Azure AD Best Practice: Using Azure AD Connect Standby for Redundancy and Failover

My big focus for Azure at Microsoft is in administration and identity. This includes a lot of heavy Azure AD work. I regularly help customers assess their Azure AD implementations and plans, which puts me in the unique position to hear about customer woes directly. One of the bigger pain points I hear from customers … Continue reading Azure AD Best Practice: Using Azure AD Connect Standby for Redundancy and Failover

Azure AD Best Practice: When to Consider Using a Full SQL Server Instance for Azure AD Connect

By default, Azure AD Connect installs with SQL Express. More specifically, the default is a SQL Server 2012 Express LocalDB (a light version of SQL Server Express). If you need to manage a higher volume of directory objects, you'll definitely want to point the installation wizard to a different installation of SQL Server. The type … Continue reading Azure AD Best Practice: When to Consider Using a Full SQL Server Instance for Azure AD Connect

Active Directory security Best Practices : Part 1

As The Active Directory is identified as one of the most business critical applications whose any outage can cause downtime of users and services so it need special care and high attention in terms of security , backup and health , and every day as I visiting customers there is a frequent question that I … Continue reading Active Directory security Best Practices : Part 1

Azure AD Best Practice: Requiring users to periodically re-confirm their authentication information

Disabling the authentication methods re-confirmation prevents users from updating potentially outdated information such as email or phone number and can decrease the effectiveness of Self-service Password Reset (SSPR). This may also result in password reset information being sent to an unintended recipient. The default setting in Azure AD is to require users to re-confirm authentication … Continue reading Azure AD Best Practice: Requiring users to periodically re-confirm their authentication information

Field Notes: Azure Active Directory Connect – Troubleshooting Task Overview

This is a continuation of a series on Azure AD Connect. Previous parts have mostly been focusing on the installation and configuring different user sign-in options for Azure AD. Links to these are provided in the summary section below. Now that we have covered the common setup options for Azure AD Connect, I would like … Continue reading Field Notes: Azure Active Directory Connect – Troubleshooting Task Overview

Using SCCM DCM Feature to monitor GPO application in the environment

The Issue A Common issue that keeps being experienced across customer sites, is the application of Group Policies on machines By default when a GPO is created and linked, it should apply to all the machines that the policy was linked to, and in most cases this works pretty perfectly, however, how do you know … Continue reading Using SCCM DCM Feature to monitor GPO application in the environment

Step by Step: Enforce Require LDAP Signing on domain controllers. Part 1

Introduction: One of the security settings that Microsoft recommend applying on domain controllers is to Require LDAP Signing. Requiring LDAP signing is one policy setting that can be applied on a few seconds using group policy, but what is the impact of applying this setting in your production environment? In most customer environments I visited, … Continue reading Step by Step: Enforce Require LDAP Signing on domain controllers. Part 1