This site aims to give insights, best practices and tips & tricks into the Microsoft stack with a particular focus on Identity, although I will no doubt drift into Entra ID, On-Premises, Microsoft 365, Google and Azure. Having been in the Microsoft stack for a long time and with a development background in my early years, you will see PowerShell, Graph and perhaps even some C# code. I have collated the blogs into Categories (which are shown in the menu on the left)(which are shown in the hamburger menu above) and Tags (which are shown in the tag cloud in the bottom left)(which are shown in the tag cloud at the bottom) I hope you enjoy the site, please feel free to comment on any post. If you want a regular update sent to you summarising the recently added posts, then please subscribe to the newsletter.
Here is a list of the most recent blogs:
In the realm of device management and security, Entra and Intune are critical tools that serve different but complementary roles. Understanding their distinct functions and how they interact can help organisations better manage their IT infrastructure. Let’s dive into what each service does and how they interrelate. What is Entra...
Read MoreWhen setting up Active Directory (AD), one of the foundational decisions is selecting the right domain name. This decision impacts network architecture, security, and management. Whether you’re considering ‘.local’, using a subdomain of your corporate domain, or opting for a distinct registered domain, each choice has its implications. This guide...
Read MoreIntroduction In today’s cybersecurity landscape, strong password policies are crucial for protecting against unauthorised access and cyberattacks. Entra ID Password Protection extends Azure Active Directory’s robust password security features to on-premises Active Directory environments. This integration helps organisations enforce consistent password policies across both cloud and on-premises systems. This blog...
Read MoreWhen recommending that Multi-Factor Authentication (MFA) be configured for all users in Entra ID (formerly Azure Active Directory), one of the most common concerns you’ll encounter is, “How often will users be prompted to complete MFA?” This question often stems from a fear that MFA will disrupt daily workflows by...
Read MoreWith the rise of remote work and the increasing complexity of cyber threats, maintaining robust security without disrupting user productivity is a significant challenge for IT administrators. Microsoft’s Entra ID Continuous Access Evaluation (CAE) is a powerful solution designed to meet this challenge, providing a dynamic security posture that adapts...
Read MoreIn the realm of identity management, organisations often face the challenge of synchronising on-premises directories with cloud environments. Microsoft provides two primary tools to achieve this: Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync. Both are designed to synchronise user identities between on-premises Active Directory (AD) and Microsoft Entra...
Read MoreWhen it comes to managing identities, access, and directory services within an organisation, Microsoft’s Active Directory (AD) and its variant, Active Directory Lightweight Directory Services (AD LDS), have been pivotal tools for IT professionals. With the evolution of cloud computing, Entra ID (formerly known as Azure Active Directory) has emerged...
Read MoreMigrating mailbox data with BitTitan’s MigrationWiz is something that I have done many times, and I’m sure many others have as well. It works well, is reliable (as of date of writing this anyway :)), and it pretty fast. However if the mapping is wrong, it seems to migrate data...
Read MoreIn today’s enterprise landscape, identity management is key to ensuring secure and efficient access to resources. Three widely-used directory services that address these needs are Active Directory (AD), AWS Managed Domain, and Azure AD Directory Services. In this blog, we will explore the pros and cons of each service, including...
Read MoreIn Active Directory we are used to seeing Security Identifiers (SIDs) in Access Control Lists (ACLs) and they are made up of S-1-5-12-- where the RID for non system objects is a number above 1000. Now in Azure AD that wouldn't work as the RID part would quickly exhaust and...
Read More