Azure & Active Directory Center

ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.

Sander-AD-Book-2nd edition copy

Want to learn more about Active Directory?

Active Directory Administration Cookbook, 2nd Edition

In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2019.

BUY NOW
Query Management Ideas listing image

Active Directory Monitoring: LDAP Query Management

Image of Nathan O'Bryan MCSM
Nathan O'Bryan MCSM

Lightweight Directory Access Protocol (LDAP) is a directory service protocol that is used to search for information within your Active Directory and a useful tool that can better assist you with Active Directory Monitoring. LDAP is used to search your active directory for information about users, computers, and groups within your Active Directory database. LDAP queries can be run from multiple different tools including PowerShell, ldapsearch, VB Scripts, and the saved queries feature in Active Directory Users and Computers.

Read More
businessman touching virtual key

Microsoft 365 Security Assessment Part 2

Image of Matthew Levy
Matthew Levy

Last week I shared part one of my Microsoft 365 Security Assessment where we took a deep dive into securing things related to Azure Active Directory. If you haven’t had a chance to read through it yet, take a few minutes and read it here.

Now that we’re all on the same page, lets dive into part two, where we’ll cover security settings in the Microsoft 365 Admin Center.

Moving on to the Microsoft 365 Admin Center

Turn ON modern authentication

Modern authentication is what allows you to enforce MFA and other identity based security features. Products that don’t use “modern authentication” use what we call “Legacy Authentication” (obviously) or “Basic Authentication”. It only uses username and password pairs to authenticate a user. The example shown in Figure 14: Basic authentication prompt is using legacy authentication, also known as basic authentication.
Read More
Security and Identity Microsoft listing image

Having an Identity Crisis

Image of Nicolas Blank
Nicolas Blank

My email address is my identity

In Active Directory on-premises or Azure Active Directory (AAD), used by Office 365, our User Principal Name (UPN) is often the same as our email address. These days, we often log in with our email addresses, which means that whatever we’re “using under the hood” from an authentication point of view is the same as our email address. This convention of making our email address the same as our UPN is common practice and even advocated by Microsoft.

Read More