Sync Insights now available in Azure AD Connect Health

Howdy folks, We announced Azure AD Connect Health for sync recently in this blog post. It provides you monitoring & notification of the sync component in Azure AD Connect. We’ve just added more functionality to it by offering sync insights. Sync Insights offer 2 key capabilities in this release: Latency of sync operations Object Change…


Azure AD Connect Health now supports RBAC for delegated access!

Howdy folks! This is a short post. A key ask from our customers using Connect Health is to NOT require Azure AD global administrator access for Connect Health. This prevents them from having to add more people than needed to this role. Fear not anymore! We just added RBAC support to Azure AD Connect Health….


Azure AD Connect Health – Top Users with failed username password logins for ADFS

[Update 11/3/2016: Added more information on IP address] Hello! I recently blogged about Alerts in Azure AD Connect Health. Connect Health is more than just being a monitoring system for your identity components on-premises. In addition to monitoring, one of our goals is to use the power of the cloud to provide deeper insights into…


Understanding Alerts in Azure AD Connect Health

Howdy folks! Today, I thought I’d talk about the alert system in Azure AD Connect Health. Azure AD Connect Health is a premium feature of Azure AD that offers monitoring capabilities as well as deep insights into the systems that it monitors. It currently supports monitoring ADFS and will be extended to support monitoring the…


Desktop SSO on Win10 Domain Joined machines using EDGE browser

[Updated on 12/12: Added more strings for Nov ’15 Windows 10 release] [Updated on 3/3: Added simpler step when you don’t have any Windows Phone 10 connecting from inside the corp network] [Updated on 9/13/16: Added more strings for Jul ’16 Windows 10 release – Anniversary Update] Hello, With the recent release of Windows 10,…


Office Modern Auth & ADFS: Making it work

Howdy folks, I’ve worked with a few customers now who have had a few issues when using Office Modern Authentication preview that was announced recently and this post is about a few tips that smoothens out the sign-in experience. Customers who are federated and use ADFS have really looked at Office Modern authentication to provide 2 key…


ADFS 2012 R2 now supports Password Change (not reset) across all devices

Howdy everyone! Today I’m going to blog about password change feature in ADFS. This is not a well-known feature but a very useful one for many organizations. Password change is the ability for a user (in Active Directory Domain Services) to change their password with knowledge of their old password. Note that this is not…


Best practices for establishing federation trust between two organizations.

Hi, Recently, I saw a few questions on best practices for establishing federation trusts. I’ve listed out a few based on past experience with customers. There definitely may be more. Feel free to provide feedback via the comments section. First some terminology: IDP  Identity provider that authenticates the user  FedP  Federation Provider that accepts tokens…


Introducing Sam

Hi, I’m Samuel Devasahayam, a lead Program Manager in the Active Directory team at Microsoft. I’ve been with the Active Directory team since 1998 when I joined after grad school. I drive Active Directory Federation Services as well as some of our recent onboarding efforts for Azure Active Directory/Office 365 through Azure AD Connect. Of…