In AD environment, we can use password policy to define passwords security requirements. These settings are located under Computer Configuration | Policies | Windows Settings | Security Settings | Account Policies
Before Windows server 2008, only one password policy can apply to the users. But in an environment, based on user roles it may require additional protection. As an example, for sales…
In Active Directory environment users have to update their passwords when its expire. In some occasions, it is important to know when user password will expire.
For user account, the value for the next password change is saved under the attribute msDS-UserPasswordExpiryTimeComputed
We can view this value for a user account using a PowerShell command like following,
Get-ADuser R564441…
Multifactor authentication (MFA) is commonly use to protect applications, web services which is publish to internet. It helps to verify the authenticity of the authentication requests. There are many multifactor service providers. Some are cloud based and some are required on-premises installations.
Azure MFA first was introduced to use with Azure services and later developed further to…
I am sure most of you aware what is single sign-on (SSO) in Active Directory infrastructure and how it works. When we extend identity infrastructures to Azure by using Azure AD, it also allows to extend Single Sign-On capabilities to authenticate in to cloud workloads. it can be done using on-premises ADFS farm. Password Hash Synchronization or Pass-through Authentication allow users to use same…
