Enable TLS 1.2 for the Entra Connect Server (Microsoft Learn Scripts)
Part 3 of the Entra Connect series. We’ve covered the prerequisites (Part 1) and staged the installer files (Part 2). Now we need a server to run Entra Connect on.…
Tag: Hybrid Identity
Download Two Entra Connect Versions: Stage the Lab for an Upgrade Demo
Part 1 of this series covered the prerequisites for installing Microsoft Entra Connect. Now Part 2: stage the installer files. The catch — we want TWO versions, not one. The…
Microsoft Entra Connect Prerequisites: The Nine-Bucket Pre-Install Checklist
Microsoft Entra Connect is the bridge between your on-prem Active Directory and your Entra ID (formerly Azure AD) tenant. It runs on a Windows server in your environment and handles…
Microsoft Entra Password Protection for On-Prem AD: The Clean Teardown
The previous two posts in this series stood up Microsoft Entra Password Protection on an on-prem AD forest — Part 1 walked the architecture and prerequisites, Part 2 walked the…
Microsoft Entra Password Protection for On-Prem AD: The Deployment Walk
Part 1 of this series covered the architecture and prerequisites — the cloud-versus-on-prem split, the proxy-as-egress design, the network ports, the licensing matrix, the FRS-versus-DFSR Sysvol gotcha. With those out…
Microsoft Entra Password Protection for On-Prem AD: Architecture and Prerequisites
Standard Active Directory password policy enforces shape — minimum length, complexity, history, age. Shape doesn’t catch P@ssw.rd or Admin@123: both pass complexity; both are in every credential-stuffing wordlist on the…
Change Users UPN with PowerShell
Configure your on-premises Active Directory UPNs before syncing to Office 365. Add an alternative UPN suffix in AD Domains and Trusts, then bulk-change every user's UPN with Get-ADForest / Set-ADForest and Get-ADUser / Set-ADUser - either across the whole forest or scoped to a single OU. Verification commands included.
Configure Active Directory to Support Additional Domain Names
Add an alternative UPN suffix to your AD forest so users can sign in as user@infotechninja.com without renaming the domain. Walks the optional internal DNS zone, the AD Domains and Trusts registration, the per-user assignment, and the Microsoft 365 hybrid pre-flight (domain verification, UPN audit, sign-in mode). Includes the Set-ADForest / Set-ADUser PowerShell equivalents and the common mistakes (wrong right-click, suffix vs email, forgetting public DNS validation).