If you work in a higher education environment, there exists a set of standards that must be implemented to allow students and faculty to collaborate on projects at other schools or to use higher education specific services. One of these standards is the eduPerson schema, which provides storage for widely used education-specific attributes about a …
Deploying the eduPerson Schema to Active Directory Read More »
In the past few years, we’ve seen a rapid expansion in remote and remote-hybrid workforces. Remote employees primarily use cloud-native services to manage their daily workloads from the comfort of their home (or public) internet. This has caused a great deal of stress for IT departments, especially those that rely heavily on their internal infrastructure. …
3 Components of Cloud Authentication: Enterprise SSO, Zero Trust, Passwordless Read More »
In my previous blog post we reviewed why time synchronization is important, as well as proper time synchronization configuration of domain controllers (DCs) holding the Primary Domain Controller Emulator (PDCe) role. We were able to properly configure Network Time Protocol (NTP) settings through the use of Windows Management Instrumentation (WMI) filters and Group Policy. Like …
Network Time Protocol Configurations: A Deeper Dive Read More »
Active Directory (AD) is still the predominant identity and management platform for tens of thousands of organizations worldwide. Larger organizations with hundreds to even thousands of applications continue to rely on AD, even as they transition to a cloud-first or AD-minimized environment. The reason? Unraveling all the AD-related technology and applications an organization has invested …
Active Directory Forest Recovery: Plan to Eliminate Downtime Read More »
Are you tired of seeing the Windows Admin Center (WAC) prompt from Microsoft Windows Server Manager (as shown in Figure 1) and not knowing what to do about it? Do you want to evolve your management experience beyond RDP? If you’re reading this blog, the answer to both of those questions is likely yes. Most …
How to Build a Tier 0 Windows Admin Center Instance Read More »
Passwords have long been the de facto authentication mechanism for identities. Length and complexity plagued us as we struggled to produce an acceptable password that we could easily remember and type when prompted. Although we’re moving closer to a passwordless and much more secure world, for now, we must still create these memorable, complex dinosaurs …
How to Implement Microsoft Entra Password Protection for a More Secure Environment Read More »
You may recall that in March 2020 Microsoft was planning to configure a couple of Lightweight Directory Access Protocol (LDAP) security settings on behalf of its customers. The company ended up not pulling the trigger, even though vulnerabilities still exist with the default implementation of LDAP. These security holes allow man-in-the-middle (MITM) attacks and replay …
Web application owners need to generate and submit certificate requests to secure traffic to their websites. Application owners often use IIS to generate or renew these requests. Occasionally, the original request will need to be altered by the Certificate Authority (CA) administrator before submitting the request to the issuing CA. Quite often, Subject Alternative Names …
How to Use CA Enrollment Agent to Securely Modify Certificate Requests Read More »
The process of cleaning up your applications can be time-consuming but there are useful ways to report and manage applications in Azure.
In this post learn how to implement claims-based application access control when Azure AD B2C is federated with another identity provider.
Ravenswood Technology Group is based in Chicago, IL but with customers around the world. We help companies, universities, and other organizations with less than 100 employees to over 500,000 build secure, hybrid infrastructure that enable their users to work from anywhere.
[Recent Blog Posts]
[Expertise]
© Ravenswood Technology Group, LLC
