Exchange/EXO/Outlook performance and troubleshooting

Troubleshooting Logs and Tools https://blogs.technet.microsoft.com/exchange/2016/05/31/checklist-for-troubleshooting-outlook-connectivity-in-exchange-2013-and-2016-on-premises/ SaRA tool to assess OUTLOOK client: https://diagnostics.outlook.com/#/ Also on CTRL + right click on OUTLOOK icon on the system tray! to get the connection status Test connectivity from outside using: https://testconnectivity.microsoft.com/ Also check potential source of problems: Check ADFS policies Check set-CASmailbox – (post authentication) ; if POP or imapContinue reading “Exchange/EXO/Outlook performance and troubleshooting”

AADConnect – migrating from ADFS to password hash synchronization

Implement password hash synchronization: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization   Migrating from federated authentication (ADFS) to password hash synchronization: https://github.com/Identity-Deployment-Guides/Identity-Deployment-Guides/blob/master/Authentication/Migrating%20from%20Federated%20Authentication%20to%20Password%20Hash%20Synchronization.docx  

How to test SSL/TLS status ?

To test SSL/TLS and much more you can use the free online tool from Qualys: https://www.ssllabs.com/ssltest/index.html Third-party Tool: https://www.nartac.com/Products/IISCrypto/Download   Links related to TLS which I have consulted: Solving the TLS problem ==> https://www.microsoft.com/en-us/download/details.aspx?id=55266 How to restrict the use of certain cryptographic algorithms and protocols in Schannel.dll ==> https://support.microsoft.com/en-us/help/245030/how-to-restrict-the-use-of-certain-cryptographic-algorithms-and-protoc TLS/SSL Settings ==> https://technet.microsoft.com/en-us/library/dn786418(v=ws.11).aspx#BKMK_SchannelTR_TLS10 Managing SSL/TLSContinue reading “How to test SSL/TLS status ?”

Application federation (SSO) with Azure AD

Two ways to integrate/federate applications with Azure AD: Azure marketplace: https://azure.microsoft.com/en-us/marketplace/active-directory/all/ check if the application exists: The Microsoft Azure Marketplace is an online store that offers applications and services either built on or designed to integrate with Microsoft’s Azure public cloud. Else, how to configure single sign-on to applications that are not in the AzureContinue reading “Application federation (SSO) with Azure AD”

Monitoring ADFS and AAD Connect using Azure AD connect health

Monitoring ADFS and the AAD Connect Sync Engine using AAD connect health: https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect-health-agent-install/#test-connectivity-to-azure-ad-connect-health-service To test connectivity: Test-AzureADConnectHealthConnectivity [-Role] {Adfs | Sync | Adds | HybridReporting} [[-ShowResult]] The role parameter currently takes the following values: ADFS Sync ADDS HybridReporting Test-AzureADConnectHealthConnectivity -Role ADFS -Showresult The role parameter currently takes the following values: ADFS Sync ADDS   ADContinue reading “Monitoring ADFS and AAD Connect using Azure AD connect health”

How to create a simple ADFS web application?

An introduction to claims: https://msdn.microsoft.com/en-us/library/ff359101.aspx To test ADFS, create your own test web app: http://blogs.msdn.com/b/alextch/archive/2011/06/27/building-a-test-claims-aware-asp-net-application-and-integrating-it-with-adfs-2-0-security-token-service-sts.aspx http://syfuhs.net/2010/08/02/making-an-asp-net-website-claims-aware-with-the-windows-identity-foundation/ http://social.technet.microsoft.com/wiki/contents/articles/3665.windows-identity-foundation-wif-content-map.aspx

How to move a Secondary ADFS to Primary?

When you deploy AD FS 2.x out of the box and install in a default setup, it will make use of a Windows Internal Database (WID) The default setup for the WID database is that the Primary AD FS server has a read/write copy and the Secondary server(s) have a read only copy that isContinue reading “How to move a Secondary ADFS to Primary?”

ADFS v2.0

Understanding ADFS and Federation by a example: https://blogs.technet.microsoft.com/askpfeplat/2018/01/29/adfs-monitoring-a-relying-party-for-certificate-changes/ Comparing SAML, WS-FED and OAuth: https://blogs.technet.microsoft.com/askpfeplat/2014/11/02/adfs-deep-dive-comparing-ws-fed-saml-and-oauth/ ADFS 2.0: If you need to configure ADFS v. 2.0 for use in Claims-based authentication scenarios, interestingly enough, ADFS v. 2.0 DOES NOT come pre-installed with Windows Server 2008 R2–even after the release of SP1. Therefore, you will not be able toContinue reading “ADFS v2.0”