Blog Post Series

I have created this page to include all blog posts/articles that belong to a specific series. This makes it easy to reference all those blog posts in one go without the need to provided the individual links to them.

–

–

Azure AD Administrative Units – Dynamically Managing AU Assignments

• (2021-10-12) Azure AD Administrative Units – Dynamically Managing AU Assignments – Part 1
• (2021-10-14) Azure AD Administrative Units – Dynamically Managing AU Assignments – Part 2
• (2021-10-16) Azure AD Administrative Units – Dynamically Managing AU Assignments – Part 3
• (2021-10-18) Azure AD Administrative Units – Dynamically Managing AU Assignments – Part 4
• (2021-10-20) Azure AD Administrative Units – Dynamically Managing AU Assignments – Part 5
• (2021-10-22) Azure AD Administrative Units – Dynamically Managing AU Assignments – Part 6

–

Active Directory Security Scan Of Accounts | Account Hygiene

• (2019-11-08) Active Directory Security Scan Of Accounts
• (2019-11-09) Active Directory Security Scan Of Accounts (Part 1)
• (2019-11-12) Active Directory Security Scan Of Accounts (Part 2)
• (2019-11-15) Active Directory Security Scan Of Accounts (Part 3)
• (2019-11-18) Active Directory Security Scan Of Accounts (Part 4)
• (2019-11-21) Active Directory Security Scan Of Accounts (Part 5)
• (2021-09-01) Account Hygiene – Fixing The Bad For the Good (Presented @ TEC 2021) – Video
• (2021-09-01) Account Hygiene – Fixing The Bad For the Good (Presented @ TEC 2021) – Slides

–

Azure AD Password Protection (A.k.a. Banned Password List)

• (2019-10-18) Azure AD Password Protection (A.k.a. Banned Password List) – At A High Level (Part 1)
• (2019-10-20) Azure AD Password Protection (A.k.a. Banned Password List) – The Configuration (Part 2)
• (2019-10-22) Azure AD Password Protection (A.k.a. Banned Password List) – Deploy The Proxy Service (Part 3)
• (2019-10-24) Azure AD Password Protection (A.k.a. Banned Password List) – Deploy The DC Agent (Part 4)
• (2019-10-26) Azure AD Password Protection (A.k.a. Banned Password List) – Checking The DC Agent Status (Part 5)
• (2019-10-28) Azure AD Password Protection (A.k.a. Banned Password List) – Optimizing The Custom Per Tenant List (Part 6)
• (2019-10-29) Azure AD Password Protection (A.k.a. Banned Password List) – From Audit Mode To Enforce Mode (Part 7)
• (2019-11-03) Azure AD Password Protection (A.k.a. Banned Password List) – Getting Statistics (Part 8)
• (2019-11-06) Azure AD Password Protection (A.k.a. Banned Password List) – Third Party Solution LithNet AD Password Protection (Part 9)

–

Azure AD Connect – Identifying Objects In AD And In Azure AD

• (2016-05-07) Azure AD Connect – Identifying Objects In AD And In Azure AD (Part 1)
• (2016-05-07) Azure AD Connect – Identifying Objects In AD And In Azure AD (Part 2)
• (2016-05-07) Azure AD Connect – Identifying Objects In AD And In Azure AD (Part 3)
• (2016-05-07) Azure AD Connect – Identifying Objects In AD And In Azure AD (Part 4)
• (2016-05-07) Azure AD Connect – Identifying Objects In AD And In Azure AD (Part 5)
• (2016-05-07) Azure AD Connect – Identifying Objects In AD And In Azure AD (Part 6)

–

Azure AD Connect – Identifying Users In AD And In Azure AD

• (2016-01-17) Azure AD Connect – Identifying Users In AD And In Azure AD (Part 1)
• (2016-01-24) Azure AD Connect – Identifying Users In AD And In Azure AD (Part 2)

–

Configuring Windows Integrated AuthN For Browsers Against ADFS

• (2015-05-11) Configuring Windows Integrated AuthN For Internet Explorer Against ADFS v3.0 And Higher
• (2015-05-15) Configuring Windows Integrated AuthN For Firefox Against ADFS v3.0 And Higher
• (2015-05-19) Configuring Windows Integrated AuthN For Chrome Against ADFS v3.0 And Higher

–

Finding Special Attributes In AD

• (2014-12-11) Finding All Direct And Indirect Members (Users) Of A Specific Group
• (2014-12-15) Finding All Groups With A Specific Direct And Indirect Member (User)
• (2014-12-19) Finding Attributes Marked As Confidential
• (2014-12-23) Finding Attributes Marked As Constructed
• (2014-12-27) Finding Attributes Marked As Members Of Filtered Attribute Set (FAS)
• (2015-01-05) Finding Attributes Marked As Members Of Partial Attribute Set (PAS)
• (2015-01-09) Finding Attributes Members Of The Base Schema (CAT1)
• (2015-01-13) Finding Attributes Marked As System Critical
• (2015-01-17) Finding Attributes Marked As Non-Replicated
• (2015-01-21) Finding Attributes Used In Ambiguous Name Resolution (ANR)
• (2015-01-25) Finding Attributes Marked To Be Preserved On Deletion Or Recycling
• (2015-01-29) Finding Attributes With A Regular Index
• (2015-02-02) Finding Attributes With A Container Index
• (2015-02-06) Finding Attributes With A Tuple Index
• (2015-02-10) Finding Attributes With A Subtree Index
• (2015-02-16) Finding Attributes Marked To Be Copied When Duplicating The Object
• (2015-02-20) Finding Attributes Configured To Be Never Audited

–

PowerShell And DACLs/SACLs In AD

• (2014-08-16) PowerShell And DACLs In AD: Adding ACE For Create/Delete Some Object
• (2014-08-18) PowerShell And DACLs In AD: Adding ACE For Read/Write Property On Some Object
• (2014-08-20) PowerShell And DACLs In AD: Adding ACE For Some Extended Right On Some Object
• (2014-08-22) PowerShell And DACLs In AD: Removing ACE For Delete Some Object
• (2014-08-24) PowerShell And DACLs In AD: Removing ACE For Write Property On Some Object
• (2014-08-26) PowerShell And DACLs In AD: Removing ACE For Some Extended Right On Some Object
• (2014-08-28) PowerShell And DACLs In AD: Removing All ACEs On Some Object
• (2014-08-30) PowerShell And SACLs In AD: Adding Auditing Entry For Create/Delete Some Object
• (2014-09-01) PowerShell And SACLs In AD: Adding Auditing Entry For Read/Write Property On Some Object
• (2014-09-03) PowerShell And SACLs In AD: Adding Auditing Entry For Some Extended Right On Some Object
• (2014-09-05) PowerShell And SACLs In AD: Removing Auditing Entry For Create Some Object
• (2014-09-07) PowerShell And SACLs In AD: Removing Auditing Entry For Read Property On Some Object
• (2014-09-09) PowerShell And SACLs In AD: Removing Auditing Entry For Some Extended Right On Some Object
• (2014-09-11) PowerShell And SACLs In AD: Removing All Auditing Entries On Some Object
• (2014-09-13) PowerShell And DACLs In AD: Checking For Correct Canonical Order Of DACL
• (2014-09-15) PowerShell And SACLs In AD: Checking For Correct Canonical Order Of SACL

–

Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain

• (2014-07-27) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 1)
• (2014-07-28) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 2)
• (2014-07-29) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 3)
• (2014-07-30) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 4)
• (2014-07-31) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 5)
• (2014-08-01) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 6)
• (2014-08-02) Fixing AD/SYSVOL Replication And Reconnecting A Disconnected AD Domain (Part 7)

–

Gathering Architectural Details From Your ADFS Infrastructure

• (2014-02-23) Gathering Architectural Details From Your ADFS Infrastructure – ADFS Version
• (2014-02-25) Gathering Architectural Details From Your ADFS Infrastructure – ADFS StandAlone Or ADFS Farm
• (2014-03-14) Gathering Architectural Details From Your ADFS Infrastructure – ADFS Certs
• (2014-03-17) Gathering Architectural Details From Your ADFS Infrastructure – ADFS Config DB On WID Or SQL
• (2014-03-19) Gathering Architectural Details From Your ADFS Infrastructure – WID Primary Computer Or Not

–

Claims Rule Language In ADFS

• (2011-10-24) AD FS 2.0 Claims Rule Language Primer From The ASKDS Team
• (2013-06-15) AD FS 2.0 Claims Rule Language Primer From The ASKDS Team (Part 2)
• (2013-10-10) An ADFS Claims Rules Adventure By ASKDS
• (2014-07-19) Understanding Claim Rule Language In AD FS 2.0 And Higher

–

Automated/Unattended Installation Of OCSP

• (2013-08-24) Automated/Unattended Installation Of OCSP (Part 1)
• (2013-08-25) Automated/Unattended Installation Of OCSP (Part 2)
• (2013-08-26) Automated/Unattended Installation Of OCSP (Part 3)
• (2013-08-27) Automated/Unattended Installation Of OCSP (Part 4)
• (2013-08-28) Automated/Unattended Installation Of OCSP (Part 5)
• (2013-08-29) Automated/Unattended Installation Of OCSP (Part 6)

–

Certificates Used In And By ADFS

• (2013-05-13) Certificates Used In Active Directory Federation Services (ADFS) v2.x
• (2013-05-14) ADFS Managed Certificates Supporting Auto Certificate Rollover
• (2013-05-15) Replacing ADFS Certificates

–

Claims Based Authorizations For Sharepoint Through ADFS

• (2012-09-14) Claims Based Authorizations For Sharepoint Through ADFS (Part 1)
• (2012-09-15) Claims Based Authorizations For Sharepoint Through ADFS (Part 2)
• (2012-09-16) Claims Based Authorizations For Sharepoint Through ADFS (Part 3)
• (2012-09-17) Claims Based Authorizations For Sharepoint Through ADFS (Part 4)
• (2012-09-18) Claims Based Authorizations For Sharepoint Through ADFS (Part 5)
• (2012-09-19) Claims Based Authorizations For Sharepoint Through ADFS (Part 6)
• (2012-09-20) Claims Based Authorizations For Sharepoint Through ADFS (Part 7)
• (2012-09-21) Claims Based Authorizations For Sharepoint Through ADFS (Part 8)
• (2012-09-22) Claims Based Authorizations For Sharepoint Through ADFS (Part 9)
• (2012-09-23) Claims Based Authorizations For Sharepoint Through ADFS (Part 10)

–

Designing And Implementing An OCSP Responder

• (2012-09-13) Designing And Implementing An OCSP Responder (Part 1)
• (2012-09-13) Designing And Implementing An OCSP Responder (Part 2)
• (2012-09-13) Designing And Implementing An OCSP Responder (Part 3)
• (2012-09-13) Designing And Implementing An OCSP Responder (Part 4)
• (2012-09-13) Designing And Implementing An OCSP Responder (Part 5)
• (2012-09-13) Designing And Implementing An OCSP Responder (Part 6)

–

Designing And Implementing A PKI

• (2012-09-12) Designing And Implementing A PKI (Part 1)
• (2012-09-12) Designing And Implementing A PKI (Part 2)
• (2012-09-12) Designing And Implementing A PKI (Part 3)
• (2012-09-12) Designing And Implementing A PKI (Part 4)
• (2012-09-12) Designing And Implementing A PKI (Part 5)
• (2012-09-12) Windows Server 2008 R2 CAPolicy.inf Syntax

–

Installing And Configuring ADFS v2

• (2012-05-08) Installing And Configuring ADFS v2 As An STS Server (Part 1)
• (2012-05-09) Installing And Configuring ADFS v2 As An STS Server (Part 2)
• (2012-05-10) Installing And Configuring ADFS v2 As An STS Server (Part 3)
• (2013-07-06) Uninstalling An ADFS v2.0 STS Server
• (2012-05-11) Installing And Configuring ADFS v2 As An PRX Server
• (2013-07-06) Uninstalling An ADFS v2.0 PRX Server

–

Installing And Uninstalling AD On Windows Server 8 As An RWDC And As An RODC

• (2011-11-04) Installing And Uninstalling AD On Windows Server 8 As An RWDC And As An RODC – Part 1
• (2011-11-04) Installing And Uninstalling AD On Windows Server 8 As An RWDC And As An RODC – Part 2
• (2011-11-04) Installing And Uninstalling AD On Windows Server 8 As An RWDC And As An RODC – Part 3
• (2011-11-04) Installing And Uninstalling AD On Windows Server 8 As An RWDC And As An RODC – Part 4
• (2011-11-04) Installing And Uninstalling AD On Windows Server 8 As An RWDC And As An RODC – Part 5

–

Kerberos Authentication Over An External Trust – Is It Possible?

• (2011-09-07) Kerberos Authentication Over An External Trust – Is It Possible? (Part 1)
• (2011-09-07) Kerberos Authentication Over An External Trust – Is It Possible? (Part 2)
• (2011-09-07) Kerberos Authentication Over An External Trust – Is It Possible? (Part 3)
• (2011-09-07) Kerberos Authentication Over An External Trust – Is It Possible? (Part 4)
• (2011-09-07) Kerberos Authentication Over An External Trust – Is It Possible? (Part 5)
• (2011-09-14) Kerberos Authentication Over An External Trust – Is It Possible? (Part 6)

–

Searching For Objects When Populating Reference Attributes In FIM – Available Options

• (2011-01-23) Searching For Objects When Populating Reference Attributes In FIM – Available Options (Part 1)
• (2011-01-23) Searching For Objects When Populating Reference Attributes In FIM – Available Options (Part 2)
• (2011-01-23) Searching For Objects When Populating Reference Attributes In FIM – Available Options (Part 3)

–

User Principal Names In AD

• (2010-10-12) User Principal Names In AD (Part 1)
• (2010-10-12) User Principal Names In AD (Part 2)
• (2010-10-12) User Principal Names In AD (Part 3)

–

Password Policies And Account Lockout Policies Within An AD Domain

• (2010-09-27) Password Policies And Account Lockout Policies Within An AD Domain (Part 1)
• (2010-09-27) Password Policies And Account Lockout Policies Within An AD Domain (Part 2)

–

Configuring And Managing The Windows Time Service

• (2010-09-26) Configuring And Managing The Windows Time Service (Part 1)
• (2010-09-26) Configuring And Managing The Windows Time Service (Part 2)
• (2010-09-26) Configuring And Managing The Windows Time Service (Part 3)
• (2010-09-26) Configuring And Managing The Windows Time Service (Part 4) 

–

Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R

• (2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 1)
• (2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 2)
• (2010-08-12) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 3)
• (2011-06-22) Restoring The SYSVOL (Non-)Authoritatively When Either Using NTFRS Or DFS-R (Part 4)

–

Creating Navigation Bar Links For A Subset Of Objects in FIM 2010

• (2010-05-20) Creating Navigation Bar Links For A Subset Of Objects in FIM 2010 (Part 1)
• (2010-05-20) Creating Navigation Bar Links For A Subset Of Objects In FIM 2010 (Part 2)

–

Experiences And/Or Differences With FIM2010 RC1 So Far

• (2009-12-14) Experiences And/Or Differences With FIM2010 RC1 So Far (Part 1)
• (2009-12-14) Experiences And/Or Differences With FIM2010 RC1 So Far (Part 2)
• (2009-12-14) Experiences And/Or Differences With FIM2010 RC1 So Far (Part 3)
• (2009-12-14) Experiences And/Or Differences With FIM2010 RC1 So Far (Part 4)
• (2009-12-14) Experiences And/Or Differences With FIM2010 RC1 So Far (Part 5)

–

DC Locator Process In W2K, W2K3(R2) And W2K8(R2)

• (2007-06-30) DC Locator Process In W2K, W2K3(R2) And W2K8 (PART 1)
• (2007-07-01) DC Locator Process In W2K, W2K3(R2) And W2K8 (PART 2)
• (2007-07-02) DC Locator Process In W2K, W2K3(R2) And W2K8 (PART 3)
• (2010-05-19) Locating Domain Controllers To Access The Default Domain DFS (SYSVOL/NETLOGON)
• (2009-08-05) Different GPOs For HUBs And For Branch DCs
• (2011-01-27) DC Locator – What Does “NO_CLIENT_SITE” Mean In Netlogon.log

–

Considerations When Creating An AD Test Environment

• (2005-11-20) Considerations When Creating An AD Test Environment (Part 1)
• (2005-11-20) Considerations When Creating An AD Test Environment (Part 2)

–

Advertisement