To understand the concept of the access control mechanism, consider an organization’s network and resources as a building. It has only one entry gate protected by a security guard. To enter the building, visitors must prove their identity to the security guard. Those who fail to prove their identity are denied entry to the building.…
Table Of Contents What is Active Directory Administrative Center (ADAC)? How is ADAC Different from Active Directory Users and Computers (ADUC)? How to Install Active Directory Administrative Center (ADAC)? What New Features are Introduced in Active Directory Administrative Center (ADAC)? Active Directory Recycle Bin Fine-Grained Password Policy Windows PowerShell History Viewer How to Access Active…
Technically, Active Directory and LDAP are two different things. Active Directory is a database and set of services that runs on Microsoft Windows server. LDAP (Lightweight Directory Access Protocol) is a software protocol that allows users to locate an organization’s data. However, you might consider them very similar to each other because Active Directory is…
Table Of Contents Roles in Active Directory Purpose of FSMO Roles Types of FSMO Roles Functions of FSMO Roles How Roles in Active Directory Work? Active Directory was officially released in February 2000 with Windows 2000 server edition. It is an identity management service that contains all the information and data about a network and…
The delegation of directory administration to those outside of IT is a concept whose time has come. But it can’t be done hap-hazardly; IT needs to define what is being delegated and to whom. We’re at a point in the evolution of our industry that two truths have come to fruition: IT no longer has…
Azure AD Gets on the Group Expiration Bandwagon I recently wrote about the need for group expiration as part of a comprehensive lifecycle approach to group management. It’s a necessary step, given the life of group objects in any of the directories you manage won’t last forever. The only exceptions, generally, lie around built-in administrative-type…
The shift to the cloud has many organizations focused on the productivity features available in a given cloud suite. And M365 is no exception. There’s a long list of applications in M365 – a list that’s continually growing. But, Using M365 isn’t just about productivity; it’s also about security and control for IT. And, like…
At the core of every environment that is designed to make people productive is the need “under the hood” to be able to establish what users of that environment can do, what they can access, and – in many cases, how they can easily communicate with other users. The long-standing methodology (with a few exceptions…
Directories, How Many Are You Really Managing? Directories came from a simpler time – one where a single, on-premise directory was enough. But recent shifts in how businesses leverage technology – such as the digital transformation, and the move to cloud-based applications and infrastructure – have given way to use of SSO (link), concepts like…
In my last article, I introduced the merits of using Single Sign-On within your organization. In it, I discussed the possible security gaps that can multiply as you, in essence, extend your on-prem directory service to include multiple directories. And, while there are security benefits for using SSO – centralized policies and administrative work (which…