Directory
Are you looking for information about Active Directory? In this archive you will find all our posts about Active Directory.
-
Azure AD B2B Direct Connect for shared channels in Microsoft Teams
Microsoft offers with Azure AD B2B Direct Connect for shared channels in Microsoft Teams a feature that simplifies management for collaboration with external partners in teams. Until the release of Azure AD B2B Direct Connect, an external partner was invited to the tenant as a guest and authorized in Microsoft Teams (Azure AD B2B Collaboration). The external partner then received an email with instructions for further steps. When looking in to the own Azure Active Directory everyone notes: each external user gets a guest account in our own Azure Active Directory. Whether the guest account is still in use or not, it will always remain in Azure Active Directory until…
-
Installation and Configuration of Microsoft Entra Cloud Sync
Microsoft Entra Cloud Sync is an advanced synchronization solution that enables seamless integration of objects from Active Directory into Microsoft Entra ID. This technology simplifies synchronization by orchestrating the deployment of Active Directory objects within Microsoft Entra ID in the Microsoft Cloud Services. For the on-premises infrastructure, only the installation of a lightweight agent is required, reducing complexity and enhancing efficiency.
-
Microsoft Entra: Roll Over Kerberos Decryption Key
With Seamless Single Sign-On (Seamless SSO), users can leverage the same credentials for both on-premises and cloud-based services. Repeated authentication prompts between these environments are eliminated, as authentication data is automatically exchanged between Active Directory and Microsoft Entra. As part of the Seamless SSO configuration, a computer account named AZUREADSSOACC is created in the on-premises Active Directory. For security reasons, Microsoft recommends rotating the associated Kerberos decryption key every 30 days.
-
Microsoft Entra Privileged Identity Management (PIM): Request Microsoft Entra roles or Microsoft Azure roles by User
Microsoft Entra Privileged Identity Management (PIM) optimizes the management of privileged roles to Microsoft Azure and Microsoft 365 resources. This contributes to the improvement of the security standards of cloud services. An additional feature is the Just-in-Time authorization, where a user is granted elevated privileges only for the period in which they are actually needed. This minimizes the risk of misuse and unauthorized access. This guide explains how a user can apply for a Microsoft Entra role or Microsoft Azure role for a specific period of time and how an administrator can efficiently manage this requests.
-
Enable Enterprise State Roaming in Azure Active Directory
Windows 10 and Windows 11 synchronizes user settings to Azure Cloud via enterprise state roaming. The settings of the applications are thus the same on every device to which a user logs on. When installing a new device, many settings are already present. Enterprise State Roaming encrypts the data with Azure Right Management (Azure RMS) and synchronizes it to the Azure Cloud. Enterprise state roaming is well suited for enterprise devices that have different locations outside the usual office premises. Unlike roaming profiles, enterprise state roaming does not require a connection to on-premise servers.