Tag Archives: Azure Active Directory

Cloud Identity Summit 2023 Recap

Our 4th edition of the Cloud Identity Summit 2023 is over and it was a blast to meet all this great speaker and the Identity Community this year virtual and in-person in Koblenz.

This year we were kindly provided with the location by the Debeka Innovation Center (DICE) which is located near the University of Koblenz and close to the Moselle. The location is a designed as a open space to enable new thinking and new technologies which is a perfect match for our Cloud Identity Summit.

The 4th edition offered 10 sessions in two parall tracks, divided into Identity Security and Identity Management and it was really a pleasure to see this big identity experience in the different Identity topics on this day live at our conference. The speakers who made the extra journey to the event can certainly be called who as who of the identity scene. Therefore, at this point I would like to thank you explicitly, because without you this event would not have been possible:

  • Sefallah Tagrerout and Jean-Francois (Jeff) Aprea – Securing your Azure Ad with our Zero Trust Approach!
  • Jan Vidar Elven – Monitoring and Reporting on Activities and Security in Microsoft Entra Azure AD
  • Fabian Bader – From (tier) zero to cloud hero: How to pwn Azure AD from on-prem
  • Kenneth van Sarksum – Implementing and building advanced Microsoft Entra Id Conditional Access scenarios
  • Christopher Brumm – Walk the walk – explore ways to ensure strong authentication in real life scenarios
  • Sfefan van der Wiele – Walk the walk – explore ways to ensure strong authentication in real life scenarios
  • Daniel Krzyczkowski – The future of customer identity with Microsoft Entra
  • Nicki Borell – Azure AD Identity Governance – What do your users do with their access
  • Sander Berkouwer and Raymond Comvalius – Just apply the basics in your Azure AD tenant!
  • Anton Staykov – Seamless cross-tenant application access with Entra Azure AD Cross-Tenant sync

Koblenz is the hometown of Thomas Naunheim therefore we had also recommendations for sightseeing tips, city walks and Restaurants and start to meet the speaker on Wednesday in a Restaurant close to the Rhine and the Deutsche Eck (German Corner). After our great dinner, we made a short city walk to the Deutsche Eck and after this to a final beer for a good preperation for our conference on Thursday.

We started our hybrid conference a little late with a strong focus on the in-person experience and also broadcast the Sessions live to the world via teams.

In my estimation it was a complete success due to four factors:

  • Which is thanks to the great speakers who share their knowledge with great pleasure
  • The on-site participants who brought a lot of fun and made the sessions interactive, through their numerous questions
  • The great help of our team which made sure that the speakers and participants felt comfortable
  • Our great sponsors (adesso SE and glückkanja-gab AG) without whom this event would not have been possible for many reasons

We hope that the conference meet the expectations from our attendees and will plan for 2024 and we really want your Feedback for good and not so good thinks. The really goal of this conference it´s a conference from the community for the community. So gave us your feedback for a better Cloud Identity Summit in 2024!

Microsoft will disable Legacy Authentication 1st of October 2022 – What this means and what you have to do

Many of my customers move to the cloud in the last recent years. This means for existing environments a start of a journey away from on-prem system going forward to cloud environments. We all know a journey starts with preperation and needs different steps and is always not a good idea to work on all systems together. But on the other hand, same system still exists in there old way and use sometimes old, unsecure protocols for communication and authentication.

To adress this issues Microsoft announce Septemper 2019 in a blog article “Improving security” the disabling of support for Basic authentication for the protocols like EWS, POP, IMAP and Remote Powershell. After the plan the corona crisis came up and Microsote decided to postpone the disabling of the noted protocols.

In September 2021 Microsoft released new information about this in the article “Basic authentication and Exchange Online” including some updated information. Microsoft will disable basic authentication beginning 1st of October 2022 for all protocols except SMTP auth. This means the following protocols will be disabled:

  • Exchange Web Services (EWS)
  • Exchange ActiveSync (EAS)
  • POP
  • IMAP,
  • Remote PowerShell
  • MAPI
  • RPC
  • OAB
Continue reading Microsoft will disable Legacy Authentication 1st of October 2022 – What this means and what you have to do

Speaking at Experts Live Netherlands 2022

The full event month of September is slowly coming to an end and what better way to end it than with a great Azure conference? I´m really happy to announce that I will speak at the Experts Live Netherlands. The Experts Live Netherlands is one of the biggest Experts Live conferences next to Experts Live Europe and celebrates its 10th anniversary this year.

Continue reading Speaking at Experts Live Netherlands 2022

Cloud Identity Summit 2022 Recap

After 8 Months of planning the Cloud Identity Summit 2022 is over and I can say it was really a pleasure to help to organize this great Community event from my perspective. Four years ago Thomas Naunheim come up with the Idea to create a event focus on Identity for the Community. We discuss this in our Azure Bonn Orga Team and finally the Cloud Identity Summit was born. At the end of 2019 we plan the first edition for 2020 as a in-person event, but things changed and we changed the format to an virtual event and this also for 2021.

Back in february we start planning for the 3rd edition 2022 and we decided to go back to our original idea to hold it as a in-person event, but with the experience of two virtual events we move it to an hybrid event. Yesterday was our 1st Cloud Identity Summit 2022 as hybrid edition and I can say, I was really exited about it. Why?

CIS 2022 – Conference view
Continue reading Cloud Identity Summit 2022 Recap

Microsoft release Azure AD Connect V2 with tons of new features and remove support for WS 2012 R2 or Older

Update 18/08/2021

Added some details about v. 1.6.11.3 which fixes a security issue.

Microsoft released a major update of Azure AD Connect. This major release brings a lots of new features and requirements for the local infrastructure. In this article I will cover the latest information and how you can upgrade to the new release.

The new version 2 of Azure AD Connect was released on 20/07/2021 and bring the product to the version 2.0.3.0 the lastet release of version 1 was 1.6.4.0 1.6.11.3. Microsoft found a security issue in 1.6.4.0 and 2.0.3.0 and updated the Azure AD Connect v2 to 2.0.8.0.

Microsoft released also an update for AAD Connect v1 and brings it to 1.6.11.3. This is for customers who running an older version of Windows Server who can not upgrade to WS 2016 and fixes an security issue in 1.6.4.0.

Continue reading Microsoft release Azure AD Connect V2 with tons of new features and remove support for WS 2012 R2 or Older

AZURE AD Connect Release 1.6.4.0 is available and moves synchronization to new Azure AD V2 endpoint and fixed a Bug in 1.6.2.4

Update 1 – 31/032021

Microsoft released the new v. 1.6.4.0 this fixed a bug in the previous release 1.6.2.4, because after upgrade to that release, the Azure AD Connect Health feature was not registered correctly and did not work. When you installed 1.6.2.4 please do a upgrade to the new 1.6.4.0 release.

Microsoft has released a new Version of Azure AD Connect. The new release going a big step forward from 1.5.4.5 to 1.6.2.4 and brings a lots of improvements and changes.

Please note:

This release changes the sync process to the new Azure AD V2 endpoint and is not supported for the German national cloud, the Chinese national cloud and the US government cloud. Please be aware of this notes and only use this version in Global Cloud Tenants or switch back to V1 endpoint, when you install this version in National Cloud environments.

I install the new relase on the weekend for a customer, because of changing the Azure AD Connect server. The new relase allows to import settings from a previous version. The new relase brings a lot of new features:

  • This release defaults the AADConnect server to the new V2 end point
  • This release require a full sync after installation
  • This version changes the synchronization to the new Azure AD V2 endpoint
  • This release is only supported for Global Cloud user – if you using National cloud environments, please take a look at the MS Docs article for futher details
Continue reading AZURE AD Connect Release 1.6.4.0 is available and moves synchronization to new Azure AD V2 endpoint and fixed a Bug in 1.6.2.4

Speaking at WVD Tech Fest 2021 about Azure Files

Due do the covid pandamy, many organizations in Germany are in a challenging phase as many employees need to be given the opportunity to work from home. Many companies have not yet made this option available to their employees, or only to a few. Microsoft has created a new option with Windows Virtual Desktop to give employees the ability to work from anywhere and the clients are always hosted in Azure and accessible via an app or browser.

I am very happy to have received an invitation to the WVD Tech Fest. The first conference only focusing on WVD with three parallel tracks around everything you need to know about Windows Virtual Desktop. The agenda is pretty complete and the organizers Simon Binder and Patrick Köhler are doing a great job. The conference will take place on 25/02/21 and is free. So take a look at the Website, plan your Agenda and grab your Ticket.

Azure Files is one of my favorite topics and due to many WVD projects in the past, I will address the question is Azure Files the optimal WVD profile store solution. And I can say: it depends – but you will learn more in my session on Thursday between 10:50 – 11:20 AM 🙂

Take this oppurtunity to learn more about Windows Virtual Desktop and hopefully this can be a solution for your organization to enable more people to work from anywhere and get everyone safely through these challenging time. I hope to see many of you there 🙂

Speaking with Thomas Naunheim at GermanyClouds Meetup about Azure Governance Best Practices

In the past Thomas Naunheim and I do a lot of architecture and designing prinicple for integrating Azure in company environments. We have the idea to create a Azure Governance Best Practices session in the last couple of months to give the community our insights and best practices for Starting/Integrating Azure environments. The goal is to give you insights, where you can find the best documentations to start with a Cloud journey and which technical Azure features help to bring and hold your environment in an compliant and secure state.

The session contains the following topics:

  • Cloud Adoption Framework
  • Well-architecture Framework
  • Insights about Azure Policies and Azure Security Center
  • Azure Enterprise Scale architecture
  • Azure Ops
  • Identity and Access Management

We are exited to hold the session at the GermanyClouds Meetup on november 26. Did you interested in this topics or you are in the beginning or implementig phase, join us. We will happy to see you there and get your questions.

The session will not been recorded.

IdentitySummit 2020 is over – Thank you

Our 1st IdentitySummit is over and we had a amazing Summit with our powerfull Speakers and our attendees.

We (Azure Bonn Orga Team) started planning the Summit in March 2020. The Orga Team from the AzureBonn Meetup consists of Melanie Eibl, Thomas Naunheim and René de la Motte. The idea came from Thomas (our Identity Expert) and we can say that was a wonderful idea.

We meet together at the Debeka Innovation Center (DICE) in Koblenz to organize and streaming all the sessions from one central place. The current Corona situation has unfortunately not made a complete live event possible, so we have met under the rules in force to ensure a smooth process and bring a little live feeling.

Now after 6 session in 2 parallel Tracks we can say it was worth every minute of planning – Why?

The answer is simple: First of all because of our great speakers. Each session was planned with a minimum of 300, and each session went deep into the relevant topics, showing what needs to be considered, the pitfalls and best practices available.

Continue reading IdentitySummit 2020 is over – Thank you

CONFIGURE AZURE FILES ON-PREMISES ACTIVE DIRECTORY (AD DS) AUTHENTICATION FOR FILESERVER OR WVD

Update 2

Please note: This article is replaced by All you need to know about Azure Files SMB authentication via Active Directory Domain Services.

Update 1

Azure Files on-premises Active Directory Domain Services authentication is since 11/06/20 GA. The article is upgraded and integrated the latest features and improvements.

Update 2

12/06/20 Azure Files Hybrid PowerShell Module upgrate to v. 0.2.0

In the past I had a lot of talks about Azure File Sync, a lightwight solutions to sync servers from different locations and branches via Azure Files. One often questions was, it is possible to use Azure Files directly with integrated on-premises Active Directory (AD DS) authentication – the great answer since a few days is Yes, this is possible.

Now you can use Azure Files with on-premises Active Directory authentication as a fully replacement for Fileservers. No need for Azure Active Directory Domain Services (Azure AD DS) or different settings on Azure Files. This gives great new ways to use Azure Files as an replacement for Windows based fileservers or for using as an profile store for Windows Virtual Desktop and come closer to a cloud native solution.

In this article I will explain how Azure files AD DS authentication works, how to configure it, some basic steps and more. Please feel free to use the comment section or Twitter to get in touch with me and give me feedback or ask questions.

Continue reading CONFIGURE AZURE FILES ON-PREMISES ACTIVE DIRECTORY (AD DS) AUTHENTICATION FOR FILESERVER OR WVD