Do I really need ADFS?

I often hear and read misconceptions on whether or not you should or must deploy an ADFS farm when Office 365 is in the picture. So I will try to give you my version (well it is a collection of feedback from my peers as well), hoping that might help you to sort out your…

11

List all possible security events and their descriptions in PowerShell

If you’d like to know all the possible security event in your system, the best way to do it is to download the spreadsheet that has the full list: Windows security audit events This is great, very complete but also implies that you have an Internet connection and Excel to open the file. An other…

0

ADFS 2016 – Cannot add/update Relying Parties from the GUI from metadata files “Method not found”

UPDATE: The following update is fixing this issue: Cumulative Update for Windows 10 Version 1607 and Windows Server 2016: December 9, 2016 https://support.microsoft.com/en-us/kb/3201845 If you are currently using the October release of Windows Server 2016 (build: 10.0.14393 N/A Build 14393) you might experience a weird error message when you try to add a relying party…

7

Metadata #3 – Spot who is cheating on the password policy

Yes there are some ways to workaround the password policy… Mainly for operators and administrators though. But those should not be exempted of being monitored for compliance. This post is a part of the Metadata series. Have a look at the intro to have more information about it: Metadata #0 – Introduction, what are metadata…

0

The source of my account lockout is my domain controller

When it comes to track down account lockouts, there are plenty of tools and techniques. Looking at the event 4740 in the security event logs is the most common step: We can read the user account and the caller computer name. Note that if you do not see this event in your event logs, ensure…

0

AD Fun Services – List all the members of an ADFS farm

In Windows Server 2012 R2, the ADFS database actually does not keep track of the servers member of the farm. It is a stateless farm were every node happen to share the same database (if a SQL server is used) or the same copy of the database (if it is WID). The only thing stored…

1

Q&D – Backup/Restore your ADFS claim rules for Office 365

When it comes to try and fail fast, nothing better than to be able to restore things the way it used to be before you broke everything 🙂 Here are some examples of PowerShell cmdLets you can rule to export your claim rules for the Azure AD Relying Party Trust into files and re-import them…

1

AD Fun Services – Track down the source of ADFS lockouts

Tracking down the devices locking out accounts on an ADFS deployment is quite challenging. From an ADDS perspective, lockouts coming from a WAP server will look like they’re come from an ADFS server: Lockouts coming from internal client using Form Based authentication also look like they are coming from the ADFS server itself and not…

16