

Leave a Comment / Identity / By Tony Brzoskowski

Microsoft is disabling Basic authentication in an effort to improve data security in Exchange Online. Starting October 1, 2022, Microsoft will begin turning off Exchange Online Basic authentication. (For more information, see the Microsoft article “Deprecation of Basic authentication in Exchange Online”). As of September 2022, Microsoft has provided an update on guidance for the …

How to Use the Microsoft Azure Portal to Disable Basic Authentication Read More »

Remediating LDAP Client Security

Leave a Comment / Identity, Identity Management, Security / By Thomas Garrity

Remediating LDAP security issues is important because the default configurations on domain controllers (DCs) and clients are open to various attacks. Learn how to remediate those issues.

Monitoring for LDAP Client Security

Leave a Comment / Active Directory, Identity, Identity Management, Security / By Thomas Garrity

Applications that use Lightweight Directory Access Protocol (LDAP) are prevalent in virtually every organization that uses Active Directory (AD). Unfortunately, the default AD configuration provides opportunities for insecure LDAP connections. These defaults have come into focus because of common, widely available AD attack tools such as NTLMRelayX. (For more information about NTLMRelayX, see How to …

Monitoring for LDAP Client Security Read More »

Components of a PKI, Part 5: Hardware Security Modules

Leave a Comment / Identity, Security / By Miles Gratz

Not all organizations require their own PKI solution; however, most leverage Microsoft Active Directory Certificate Services because it integrates directly with their existing Active Directory environment…

Components of a PKI, Part 4: Active Directory Certificate Services

Leave a Comment / Identity, Security / By Miles Gratz

Components of a PKI, Part 3: Certificate Revocation

Leave a Comment / Identity, Security / By Miles Gratz

One important function of Certificate Authorities that’s mentioned briefly in Part 2 of our “Components of a PKI” blog series is the ability to perform certificate revocation, or the CA’s ability to revoke certificates it issued previously.

Components of a PKI, Part 2: Certificate Authorities and CA Hierarchies

Leave a Comment / Identity, Security / By Miles Gratz

In Part 1 of our “Components of a PKI” blog series, we defined several PKI terms that are useful for understanding Certificate Authorities (CAs—also known as Certification Authorities) and CA hierarchies…

Components of a PKI, Part 1: Digital Certificates

Leave a Comment / Identity, Security / By Miles Gratz

Digital certificates (most commonly represented by the X.509 public key certificate standard) are signed data objects that associate a public key with an individual user, device, or entity. In this case, we’re specifically referring to digital certificates formatted using the X.509 standard.

4 Best Practices for Hybrid Identity Attributes in Active Directory

Leave a Comment / Active Directory, Identity, Identity Management, Security / By Thomas Garrity

User attributes are important metadata that should be treated with care. Some organizations do not take user attributes seriously enough, which creates problems when the company tries to automate system access.

Authentication Options for Automated Azure PowerShell Scripts, Part 3: Additional Considerations

Leave a Comment / Identity, Security / By David Conners

In Part 3 of this blog series, we discuss some other important considerations when taking this approach to automation.

Identity

How to Use the Microsoft Azure Portal to Disable Basic Authentication

Remediating LDAP Client Security

Monitoring for LDAP Client Security

Components of a PKI, Part 5: Hardware Security Modules

Components of a PKI, Part 4: Active Directory Certificate Services

Components of a PKI, Part 3: Certificate Revocation

Components of a PKI, Part 2: Certificate Authorities and CA Hierarchies

Components of a PKI, Part 1: Digital Certificates

4 Best Practices for Hybrid Identity Attributes in Active Directory

Authentication Options for Automated Azure PowerShell Scripts, Part 3: Additional Considerations

Deploying the eduPerson Schema to Active Directory

Improving Entra ID B2B User Management with Cross-Tenant Synchronization

Flattening Group Memberships to a Single Group