Microsoft Ignite /21/2018 5:56 PM

Slides:



Advertisements
Similar presentations
4/14/2017 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Advertisements

Auditing Active Directory Presented to the National State Auditors Association 2014 Information Technology Conference.
Security and Policy Enforcement Mark Gibson Dave Northey
Understanding Active Directory
Module 1 Introduction to Managing Microsoft® Windows Server® 2008 Environment.
Securing Windows Servers Using Group Policy Objects
Implementing Dynamic Host Configuration Protocol
CIS250 OPERATING SYSTEMS WIN2k Lab # 3 Creating User Accounts Defining User Profiles Creating Groups Setting System Policies.
User Manager for Domains.  Manages the user accounts in a domain  It is located in the PDC  While User Manager exists in each NT machine, but it is.
Hands-On Microsoft Windows Server Security Enhancements in Windows Server 2008 Windows Server 2008 was created to emphasize security –Reduced attack.
5.1 © 2004 Pearson Education, Inc. Lesson 5: Administering User Accounts Exam Microsoft® Windows® 2000 Directory Services Infrastructure Goals 
Securing AD DS Module A 3: Securing AD DS
Module 7: Fundamentals of Administering Windows Server 2008.
Project Server 2003: DC340: Security (Part 1 of 2): How to securely deploy Project Server in an enterprise environment Pradeep GanapathyRaj (PM), Karthik.
Company Confidential 1 A Course on Global Catalog And Flexible Single Master Operations (Fsmo) Roles Prepared for: *Stars* New Horizons Certified Professional.
Global Catalog and Flexible Single Master Operations (FSMO) Roles
Managing Local Users & Groups. OVERVIEW Configure and manage user accounts Manage user account properties Manage user and group rights Configure user.
Get identities to the cloud Mix on-premises and cloud identity for improved PC, mobile, and web productivity Cloud identities help you run your business.
Jess Dodson Righting the Right Rights Active Directory & Domain Security, Administration & Maintenance WIN341 B.
Module 10: Implementing Administrative Templates and Audit Policy.
Chapter 4- Part3. 2 Implementing User Profiles A local user profile is automatically created at the local computer when you log on with an account for.
Configuring, Managing and Maintaining Windows Server® 2008 Servers Course 6419A.
MIS Chapter 41 Chapter 4 – Implementing and Managing Group and Computer Accounts MIS 431 – Created Spring 2006.
Global Catalog and Flexible Single Master Operations (FSMO) Roles BAI516.
11 GLOBAL CATALOG AND FLEXIBLE SINGLE MASTER OPERATIONS (FSMO) ROLES Chapter 4.
ASP.NET 2.0 Security Alex Mackman CM Group Ltd
Agenda  Microsoft Directory Synchronization Tool  Active Directory Federation Server  ADFS Proxy  Hybrid Features – LAB.
Recording Brief EMS Partner Bootcamp Variables Values Module Title
Identity; What you need to know to be in the Microsoft Cloud
How to (un)destroy your Active Directory
Assignment # 8.
Tactic 1: Adopt Least Privilege
Essential Services Module 5.
5/31/2018 3:40 PM BRK3113 How Microsoft IT builds Privileged Access Workstation using Windows 10 and Windows Server 2016 Jian (Jane) Yan Sr. Program Manager.
Four common problems to avoid with your AD FS environment
Configuring Windows Firewall with Advanced Security
O365 & AZURE ADDS Mladen Baranek, Miadria
Global Catalog and Flexible Single Master Operations (FSMO) Roles
Azure AD for the client management guy (or gal!)
Optimizing Microsoft OneDrive for the enterprise
Active Directory Fundamentals
Examine common architectures for hybrid identity
(ITI310) SESSIONS 6-7-8: Active Directory.
9/19/2018 2:49 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Unit 8 NT1330 Client-Server Networking II Date: 8/2/2016
11/15/2018 3:42 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Access and Information Protection Product Overview October 2013
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Five mistakes to avoid when deploying Enterprise Mobility + Security
{ Security Technologies}
Office 365 Identity Management
1/3/2019 1:47 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
A 5-minute overview of ADAudit Plus
Surviving identity management in a hybrid world
BACHELOR’S THESIS DEFENSE
4/9/2019 5:05 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
Global Catalog and Flexible Single Master Operations (FSMO) Roles
Taking Windows Security to the Next Level with Group Policy
M6: Advanced Identity Management topics for Office 365
Office 365 Identity Management
Skype for Business Assessment Results
SQL Server Assessment Results
Active Directory Assessment Results
SharePoint Server Assessment Results
Windows Client Assessment Results
Active Directory Security Assessment Results
Windows without windows...
Azure AD Simon May Technical Evangelist.
Presentation transcript:

Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2015 9/21/2018 5:56 PM Righting the Right Rights: Active Directory & Domain Security, Administration & Maintenance M354 Jess Dodson © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Security Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Accounts Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Accounts – you need more than one! Microsoft Ignite 2015 9/21/2018 5:56 PM Accounts – you need more than one! © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Different Accounts Standard account Desktop admin account Microsoft Ignite 2015 9/21/2018 5:56 PM Different Accounts Standard account Desktop admin account Server admin account Domain admin account © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Domain admin accounts never logon to workstations OR servers Microsoft Ignite 2015 9/21/2018 5:56 PM Domain admin accounts never logon to workstations OR servers © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Limit access to your accounts Microsoft Ignite 2015 9/21/2018 5:56 PM Limit access to your accounts © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Keep accounts out of your admin groups Microsoft Ignite 2015 9/21/2018 5:56 PM Keep accounts out of your admin groups © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Who actually needs to be a Microsoft Ignite 2015 9/21/2018 5:56 PM Who actually needs to be a Domain Admin anyway? © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Passwords Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Do not use the default Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Don’t use the same password…for everything Microsoft Ignite 2015 9/21/2018 5:56 PM Don’t use the same password…for everything © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Make sure passwords EXPIRE Microsoft Ignite 2015 9/21/2018 5:56 PM Make sure passwords EXPIRE © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

longer time between changes Microsoft Ignite 2015 9/21/2018 5:56 PM Longer password = longer time between changes XKCD.com https://telepathwords.research.microsoft.com/ © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Use fine-grained password policies Microsoft Ignite 2015 9/21/2018 5:56 PM Use fine-grained password policies (FGPPs) © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Passwords do not belong in GPP’s… EVER Microsoft Ignite 2015 9/21/2018 5:56 PM Passwords do not belong in GPP’s… EVER (MS14-025) © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2015 9/21/2018 5:56 PM Randomise your local admin passwords – Local Administrator Password Solution (LAPS)! © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Prevent local admin accounts from remotely accessing other systems Microsoft Ignite 2015 9/21/2018 5:56 PM Prevent local admin accounts from remotely accessing other systems © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Servers Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Patch your servers! Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Limit RDP ability Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Only DA’s can access the console of DC’s Microsoft Ignite 2015 9/21/2018 5:56 PM Only DA’s can access the console of DC’s © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Trusts – who actually needs access? Microsoft Ignite 2015 9/21/2018 5:56 PM Trusts – who actually needs access? © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Security Compliance Manager (SCM) – your new bestest friend Microsoft Ignite 2015 9/21/2018 5:56 PM Security Compliance Manager (SCM) – your new bestest friend © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Workstations Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Admin workstation =/= user workstation Microsoft Ignite 2015 9/21/2018 5:56 PM Admin workstation =/= user workstation © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Administration & Maintenance Microsoft Ignite 2015 9/21/2018 5:56 PM Administration & Maintenance © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Account Administration Azure – AADC & AADC Health Microsoft Ignite 2015 9/21/2018 5:56 PM Replication FSMO Roles Time Synchronization Trusts DNS & Networking Event Logs Account Administration Azure – AADC & AADC Health © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Replication Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

repadmin /replsummary Microsoft Ignite 2015 9/21/2018 5:56 PM repadmin /replsummary © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

repadmin /showrepl * /errorsonly Microsoft Ignite 2015 9/21/2018 5:56 PM repadmin /showrepl * /errorsonly © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

repadmin /showutdvec * dc=<domain>,dc=<com> Microsoft Ignite 2015 9/21/2018 5:56 PM repadmin /showutdvec * dc=<domain>,dc=<com> © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

repadmin /queue * Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

repadmin /failcache Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

FSMO Roles Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

netdom query fsmo Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Time Settings Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

W32tm /config /syncfromflags:domhier /update Microsoft Ignite 2015 9/21/2018 5:56 PM w32tm /config /manualpeerlist:<list of time servers> /syncfromflags:manual /reliable:yes /update W32tm /config /syncfromflags:domhier /update © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

w32tm /query /configuration Microsoft Ignite 2015 9/21/2018 5:56 PM w32tm /query /configuration © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Trusts Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

nltest /domain_trusts Microsoft Ignite 2015 9/21/2018 5:56 PM nltest /domain_trusts © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

DNS & Networking Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

type %systemroot%\debug\netlogon.log | findstr NO_CLIENT_SITE Microsoft Ignite 2015 9/21/2018 5:56 PM type %systemroot%\debug\netlogon.log | findstr NO_CLIENT_SITE © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Ports 53 – DNS 389 – LDAP 88 – Kerberos 636 – LDAP SSL 445 – SMB/IP Microsoft Ignite 2015 9/21/2018 5:56 PM Ports 389 – LDAP 636 – LDAP SSL 3268 – LDAP GC 3269 – LDAP GC SSL 135 – EPC, EPM 53 – DNS 88 – Kerberos 445 – SMB/IP 139 – NetBIOS Session Port 123 – NTP Time Services © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Event Logs Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

System Events 29: Time synchronization failure Microsoft Ignite 2015 9/21/2018 5:56 PM System Events 29: Time synchronization failure 55: Possible file system corruption 1056: DHCP service is running on a DC without credentials 16645: RID Pool depleted 16650: Account-identifier failed to initialize © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

DNS Events 5774: DNS registration failure Microsoft Ignite 2015 9/21/2018 5:56 PM DNS Events 5774: DNS registration failure 5775: DNS de-registration failure 5781: DNS registration or deregistration failure © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Security & Directory Service events Microsoft Ignite 2015 9/21/2018 5:56 PM Security & Directory Service events ALL events © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Advanced Audit Policies (GPO) Microsoft Ignite 2015 9/21/2018 5:56 PM Advanced Audit Policies (GPO) Computer Configuration – Windows Settings – Security Settings – Advanced Audit Configuration © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Account Monitoring & Administration Microsoft Ignite 2015 9/21/2018 5:56 PM Account Monitoring & Administration © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Account lockout failures & failed login attempts Microsoft Ignite 2015 9/21/2018 5:56 PM Account lockout failures & failed login attempts © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2015 9/21/2018 5:56 PM Check admin group memberships & monitor addition/removal from security groups Enterprise Admins Schema Admins Domain Admins Administrators Backup Operators Event Log Readers Remote Management Users Server Operators © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

ALL THE THINGS! Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

dcdiag /c Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Active Directory Connect - Synchronization Service Manager Microsoft Ignite 2015 9/21/2018 5:56 PM Azure Active Directory Connect - Synchronization Service Manager © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Active Directory Connect - Synchronization Service Manager Microsoft Ignite 2015 9/21/2018 5:56 PM Azure Active Directory Connect - Synchronization Service Manager status = success Office 365 - Settings - > Organization profile -> Technical Contact © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Active Directory Connect Health Microsoft Ignite 2015 9/21/2018 5:56 PM Azure Active Directory Connect Health Requires Azure AD Premium Requires agent on each identity server Out-of-the-box monitoring – very little configuration Monitors AD DS & AD FS + AADC sync info https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnect-health/ © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Azure Active Directory Connect Health Microsoft Ignite 2015 Azure Active Directory Connect Health 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Continue your Ignite learning path Microsoft Ignite 2015 9/21/2018 5:56 PM Continue your Ignite learning path Pass-the-Hash Attacks http://bit.ly/2dVT0ng Securing Active Directory: Best Practices http://aka.ms/bpsad Microsoft Security Compliance Manager http://aka.ms/scm Advanced Audit Policies http://bit.ly/2dMctaU LAPS https://adsecurity.org/?p=1790 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Continue your Ignite learning path Microsoft Ignite 2015 9/21/2018 5:56 PM Continue your Ignite learning path AD Security & Administration http://girl-germs.com/?p=459 Regular AD Maintenance & Checks http://girl-germs.com/?p=564 FGPP’s & PSO’s http://girl-germs.com/?p=967 Advanced Audit Policy EventID info https://girl-germs.com/?p=363 DC Security Logs http://girl-germs.com/?p=1538 © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Contact me! Twitter: @girlgerms (best way!) Microsoft Ignite 2015 9/21/2018 5:56 PM Contact me! Twitter: @girlgerms (best way!) Email: jess@girl-germs.com Linkedin: https://au.linkedin.com/in/jrdodson Blog: http://girl-germs.com © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Questions? Microsoft Ignite 2015 9/21/2018 5:56 PM © 2015 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.