Friday Five: Windows and Enterprise Mobility #8

Azure AD Domain Services, The Ops Team, Azure AD Application Proxy, Password Cracking and Nested Virtualization

This week, one of the largest tech companies on the planet, Dell, bought one of the largest storage companies on the planet, EMC, and one of Microsoft’s leading enterprise mobility competitors decided to buy an email client that’s not cross platform (doh!). That said those two events only get an honorable mention in my Friday Five this week. Why? Well some things that should really matter to those of us trying to protect our user’s productivity matter much more…

Azure AD Domain Services

Last week I got to hang out and record an Azure AD and Identity show all about Azure AD Domain Services. If you haven’t heard the news…you don’t need to build Domain Controllers in Azure any longer to get domain services. Wait. What? That’s right, Azure AD Domain Services takes objects synchronized from your on-prem Active Directory to an Azure AD and projects a service onto an Azure vNet that servers think is Active Directory.

With this you can domain join your Windows Servers and they’ll experience all the Kerberos authentication goodness you’re used to. You might want to learn more about it in just 10 minutes by watching the show.

The Ops Team

My team and I are also spinning up another new, weekly show where we are going to bring you folks the latest in IT and DevOps news, with our unique spin on it. It’s going to be fun, you’ll learn, you’ll laugh. The show is four guys in a room shooting the breeze and dissecting each other’s news: David covers DevOps, Rick covers Azure, Matt covers Data Center and I cover Windows and Enterprise Mobility. Check out the kick-ass intro below:

Don’t forget to check out the first show!

Azure AD Application Proxy Updates

Azure AD Application Proxy is probably one of my favorite parts of Azure AD, because it’s such a versatile problem solver! The guys made some great updates this last week including moving all the previous preview features to GA, supporting Remote Desktop publishing, supporting complex network topologies and Kerberos with SPNego.

25-GPU cluster cracks every standard Windows password in <6 hours

This Ars article caught my eye this week, a cracking super-cluster was created that can significantly reduce the time for a dictionary attack to occur on a PC. Scary stuff. Read the article and the comments to get informed…of course you’re reading this so you probably already know you need to be moving beyond passwords for user access. Your security posture is going to be significantly improved if you enable simple things like Azure MFA, Microsoft Passport for Work and Windows Hello for biometrics.

Nested Virtualization in Windows 10

Heck, we all build labs, and this is going to make that easier. I’ve been asking for it internally for years and now we have it, done right: Nested Virtualization. There are actually some really cool security features in Windows 10 that take advantage of this tech.

What do you think?