Loading...

Enable/Disable Accelerated Networking on Azure VM’s part 2

In my previous post, I talked about using a custom script to redeploy VM’s with Accelerated networking enabled or disabled. The latest PowerShell cmd’lets however make things a lot easier and don’t require you to re-deploy the entire VM anymore. So, this post is a followup to the previous one and explains how to enable […]

Read more

Encryption in the Cloud

One of the hottest topics with customers in their “journey” to adopt cloud is the topic of encryption. Data that goes up into space needs to be controlled to avoid leakage to hackers, script kiddies and what not. In the next few series I will be looking at Encryption in Azure, but let’s start with […]

Read more

Forcing re-authentication on (some) applications

Sign-In Frequencies in Azure AD: You might have seen on Azure Active Directory a new feature called Sign-In Frequency. In this post we are taking a closer look at this feature. First, we need to understand how authentication works and which tokens we are receiving. When you sign-in to an application which is dependent on […]

Read more

Surface Hub at home

The Microsoft Surface Hub is a gigantic whiteboard on steroids. It allows you to .. (dhu) Whiteboard, but also allows you to join meetings through Skype or Teams, load PowerPoint/Word documents, connect you to your Office 365 services and much much more. Now the device in itself is special already, with many Mic’s and Camera’s […]

Read more

F5 Big-IP & AAD & BASIC / NTLM

In our previous post we looked at using Azure AD to perform the authentication for our F5 published web apps that used Kerberos. Now the strength of the F5 APM module is the SSO capabilities that allow it to authenticate users once and then they could reach any web app published by it, regardless of […]

Read more

F5 Big-IP & AAD & KCD

The title being full of acronyms, this topic is about publishing Kerberos based websites behind an F5 load balancer, while using Azure AD as the authenticating service. Or in more technical terms, F5 will rely on an external SAML based token to perform Kerberos Constraint Delegation towards a backend server. Get settled in, this is […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 3b

In part 3a, we explained how ADFS can be used in cross-forest migrations to ensure all users (migrated or not) can still authenticate. In part 3B we will be looking at Pass-Through authentication and how it affects migrated/non-migrated users. First of all, we need to make sure we have pass-through authentication agents deployed. In my […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 3a

To continue our coverage of ADMT and AAD, part three of the series. I know I promised 3 articles, but given the amount of data, I’ll split part 3 (authentication) in a few more posts.. We have 1 AAD and 2 AD’s; FORESTOOT.local as the source and TARGET.local is still the target AD forest. There […]

Read more

Managing Hyper-V Standalone with OSX

Hyper-V server is the free virtualization OS from Microsoft to compete head to head with the free ESXi OS. When running in large farms or domain joined, Hyper-V seems to work pretty decently. But when you just want a single host that you manage with Windows 10, or let alone MacOS, Hyper-V can become a […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 2

In our previous post we explored the backend of Azure AD Connect and what happens in multi-forest scenarios. In this post we will be looking into the ADMT migration and the effects on the cloud accounts. The FORESTROOT domain has a user (smith@azureinfra.com) which has been assigned a full E5 license to Office 365. The […]

Read more