cloudcoffee.ch

Freshly brewed with Microsoft Azure and Microsoft 365

Tag: Directory

Are you looking for information about Active Directory? In this archive you will find all our posts about Active Directory.

Azure AD: Roll over Kerberos decryption key

By

On 23. April 2022

In Microsoft Azure

Users can use the same credentials for on-premises and cloud-based services with Seamless SSO. There is no need for recurring prompts to enter credentials between services. The necessary data are automatically synced between Active Directory and Azure Active Directory.

When configuring Seamless SSO, the computer account “AZUREADSSOACC” is created. For security reasons, the Kerberos encryption key for this account should be rolled over every 30 days.

This tutorial describes how to manually roll over the Kerberos decryption key every 30 days.

Read More

Microsoft Entra Privileged Identity Management (PIM): Request Azure Roles by User

By

On 16. April 2022

In Microsoft Azure

Microsoft Entra Privileged Identity Management (PIM) simplifies administration of privileged access to resources in Azure and Microsoft 365. This enhances the security of cloud services. A user get priviliged access only for the period in which they are really necessary (Just-in-Time).

This guide shows how the user can request an Azure role for a specific period of time and how an administrator manages this request.

Read More

Enable Enterprise State Roaming in Azure Active Directory

By

On 26. March 2022

In Microsoft Azure

Windows 10 and Windows 11 synchronizes user settings to Azure Cloud via enterprise state roaming. The settings of the applications are thus the same on every device to which a user logs on. When installing a new device, many settings are already present.

Enterprise State Roaming encrypts the data with Azure Right Management (Azure RMS) and synchronizes it to the Azure Cloud.

Enterprise state roaming is well suited for enterprise devices that have different locations outside the usual office premises. Unlike roaming profiles, enterprise state roaming does not require a connection to on-premise servers.

Read More

Microsoft Entra Hybrid Join: The Configuration Guide for Administrators

By

On 19. March 2022

In Microsoft Azure

Microsoft Entra Hybrid Join is an identity solution that allows devices to authenticate in both a Windows Server Active Directory domain and Microsoft Entra ID. This provides companies with the flexibility and security they need to effectively manage resources while ensuring a high level of security.

Microsoft Entra ID is built with global high availability. In conjunction with features such as seamless single sign-on (SSO) or Microsoft Entra Conditional Access, Microsoft Entra ID offers additional features that significantly increase security and can only be implemented at a high cost with a pure Windows Server Active Directory infrastructure.

With Microsoft Entra Hybrid Join, you get the best of both worlds (local and cloud) at the same time. The device has access to both Windows Server Active Directory and Microsoft Entra ID.

This blog article shows in detail the steps for configuring Microsoft Entra Hybrid Join.

Read More

Azure AD Join Windows Devices

By

On 5. March 2022

In Microsoft Azure

With Azure AD Join, devices are directly integrated into Azure AD. It does not require a local Active Directory. Azure AD Join is ideal for companies that do not want to run an on-premises infrastructure.
Azure AD Join lets you manage devices centrally and securely.

Read More

Page 2 of 2

Previous

Powered by WordPress & Theme by Anders Norén