Multi-factor Authentication comes in many different formats. Physical tokens historically have been very common and moving forward with FIDO v2 standards will likely continue to be so for many security scenarios where soft tokens (think Authenticator Apps on mobile devices) aren’t possible. … keep reading
Commanding your Philips Hue lights with PowerShell
A couple of years ago I bought a number of Philips Hue bulbs and put them in the living areas of my house. Typically we control them via the Hue App on our phones, or via the Google Assistant. This all works very well, but of course I’m a techie and have a bunch of other Internet of Things devices and it would be great to integrate the Hue lights with those.… keep reading
A synopsis of my first Microsoft (MVP) Summit
Last week I attended my first Microsoft Most Valuable Professional (MVP) Global Summit. Compared to a lot of the conferences I’ve been to over the years this was tiny with just over 2000 attendees. The difference however is that every attendee is an expert in their field (associated with at least one Microsoft technology) and they come from over 80 countries.… keep reading
Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager v2, k-Anonymity and Have I Been Pwned
Background
In August 2017 Troy Hunt released a sizeable list of Pwned Passwords. 320 Million in fact.
I subsequently wrote this post on Identifying Active Directory Users with Pwned Passwords using Microsoft/Forefront Identity Manager which called the API and sets a boolean attribute in the MIM Service that could be used with business logic to force users with accounts that have compromised passwords to change their password on next logon.… keep reading
Automating the submission of WordPress Blog Posts to your Microsoft MVP Community Activities Profile using PowerShell
Introduction
In November last year (2017) I was honored to be awarded Microsoft MVP Status for Enterprise Mobility – Identity and Access. MVP Status is awarded based on community activities and even once you’ve attained MVP Status you need to keep your community activity contributions updated on your profile.… keep reading
Automating the creation of Azure IoT Hubs and the registration of IoT Devices with PowerShell and VS Code
The creation of an Azure IoT Hub is quick and simple, either through the Azure Portal or using PowerShell. But what can get more time-consuming is the registration of IoT Devices with the IoT Hub and generation of SAS Tokens for them for authentication.… keep reading
New Laptop time. What do I need and what did I buy?
I joined the IT Industry as a full-time career in January 1992. It’s now January 2018 and in June ’17 last year I bought my very first laptop. WTF? 26 years and you’ve never bought a laptop? Yep. For all of my career I’ve worked for IT integrators and have been supplied with the core equipment required to perform my role.… keep reading
Automating the generation of Microsoft Identity Manager Configuration Documentation
Introduction
Last year Microsoft released the Microsoft Identity Manager Configuration Documenter which is available here. It is a fantastic little tool from Microsoft that supersedes its predecessor from the Microsoft Identity Manager 2003 Resource Toolkit (which only documented the Sync Server Configuration).… keep reading
Checking and patching your Microsoft Windows computer for Meltdown and Spectre
Overview
A Google team named Project Zero in mid 2017 identified vulnerabilities with many Intel, AMD and ARM CPU’s that allow speculative pre-processing of code to be abused. Speculative pre-processing aids performance which is why it exists. However when used maliciously it would allow an attacker to use JavaScript in a webpage to access memory that could contain information present in a users environment such as key strokes, passwords and personal sensitive information.… keep reading
Provisioning Hybrid Exchange/Exchange Online Mailboxes with Microsoft Identity Manager
Introduction
Working for Kloud all our projects involve Cloud services, and all our customers have varying and unique requirements. Recently one of our customers embarked on their migration from On-Premise Exchange to Exchange Online. Nothing really groundbreaking there though, however they had a number of unique requirements including management of Litigation Hold.… keep reading