Active Directory as A Target: Why AD Defense Is More Critical Than Ever

We can start with the obvious. Active Directory is the cornerstone of an increasing number of business functionalities, and every year more work hinges on stable AD operability. AD access is also a gateway to a lot of your organization’s information. It’s known that there is no such thing as an attack-proof organization, and according […]

Using AD FS To Change Your AD Password Anywhere, Anytime

One of the really annoying things about passwords is that you have to remember them. If you can’t remember your password at a SaaS provider, it’s pretty straightforward: you click on the “forgot password” link and go through the password recovery process. As is often the case, however, the corporate world is more complicated.  If […]

Understanding Azure AD Password (Hash) Sync

Now that businesses are adopting cloud computing as part of their business model, a large percentage are choosing to connect their on-premises Active Directory environment to its counterpart in the cloud, Microsoft’s Azure Active Directory. When you extend your on-premises AD to Azure AD, you have two choices for how you want on-premises users to […]

When you should use Azure MFA and when you should use MFA Server

One of the most common security-related trends I’m seeing with customers is an interest in adding multifactor authentication (MFA) to both their new and existing solutions. This trend is usually driven by a need to increase overall security, or to satisfy regulatory requirements. As a hybrid service, Microsoft’s Azure Multifactor Authentication (MFA) service has both […]

Hidden Gems: The Azure Active Directory Whitepapers

It’s pretty well accepted now that the world is moving away from painstakingly planned, piloted, deployed, and maintained on-premises applications in local data centers. It’s moving to web services, hosted in the cloud (best definition: your stuff on someone else’s computer) whose new capabilities are rapidly deployed and refined via a DevOps mentality. Another artifact […]

Azure AD Connect: the staging server

Microsoft continues to work on a sore spot in its hybrid identity strategy: The challenge of deploying its identity bridge between Active Directory Domain Services (AD DS) on premises and Azure Active Directory in the cloud. This bridge consists of AD FS for federation and a succession of utilities, culminating in Azure AD Connect, for […]

Why On-Premises Active Directory Still Matters in a Cloud-Connected World

With all the talk about stampeding to the cloud, I get asked fairly regularly if I think Active Directory will be going away. No, AD isn’t becoming obsolete; it’s evolving. And as it evolves, I’d argue that it matters more than ever. Within Microsoft ISSD (Identity and Security Services Division), the folks that bring you […]