The dMSA Migration Factory: How Windows Server 2025 Finally Fixed Service AccountsJul 9, 2026·14 min read
Just-In-Time Privilege Elevation for Windows Server 2025 dMSAsServerless, Passwordless, JIT Elevation using Azure ArcJul 13, 2026·12 min read
Why securing Microsoft Graph Command Line Tools mattersGraph PowerShell is one of the most convenient ways to work with Microsoft Graph. It's also one of the easiest ways to accidentally expand what a user can read or change across your tenant. If you've Apr 30, 2026·20 min read
The Path to Success for Governing AI Agents with Microsoft Entra Agent IDIntroduction Most organizations do not wake up one morning and decide to run an agent fleet. It happens in increments. A Copilot appears to summarize meetings. A bot gets introduced to triage requestsMar 31, 2026·17 min read
Microsoft Entra Group Source of Authority Conversion with Cloud Sync WritebackThis post explores a specific hybrid identity scenario: taking a group synchronized from Active Directory Domain Services (AD DS), changing its Source of Authority (SOA) to Microsoft Entra, and then uMar 13, 2026·15 min read
Enhance Entra Identity Governance with Azure Event GridMicrosoft Graph change notifications are a great building block, but the “classic” model (hosting a public HTTPS webhook) tends to get uncomfortable fast and won't make you any friends in the Cybersecurity or Networking/Gateway teams to manage the in...Feb 1, 2026·13 min read
Building a Secure Password Reset API with Azure Functions, Easy Auth, and LDAPSIntroduction In my previous infrastructure blog, we built a disposable Active Directory lab: a domain controller in its own subnet, a function app in another, Key Vault for secrets, and just enough networking glue to make it feel like a real hybrid e...Jan 14, 2026·10 min read
Workload Identity Risk and Remediation with Microsoft Graph & PowerShellIntroduction Here's a problem you might not be tracking as closely as you should: every workload identity in your Entra ID tenant—the service principals and app registrations powering your automation, CI/CD pipelines, and third-party integrations—is ...Dec 31, 2025·22 min read