AzureAD – Staged rollout

This feature allows you to migrate from federated authentication to cloud authentication by using a staged approach: Moving away from federated authentication has implications. For example, if you have any of the following: an on-premises MFA server => you must be moved to Azure MFA first are using smart cards for authentication other federation onlyContinue reading “AzureAD – Staged rollout”

AD – Securing Domain Controllers / hardening Windows domain and computers

Reference articles to secure a Windows domain: Les 4 piliers de la sécurité Active Directory https://www.cert.ssi.gouv.fr/uploads/guide-ad.html https://github.com/PaulSec/awesome-windows-domain-hardening Pingcastle: to audit an AD domain https://www.pingcastle.com/ AD explorer (sysinternals): https://www.blackhillsinfosec.com/domain-goodness-learned-love-ad-explorer Microsoft audit Policy settings and recommendations: https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/security-best-practices/audit-policy-recommendations Sysinternals sysmon: to audit and control changes https://onedrive.live.com/view.aspx?resid=D026B4699190F1E6!2843&ithint=file%2cpptx&app=PowerPoint&authkey=!AMvCRTKB_V1J5ow On ADsecurity.org: Beyond domain admins: https://adsecurity.org/?p=3700 Gathering AD data with PowerShell: https://adsecurity.org/?p=3719Continue reading “AD – Securing Domain Controllers / hardening Windows domain and computers”

Troubleshooting Account locked out; EventID 4740,4625,4771

Troubleshooting Account Lockouts has become an IT admin routine nowadays; You can find more possible root causes in our Account Lockout Troubleshooting Guide – https://community.spiceworks.com/how_to/113387-account-lockout-troubleshooting. Possible root causes: Persistent drive mappings with expired credentials Mobile devices using domain services like Exchange mailbox Service Accounts using cached passwords Scheduled tasks with expired credentials Programs using storedContinue reading “Troubleshooting Account locked out; EventID 4740,4625,4771”

Microsoft Roadmaps (office 365, Azure, Windows)

Microsoft Office 365 roadmap: For significant updates, Office customers are initially notified by the O365 roadmap: https://www.microsoft.com/en-us/microsoft-365/roadmap As an update gets closer to rolling out, it is communicated through your Office 365 Message center. Microsoft Azure roadmap: https://azure.microsoft.com/en-us/updates/ Microsoft cloud platform: https://www.microsoft.com/en-us/microsoft-365/enterprise-mobility-security