Identity Expert Portal

Thoughts Leaders & Industry Experts
Our Directory Services Experts are pioneers in identity-driven, enterprise protection technology. They work closely with Enterprise customers, provide the critical solutions and strategies that ensure quick recovery from on-premise cyber breaches and Directory Services failures. Our experts are best-in-class, contribute to thought leadership, and possess superior insight, comprehensive AD knowledge and laser troubleshooting skills. Their genuine care for customer IT environments and identity integrity makes them deep listeners, great collaborators and team players, consummate observers and critical contributors as they execute technology to support client missions.
Nathan O'bryanConsultant, MCSMLab

Nathan is a Microsoft Certified Solutions Master: Messaging and a Microsoft MVP for Office Servers and Services with 25 years of experience in the field. Nathan is an active contributor to the Exchange and Office 365 communities by writing articles for several tech websites and his own blog. He also can be seen speaking at IT conferences including IT/DEV Connections, Microsoft Ignite, Collab365, and in frequent webcast for Redmond magazine

postSecurity Playbook in Azure Security CenterKeeping your cloud-based IT infrastructure secure is a constant effort. The people who want access to your data are always working on ways they can get in, so both you and Microsoft need to be working on ways to keep them out. Microsoft is aware of t...READ MORE
postAzure Active Directory Administrative Units Azure Active Directory Administrative Units are a new feature that will give us more granular control over our administrators privileges in Azure and Office 365. As it’s currently implemented, Azure AD Admin Units are basic. They don’t have near...READ MORE
Sean DeubySenior Identity Architect, Edgile

Sean Deuby is an identity architect for Edgile, Inc., where he focuses on enterprise cloud identity and Active Directory solutions. Previously, Sean covered identity topics in his role as Technical Director and analyst for Windows IT Pro, where he has over 250 published articles. Sean has spent many years in enterprise IT organizations; he was the design engineer of the IT directory services team for Intel Corporation, and one of the original architects of the company’s corporate Active Directory. Sean was also technical lead and a principal architect of Texas Instruments’ original worldwide enterprise Windows NT network. A veteran public speaker, Sean has presented sessions from TechEd to Cloud Identity Summit. He has been awarded directory services Most Valuable Professional status by Microsoft every year since 2004

webinarHow to Defend Against Password Spray Attacks

In our last webinar, Darren Mar-Elia demonstrated attacks on Active Directory that left participants seriously questioning the state of their AD security. Why is that? Because Active Directory has become a prime target for malicious attackers who are leveraging new, sophisticated methods to compromise your environment.

View this webinar and learn the five of the top things you can do to protect yourself and your AD from some of these kinds of attacks, and how you can ensure that only the right people are performing actions within your Active Directory.

whitepaperRetake Control of Attribute Synchronization to Azure AD

With Azure AD Connect, synchronizing directory data from on-premises Active Directory to Azure Active Directory is both easy and efficient. But while simple to configure, keeping the default settings might leave you more exposed than your security and regulation practices allow.

Azure AD domain, OU, app and attribute filtering allow organizations to synchronize only a handful of attributes to minimize the exposure of personally identifiable information in this setup. So, why wouldn’t you use it?

postShould you upgrade to Active Directory 2016…or stay where you are?Should you upgrade your existing AD forest to Windows Server 2016 Active Directory (aka AD 2016), or should you leave it where it is? Despite the focus and activity around adopting cloud services today, the fact remains that Active Directory continue...READ MORE
Sander BerkouwerChief Technology Officer, SCCT BV

Sander Berkouwer is an IT Professional and has been a Microsoft MVP in Directory Services for the past eight years. He works as senior identity consultant at SCCT in the Netherlands, where he helps colleagues and customers make the most out of Microsoft products, strategies and technologies. Sander blogs almost daily about Active Directory, his favorite Microsoft technology.

postHybrid Identity Protection comes in many shapes; Meet Azure AD Connect HealthInformation protection consists of three pillars: confidentiality, integrity and availability. Hybrid Identity is no different; the three pillars still apply. However, availability is hard for Azure AD Connect. As a key link in the Hybrid Identity ch...READ MORE
whitepaperPicking the right type of solution for active directory backupREAD MORE
postActive Directory Change ResiliencyLast month, I have had many discussions with many people on Active Directory Backup and Restore. Now, the obvious topics to talk about are disaster recovery and forest recovery. Of course, we talked about these, but in many of the discussions last mo...READ MORE
Darren Mar-EliaHead of Product, Semperis

A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.

postWhy Most Organizations Still Can’t Defend against DCShadow – Part 2In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a featu...READ MORE
postWhy Most Organizations Still Can’t Defend against DCShadowDCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in A...READ MORE
postNSA Sounds the Alarm on BlueKeepJuly 29, 2019 Update: With over 800,000 Windows systems still unpatched and vulnerable (as of July 2), concern over BlueKeep remains high, especially after a detailed guide on how to write an exploit was posted online last week.  Other indications t...READ MORE
postYour Active Directory was compromised, is it all lost? – Part 2Hi, This is part two of a blog that I had written earlier.  The premise of part one was to better understand what are the options that companies face should their Active Directory be compromised. How can they get back up and running as quickly as po...READ MORE
postYour Active Directory was compromised, is it all lost?Following a 10-year stint in virtualization technologies, I joined Semperis and dove into the world of Active Directory. Over the last three years, which included some of the most vicious malware attacks ever documented, I think I have finally come u...READ MORE
postA Valentine’s Day PremonitionThis is the story of one of the most successful delivery people in the industry……this story captures one of his greatest accomplishments in recent history The Setting: Inside the Loading Dock, at the back of the building of a Global Fortune 500 c...READ MORE
postWe Can’t Do Anything About The Weather, But…We Can’t Do Anything About The Weather, But…   When bad things happen, we can dramatically speed your time to recovery! This seems to be a common concern, and one that is front and center with Board Members and Senior Management. What do we...READ MORE
postNotPetya, the Russian WiperYou know Petya, and Sandworm, and Spyware, and Rootkits. Mimikatz and WannaCry, and backdoors and botnets. But do you recall……. the most damaging attack of all?…. NotPetya the Russian Wiper, had a very nasty bite. And if you ever sa...READ MORE