This site aims to give insights, best practices and tips & tricks into the Microsoft stack with a particular focus on Identity, although I will no doubt drift into Entra ID, On-Premises, Microsoft 365, Google and Azure. Having been in the Microsoft stack for a long time and with a development background in my early years, you will see PowerShell, Graph and perhaps even some C# code. I have collated the blogs into Categories (which are shown in the menu on the left)(which are shown in the hamburger menu above) and Tags (which are shown in the tag cloud in the bottom left)(which are shown in the tag cloud at the bottom) I hope you enjoy the site, please feel free to comment on any post. If you want a regular update sent to you summarising the recently added posts, then please subscribe to the newsletter.
Here is a list of the most recent blogs:
Managing macOS devices efficiently is crucial for businesses that rely on Apple hardware. When it comes to Mobile Device Management (MDM) solutions, Intune, JAMF, and Kandji stand out as popular choices. Each of these solutions offers distinct features and benefits, catering to various organisational needs. In this blog, we’ll delve...
Read MoreIn an era where email is a primary communication channel, ensuring the security and reliability of your email delivery is crucial. For organisations using Microsoft 365 (M365) and those engaging in bulk email sending, it’s essential to properly configure SPF, DKIM, and DMARC to protect against phishing and spoofing. Additionally,...
Read MoreI first wrote a 7 part series blog on Kerberos back in 2018. With the advent of Windows Server 2025 and the demise of RC4 in Active Directory, I thought it was worth refreshing this blog and talk about any differences in how Kerberos works in the new server OS....
Read MoreWe are proud to release our first version of the GeekWolf.Migration PowerShell module! It is very early days for us on this, and we have lots of ideas to expand on this module with other useful cmdlets to help those of you doing mergers, acquisitions and divestiture related migrations. If...
Read MoreMicrosoft are going to start enforcing MFA in the Azure portal, Entra admin center, and Intune admin center from October 2024. This is generally a good thing, however it has implications… This is an enforced MFA with no exceptions. So this will include service accounts and break glass accounts too....
Read MoreWindows Server 2025 is shaping up to be a significant update with various new features, improvements, and removals. Microsoft has focused on enhancing security, modernizing protocols, and streamlining management tools. Here’s an overview of what to expect: New features Delegated managed service accounts (dMSA): These replace traditional service accounts with...
Read MoreWhen building and deploying applications on Microsoft Windows, one of the key considerations is how these applications authenticate and interact with the operating system and other network resources. This often involves the use of service accounts—specialized accounts under which applications, services, or scripts run. However, not all service accounts are...
Read MoreWith the release of PowerShell 7, several improvements and changes were introduced to enhance performance, compatibility, and functionality. However, some of these changes may impact existing scripts if you’re upgrading from PowerShell Core 6.x or earlier versions. In this post, we’ll explore some more significant breaking changes and provide examples...
Read MoreWhen you are using BitTitan MigrationWiz you can ask it to email you project statistics. Now this is great when you only have a handful of projects, but when you migrate tens of thousands of mailboxes, archives, OneDrive sites at the same time (and with BitTitan’s guidance to not have...
Read MoreTransitioning from on-premises infrastructure to a cloud-native environment using Microsoft Entra ID (formerly Azure AD) and Microsoft 365 is a strategic move that can enhance security, improve scalability, and streamline IT management. However, this process can be complex, especially when it comes to moving users, applications, and Active Directory (AD)...
Read More