Importing the Security Baselines into AD easily The easiest method of importing all the settings into AD is a script that is included with the baselines, its stored beneath the Scripts folder named "Baseline-ADImport.ps1". Baseline-ADImport.ps1 Imported GPO's in AD In the image above you can see everything that is imported with the Security Baseline for … Continue reading Understanding Microsoft Security Baselines and Applying Them – Part 2
This is 16 Minutes interview with Microsoft Services Expertise discussing How Microsoft Enable Remote Work for Organization using Windows Virtual Desktop.
As organizations are asking employees to work from home to slow the spread of COVID-19, it’s even more important that users are registered for MFA and SSPR. We want to make it easier for remote workers to keep their accounts secure.
This is a continuation of a series on Azure AD Connect. The second blog post of the series covered a custom installation. One of the optional features I promised to cover then was password writeback, which I discuss in this blog post as part of enabling the self-service password reset (SSPR) feature in a hybrid … Continue reading Field Notes: Azure AD – Configuring Self-Service Password Reset in Hybrid Deployments
Introduction I was working with a customer recently who could not get clients or servers at a new remote site to activate using Active Directory Based Activation (ADBA). They were getting event ID 8214 as in the image below. Notice in the above where I bold the computer name Client1.Child1.Contoso.local. This means that Client1 is … Continue reading Active Directory Based Activation (ADBA) Fails with Error: 0x8007202B
Welcome back to the second and last post to setup hybrid Azure ad join. Hopefully all went well with configuring Pass-Through Authentication. Below you will find a link back to part 1. Configure Pass-Through AuthenticationSetup Hybrid Azure AD Join Setup Hybrid Azure AD Join Consider the following prerequisites before moving forward. Prerequisites Domain controller should … Continue reading Setup Hybrid Azure AD Join – Part 2
In addition to users, device identities can be managed by Azure Active Directory as well, event if they are already managed by your on-premise network. This two part series will walk you throught the step to allow your devices to be both on-premise and Azure active directory joined, otherwise known as hybrid Azure ad join
This is a continuation of a series on Azure AD Connect. I started off this Azure AD Connect series by going through the express installation path, where the password hash synchronization (PHS) sign-in option is selected by default. This was followed by the custom installation path where I selected pass-through authentication (PTA) as a user … Continue reading Field Notes: Azure AD Connect – Migrating from AD FS to Password Hash Synchronization
This is a continuation of a series on Azure AD Connect. In this blog post, I cover a specific case where an export to Azure AD fails due to stale Internet proxy settings configured on the server running Azure AD Connect. I go through various tools, some of which we have covered in our previous … Continue reading Field Notes: The case of the stopped Azure AD Connect synchronization – stale Internet proxy server
This is a continuation of a series on Azure AD Connect. I recently covered using domain/OU and group filtering options that are available in Azure AD Connect to help control which objects are synchronized to Azure AD. I also took a closer look in group filtering, which is not recommended for use in production. Another … Continue reading Field Notes: Azure AD Connect – Attribute-based Filtering