Tip: Capturing Devices to Manage in Intune Using Azure AD Connect

Working with customers who are starting their migration for identity and administration from on-premises to Azure, I see a couple options in the installation and configuration of Azure AD Connect that get missed. Particularly, once Azure AD Connect is installed and on-premises accounts are synced with Azure, customers find that their Active Directory managed devices … Continue reading Tip: Capturing Devices to Manage in Intune Using Azure AD Connect

AD: Discover what you’ve got

Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory. I wrote a really basic script that will scour your domain and return some valuable information regarding its configuration. There are probably several things in the script that could be done differently and if I was to go … Continue reading AD: Discover what you’ve got

AGPM: The case of the missing GPT.ini file – a possible workaround

Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory, amongst other technologies, including Advanced Group Policy Manager (AGPM). Have you ever deployed a GPO via AGPM only to experience either of the two situations? EventID 1058 (GroupPolicy) in a client’s System log or The follow message when … Continue reading AGPM: The case of the missing GPT.ini file – a possible workaround

System Center Service Manager: Working with FIPS and Report Server

When you browse Report Manager URL, you get an HTTP 500 error or a blank page (in case if you have disabled friendly HTTP messages) on the browser window. When you check the Reporting Services log files you would find the below error being logged: ERROR: System.Web.HttpException: Error executing child request for Error.aspx. ---> System.Web.HttpUnhandledException: … Continue reading System Center Service Manager: Working with FIPS and Report Server

Azure AD Best Practice: Using Azure AD Connect Standby for Redundancy and Failover

My big focus for Azure at Microsoft is in administration and identity. This includes a lot of heavy Azure AD work. I regularly help customers assess their Azure AD implementations and plans, which puts me in the unique position to hear about customer woes directly. One of the bigger pain points I hear from customers … Continue reading Azure AD Best Practice: Using Azure AD Connect Standby for Redundancy and Failover

LAPS Security Concern : Computers joiners are able to see LAPS Password

Here we will discuss a common concern about LAPS as many customers noticed that people who join the computers to the domain can retrieve the LAPS password although they are not given the Permission to do so and because some organizations allow normal users to join their machines to the domain this consider a security … Continue reading LAPS Security Concern : Computers joiners are able to see LAPS Password

Azure AD Best Practice: When to Consider Using a Full SQL Server Instance for Azure AD Connect

By default, Azure AD Connect installs with SQL Express. More specifically, the default is a SQL Server 2012 Express LocalDB (a light version of SQL Server Express). If you need to manage a higher volume of directory objects, you'll definitely want to point the installation wizard to a different installation of SQL Server. The type … Continue reading Azure AD Best Practice: When to Consider Using a Full SQL Server Instance for Azure AD Connect