Tuesday , August 4 2020

Active Directory

Group Write Back Permission issue

Just enabled Office 365 Group Write Back permission in my Azure AD Connect. It started generating permission issues. Even though it was running the latest version on a fresh green field tenant. Group Write Back Permission issue was visible in my Azure AD Connect Server. Verified its running the proper …

Read More »

Renewing ADFS Token Signing Certificate

Token signing certificates are standard X509 certificates that is used to securely sign all tokens that the federation server issues. Token decryption certificates are standard X509 certificates that is used to decrypt any incoming tokens. They are also published in federation metadata. Single Sign on breaks if it expires. In …

Read More »

Hardening Azure AD Connect Service Account

There are some scenarios where user used “Use Existing AD Account” and used a domain admin or Enterprise admin account where this account doesn’t require high privilege permissions.Lets see how to harden them by removing the enterprise admin or domain admin permission and provided only limited permissions only. Once you …

Read More »

Configuring Mimecast with Office 365

Lets see how to synchronize azure active directory users by providing Azure Active Directory API Permissions with mimecast directory synchronization and configure inbound and outbound mail flow with mimecast. Currently On-Premise Exchange server Configured in Hybrid Mode and Azure AD Connect is Configured with Password hash Synchronization. We will move …

Read More »