I can describe ADFS (Active Directory Federation Services) as the de-facto standard service to extend Active Directory as an Identity provider to inside or outside the organisation in order to achieve the Single-Sign-On (SSO) experience and Security that modern systems/users needs and expects.
The first version of ADFS was an additional download of Windows 2003 R2, but started to get popular and used as a service in Windows Server 2008/2008 R2.
Microsoft Azure AD Connect with Azure AD or products offered by Okta or Auth0 (just to name a few) started to make of ADFS federation redundant in the past 3-4 years, but a lot of functionalities have been added in the last version of ADFS with Windows Server 2019 which made it still relevant.
In my humble opinion, ADFS is not dead yet! Continue reading “Workaround ADFS errors when using certificates with CNG Keys”
The first quarter of 2020 changed our personal and professional life in a lot of ways. I’ve read a lot of articles around the trends of adoption of cloud services and all software that should facilitate the challenge of enabling in every country the same practices and processes of working remotely.
During the last couple of months, I’ve received from small-medium businesses owners and IT professionals the same question how to transition smoothly and quickly. Working in the operations field for mid-large organisations it required me to step back from the most obvious and structured approaches and be more flexible and down-to-earth.
Continue reading “Working Remotely – Different solutions for Small Businesses with Powershell and SSH Tunnels”
Monitoring is an important activity in IT operations, it’s essential for correlating the state of all the moving parts of our systems and applications and create a big picture of the health of the whole environment. Before going down the rabbit hole of complicated monitoring tools and techniques let’s start with define a that monitoring can be subjective and on a case-by-case can be very basic or detailed and can let you choose a specific tool or strategy. There is no one-size-fits-all. This week I needed to implement a custom check to monitor the network load/usage on any Windows OS and instead of looking for a third-party tool and deploying maybe another agent on servers I wrote a Powershell script to perform this activity.
Continue reading “Monitoring the Network Load with Powershell”
Last December NIST announced this vulnerability CVE-2019-19781 and soon after that Citrix published this page CVE-2019-19781 – Vulnerability in Citrix Application Delivery Controller, Citrix Gateway, and Citrix SD-WAN WANOP appliance and released a verification tool supporting clients for finding out if they were vulnerable or not: CVE-2019-19781 – Verification Tool
A verification tool is addressed to an IT specialist who works these solutions and needs to quickly assess if the software or appliance is affected by this vulnerability. Continue reading “Comparing Citrix CVE Verification Tool to a one-liner bash script”