This site aims to give insights, best practices and tips & tricks into the Microsoft stack with a particular focus on Identity, although I will no doubt drift into Entra ID, On-Premises, Microsoft 365, Google and Azure. Having been in the Microsoft stack for a long time and with a development background in my early years, you will see PowerShell, Graph and perhaps even some C# code. I have collated the blogs into Categories (which are shown in the menu on the left)(which are shown in the hamburger menu above) and Tags (which are shown in the tag cloud in the bottom left)(which are shown in the tag cloud at the bottom) I hope you enjoy the site, please feel free to comment on any post. If you want a regular update sent to you summarising the recently added posts, then please subscribe to the newsletter.
Here is a list of the most recent blogs:
Windows 11 24H2 is a major update bringing a mix of new features, improvements, and the removal of legacy elements. In this blog, we’ll explore both the changes that end users will notice and those that matter more for IT administrators. We’ll also highlight features that are being removed or...
Read MoreAfter writing PowerSyncPro Directory Sync in PowerShell over Christmas in 2018, I added the first migration agent in 2020. The migration agent is all about making the end user’s life easier after migration. Since then the tool has been rewritten in C# using .Net Core. I wanted to talk about...
Read MoreI first wrote PowerSyncPro Directory Sync in PowerShell over Christmas in 2018. Since then the tool has been rewritten in C# using .Net Core. I wanted to talk about things I am particularly proud of and also mention areas where I think other tools fall down. I’d love to hear...
Read MoreManaging macOS devices efficiently is crucial for businesses that rely on Apple hardware. When it comes to Mobile Device Management (MDM) solutions, Intune, JAMF, and Kandji stand out as popular choices. Each of these solutions offers distinct features and benefits, catering to various organisational needs. In this blog, we’ll delve...
Read MoreIn an era where email is a primary communication channel, ensuring the security and reliability of your email delivery is crucial. For organisations using Microsoft 365 (M365) and those engaging in bulk email sending, it’s essential to properly configure SPF, DKIM, and DMARC to protect against phishing and spoofing. Additionally,...
Read MoreI first wrote a 7 part series blog on Kerberos back in 2018. With the advent of Windows Server 2025 and the demise of RC4 in Active Directory, I thought it was worth refreshing this blog and talk about any differences in how Kerberos works in the new server OS....
Read MoreWe are proud to release our first version of the GeekWolf.Migration PowerShell module! It is very early days for us on this, and we have lots of ideas to expand on this module with other useful cmdlets to help those of you doing mergers, acquisitions and divestiture related migrations. If...
Read MoreMicrosoft are going to start enforcing MFA in the Azure portal, Entra admin center, and Intune admin center from October 2024. This is generally a good thing, however it has implications… This is an enforced MFA with no exceptions. So this will include service accounts and break glass accounts too....
Read MoreWindows Server 2025 is shaping up to be a significant update with various new features, improvements, and removals. Microsoft has focused on enhancing security, modernizing protocols, and streamlining management tools. Here’s an overview of what to expect: New features Delegated managed service accounts (dMSA): These replace traditional service accounts with...
Read MoreWhen building and deploying applications on Microsoft Windows, one of the key considerations is how these applications authenticate and interact with the operating system and other network resources. This often involves the use of service accounts—specialized accounts under which applications, services, or scripts run. However, not all service accounts are...
Read More