Choose the right sign-in option to connect to Azure AD & Office 365

Howdy folks! Azure AD connects organization of all sizes to Office 365 and other SaaS applications in a seamless and secure manner. A good deal of our customers synchronize their identities from an on-premises Active Directory. For these customers, signing in with their existing work credentials is the recommended and most common approach. In this…


Restore your AD FS farm the easy way!

Howdy folks! Today, I wanted to talk about a new way to easily backup and restore your ADFS farm. As you know, ADFS usage continues to grow actively connecting users to their on-premises applications (such as SharePoint, Skype for Business Servers) as well as connecting them to Office 365 and other Azure AD applications. In…


ADFS: Certificate Authentication with Azure AD & Office 365

Howdy folks! Azure AD just announced GA support for certificate authentication in this blog post! I’ve had a few folks asking me about how to configure ADFS for this. So, here are some instructions and gotchas for it. Before we get started, do note that certificate authentication partially worked before this recent additional to Azure…


Sync Insights now available in Azure AD Connect Health

Howdy folks, We announced Azure AD Connect Health for sync recently in this blog post. It provides you monitoring & notification of the sync component in Azure AD Connect. We’ve just added more functionality to it by offering sync insights. Sync Insights offer 2 key capabilities in this release: Latency of sync operations Object Change…


Azure AD Connect Health now supports RBAC for delegated access!

Howdy folks! This is a short post. A key ask from our customers using Connect Health is to NOT require Azure AD global administrator access for Connect Health. This prevents them from having to add more people than needed to this role. Fear not anymore! We just added RBAC support to Azure AD Connect Health….


Azure AD Connect Health – Top Users with failed username password logins for ADFS

[Update 11/3/2016: Added more information on IP address] Hello! I recently blogged about Alerts in Azure AD Connect Health. Connect Health is more than just being a monitoring system for your identity components on-premises. In addition to monitoring, one of our goals is to use the power of the cloud to provide deeper insights into…


Understanding Alerts in Azure AD Connect Health

Howdy folks! Today, I thought I’d talk about the alert system in Azure AD Connect Health. Azure AD Connect Health is a premium feature of Azure AD that offers monitoring capabilities as well as deep insights into the systems that it monitors. It currently supports monitoring ADFS and will be extended to support monitoring the…


Desktop SSO on Win10 Domain Joined machines using EDGE browser

[Updated on 12/12: Added more strings for Nov ’15 Windows 10 release] [Updated on 3/3: Added simpler step when you don’t have any Windows Phone 10 connecting from inside the corp network] [Updated on 9/13/16: Added more strings for Jul ’16 Windows 10 release – Anniversary Update] Hello, With the recent release of Windows 10,…


Office Modern Auth & ADFS: Making it work

Howdy folks, I’ve worked with a few customers now who have had a few issues when using Office Modern Authentication preview that was announced recently and this post is about a few tips that smoothens out the sign-in experience. Customers who are federated and use ADFS have really looked at Office Modern authentication to provide 2 key…


ADFS 2012 R2 now supports Password Change (not reset) across all devices

Howdy everyone! Today I’m going to blog about password change feature in ADFS. This is not a well-known feature but a very useful one for many organizations. Password change is the ability for a user (in Active Directory Domain Services) to change their password with knowledge of their old password. Note that this is not…