Authentications failures with Office 365 / ADFS accounts lockouts and...
Possible causes of O365 authentications failures: https://blogs.technet.microsoft.com/abizerh/2015/06/01/possible-causes-of-authentications-failures-for-federated-users-in-office-365/ ADFS account...
View ArticleAD – Securing Domain Controllers / hardening Windows domain and computers
Reference articles to secure a Windows domain: https://github.com/PaulSec/awesome-windows-domain-hardening Microsoft audit Policy settings and recommendations:...
View ArticleAzure AD Resources
Domains FAQ: https://docs.microsoft.com/en-us/office365/admin/setup/domains-faq Domain take over: https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/domains-admin-takeover Azure...
View ArticleAzure and Office365 resources
Here are resources about Azure and Office365, let me summarize: Office365 : is an offer of MS services and hosted applications – Saas ; in clear you pay for a service (sharepoint,exchange,office…) and...
View ArticleAzureAD – Staged rollout
This feature allows you to migrate from federated authentication to cloud authentication by using a staged approach: Moving away from federated authentication has implications. For example, if you have...
View ArticleAzureAD – comparing authentication methods
How to choose between authn methods: https://docs.microsoft.com/en-us/azure/security/fundamentals/choose-ad-authn#comparing-methods
View ArticleAzure AD – Securing Identity platform
Reference article: https://docs.microsoft.com/en-us/azure/security/fundamentals/steps-secure-identity Doc to disable the user consent:...
View ArticleADFS 2016 – Extranet Smart Lockout protection
How to: before to configure ADFS smart lockout, remove your account from AD protected users group, else you can get access denied...
View ArticleAuthentication Silos and policies
Reference: To use Authenticated silos, you need a 2012 R2 Domain functional level on the forest. Their are part of the configuration partition (so, at the forest level), replicated on all domain...
View ArticleHacking and Securing Active Directory
Hacking techniques for AD: “state of the art” (but scary!) with possible mitigation (when possible) + a few new methods…...
View ArticleTroubleshooting Account locked out; EventID 4740,4625,4771
Troubleshooting Account Lockouts has become an IT admin routine nowadays; You can find more possible root causes in our Account Lockout Troubleshooting Guide –...
View ArticleAzure AD Resources
Azure AD availability: https://azure.microsoft.com/en-us/blog/advancing-azure-active-directory-availability/ Azure AD blog:...
View ArticleHow to deploy latest Windows GPO ?
The Central Store. To take advantage of the benefits of .admx files, you must create a Central Store in the SYSVOL folder on a Windows domain controller. The Central Store is a file location that is...
View ArticlePowerShell – DNS – Create conditional forwarder zone
Best practices for DNS forwarding: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc754941%28v%3dws.10%29...
View ArticleAzure and Office365 resources
Here are resources about Azure and Office365, let me summarize: Office365 : is an offer of MS services and hosted applications – Saas ; in clear you pay for a service (sharepoint,exchange,office…) and...
View ArticlemsExchRecipientTypeDetails
Integrating an on-premise Active Directory and Exchange organization with Microsoft Cloud Services will require attention to new elements and details. As an example the list of object attributes in the...
View ArticleSecurity baseline for Windows Operating system
Security baseline reference article: Download the latest version: https://www.microsoft.com/en-us/download/details.aspx?id=55319 Introduction: Download the content. As usual, the content includes GPO...
View ArticleClik here to view.
ADFS – Troubleshooting claims
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/troubleshooting/ad-fs-tshoot-claims-issuance...
View ArticleThe Machine SID Duplication Myth (and Why Sysprep Matters)
The Machine SID Duplication Myth (and Why Sysprep Matters) – Microsoft Tech Community other articles: [SOLVED] Same SID on domain computers? psgetsid question. – Active Directory & GPO – Spiceworks
View Article