As you may know, Microsoft has announced a new Windows Server management experience to manage on-premises system with the Honolulu project. The Honolulu project delivers a more modern interface for managing on-premises system through a web interface with no cloud footprint (no dependency what so ever with Azure or other clouds services). In this post […]
Windows Server – Honolulu technical preview Read More »
Windows Defender Advanced Threat Protection (ATP) is a security functionality built in Windows 10 to help detecting, investigating and protecting against threats, introduced with Windows 10 build 1607 (or known as Anniversary Build). In this post, I’m going to implement ATP integrated with SCCM Current Branch (you can request a trial for ATP here http://aka.ms/register-wdatp)
Windows 10 – Windows Defender Advanced Threat Protection Read More »
UPDATE this post has an updated version here https://t.co/W3AUonuSR9 Following my post to create an SCCM device collection for Windows Core (https://t.co/ZGdL91Vkht), I wanted to do the same to identify all Azure AD Joined device. So the first thing was to find how to identify an Azure AD Joined device; and the answer is with
SCCM – Identify Azure AD Joined device Read More »
There is a lot of resources available on Internet to create System Center Configuration Manager device collection based on the operating system but none are helpful to create a device collection to identify all Windows Core servers, especially Windows Server 2016 Core as there is no more switching between Core and UI. So after digging
SCCM – Create a device collection for Core server Read More »
After announcing last June that Windows Server 2016 will also have his own Insider program and builds, Microsoft has released the first Windows Insider build (build 16237). As for Windows 10, Preview builds are not aimed to be production ready, so you may expect some glitch. To start running your own Windows Server preview you
Windows Server 2016 – First Windows Server Insider build available Read More »
The Windows ADK for Windows 10 Creator Update (build 1703) is now available for download at https://developer.microsoft.com/en-us/windows/hardware/windows-assessment-deployment-kit\
With ADFS 4, you can easily enable device authentication as authentication method. This authentication method was already available in ADFS 3 but only as additional authentication method; with ADFS 4 this becomes also available as primary authentication method. Upgrade Active Directory Federation schema This step is required if already have deployed a previous version
ADFS 4 – Enable device authentication method Read More »
One of the improvements with ADFS 4 (on Windows Server 2016) is the integration of Azure MFA as multi factor authentication method as well as primary authentication method; you can still use the certificate based or the Azure MFA Server (see http://blog.hametbenoit.info/2014/08/18/azure-use-windows-azure-multi-factor-authentication-to-secure-your-on-premises-application-and-with-your-adfs/) for the multi factor methods. If you want to enable Azure MFA with
As you may know, a quick way to test your ADFS deployment is to access the idpinitiatedsignon sign page. As usual, I tried it after deploying my new ADFS 4.0 server and… got this error message The resource you are trying to access is not available. Contact your administrator for more information. And the
Windows Server 2016 – ADFS 4 idpinitiatedsignon is disabled by default Read More »
You may already know that ADFS 3.0 (on Windows Server 2012 R2) already supports certificate authentication BUT using a different communication port than 443 (in fact 49443). With ADFS 4.0 (on Windows Server 2016), the certificate authentication can now use the 443 communication port, making thing easier to implement multi factor authentication using user certificate.
Windows Server 2016 – ADFS 4.0 now support certificate authentication on port 443 Read More »
