Hotfix rollup package is available for MIM 2016 SP1 (Build

A large new hotfix rollup package is available for Microsoft Identity Manager 2016 SP1 (MIM 2016).

It has a lot of fixes and enhancements in it. Build Version is

Hotfix rollup package (build is available for Microsoft Identity Manager 2016 SP1

You can download it from here.

Continue reading “Hotfix rollup package is available for MIM 2016 SP1 (Build”


Note-to-self: New deployment guides for AAD authentication

I was quite busy the last weeks and month to migrate a lot of customers from ADFS to mostly Password Hash Sync (PHS) combined with Seamless SSO for Azure AD authentication.

While documenting all that projects on my own, I recently find pre-written deployment guides for authentication from the Deployment Plan Team at Microsoft.

The new deployment guides covering the following scenarios: Continue reading “Note-to-self: New deployment guides for AAD authentication”

Azure AD Connect high (100%) CPU usage after update

Today I updated my demo lab VMs with the latest patches from July 2018.

Some time after the reboot the machine starts to use 100% CPU ending in slow responses to nearly become unusable.

From the task manager (takes 30-60 seconds to start) I could see one process consuming all the CPU power:


Continue reading “Azure AD Connect high (100%) CPU usage after update”

Azure AD: New roles and administrator blade

Finally, 2 or 3 weeks ago (I think) Microsoft has implemented a new Azure AD blade most admins awaited a long time. It’s the “Roles and Administrator” overview with some additional information on what permissions those roles are given.

You don’t need to leverage PowerShell any more to get a list of all your Azure AD admins and which roles they are in. Privileged Identity Management has that listing since a long time but requires an AAD P2 license. The new feature is available for all customers incl. AAD Free.

Go to the Azure AD blade and you find the new experience called “Roles and Administrators

Continue reading “Azure AD: New roles and administrator blade”

Where Azure AD stores identity data (European related)

Customers often asks me where their identity data is stored exactly.

So in general you know that most identity data stays in the region where your tenant is created but some attribute are synchronized anyway to the US regions.
“Some” ? But which one exactly ?

There is a document from Microsoft that clears up that:
Where does Microsoft Azure Active Directory (Azure AD) store identity data for European customers

The following identity-related attributes will be replicated to the United States:

Continue reading “Where Azure AD stores identity data (European related)”