
Tag: Active Directory
All
All Latest
Azure Active Directory Synchronization Migration to MS Graph API at Mimecast
Microsoft is ending support for the Azure Active Directory Graph API. To allow for continued service, if your application providers migrate all Azure Active Directory Synchronization integrations to the MS Graph API, you need to change your API permissions.
Read MoreHow to add organization with Basic Authentication at Veeam Backup for Microsoft 365
You are required to provide a username and password to authenticate to your Microsoft 365 organization if you add an organization using the basic authentication method.
I won’t recommend adding organization with basic authentication, Microsoft announced that effective October 1, 2022, we will begin disabling Basic authentication for Outlook, EWS, RPS, POP, IMAP, and EAS protocols in Exchange Online. SMTP Auth will also be disabled if it is not being used.
How to add organizations with Modern Authentication and Legacy Protocols at Veeam Backup for Microsoft 365
You will use both Veeam Backup account and Azure AD application for authentication if you add an organization using the modern authentication method with legacy protocols allowed. Veeam Backup for Microsoft 365 uses Veeam Backup account and an application to establish a connection to your Microsoft 365 organizations with disabled security defaults and maintain data transfer during backup and restore sessions.
Read MoreHow to add organization with modern app-only authentication and use an existing Azure AD application at Veeam Backup for Microsoft 365
When you add an organization using the modern app-only authentication method, you are required to provide Azure AD application settings. Please reference following link to create and configure Azure AD Application permissions.
Read MoreHow to configure Azure AD Application Permissions for Modern Authentication and Legacy Protocols Authentication of Veeam Backup for Microsoft 365
Veeam Backup for Microsoft 365 Modern Authentication and Legacy Protocols Authentication requires that you grant permissions to Azure AD applications to back up and restore data from/to your Microsoft 365 organizations.
Read MoreHow to configure Azure AD Application Permissions for Modern App-Only Authentication of Veeam Backup for Microsoft 365
When you add organization using the modern app-only authentication method, the permissions for Azure AD applications that are granted automatically by Veeam Backup for Microsoft 365.
Anyway, if you prefer to use a custom application of your own, make sure to grant all the permissions as below.
How to deploy Microsoft Local Administrator Password Solution (LAPS)
Cyberattack is one of the fastest growing crimes in the world, we have seen passwords being leaked regularly, local administrator account is like God of machine, it has superpower to do anything for the machine. A lot of IT guys simply use the same password for all local administrator accounts, the attacker easy access to the whole estate if one machine is breached.
Microsoft LAPS is one of solutions to prevent the issues, The “Local Administrator Password Solution” (LAPS) provides management of local account passwords of domain joined computers. Passwords are stored in Active Directory (AD) and protected by ACL, so only eligible users can read it or request its reset. Today, I am going to show you how to deploy it.
Read MoreHow to steal IP of old domain controller for new Windows Server 2022 domain controller
Today, I am going to show you how to steal IP address of decommissioned old domain controller for new Windows Server 2022 domain controller.
Read MoreHow to decommission old domain controller
Today, I am going to show you how to decommission old domain controller.
Read MoreHow to tune SRV records for old domain controllers
To prevent old domain controllers from authenticating clients, we can tune their Service Records by modifying their local registry. This will drain off any of the live Active Directory Domain Services (ADDS) connections for these domain controllers before decommissioning.
Read MoreHow to transfer FSMO roles
As part of the migration process the Flexible Single Master Operations Roles (FSMO) will need to be transferred to TMDC03. It is quite common to have these roles spread out throughout the infrastructure. It is also very important to understand what each of these five roles does in a multi-master Active Directory Domain Services (ADDS) domain.
Read MoreHow to install active directory domain services on a Windows Server 2022 member server
The process of Migrating to Active Directory Domain Services (ADDS) for Windows Server 2022 involves adding new domain controllers.
Read More