Identity Expert Portal

Thoughts Leaders & Industry Experts
Our Directory Services Experts are pioneers in identity-driven, enterprise protection technology. They work closely with Enterprise customers, provide the critical solutions and strategies that ensure quick recovery from on-premise cyber breaches and Directory Services failures. Our experts are best-in-class, contribute to thought leadership, and possess superior insight, comprehensive AD knowledge and laser troubleshooting skills. Their genuine care for customer IT environments and identity integrity makes them deep listeners, great collaborators and team players, consummate observers and critical contributors as they execute technology to support client missions.
Nathan O'bryanConsultant, MCSMLab

Nathan is a Microsoft Certified Solutions Master: Messaging and a Microsoft MVP for Office Servers and Services with 25 years of experience in the field. Nathan is an active contributor to the Exchange and Office 365 communities by writing articles for several tech websites and his own blog. He also can be seen speaking at IT conferences including IT/DEV Connections, Microsoft Ignite, Collab365, and in frequent webcast for Redmond magazine

postSecurity Playbook in Azure Security CenterKeeping your cloud-based IT infrastructure secure is a constant effort. The people who want access to your data are always working on ways they can get in, so both you and Microsoft need to be working on ways to keep them out. Microsoft is aware of t...READ MORE
postAzure Active Directory Administrative Units Azure Active Directory Administrative Units are a new feature that will give us more granular control over our administrators privileges in Azure and Office 365. As it’s currently implemented, Azure AD Admin Units are basic. They don’t have near...READ MORE
Sean DeubyDirector of Services, Semperis

Sean brings 30 years’ experience in enterprise IT and hybrid identity to his role as Director of Services at Semperis. An original architect and technical leader of Intel’s Active Directory, Texas Instrument’s NT network, and 15-time MVP alumnus, Sean has been involved with Microsoft identity since its inception. Since then, his experience as an identity strategy consultant for many Fortune 500 companies gives him a broad perspective on the challenges of today’s identity-centered security. Sean is an industry journalism veteran; as former technical director for Windows IT Pro, he has over 400 published articles on AD, hybrid identity, and Windows Server.

postYour Zero Trust Strategy Depends on Active Directory IntegrityThe exponential increase in remote work caused by the COVID-19 crisis has ricocheted across the IT landscape. Within a matter of days, corporate IT faced an unprecedented 180-degree turn in its client networking model. Organizations that...READ MORE
postHypervisor DC Snapshots Are No Substitute for Proper Active Directory BackupsMost organizations have virtualized some or all their AD domain controllers. Virtualized DCs have their advantages, but they also introduce risks that didn’t exist with physical servers. One of these risks is the temptation to use hypervi...READ MORE
postUpgrading to WS2016/2019? Consider a Safety Net for ADA colleague here at Semperis recently looped me into a conversation with the manager of a large Active Directory environment running on Windows Server 2008 R2. With end of support for Windows Server 2008 and 2008 R2 coming up soon (officially January...READ MORE
Sander BerkouwerChief Technology Officer, SCCT BV

Sander Berkouwer is an IT Professional and has been a Microsoft MVP in Directory Services for the past eight years. He works as senior identity consultant at SCCT in the Netherlands, where he helps colleagues and customers make the most out of Microsoft products, strategies and technologies. Sander blogs almost daily about Active Directory, his favorite Microsoft technology.

postHybrid Identity Protection comes in many shapes; Meet Azure AD Connect HealthInformation protection consists of three pillars: confidentiality, integrity and availability. Hybrid Identity is no different; the three pillars still apply. However, availability is hard for Azure AD Connect. As a key link in the Hybrid Identity ch...READ MORE
whitepaperPicking the right type of solution for active directory backupREAD MORE
postActive Directory Change ResiliencyLast month, I have had many discussions with many people on Active Directory Backup and Restore. Now, the obvious topics to talk about are disaster recovery and forest recovery. Of course, we talked about these, but in many of the discussions last mo...READ MORE
Darren Mar-EliaHead of Product, Semperis

A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.

postCyber Scenarios Expose Shortcomings of BMRRansomware and wiper attacks are causing organizations to re-evaluate their backup and recovery capabilities. An obvious concern is whether backups are safe – for example, are they offline where they can’t be encrypted or wiped. While this is a g...READ MORE
postWhy Most Organizations Still Can’t Defend Against DCShadow – Part 2In part 1 of this blog post, I talked about the threat that DCShadow poses to organizations that use Microsoft Active Directory (AD). Here in part 2, I’ll talk about steps you can take to protect your organization. (Quick recap: DCShadow is a featu...READ MORE
postWhy Most Organizations Still Can’t Defend against DCShadowDCShadow is a readily available technique that allows an attacker to establish persistent privileged access in Microsoft Active Directory (AD). Specifically, DCShadow allows an attacker with privileged access to create and edit arbitrary objects in A...READ MORE
postYour Active Directory was compromised, is it all lost? – Part 2Hi, This is part two of a blog that I had written earlier.  The premise of part one was to better understand what are the options that companies face should their Active Directory be compromised. How can they get back up and running as quickly as po...READ MORE
postYour Active Directory was compromised, is it all lost?Following a 10-year stint in virtualization technologies, I joined Semperis and dove into the world of Active Directory. Over the last three years, which included some of the most vicious malware attacks ever documented, I think I have finally come u...READ MORE
postA Valentine’s Day PremonitionThis is the story of one of the most successful delivery people in the industry……this story captures one of his greatest accomplishments in recent history The Setting: Inside the Loading Dock, at the back of the building of a Global Fortune 500 c...READ MORE
postWe Can’t Do Anything About The Weather, But…We Can’t Do Anything About The Weather, But…   When bad things happen, we can dramatically speed your time to recovery! This seems to be a common concern, and one that is front and center with Board Members and Senior Management. What do we...READ MORE
postNotPetya, the Russian WiperYou know Petya, and Sandworm, and Spyware, and Rootkits. Mimikatz and WannaCry, and backdoors and botnets. But do you recall……. the most damaging attack of all?…. NotPetya the Russian Wiper, had a very nasty bite. And if you ever sa...READ MORE