Author: rzomerman

Surface Hub at home

The Microsoft Surface Hub is a gigantic whiteboard on steroids. It allows you to .. (dhu) Whiteboard, but also allows you to join meetings through Skype or Teams, load PowerPoint/Word documents, connect you to your Office 365 services and much much more. Now the device in itself is special already, with many Mic’s and Camera’s […]

Read more

F5 Big-IP & AAD & BASIC / NTLM

In our previous post we looked at using Azure AD to perform the authentication for our F5 published web apps that used Kerberos. Now the strength of the F5 APM module is the SSO capabilities that allow it to authenticate users once and then they could reach any web app published by it, regardless of […]

Read more

F5 Big-IP & AAD & KCD

The title being full of acronyms, this topic is about publishing Kerberos based websites behind an F5 load balancer, while using Azure AD as the authenticating service. Or in more technical terms, F5 will rely on an external SAML based token to perform Kerberos Constraint Delegation towards a backend server. Get settled in, this is […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 3b

In part 3a, we explained how ADFS can be used in cross-forest migrations to ensure all users (migrated or not) can still authenticate. In part 3B we will be looking at Pass-Through authentication and how it affects migrated/non-migrated users. First of all, we need to make sure we have pass-through authentication agents deployed. In my […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 3a

To continue our coverage of ADMT and AAD, part three of the series. I know I promised 3 articles, but given the amount of data, I’ll split part 3 (authentication) in a few more posts.. We have 1 AAD and 2 AD’s; FORESTOOT.local as the source and TARGET.local is still the target AD forest. There […]

Read more

Managing Hyper-V Standalone with OSX

Hyper-V server is the free virtualization OS from Microsoft to compete head to head with the free ESXi OS. When running in large farms or domain joined, Hyper-V seems to work pretty decently. But when you just want a single host that you manage with Windows 10, or let alone MacOS, Hyper-V can become a […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 2

In our previous post we explored the backend of Azure AD Connect and what happens in multi-forest scenarios. In this post we will be looking into the ADMT migration and the effects on the cloud accounts. The FORESTROOT domain has a user (smith@azureinfra.com) which has been assigned a full E5 license to Office 365. The […]

Read more

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – new series

My posts on the ImmutableID seem to continue attraction from all over the world, and thus, let’s continue the fun. In a new series of posts we will be looking at the influence of the ImmutableID and Cross-Forest Anchor (name given by me, not sure if it is the actual name for it) in an […]

Read more

Azure P2S VPN with MFA

As Microsoft enabled the Radius option in the Azure Gateway VPN configuration, it now means you can enable MFA on your P2S connections! There is a caveat however. It only works if you have replicated your users from an Active Directory into Azure Active Directory. If you have cloud-only user, it doesn’t work (yet..) I’ll […]

Read more

AZURE STACK DEVELOPMENT KIT – INSTALLER (Creating the ISO)

In my previous post I mentioned the way to create a USB/ISO for booting / installing the ASDK system. Now I’ve automated the creation of the ISO image (so you don’t have to) and with Microsoft buying GitHub, I also pushed all the code onto GitHub as well.  In there you will find the following […]

Read more