Microsoft Active Directory remains a key piece of IT infrastructure for most enterprises. In order to help customers integrate their Active Directory infrastructure with cloud applications like Office 365, OneLogin has to stay in tune with AD’s latest developments (WAAD Graph API anyone?).
So, I asked our engineering team as well as select customers who are their top Active Directory integration, security or identity management experts—and then whittled down the list to people we thought were valuable to follow on Twitter or via their blogs.
For each person we selected, we gave our reasons as to why we thought these people were valuable contributors to the Active Directory community, plus we asked each one to offer an Active Directory integration, security or identity management tip, as well as “the one thing you should never do!”
Oh, one more thing, we focused on folks that didn’t work for Microsoft as we wanted to highlight Active Directory integration experts that could offer more of an independent perspective.
Agree with us? Disagree with us? Who should be on this list that we didn’t even consider?
In alphabetical order by first name…
1) Brian Desmond
We at OneLogin were privileged to work with Brian on a webinar and whitepaper on Choosing the Right Active Directory Integration Framework for Your Cloud Application Portfolio.
Clients fly Brian Desmond across the country and around the globe to design and implement their most challenging Active Directory and Identity Management Solutions. In addition to having written THE book on Active Directory, Brian is a Microsoft MVP for Directory Services ten times over.
Brian’s Active Directory advice for 2014:
Active Directory tip: Branch out and start learning about the new technologies that are leveraging Active Directory - AD FS, Work Folders, Dynamic Access Control, etc.
The one thing you should never do: Don’t let yourself become complacent. Active Directory is a core service on many networks that should be managed and secured with a matching level of detail.
2) Joe Richards
Joe is well known for his portfolio of free Active Directory utilities. As Joe puts it “You often hear something isn’t possible on Windows and in reality the issue is more often a lacking in the available tools.” Joe is a Microsoft MVP many times over for Directory Services, Windows Server, Security, and Active Directory Programming. He has over 27 years of professional IT experience including 12 years in the deep technical workings of Active Directory in large enterprises.
We were unable to reach Joe for comment, but check out his awesome utilities!
3) Jorge de Almeida Pinto
Jorge is a lead consultant on IT architecture based in The Netherlands. He’s a Microsoft MVP for Directory Services six times over and has written numerous technical articles on Windows Server, Active Directory, ILM/FIM and ADFS. He’s also a frequent speaker at Microsoft Tech Days conferences.
Jorge’s Active Directory advice for 2014:
Active Directory tip: Know what you have, know what you manage, know how to manage, don’t take it for granted!
The one thing you should never do: Don’t ever browse the internet (e.g. reading news, etc) from your domain controllers.
4) John Policelli
John Policelli is a senior solutions architect specializing in Identity & Access Management, Unified Communications, Collaboration, Messaging, and Server Infrastructure. John is a Microsoft MVP for Directory Services six times over and holds too many IT certifications to mention. John is a published author and regular contributor to Microsoft training and certification.
John’s Active Directory advice for 2014:
Active Directory tip: Embrace the Cloud - Microsoft is pushing Cloud more than ever. Organizations of all sizes are moving to the Cloud. There are several Microsoft technologies that Directory Services experts should be familiar with as the movement to the Cloud unfolds. If you don’t know FIM, ADFS, WAAD, now is the time to learn these technologies.
The one thing you should never do: Underestimate the importance of securing your Active Directory. Active Directory is the foundation for virtually all Microsoft products. A breach of your Active Directory can severely impact business. Ensure your Active Directory is properly secured, and revalidate this on a regular basis.
5) Mark Parris
Mark Parris is a Microsoft MVP in Directory Services six times over and one of the few Microsoft Certified Masters in Directory Services in the world outside of Microsoft.
Mark has over 20 years of Experience in IT, specializing in Active Directory and Windows Server.
Mark’s Active Directory advice for 2014:
Active Directory tip: It amazes me still how many people get this wrong, but always define your Active Directory sites correctly, mapping subnets to sites. After DNS this has caused me the most issues and not only with Active Directory but Active Directory site aware services, such as Microsoft’s DFS (Distributed File System) and SCCM (System Center Configuration Manager).
The one thing you should never do: Stop learning, there is always something you do not know about the technology you are working with.
6) Sean Deuby
Sean Deuby, technical director for Windows IT Pro and SQL Server Pro, has over 25 years’ experience in enterprise IT. He spent 10 years with Intel Corporation, where he was one of the architects of Intel’s corporate Active Directory forest and the design engineer of the Directory Services team. Microsoft has awarded Sean the MVP (Most Valuable Professional) distinction for Directory Services every year since 2004.
Sean’s Active Directory advice for 2014:
Active Directory tip: Take a long, hard look at normalizing the Active Directory data in your company, both within your forest(s) and between them. If you hope to have any success in using your on-premises identities from AD and other identity databases to achieve single sign on with cloud apps, these apps must see a unified view of your employee’s identities. You can use the Microsoft IdFix utility to take a first look at the state of your identity data.
The one thing you should never do: Play around with the /experthelp options of REPADMIN in a production environment. If you ignore this advice, just leave your badge with the security guard as you quit the company; it’ll save you several sleepless nights trying to repair the damage you’ve done!