figure 1

Azure AD Password Protection: The Cloud Security Service your Active Directory Needs Now

| | Disaster Recovery
Microsoft has finally provided a service that mitigates the single most critical password-related security risk in the enterprise today: common passwords. You should kick the tires on this new Active Directory capability today, so you can deploy it as soon as it reaches general availability. This is a long post; ... Read More
Kerberos at Company Party

Kerberos at the Company Party

Back in 1999, I wrote a book on Windows 2000 Server in general, and Active Directory in particular. I try not to look back at what I wrote about AD back then compared to what I know now, but I remain fond of a passage that explained how the Kerberos ... Read More

The HIP Conference: DEC Updated for the Hybrid Identity Era

| | Disaster Recovery
If you ask any identity professional that’s been involved with Microsoft identity for more than 10 years, you can pretty much assume they’ve heard of DEC: The Directory Experts Conference. Known in its later years as TEC (The Expert’s Conference) when it expanded to include a few other Microsoft products ... Read More
Protecting Your Active Directory Permissions

Protecting Your Active Directory Permissions

| | Disaster Recovery
When we think of protecting Active Directory, we typically think of a few aspects of the directory service that need to be monitored and protected from disasters. If you’re responsible for the care and feeding of your corporate AD, I’m sure you can rattle off the main ones right now ... Read More
Figure 1: Legacy Azure AD authentication choices (Microsoft)

Two New Microsoft Hybrid Services Dramatically Simplify Connecting your Active Directory to Azure

Microsoft recently announced the public preview of two major new capabilities that will make integrating your on-premises Active Directory to Azure AD much, much easier. Passthrough authentication (PTA) and Seamless Single Sign-On (I’m choosing to call it 3SO) will allow your users to easily access Azure AD applications such as ... Read More
updated password

Using AD FS To Change Your AD Password Anywhere, Anytime

One of the really annoying things about passwords is that you have to remember them. If you can’t remember your password at a SaaS provider, it’s pretty straightforward: you click on the “forgot password” link and go through the password recovery process. As is often the case, however, the corporate ... Read More
NIST joins Microsoft in Changing How We Should Think About Passwords

NIST joins Microsoft in Changing How We Should Think About Passwords

On the heels of Microsoft’s updated password recommendations, the National Institute for Standards and Technology (NIST) has come out with its own updated password guidelines. These recommendations parallel many of Microsoft’s recommendations and thus give them extra credibility; in some areas they go further. When two major security industry influencers ... Read More