Windows Azure identity management has lagged behind the mature on-premises Active Directory. But Microsoft has made strides to make both access management options equal citizens (and in turn, is making the cloud offering more appetizing to weary administrators).
The company delivered more enhancements to Windows Azure Active Directory this week, including a big security enhancement.
Large companies have been the recent target of major user data theft, and one of the ways Microsoft hopes to combat this is through two factor authentication.
If enabled for a user, when a user correctly inputs their password when logging in, a code will be text messaged to their phone in order to gain access to the server. This isn’t quite ready for primetime, Microsoft marks the feature as a “preview” — meaning some parts might not work.
User account creation also came to the Windows Azure AD interface. This gives administrators the ability to manage user subscriptions right in the Windows Azure Portal. Role based access control also comes to Azure AD, allowing admins to assign other users as administrators. Removing and adding users now also works right from the Azure Portal.
Microsoft also made available the previously announced ability to sync and federate Windows Server AD with Windows Azure AD. When a change is made on Windows Server, it automatically syncs to the Azure Portal, and vice versa.
Windows Azure has gained credibility among corporate IT recently with its pricing and feature improvements.
What do you think of the latest changes to Windows Azure? Are you using Windows Azure AD? Let us know in the comments below, or find us on Twitter @SearchWinServer.
For our monthly feature, we round up the most popular content from the previous month and share it with you.
IE, Exchange vulnerabilities highlight near-record Patch Tuesday
In a Patch Tuesday that almost broke the record set in April 2011, 57 patches were issued for vulnerabilities in Windows Server, Internet Explorer and Oracle’s Outside In library. Other critical patches were issued for media codecs in older OSs.
How to work without the GUI in Windows Server 2012
There are good reasons for keeping the Modern UI in Windows Server 2012, but if admins want to skip it, there are options for ways to work around the GUI, including third-party apps that bring back the Start menu and moving as many tools as possible to the desktop.
How to use PowerShell to pass info to remote computers
If admins need to execute something locally and share it with remote computers, PowerShell remoting can ease the process with specific techniques that include parameter blocks and inputting specific variables.
Using PowerShell script prompts for input
There are many ways admins can make and run a script prompt for input in PowerShell, but our expert says the best way to do it is to let PowerShell do most of the work and to make some small but effective changes to the coding.
What content from February was most helpful for you? Let us know in the comments or on Twitter @SearchWinServer.
It’s not Patch Tuesday, but there are updates admins should look for this week as Microsoft delivers updates across its portfolio of recent operating systems.
A tool is now available for Windows Server 2008 R2 and Windows 7 which checks for inconsistencies and potential errors with software updates. The Software Update Tool checks the integrity of a few folders and repairs any issues with registry data.
A platform update is also available for Windows 7 and Windows Server 2008 R2. The update fixes a number of components, including the Windows Imaging Component and Direct3D.
Windows Server 2012 Essentials, the home business version of the server operating system, received server-side fixes in its first rollup update. It adds the option to use a third-party hosted email service and updates the .NET framework to a new version.
What do you think of this news? Let us know in the comments or on Twitter @SearchWinServer.
Microsoft may release major platform updates on a yearly basis — including Windows Server — if a rumor is true.
Mary Jo Foley reported that a tipster told her the codename “Windows Blue” we’ve heard about will not only apply to Windows on the desktop, but also to Windows Server and Windows Services like SkyDrive and Office365.
“Blue is a wave of product refreshes which are not expected to arrive exactly all on the same day, but which are meant to be released more or less around the same time,” Foley wrote.
Foley further added credence to the rumor with a screenshot of a Microsoft employee’s LinkedIn profile containing references to the Windows Blue project.
The Blue update wouldn’t likely mean Microsoft would release a product called “Windows Server 2013” this year and “Windows Server 2014” the next. Rather, these updates would be distributed directly to admins by some means.
The iterative, yearly nature of this rumored strategy would be new for Microsoft, but its competitors on the desktop have moved to this with some success. Apple has released a “major” upgrade of its Mac OS X every year for the last three years.
These latest rumors ask more questions than they answer: Are they just more frequent Service Pack updates? Will they cost anything extra? How much of a headache will this cause admins?
What do you think of this news? Let us know in the comments or on Twitter @SearchWinServer.
Even though it’s only 28 days long, February will still be a busy one for admins after Microsoft announced its most recent batch of fixes for this month’s Patch Tuesday.
The company released an advance security bulletin this week that includes 12 bulletins. Five bulletins are marked as critical and seven are marked as important.
All of February’s critical bulletins address remote code execution vulnerabilities. Multiple versions of Windows Server and Internet Explorer, as well as Windows RT, are affected.
The seven important bulletins address denial of service and elevation of privilege vulnerabilities. Multiple versions of Windows Server are affected.
This is the second month in a row Internet Explorer has received attention for vulnerabilities. Last month, an Internet Explorer zero-day exploit led Microsoft to post a workaround outside of the Patch Tuesday fixes, and later patch out-of-band.
What do you think of this month’s patches? Let us know in the comments on this post, or on Twitter @SearchWinServer.
Microsoft released a pair of add-ons for System Center Configuration Manager 2012 and an update to an existing tool on Monday.
The Configuration Manager Toolkit comes with a wide range of utilities that would aid Configuration Manager management and troubleshooting.
For instance, Client Spy will troubleshoot problems with application distribution and software metering, and Policy Spy allows admins to check the policy system of Configuration Manager client systems.
Power Viewer would do exactly what one would expect: view the power management status on client machines.
Also included in the toolkit is the Security Configuration Wizard Template, which intends to reduce the attack surface for Windows Server 2008 R2.
In all, there are nine tools in the kit, which are all available for download from Microsoft’s site.
The company also released a new version of its Physical to Virtual (P2V) Migration Toolkit. The toolkit allows admins to support migrations in remote offices that don’t have Virtual Machine Manager infrastructure onsite. Note that the P2V toolkit will no longer be supported by Microsoft on July 27 of this year.
Finally, the Package Conversion Manager received an update, allowing System Center Configuration Manager 2007 packages to System Center 2012 SP1.
Are you using Configuration Manager? What do you think of these new tools? Let us know in the comments below, or on Twitter @SearchWinServ.
In our monthly feature, we compile the previous month’s most popular content to share with you.
For the first month of the new year, our readers were most interested in content that covered the pros and cons of running Server Core, iSCSI Targets, cost savings with Hyper-V 3.0 and news items about IE exploits and a service pack.
Remote code execution IE exploit not covered in January Patch Tuesday
News of an IE exploit made the rounds in admin circles, but what was surprising to some is that a fix didn’t make it into the monthly Patch Tuesday. An out-of-cycle fix was eventually released the following week. Included in the month’s Patch Tuesday were critical fixes for Microsoft’s XML implementation and Print Spooler components.
General availability comes for System Center 2012 SP1
Admins looking for Windows Server 2012 and SQL Server 2012 support could finally get it after System Center 2012 SP1 became generally available. There were also fixes for bugs in the suite of management products as well as a new version of Windows Intune.
How to decide if running Server Core in Windows Server 2012 is right for you
Our expert broke down the pros and cons of using Server Core in Windows Server 2012. Some things admins should consider before using it are its smaller attack surface and its virtualization benefits, but also its steep learning curve and its potential compatibility issues.
Using iSCSI Targets in Windows Server 2012 Failover Clusters
Now that iSCSI Targets come bundled with Windows Server 2012, admins looking to take advantage of it will want to know how to configure them. This tip provides a step-by-step process to make sure you can make the most of it.
How Hyper-V 3.0 can provide major cost savings in virtualization
It’s getting easier than ever to have a reliable and complete virtualized environment with Hyper-V, especially in terms of using little to no cash to make it happen. Our expert offers some hints about things admins can do and look for to make the best virtualized environment for their IT shops.
Microsoft is delivering a hotfix for a crasher that affects a Windows Server 2012-based failover cluster after applying a specific update.
If a user installed an update for the .NET 4.5 framework, it could cause crashes for the failover cluster management snap-in on a Windows Server 2012 cluster.
Admins can download the fix from Windows Update or from Microsoft’s website.
In November, Microsoft also pushed a hotfix for an error message displayed after a restore.
Have you deployed the hotfixes available? Did you experience the crash? Let us know in the comments, or on Twitter @SearchWinServ.
Microsoft last week released a System Center Monitoring Pack for Remote Access 2012, bringing support for DirectAccess and Routing and Remote Access.
Specifically, with DirectAccess monitoring, the pack can alert System Center users of issues with internal and external adapter connections and settings. It also contains shortcuts to help protect against network security threats like DOS attacks or spoofs.
The pack also works with VPN monitoring, which displays information about connection failures, configuration issues, hardware problems and more.
This might have slipped under your radar: Microsoft released a service pack for Forefront Identity Manager 2010 R2 last week.
The updated product brings performance improvements, especially when upgrading from Forefront Identity Manager (FIM) 2010 to the R2 release. The company said that the waiting time to upgrade can be cut from hours to days for large-scale service databases.
FIM 2010 R2 SP1 adds support for Active Directory 2012 within the management agent for Active Directory Domain Services. Similarly, it supports the recently released Exchange 2013.
It also adds additional cmdlet support for PowerShell. Plus, it adds support for third-party Sun and Oracle directory servers.
Check out the full list of changes on Microsoft’s website.
Back in September, the company axed many of the products within the suite, even shifting around some of the names of the products.