Category: Active Directory Page 1 of 6

Microsoft Releases Advisory for Azure AD Connect Service Account Security Risk

Microsoft has issued a security advisory to Office 365 customers via the Message Center. The advisory lets customers know about a recently disclosed issue with the security restrictions on the service account in Active Directory that Azure AD Connect creates …

ESE Deep Dive: Part 1: The Anatomy of an ESE database

hi!

Get your crash helmets on and strap into your seatbelts for a JET engine / ESE database special…

This is Linda Taylor, Senior AD Escalation Engineer from the UK here again. And WAIT…… I also somehow managed to persuade …

September 2017 Updates Released for Exchange Server

Catching up on some news from last month, Microsoft has announced the latest quarterly updated for Exchange Server 2016 and 2013.

Introducing Lingering Object Liquidator v2

Greetings again AskDS!

Ryan Ries here. Got something exciting to talk about.

You might be familiar with the original Lingering Object Liquidator tool that was released a few years ago.

Today, we’re proud to announce version 2 of Lingering Object

Improving experience for VPN profiles for ConfigMgr and Hybrid MDM

Starting in the System Center Configuration Manager 1709 Technical Preview, we’re making it easier to determine which VPN profile settings are supported on each platform – like the changes we’ve made to compliance policies and configuration items. When creating …

Update 1709 for Configuration Manager Technical Preview Branch – Available Now!

Hello everyone! We are happy to let you know that update 1709 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features …

Improving access control with three new Azure AD public previews

Howdy folks,

It was great to get to meet so many of you at Ignite last week! Thanks a ton for stopping by the booth and making time to attend our sessions. If you were at Ignite or follow …

Azure Information Protection Status Update – September 2017

Hello again to our AIP community! In case you missed it, you can find last month’s posting here and of course, were listening to your feedback and feature requests. Speaking of which, its been a busy month with a …

How Microsoft Advanced Threat Analytics detects golden ticket attacks

If youre in the business of threat detection, you are probably familiar with the term golden ticket. For those less familiar, a golden ticket is the name of a Kerberos ticket that is manually created by an attacker after gaining …

Enterprise Mobility + Security @ Ignite 2017 – Wrap Up

Last week at Microsoft Ignite, more than 25,000 IT professionals converged in Orlando Florida to learn about Microsofts technology advancements, skill up across new products, and meet with Microsoft experts. For EMS we unveiled a wave of new capabilities, presented …

Azure Information Protection Documentation Update for September 2017

Hi everybody

Our technical writer, Carol Bailey, is letting you know whats new and hot in the docs for September.

Reminders: Follow us on Twitter (Microsoft Mobility @MSFTMobility) and join in our peer community at www.yammer.com/AskIPTeam.

What’s new with Microsoft Intune and System Center Configuration Manager @ Ignite 2017

Organizations are continuing to experience an increasing number of devices and cloud services that are being used by their employees. While this allows people to achieve more at work, it also requires IT to enable and support new and more …

What’s new in Azure Information Protection @ Ignite 2017

Hi everyone!

Whether you are attending Microsoft Ignite in person or following the event on social media, we wanted to give you a summary of the latest and greatest information protection news we shared at Ignite. Well have more …

Introducing Azure Advanced Threat Protection

The recent years have witnessed a distinct and consistent escalation in cyberattacks scope, scale, and sophistication, impacting organizations across all verticals and locations. This escalation is manifested not only in increasing proliferation of threat-actor groups, but also in the diversity …

What’s new in Microsoft Cloud App Security @ Ignite 2017

A changing culture of work is driving a rapid increase in cloud app usage by employees. According to our own telemetry, the average organization has more than 25 different cloud storage apps and more than 40 collaboration apps routinely used …

What’s new with Azure Active Directory @ Ignite 2017

Howdy folks!

What an amazing week! Its the third day of Ignite and its been awesome getting to meet so many of you in person, especially when we have so much news to share!

Leading up to the …

System Center Updates Publisher September 2017 Preview is now available

System Center Updates Publisher (SCUP) Preview 2 is now available. If this is your first time looking at the SCUP Preview check out the announcement for Preview 1 here.

In SCUP Preview 2, the update catalog format has …

ConfigMgr @ 25

Late last week, I wrote about the remarkable quarter-century milestone reached by ConfigMgr, and today I wanted to dive even deeper into the backstory of this incredible product, share a couple announcements, and debut an awesome new documentary (lookout

Maximizing IT’s Impact with Microsoft 365 Powered Devices

The modern workplace has introduced an explosion of cloud services and devices that have dramatically changed the scenarios IT has to manage and support. And, of course, IT has to manage these countless new challenges with same budget and resources.…

ConfigMgr Reaches 25 Years

Twenty-five years ago, in the summer of 1992, planning for a new product began and that point in time has had a tremendous impact on my life and the lives of millions of IT Pros and it has enabled us …

“Lunch Break” @ Ignite!

Everyone here in Redmond is wildly busy gearing up for Ignite next week — and I can’t remember a time I’ve been more excited to attend a tech conference.

One of the reasons I’m so excited is that I …

First look at updates coming to Remote Desktop Services

Remote Desktop Services (RDS) allows you to access a remotely-hosted Windows desktop environment or application from almost any device. Were extending the capabilities of RDS to offer more security, flexibility to run Windows apps on any device, and cloud-readiness with …

EMS and Zimperium integration ensures risk free devices before accessing corporate resources

Today were excited to announce the general availability of our integration with Zimperium, a leader in the mobile threat defense space. The integration between Zimperium and Microsoft Enterprise Mobility + Security helps organizations defend against both known and unknown …

Fewer login prompts: The new “Keep me signed in” experience for Azure AD is in preview

Howdy folks,

A common request we get from our customers is to reduce the number of times users are prompted to sign into Azure AD. One way to reduce the frequency of prompts is to check the “Keep me …

Marching into the future of the Azure AD admin experience: retiring the Azure classic portal

Howdy folks,

Since we announced General Availability of the new Azure AD admin center in May, it’s been used by over 800,000 users from 500,000 organizations in almost every country in the world. The new admin center is the …

Active Directory Access Control List – Attacks and Defense

Recently there has been a lot of attention and a few different blog posts (references at the end of the post) regarding the use of Discretionary Access Control List (DACL) for privilege escalation in a Domain environment. This potential attack …

Simplifying transition from Hybrid MDM (ConfigMgr+Intune) to Intune standalone

We have heard repeatedly from our customers who are using System Center Configuration Manager connected with Microsoft Intune (hybrid MDM) that theyd like to move to a cloud-only experience with Intune on Azure. This experience brings many new benefits, …

Managed Service Identities and Azure AD: Helping Azure developers keep their secrets secret!

Howdy folks,

Just a quick note today! I am excited to announce a preview of a new integration between Azure and Azure Active Directory that is designed to make life easier for developers. It’s called Managed Service Identity, …

Microsoft Intune provides support for iOS 11

Today, Apple announced the availability of iOS 11 (with public release scheduled for 9/19/2017) and were pleased to announce Microsoft Intunes support for this update. Apple began releasing developer and beta builds a few months back, and since then the …

Azure AD B2B Collaboration in Microsoft Teams

Howdy folks,

Today I am excited to let you know that we’ve just enabled Guest Access in Microsoft Teams, built on the B2B collaboration features of Azure AD!

You can now enable partner collaboration in Teams for …

Azure Active Directory Premium is now in limited preview in US Government Cloud

Howdy folks,

Today I’m happy to announce the limited preview for Azure Active Directory Premium on the US Government Cloud.

With this preview, Government customers will have the opportunity to explore Azure Active Directory Premium in

How we secure your data in Azure AD

Howdy folks,

With all the breaches of cloud identity services over the last few years, we get a lot of questions about how we secure customer data. So today’s blog is a dive into the details of how

Now Available: Cumulative Update 6 for Configuration Manager UNIX and Linux clients

Cumulative Update 6 (Build 5.0.7958.2432) is now available at this Download Center link. This update contains new full versions of the UNIX and Linux clients with numerous bug fixes, as well as support for new Linux distro versions, such …

Azure Information Protection Documentation Update for August 2017

Hi everybody

Our technical writer, Carol Bailey, is letting you know whats new and hot in the docs for August.

Reminders: Follow us on Twitter (@DanPlastina) and join in our peer community atwww.yammer.com/AskIPTeam.

Changes to the Token Lifetime Defaults in Azure AD

Howdy folks,

I’m happy to share that as part of our efforts to eliminate unnecessary signin prompts while maintaining high levels of security, we’re making some major improvements to how we manage refresh tokens lifetimes. This blog post goes …

Today’s Identity News: Improvements to Azure AD Connect Health sync error reporting

Howdy folks,

If you’re an Azure AD Connect Health user, this post is for you! We’ve made a few enhancements to sync error reports to help make information easier to digest and act on.

I’ve invited Varun Karandikar, …

Azure Information Protection Status Update – August 2017

Hi Everyone, and welcome to this months posting from the AIP team to ensure you always know what we are working on, whats in the current releases of AIP and any other information that we can include to help you …

New public preview: Azure AD Domain Services support for Azure Resource Manager virtual networks

Howdy folks,

The #1 reason customers email (and tweet and in-message) me is to ask us to add support for Azure Resource Manager based virtual networks to Azure AD Domain Services.

So I’m excited to announce the public

Webinar: Find out how Check Point’s threat intelligence enhances EMS’ device based conditional access

Join us for a webinar to find out how the combined power of Microsoft Intune and Check Points Sandblast mobile helps you secure mobile devices from advanced cyberthreats, and helps ensure that only compliant devices have access to company resources.…

Update 1708 for Configuration Manager Technical Preview Branch – Available Now!

Hello everyone! We are happy to let you know that update 1708 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features …

Azure AD and Intune now support macOS in conditional access!

Howdy folks,

Conditional access is one of athe fastest growing services in EMS and we are constantly getting feedback from customers about new capabilities they would like us to add to it. One of the most frequently requested is …

Microsoft Intune provides support for Android Oreo

Upgrade with confidence

Today Google announced the general availability of the Android Oreo update (also known as Android O or Android 8.0). The Intune team has been anticipating this day for months. Developer preview bits for Oreo first became …

Role Based Access Control: A Configuration Manager favorite, now in Intune

Role Based Access Control (RBAC) has been a favorite feature of the System Center Configuration Manager community since its introduction, and now its available in Intune. RBAC in Intune enables you to easily define who can perform various Intune tasks …

Update on new Cloud App Security discovery, investigation, and threat detection features

We believe in continuous innovation to bring you deeper visibility, better data control, and strong threat protection for your cloud apps. The Cloud App Security team provides frequent releases and continuously updates and enhances our solution.

Today, we would …

Deploying Office 365 ProPlus with Microsoft Intune

We have been hard at work with Office 365 and Windows 10 teams to create Microsoft 365, a modern workplace solution that empowers everyone to be creative and work together, securely. We are excited to announce the latest innovation …

Cloud App Security new auto-remediation feature

Immediate session log off for suspicious users

Real-time remediation for security threats is a key challenge for companies, where attackers can move quickly to access critical data. TheCloud App Security team is excited to introduce a new feature …

Azure AD Automated Expiration for Office 365 Groups is now in Public Preview

Howdy folks,

One of the coolest collaboration features in Office 365 is Office 365 Groups. Your employees can create these groups on the fly and use them to collaborate with their co-workers on projects, sharing team documents, emails

The Intune Data Warehouse: enabling deeper reporting capabilities – now in public preview!

Having the right data at your fingertips is a must for busy IT teams managing diverse mobile environments. Thats why Intunes reporting graphs and charts are mainstays of our administrative experience allowing you to monitor your environment and view the …

How Microsoft EMS can support you in your journey to EU GDPR compliance – Part 6

The General Data Protection Regulation (GDPR) strengthens the right of individuals in the European Union (EU) to control their personal data and requires organizations to bolster their privacy and data protection measures. Enterprise Mobility + Security (EMS) technologies may help …

An update to Azure AD Conditional Access for Office.com

Howdy folks,

Today I’m writing to provide some background about a change in how conditional access policies will soon be enforced when users access Office.com. Notifications about this change have been sent out, but several of you have asked …

The new Azure AD Signin Experience is now in Public Preview

Howdy folks,

We’re continuing to make progress on converging the Azure AD and Microsoft account identity systems. One of the big steps on this journey is to redesign the sign-in UI so both systems look consistent. Today I’m happy …

Cloud App Security discovery enhancements

Visibility is the first step to protection: if you cannot see it, you cannot prevent it. Cloud App Security Shadow IT discovery capabilities help you to gain deeper visibility into your cloud environment by discovering more than 15K cloud apps …

Azure Information Protection Documentation Update for July 2017

Hi everybody

Our technical writer, Carol Bailey, is letting you know whats new and hot in the docs for July.

Reminders: Follow us on Twitter (@DanPlastina) and join in our peer community atwww.yammer.com/AskIPTeam.

Azure Information Protection status update – July 2017

Hi Everyone, and welcome to this months posting from the AIP team to ensure you always know what we are working on, whats in the current releases of AIP, and any other information that we can include to help you …

Now Available: Update 1706 for System Center Configuration Manager

Happy Friday! We are delighted to announce that we have released version 1706 for the Current Branch (CB) of System Center Configuration Manager that includes new features and product enhancements!

Many of these enhancements are designed for organizations that …

Update 1707 for Configuration Manager Technical Preview Branch – Available Now!

Hello everyone! We are happy to let you know that update 1707 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features …

Our Obsession with Usage and Customer Experience

One of the most impactfuiml changes we have made at Microsoft is to focus our engineering teams solely on usage and the customer experience of our services .

In all my years leading product teams, I have never seen …

Active Directory Experts: apply within

Hi all! Justin Turner here from the Directory Services team with a brief announcement: We are hiring!

Would you like to join the U.S. Directory Services team and work on the most technically challenging and interesting Active Directory problems? Do …

Introducing Microsoft Advanced Threat Analytics v1.8!

We are pleased to announce the general availability of Microsoft Advanced Threat Analytics (ATA) v1.8. This is a key release for our customers with several new features and improvements.

Cyberattacks continue to get more sophisticated, and so in turn, …

Partners: Thanks for joining us at Microsoft Inspire!

Last week in Washington D.C., we held Microsoft Inspire, our premier annual partner event. This years event was a huge success, with over 17,000 attendees joining us from 140 countries. A big thank you to all of the Enterprise Mobility …

How Microsoft EMS can support you in your journey to EU GDPR compliance – Part 5

Protecting data at the device and app level with Microsoft Intune

Over the past month, the Enterprise Mobility + Security (EMS) team has been blogging about Microsofts broad commitment to making sure our products and services comply with the …

Mobility and Identity admins, get EMS up and running at Microsoft Ignite!

Microsoft Ignite is your chance for access to in-depth training, deep dives and demos of new tech, and to connect with your peers. Keynotes by Satya Nadella, Microsoft CEO, and Harry Shum, Executive Vice President Microsoft AI, will showcase the …

Ransomware Detection with Microsoft Advanced Threat Analytics and Cloud App Security

The rise of ransomware and its media presence in recent months has highlighted, perhaps now more than ever, the importance of robust security systems to detect and respond to devious and evolving threats. We know extortion via ransomware is an …

Today at Microsoft Inspire–Next generation architecture for RDS hosting

Join us today (find details at the end of this post) to see how you can make your hosted RDS environments more secure, scalable and efficient; discover the powerful new architecture that enables you to create the next generation of

New Public Preview: Azure AD Domain Services admin UX in the new Azure Portal

Howdy folks,

I’m excited to announce the public preview of Azure AD Domain Services in the new Azure portal. You can now create new managed AD domains and perform administrative tasks like configuring secure LDAP using the Azure …

Microsoft 365 and Enterprise Mobility + Security

Today at Microsoft Inspire in Washington DC,Microsoft unveiled Microsoft 365, a new set of commercial offerings that include Office 365, Windows 10, and Enterprise Mobility + Security (EMS). Microsoft 365 delivers a complete, intelligent, and secure solution to empower …

How Microsoft EMS Can Support You in Your Journey to EU GDPR Compliance – Part 4

How to gain visibility and control of data in cloud apps

This post is authored by Rue Limones, Senior Program Manager, Cloud App Security Engineering Team.

Checking in: Your Journey to GDPR Compliance

In the whitepaper Beginning

Better together: Intune and Azure Active Directory team up to improve user access

The Intune Managed Browser for iOS and Android devices plays a key role in ensuring that data on mobile devices stays secure. It lets you safely view and navigate web pages that might contain company information, and provides a secure …

Partners: Connect with the EMS team at Microsoft Inspire in Washington, DC!

Enterprise Mobility + Security will have a large presence at the first Microsoft Inspire, and wed love to connect with you there! Microsoft Inspire is our premier annual partner conference and was formerly known as the Worldwide Partner Conference, …

System Center Updates Publisher June 2017 Preview is now available

Today we are announcing availability of System Center Updates Publisher (SCUP) Preview. Many of you are using SCUP 2011 now to:

  • Import updates from external catalogs (non-Microsoft update catalogs).
  • Modify update definitions including applicability, and deployment metadata.

Azure Information Protection Documentation Update for June 2017

Hi everybody

Our technical writer, Carol Bailey, is letting you know whats new and hot in the docs for June.

Reminders: Follow us on Twitter(@DanPlastina)and join in our peer community atwww.yammer.com/AskIPTeam.

Dan

Join us July 6th for the first Azure AD B2B collaboration AMA!

Howdy folks,

Those of you who follow the blog will remember that we held our first Azure AD AMA a few months back. It was quite a hit and we got a ton of great feedback from customers and …

Enabling a more strategic role for IT with Microsoft Enterprise Mobility + Security

Organizations are pushing forward in their digital transformations and we continue to see and hear more about what this shift means for IT. The scope of digital transformation goes beyond moving existing work to the cloud and enabling a more …

Azure Information Protection status update – June 2017

Hi Everyone, and welcome to the first post in what will be a regular series posting from the AIP team to ensure you always know what we are working on, whats in the current releases of AIP and any other …

The Unbelievably Diverse Array of Devices Managed by Our Customers

Something I have come to really appreciate as weve built Intune and watched its usage scale to millions of devices is the unbelievably broad and diverse types of hardware our customers have to manage.

To put this challenge in …

New Updates to the Azure AD Power BI content pack!

Howdy folks,

Those of you who follow the blog will remember that in January we announced the integration of Azure Active Directory APIs with Power BI. This integration makes it easy to download pre-built content packs that give …

How Microsoft EMS can support you in your journey to EU GDPR compliance – Part 3

Granting and restricting access to data with Azure Active Directory

This blog post is the latest in our series about how EMS can support you in your journey to EU GDPR compliance. We last looked at how Azure Information

Update 1706 for Configuration Manager Technical Preview Branch – Available Now!

Hello everyone! We are happy to let you know that update 1706 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features …

Disaster recovery for Remote Desktop Services: New resources available

This post is authored byHaley Rowland, Program Manager, Remote Desktop Services.

We’ve published new documentation on how to protect the resources running in your RDS deployment and enable disaster recovery through a geo-redundant RDS deployment.

When you …

Azure Information Protection “Do not track” feature now in Preview

Hi everyone, and welcome to an important post for those of you who have been using the document tracking and revocation feature. We received feedback from some of you around privacy and compliance when using this feature and weve tried …

How do your enterprise mobility and security solutions stack up?

Many of our customers have existing mobility and security solutions that are either legacy investments or focused point solutions that respond to specific needsvery few organizations are able to start from scratch. The complexity of coordinating multiple point solutions, combined …

Ping Access for Azure AD is now Generally Available (GA)!

Howdy folks,

Many of you already use Azure AD Application Proxy to provide single sign-on (SSO) and secure remote access to your users for web applications hosted on-premises. However, some of you also need Azure AD Application Proxy to …

Azure AD makes the “leader” quadrant in Gartner’s 2017 Magic Quadrant for Access Management!

Howdy folks,

I have great news to share with you today! Gartner released their 2017 Magic Quadrant for Access Management (AM MQ), which shows that Azure Active Directory is placed in the leaders quadrant and is positioned very strongly …

The New Intune and Conditional Access Admin Consoles are GA

There are a handful of topics that consistently come up whenever I meet with our customers and partners and one of the most common has to do with how to balance productivity for end users with the need for security …

How Fileless malware challenges classic security solutions

This post is authored by Itai Grady, Security Researcher, Advanced Threat Analytics R&D.

A bank in Poland previously discovered unknown malware running on several of its computers, exposing a wave of attacks that affected organizations from at least 31 …

New in Intune: TeamViewer integration for Android

Remote assistance on Android devices just got better with Intune and TeamViewers expanded integration. With the combination of Intune and TeamViewer, your helpdesk team can now start a remote assistance session with your end users on Android devices, making it …

How Microsoft EMS can support you in your journey to EU GDPR compliance – Part 1

How to provide persistent data protection on-premises and in the cloud

In the previous blog we discussed the challenges and complexity that stored data, be it structured, logs, or unstructured data pose for GDPR compliance and how Microsoft EMS …

Azure AD Conditional Access now supports Microsoft Teams & the Azure Portal

Howdy folks,

Quick blog post today.

Many of you have asked when you’ll be able to use Conditional Access policies with Microsoft Teams and the Azure Portal. I’m happy to let you know that support for both services …

Post Enterprise Mobility + Security Tweet Chat Q&A

A few weeks ago, the Enterprise Mobility Team hosted a Tweet Chat about managing mobility for Office365. It was great to have this dialogue with folks across our community, and a few people asked for our team to summarize the …

Update 1705 for Configuration Manager Technical Preview Branch – Available Now!

Hello everyone! We are happy to let you know that update 1705 for the Technical Preview Branch of System Center Configuration Manager has been released. Technical Preview Branch releases give you an opportunity to try out new Configuration Manager features …

We’ve made the Azure AD App Proxy even better!

Howdy folks,

I’ve blogged before about how the Azure AD Application Proxy is our “hidden gem”. Many of our customers don’t even know it exists, but once they discover it they LOVE it! It’s not uncommon for customers to …

Microsoft Visio Viewer App now enabled with Intune MAM for iOS!

Diagrams help visually communicate informationthey are excellent tools for demonstrating relationships between parts, simplifying complex ideas, articulating process, and explaining how things work. And they often contain sensitive company data that you want to protect.

If your users are …

Azure Information Protection Documentation Update for May 2017

Hi everybody

Our technical writer, Carol Bailey, is letting you know whats new and hot in the docs for May.

Reminders: Follow us on Twitter (@DanPlastina) and join in our peer community atwww.yammer.com/AskIPTeam.

User provisioning from Workday to Azure AD is now in Public Preview!

Howdy folks,

We have some great news to share today! Customers can now use the public preview of Azure Active Directory’s cloud-based user provisioning service to orchestrate user provisioning from Workday to on-premises Azure Active Directory, Windows Server Active …

Breaking down EMS Conditional Access: Part 3

This post is the third of a three-part series detailing Conditional Access from Microsoft Enterprise Mobility + Security. Today we are re-publishing the third installment with the white paper Protect your data at the front door with conditional access.

Azure AD Privileged Identity Management Approval Workflows are now in Public Preview!

Howdy folks,

I am thrilled to be able to share some news today. We’ve just turned on the public preview of some major updates to the Azure AD Privileged Identity Management service:

  • A new, improved user experience

How Microsoft EMS can support you in your journey to EU GDPR compliance

Hi everyone,

By now most of you will, at the very least, have heard of the GDPR, the EUs new law for data protection. GDPR stands for General Data Protection Regulation. Simply put, it aims to protect personal …

Azure Information Protection unified administration phase two

Hi everyone, we have another awesome and important update for you today. On April 26, we introduced you to the first version of our unified AIP admin experience, enabling you to manage protection settings on labels without needing to create …

New webinar – EMS in action: Managing mobility for Office 365 and beyond

As organizations make progress in their digital transformation journey, the challenges and opportunities of mobility are usually top of mind. Continuing with our theme these past few weeks around why Office365 customers need to consider Enterprise Mobility + Security – …

Remote Desktop Clients – April 2017 Update

This post is authored by David Belanger, Senior Program Manager and Eva Seydl, Program Manger.

Here are the highlights of the latest updates to the Remote Desktop clients. You can download the apps from their respective stores on these …