OPS106: How to be an AD hybrid health hero

This post has been republished via RSS; it originally appeared at: ITOps Talk Blog articles.

Once you've connected your identity to Azure AD, how do you ensure it continues to function as expected? In this session, you'll learn how to keep your hybrid identity environment healthy, across different Active Directory and Azure Active Directory scenarios.

Speakers:

Mark Moroczynski - Principal Program Manager, Identity

Grace Picking - Program Manager, Azure Active Directory

This session includes:

00:00:00 Introduction

00:00:56 Turn on MFA for your Admins - MFA, Conditional Access or Azure AD Privileged Identity Management
00:01:43 Resiliency - 1 cloud-only admin account.
00:02:14 Authentication Stack Health
00:02:33 Azure AD Connect Health
00:04:23 ADFS Connect Health Setup
00:06:12 ADFS Extranet/Smart Lockout Enablement
00:11:51 Operations matter to Enterprise Security!
00:15:49 Bad password attempt report
00:16:53 Risky IP report
00:18:02 Defender for Identity supports ADFS
00:18:42 ADFS parting thoughts - Treat ADFS like a Tier 0 resource, updated and harden long-term ADFS deployments or move to Password Hash Sync or Passthru Authentication
00:21:02 Seamless SSO - details and operational health
00:24:21 Rolling Seamless SSO Keys
00:25:14 Pass Through Authentication - details and operational health
00:29:31 Password Hash Sync
00:31:37 AAD Connect Sync Health - sync process and security
00:40:23 Monitor your AAD Connect Health
00:44:15 Failover & Backup
00:48:58 Logs
00:50:13 Azure AD and Azure Monitor
00:52:00 SIEM Integration
00:53:34 Non-interactive User Sign-In Logs
00:56:14 Service Principal Sign-In Logs
00:57:19 Managed Identities Logs
00:58:04 Provisioning Logs
01:00:00 lastSignInDateTime
01:03:36 Go Dos!