tspring

The Identity and Directory Service related blog of Tim Springston...Microsoft employee, software engineer and all around outstanding person.

Performing Azure Key Vault Inventory

Years ago, a colleague and I were chatting about cloud services and we both came to the conclusion...

Date: 06/26/2017

(Updated) Federated to Microsoft Cloud and Account Lockouts

An important requirement to federated single sign on is the availability of the federated network...

Date: 01/20/2017

Easy Parsing of ADFS Security Audit Events

I recently saw an internet meme going around that showed a sticker shaped like a cloud and in the...

Date: 02/17/2016

Checking for SHA1 Signatures using PowerShell

Certificates are complex. They can be tough to view and difficult to understand. This is even more...

Date: 12/07/2015

Authorization and Getting User Group Memberships

It’s a pretty common occurrence where I have to help determine why a particular user or users are...

Date: 05/11/2015

Making Secure Administration Work: StartScriptAsProcess.ps1

A recommended security practice nowadays is to use a less privileged account when logging into...

Date: 04/27/2015

A Day at the SPA

Note: “A Day at the SPA” is the first in series for updates and republish of “Tspring’s Greatest...

Date: 03/23/2015

Discovering AD Trust Topology

Though many of today’s information technology topics revolve around “the cloud”...

Date: 03/10/2015

Poor Man’s Guide to Troubleshooting TLS Failures

Network security has never been more of a hot topic than it is now. There are many different driving...

Date: 02/23/2015

Golden Ticket! You lose! Good day, sir! (Updated)

In unique situations it is possible for a malicious person-who has already compromised a computer...

Date: 01/30/2015

Trimming Down the Certificate Trust List

Public Key Infrastructure (PKI) relies on the certificates which are being utilized to be issued...

Date: 01/08/2015

Changes Brought By Modern Media

When I was a kid growing up I recall the Sunday paper. Every Sunday-and for our family only on...

Date: 12/17/2014

Microsoft Online UserCheck Tool: Getting a Cloud User Data Snapshot

About a year and a half ago I published a script on the TechNet script gallery which uses the...

Date: 12/03/2014

No Matter Where You Go, There You Are: Retrieving Data from Active Directory

One of the more common things IT Pros who work with Active Directory need to do is actually view or...

Date: 11/03/2014

Viewing and Purging Cached Kerberos Tickets

Kerberos is one of the more complicated technologies we deal with at Microsoft support. It is...

Date: 06/23/2014

Getting A Handle on Server Network Logon Statistics

Windows servers can run into situations where it may be mighty handy to get a better understanding...

Date: 04/28/2014

Now Available On the Web: CSS Directory Services Diagnostics

One of the most valuable things a support person can do is to create automation which can replicate...

Date: 08/28/2013

Token Bloat Apparently Not Caused By Spicy Food

Who knew, right? Token bloat, also known as the MaxTokenSize problem, is a Windows security...

Date: 07/25/2013

Moving Day

Welcome to my new TechNet blog! For about seven years I posted to my old TechNet blog about...

Date: 07/24/2013