Clik here to view.
vSphere 7’s vCenter Server Identity Provider Federation feature allows for MFA
In this series on virtualizing Active Directory on VMware vSphere, we’ve discussed earlier how to set up a straight-forward vCenter delegation model for running virtual Domain Controllers safely....
View ArticleClik here to view.
Five things to know about the Office 365 app in Azure AD Conditional Access
After being in Public Preview since February 2020, Microsoft made the Office 365 app in Azure AD Conditional Access Generally Available. The below image sums up what is in the Office 365 app: The...
View ArticleClik here to view.
From the Field: The case of the randomly rebooting Domain Controllers
Troubleshooting stories from the field are the best. That’s why I like writing them down. Although, sometimes they might appear as straight cases of schadenfreude, I feel there are lessons to be...
View ArticleClik here to view.
Group Policy Elevation of Privilege Vulnerability (CVE-2020-16939, Important)
On Tuesday October 13th 2020, Microsoft released updates for all supported versions of Windows and Windows Server to address an elevation of privilege vulnerability in Group Policy, marked as...
View ArticleClik here to view.
Getting Started with the Self-service Web Portal for Veeam Backup for...
Microsoft recommends organizations using Office 365 services to create backups of their data in these services outside of the scope of the functionality of replicas and previous versions. Veeam Backup...
View ArticleClik here to view.
Azure AD Connect version 1.3.20.0 and older versions are no longer supported
As announced as part of the Azure AD Connect Version Release History page and shared here earlier, yesterday marked the end of Azure AD Connect version 1.3.20.0 and older versions of Azure AD Connect....
View ArticleClik here to view.
VMware updated the patch for CVE-2020-3992 to completely address the Remote...
In October 2020, VMware published update VMSA-2020-0023 that claimed to fix the CVE-2020-3992 vulnerability in OpenSLP service in ESXi. OpenSLP is used for service location. This component has a...
View ArticleClik here to view.
I’m speaking at the 2020 NT Konferenca
The 2020 NT Konferenca, known as NT Remote 2020, the 25th edition of the NT Konferenca, kicks off in two weeks. I have been invited to deliver two sessions. About NT Konferenca NT Konferenca is the...
View ArticleClik here to view.
The video of my talk at the European SharePoint Office 365 and Azure...
The European SharePoint, Office 365 & Azure Conference (ESPC) is Europe’s leading online community, providing educational resources and encouraging collaboration. Therefore, I was more than happy...
View ArticleClik here to view.
KnowledgeBase: LSASS on Windows 10 version 20H2 crashes and reboots...
On October 20th, 2020, Microsoft released Windows 10, version 20H2 build 19042 to Visual Studio Subscribers and organizations with access to the Software Download Center and the Volume Licensing...
View ArticleClik here to view.
Kerberos Security Feature Bypass Vulnerability (Important, CVE-2020-17049,...
Yesterday, for its November 2020 Patch Tuesday, Microsoft released an important security update for Active Directory Domain Services (AD DS). About the vulnerability A Kerberos Security Feature...
View ArticleClik here to view.
Command-line switches for Azure AD Connect
After you install Azure AD Connect, but before you configure the product through the Microsoft Azure Active Directory Connect wizard, you can fiddle with the Azure AD Connect installer. Below is a...
View ArticleClik here to view.
Ten Things You should know about vCenter Identity Provider Federation
vCenter in VMware vSphere 7 introduces support for role-based access control (RBAC), based on standards-based federation. While this sounds fantastic, there are a couple of things you should know...
View ArticleClik here to view.
I’m speaking at IT Pro | Dev Connections Greece 2020
I will be speaking at the upcoming IT Pro | Dev Connections Greece conference in the weekend of December 12th and 13th, 2020. About IT Pro|Dev Connections IT Pro|Dev Connections is a conference...
View ArticleClik here to view.
KnowledgeBase: The Conditional Access APIs do not currently support Preview...
During Microsoft’s Ignite event in September 2020, the Conditional Access Application Programming Interfaces (APIs) were announced as Generally Available. We’ve covered this change in our recap of...
View ArticleClik here to view.
TODO: Require MFA from four more Azure AD Roles through your Conditional...
As part of MC224734, Microsoft has communicated publicly that they are requiring multi-factor authentication (MFA) from four more Azure AD privileged roles through the Security Defaults functionality....
View ArticleClik here to view.
Experiences with Zero Trust
Recently, people responsible for identity, security and governance have embraced the vision of Zero Trust. It is the logical evolution of our thinking towards an actionable, more thorough and holistic...
View ArticleClik here to view.
Two vulnerabilities in VMware ESXi may lead to virtual Domain Controller...
Today, VMware released an update that addresses a use-after-free vulnerability in the XHCI USB controller (CVE-2020-4004) and a VMX elevation-of-privilege vulnerability CVE-2020-4005). Together these...
View ArticleClik here to view.
HOWTO: Get rid of the Conditional Access Baseline Policies in your Azure AD...
In September 2018, Microsoft introduced the concept of Conditional Access baseline policies. Baseline policies were superseded by Security Defaults, and starting February 2020 the Baseline Conditional...
View ArticleClik here to view.
TODO: Stream additional logs from Azure AD for optimal visibility
Over the past six months, I’ve shown you ways to get to know the devices that people in your organization use App Passwords on, set an alert to notify when an additional person is assigned the Azure...
View Article