Category: On-Premises

A look at Kerberos in Windows Server 2025

I first wrote a 7 part series blog on Kerberos back in 2018. With the advent of Windows Server 2025 and the demise of RC4 in Active Directory, I thought it was worth refreshing this blog and talk about any differences in how Kerberos works in the new server OS....

Read More

Introducing the GeekWolf Migration module

We are proud to release our first version of the GeekWolf.Migration PowerShell module! It is very early days for us on this, and we have lots of ideas to expand on this module with other useful cmdlets to help those of you doing mergers, acquisitions and divestiture related migrations. If...

Read More

Windows Server 2025 review

Windows Server 2025 is shaping up to be a significant update with various new features, improvements, and removals. Microsoft has focused on enhancing security, modernizing protocols, and streamlining management tools. Here’s an overview of what to expect: New features Delegated managed service accounts (dMSA): These replace traditional service accounts with...

Read More

Windows service accounts overview

When building and deploying applications on Microsoft Windows, one of the key considerations is how these applications authenticate and interact with the operating system and other network resources. This often involves the use of service accounts—specialized accounts under which applications, services, or scripts run. However, not all service accounts are...

Read More

PowerShell 7 gotchas

With the release of PowerShell 7, several improvements and changes were introduced to enhance performance, compatibility, and functionality. However, some of these changes may impact existing scripts if you’re upgrading from PowerShell Core 6.x or earlier versions. In this post, we’ll explore some more significant breaking changes and provide examples...

Read More

Deep dive into Windows hybrid join

Entra Hybrid Join (EHJ) is a critical feature that allows Windows 10/11 devices to be registered in both on-premises Active Directory (AD) and Entra ID (previously Azure AD). This capability enables seamless single sign-on (SSO) across on-premises and cloud services, simplifying device management and enhancing security. This blog will guide...

Read More

Active Directory migration overview

Migrating from one Active Directory (AD) environment to another is a complex and delicate task that requires careful planning and execution. This guide will walk you through the essential steps and considerations for a successful AD-to-AD migration, focusing on minimising user impact, maintaining security, and ensuring ongoing access to critical...

Read More

Infrastructure versus user authentication

In today’s rapidly evolving digital landscape, securing both infrastructure and user authentication is critical to reducing the attack surface of an organisation’s IT environment. Traditionally, on-premises authentication has played a central role in managing access to applications, services, and servers. However, as threats have grown more sophisticated, it has become...

Read More

Domain Controller placement: A modern perspective

The placement of domain controllers remains a pivotal consideration for maintaining an efficient and resilient IT infrastructure. While the advent of Entra Join and advancements in Windows 10/11 have shifted some dynamics, effective domain controller placement still hinges on balancing network latency, redundancy, and high availability. This blog will explore...

Read More

Choosing an Active Directory name

When setting up Active Directory (AD), one of the foundational decisions is selecting the right domain name. This decision impacts network architecture, security, and management. Whether you’re considering ‘.local’, using a subdomain of your corporate domain, or opting for a distinct registered domain, each choice has its implications. This guide...

Read More

Entra Connect Sync versus Cloud Sync

In the realm of identity management, organisations often face the challenge of synchronising on-premises directories with cloud environments. Microsoft provides two primary tools to achieve this: Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync. Both are designed to synchronise user identities between on-premises Active Directory (AD) and Microsoft Entra...

Read More

Comparing Active Directory and AD LDS

When it comes to managing identities, access, and directory services within an organisation, Microsoft’s Active Directory (AD) and its variant, Active Directory Lightweight Directory Services (AD LDS), have been pivotal tools for IT professionals. With the evolution of cloud computing, Entra ID (formerly known as Azure Active Directory) has emerged...

Read More

Comparing AD, AWS Managed Domain and Azure ADDS

In today’s enterprise landscape, identity management is key to ensuring secure and efficient access to resources. Three widely-used directory services that address these needs are Active Directory (AD), AWS Managed Domain, and Azure AD Directory Services. In this blog, we will explore the pros and cons of each service, including...

Read More
Follow
Follow