The dMSA Migration Factory: How Windows Server 2025 Finally Fixed Service AccountsEvery infrastructure engineer has a story about a service account. Maybe it was the SQL Server Agent credential whose password expired on a Friday night, taking down a production ETL pipeline. Maybe iJul 9, 2026·14 min read
The Path to Success for Governing AI Agents with Microsoft Entra Agent IDIntroduction Most organizations do not wake up one morning and decide to run an agent fleet. It happens in increments. A Copilot appears to summarize meetings. A bot gets introduced to triage requestsMar 31, 2026·17 min read
Microsoft Entra Group Source of Authority Conversion with Cloud Sync WritebackThis post explores a specific hybrid identity scenario: taking a group synchronized from Active Directory Domain Services (AD DS), changing its Source of Authority (SOA) to Microsoft Entra, and then uMar 13, 2026·15 min read
Enhance Entra Identity Governance with Azure Event GridMicrosoft Graph change notifications are a great building block, but the “classic” model (hosting a public HTTPS webhook) tends to get uncomfortable fast and won't make you any friends in the Cybersecurity or Networking/Gateway teams to manage the in...Feb 1, 2026·13 min read
Building a Secure Password Reset API with Azure Functions, Easy Auth, and LDAPSIntroduction In my previous infrastructure blog, we built a disposable Active Directory lab: a domain controller in its own subnet, a function app in another, Key Vault for secrets, and just enough networking glue to make it feel like a real hybrid e...Jan 14, 2026·10 min read
Workload Identity Risk and Remediation with Microsoft Graph & PowerShellIntroduction Here's a problem you might not be tracking as closely as you should: every workload identity in your Entra ID tenant—the service principals and app registrations powering your automation, CI/CD pipelines, and third-party integrations—is ...Dec 31, 2025·22 min read
Zero-to-DC: Building a Disposable Active Directory Lab in Azure with Bicep and PowerShellIntroduction This all started from a very practical problem: I wanted a disposable, repeatable Active Directory lab I could spin up for demos, tutorials, and future blog posts (stay tuned). I needed something I could tear down and rebuild without fea...Dec 14, 2025·15 min read