I first wrote a 7 part series blog on Kerberos back in 2018. With the advent of Windows Server 2025 and the demise of RC4 in Active Directory, I thought it was worth refreshing this blog and talk about any differences in how Kerberos works in the new server OS....
Read MoreWe are proud to release our first version of the GeekWolf.Migration PowerShell module! It is very early days for us on this, and we have lots of ideas to expand on this module with other useful cmdlets to help those of you doing mergers, acquisitions and divestiture related migrations. If...
Read MoreWindows Server 2025 is shaping up to be a significant update with various new features, improvements, and removals. Microsoft has focused on enhancing security, modernizing protocols, and streamlining management tools. Here’s an overview of what to expect: New features Delegated managed service accounts (dMSA): These replace traditional service accounts with...
Read MoreWhen building and deploying applications on Microsoft Windows, one of the key considerations is how these applications authenticate and interact with the operating system and other network resources. This often involves the use of service accounts—specialized accounts under which applications, services, or scripts run. However, not all service accounts are...
Read MoreWith the release of PowerShell 7, several improvements and changes were introduced to enhance performance, compatibility, and functionality. However, some of these changes may impact existing scripts if you’re upgrading from PowerShell Core 6.x or earlier versions. In this post, we’ll explore some more significant breaking changes and provide examples...
Read MoreTransitioning from on-premises infrastructure to a cloud-native environment using Microsoft Entra ID (formerly Azure AD) and Microsoft 365 is a strategic move that can enhance security, improve scalability, and streamline IT management. However, this process can be complex, especially when it comes to moving users, applications, and Active Directory (AD)...
Read MoreAs organisations move to Microsoft Entra ID (formerly Azure Active Directory), it’s crucial to understand the implications for device management, particularly how the local administrators group is handled when transitioning from AD-joined or workgroup-joined devices to Entra joined devices. This blog explores what changes occur during this process, including the...
Read MoreAs the digital landscape evolves, organisations face increasingly sophisticated threats that target various aspects of their infrastructure. Microsoft 365 (M365) offers a comprehensive suite of security products designed to protect identities, data, devices, and networks in both cloud and hybrid environments. While M365’s security tools provide robust protection, organisations may...
Read MoreIn an increasingly digital world, securing access to corporate resources is more critical than ever. As organisations embrace remote work and cloud-based services, the need for robust security solutions to protect data and ensure seamless access has surged. Two prominent players in this domain are Global Secure Access (GSA) from...
Read MoreIn today’s digital world, as organisations continue to embrace hybrid work models and cloud-based solutions, ensuring secure access to resources across a global workforce has become a critical challenge. Microsoft’s Global Secure Access (GSA) aims to address this by offering a comprehensive solution designed to protect users, devices, and data....
Read MoreAs organisations increasingly adopt cloud-first strategies, hybrid environments have become the norm. Azure Active Directory (Azure AD), now part of Microsoft’s Entra product family, is the identity platform for managing users, devices, and access to resources across cloud and on-premises environments. One critical aspect of this integration is ensuring seamless...
Read MoreEntra Hybrid Join (EHJ) is a critical feature that allows Windows 10/11 devices to be registered in both on-premises Active Directory (AD) and Entra ID (previously Azure AD). This capability enables seamless single sign-on (SSO) across on-premises and cloud services, simplifying device management and enhancing security. This blog will guide...
Read MoreMigrating from one Active Directory (AD) environment to another is a complex and delicate task that requires careful planning and execution. This guide will walk you through the essential steps and considerations for a successful AD-to-AD migration, focusing on minimising user impact, maintaining security, and ensuring ongoing access to critical...
Read MoreIn today’s rapidly evolving digital landscape, securing both infrastructure and user authentication is critical to reducing the attack surface of an organisation’s IT environment. Traditionally, on-premises authentication has played a central role in managing access to applications, services, and servers. However, as threats have grown more sophisticated, it has become...
Read MoreThe placement of domain controllers remains a pivotal consideration for maintaining an efficient and resilient IT infrastructure. While the advent of Entra Join and advancements in Windows 10/11 have shifted some dynamics, effective domain controller placement still hinges on balancing network latency, redundancy, and high availability. This blog will explore...
Read MoreWhen setting up Active Directory (AD), one of the foundational decisions is selecting the right domain name. This decision impacts network architecture, security, and management. Whether you’re considering ‘.local’, using a subdomain of your corporate domain, or opting for a distinct registered domain, each choice has its implications. This guide...
Read MoreIn the realm of identity management, organisations often face the challenge of synchronising on-premises directories with cloud environments. Microsoft provides two primary tools to achieve this: Microsoft Entra Connect Sync and Microsoft Entra Cloud Sync. Both are designed to synchronise user identities between on-premises Active Directory (AD) and Microsoft Entra...
Read MoreWhen it comes to managing identities, access, and directory services within an organisation, Microsoft’s Active Directory (AD) and its variant, Active Directory Lightweight Directory Services (AD LDS), have been pivotal tools for IT professionals. With the evolution of cloud computing, Entra ID (formerly known as Azure Active Directory) has emerged...
Read MoreIn today’s enterprise landscape, identity management is key to ensuring secure and efficient access to resources. Three widely-used directory services that address these needs are Active Directory (AD), AWS Managed Domain, and Azure AD Directory Services. In this blog, we will explore the pros and cons of each service, including...
Read More