Azure Infra – a technical blog.

Checkpoint with Azure VPN (new version)

These are my notes on the newer Checkpoint VPN stuff.. but still working on actually testing them.. – I put a 2016 date on it to remove it from…

March 4, 2016
ImmutableID – mS-DS-ConsistencyGuid – AADSync

Paul Williams talked in his blog about using another attribute from on-premises Ad’s to act as the ImmutableID for Azure Active Directory (http://blog.msresource.net/2014/03/10/windows-azure-active-directory-connector-part-3-immutable-id/) While making a very detailed blog…

May 6, 2015
Pass the Hash

When you create a new forest or new domain, you use the Domain Admin credentials. Through the use of the “Administrator” account you can control each and every workstation…

February 24, 2015
Azure Networking S2S + P2S

In a previous post we looked at the ability of creating a Site-2-Site connection from Checkpoint to Azure using a Dynamic Gateway. In this post, we look at client-dialup…

November 24, 2014
Web Application Proxy – on Azure

The Azure AD Application Proxy is a new feature available in Azure WAAD Premium. It allows administrators to securely publish internal websites using Azure’s technology. By using this, it will allow…

November 20, 2014
RDS Gateway through WAP

I’ve been trying to get RDS Gateway to work behind my WAP proxy server which is included in Windows Server 2012 R2 and v.Next version. While it is possible…

November 19, 2014
Azure VPN with Checkpoint FW

In this post, how to configure a Site2Site VPN connecting using a Checkpoint firewall. [EDIT: The instructions below are for R77, which is a really old version. I’m currently…

November 18, 2014
Geo-Clustering

Geo Clustering exists in many options, and dependent highly on the requirements and technical capability. This post is to discuss some options and things to consider before deploying any…

October 23, 2014
FIM/BHOLD reports

So all documentation on BHOLD informs you there are “out of the box” reports available.. none of the articles show which reports they are.. so here they are..

January 9, 2014
Change UPN (based on Primary Email) based on SMTP: in proxy addresses

So there are numerous scripts out there for setting the UPN of a user to match the Windows Email Address.. you can even do that in a single command…

September 17, 2013
Data Offloaded Transfers – ODX

As we are seeing more and more Windows 2012 based Clouds and services.. I wanted to alert you to the following technology which is becoming more and more available…

June 18, 2013
Mitigating attacks on your Active Directory network

Microsoft released a new whitepaper this week that gives an insight in why you should protect your privileged accounts. One of the techniques described is the PassTheHash attack which…

December 13, 2012