Azure – Page 5

F5 Big-IP & AAD & KCD

By rzomerman | April 27, 2019 | No Comments | Active Directory, Azure, F5, Kerberos, Networking

The title being full of acronyms, this topic is about publishing Kerberos based websites behind an F5 load balancer, while using Azure AD as the authenticating service. Or in more technical terms, F5 will rely on an external SAML based token to perform Kerberos Constraint Delegation towards a backend server. Get settled in, this is […]

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 3b

By rzomerman | February 28, 2019 | No Comments | Active Directory, Azure, Azure AD

In part 3a, we explained how ADFS can be used in cross-forest migrations to ensure all users (migrated or not) can still authenticate. In part 3B we will be looking at Pass-Through authentication and how it affects migrated/non-migrated users. First of all, we need to make sure we have pass-through authentication agents deployed. In my […]

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 3a

By rzomerman | February 28, 2019 | No Comments | Active Directory, Azure, Azure AD

To continue our coverage of ADMT and AAD, part three of the series. I know I promised 3 articles, but given the amount of data, I’ll split part 3 (authentication) in a few more posts.. We have 1 AAD and 2 AD’s; FORESTOOT.local as the source and TARGET.local is still the target AD forest. There […]

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – part 2

By rzomerman | January 27, 2019 | No Comments | Active Directory, Azure, Azure AD

In our previous post we explored the backend of Azure AD Connect and what happens in multi-forest scenarios. In this post we will be looking into the ADMT migration and the effects on the cloud accounts. The FORESTROOT domain has a user (smith@azureinfra.com) which has been assigned a full E5 license to Office 365. The […]

ImmutableID – mS-DS-ConsistencyGuid – AADConnect – ADMT – new series

By rzomerman | January 25, 2019 | No Comments | Active Directory, Azure, Azure AD

My posts on the ImmutableID seem to continue attraction from all over the world, and thus, let’s continue the fun. In a new series of posts we will be looking at the influence of the ImmutableID and Cross-Forest Anchor (name given by me, not sure if it is the actual name for it) in an […]

Exclusive: Azure Gateway OpenVPN P2S profile creator

By Roelf Zomerman | September 24, 2018 | No Comments | Azure, Networking, Scripting

Since only a few days (and for the few that read this before the Ignite launch: in a few days) the Azure Virtual Network Gateway will support P2S connections based on OpenVPN. This means that the connections from all your clients to Azure networks becomes a whole lot easier. Connect with your phone, tablet, Mac […]

Azure P2S VPN with MFA

By rzomerman | July 29, 2018 | No Comments | Active Directory, Azure, Networking

As Microsoft enabled the Radius option in the Azure Gateway VPN configuration, it now means you can enable MFA on your P2S connections! There is a caveat however. It only works if you have replicated your users from an Active Directory into Azure Active Directory. If you have cloud-only user, it doesn’t work (yet..) I’ll […]

Enable/Disable Accelerated Networking on Azure VM’s

By rzomerman | March 13, 2018 | No Comments | Azure, Scripting

Microsoft Azure has the option to enable Accelerated Networking on VM’s. More information on the feature can be found here but this post is not to tell you about what good it does nor how it works.. no, this post is to introduce a new script that will enable/disable the function for you! update: it’s […]

ImmutableID – mS-DS-ConsistencyGuid – ADConnect – final part

By rzomerman | August 21, 2017 | No Comments | Active Directory, Azure

One of the most looked at topics on this blogpost is the ImmutableID series for Azure AD Connect and AADSync. And I wanted to give an update to this, given the latest versions of Azure AD Connect seemed to have adopted the idea to use the ms-ds-ConsistencyGuid (or any other value) to replace the ImmutableID used for synchronization. Don’t worry, please keep reading the other posts, as they clearly explain the how behind the idea of using the alternative ImmutableID.. and this post is just to tell you.. Microsoft has made the implementation a lot easier!

How to connect to Azure Services

By rzomerman | June 21, 2017 | No Comments | Azure

When deploying services in Azure, the connection to those services is important. Some services might require public access, while for other services you want to have a more private connection.. this post goes into the different options.. and what to take into account when connecting to services deployed in Azure.. Within Azure there is a […]

Tag: Azure