Découvrez pourquoi et comment renforcer la sécurité des comptes de votre Active Directory en réponse à l'émergence d'attaquants assistés par IA.

Le post Active Directory : pourquoi l’IA accélère les attaques sur les mots de passe en 2026 ? a été publié sur IT-Connect.

Microsoft Entra Connect Sync et Entra Cloud Sync sont deux outils de synchronisation des identités entre l'Active Directory et Entra ID, mais lequel choisir ?

Le post Microsoft Entra Connect vs Cloud Sync : quel moteur de synchronisation choisir ? a été publié sur IT-Connect.

Starting with the February 2026 preview updates for Windows 11 24H2 and 25H2, Microsoft has made Group Policy Preferences (GPP) debug logging configurable directly in Local Group Policy via gpedit.msc. Previously, these settings were primarily managed through domain-based Group Policy Objects (GPOs); enabling them via Local Group Policy typically required manually copying the GroupPolicyPreferences .admx/.adml templates into the local PolicyDefinitions store. You can now enable per-CSE (client-side extension) event logging and file-based tracing on individual client devices without a domain controller.

Source

L'outil CeWL facilite les attaques ciblées grâce à la création d'un dictionnaire de mots de passe spécifique à une entreprise : comment s'en protéger ?

Le post Comment l’outil CeWL peut aider un pirate à générer une wordlist sur mesure pour casser vos mots de passe ? a été publié sur IT-Connect.

Microsoft Entra Connect will enforce new security hardening measures starting March 2026 to prevent SyncJacking, a sophisticated attack technique that exploits synchronization mechanisms to hijack privileged accounts in hybrid identity environments.

Source

Apprenez à utiliser l'outil repadmin pour vérifier l'état de santé de la réplication Active Directory, que ce soit pour l'audit ou le dépannage.

Le post repadmin : l’outil indispensable pour vérifier l’état de santé de la réplication Active Directory a été publié sur IT-Connect.

Microsoft released version 1.2.0 of the Microsoft Entra PowerShell module, introducing production-ready support for Agent Identity Blueprints, enhanced application configuration parameters, and modernized invitation APIs. This update consolidates Agent Identity functionality into the main module and delivers new cmdlets for automated identity management across Microsoft Entra ID environments.

Source

Microsoft has initiated a critical security hardening phase for Windows Active Directory domain controllers to address CVE-2026-20833, a Kerberos vulnerability that enables Kerberoasting attacks by allowing attackers to exploit weak RC4 encryption. The January 2026 security updates mark the beginning of a phased transition that will disable RC4 encryption by default and enforce AES-SHA1 as the standard encryption method for Kerberos authentication.

Source

Microsoft Entra ID introduces synced passkeys to simplify multi-factor authentication and reduce the security risks associated with traditional methods such as passwords and SMS codes. This feature, announced at Microsoft Ignite 2025, enables users to authenticate with biometrics or device PINs without entering passwords when syncing credentials across devices via cloud-based passkey providers. The implementation also includes high-assurance account recovery using government-issued ID verification to restore access when users lose all authentication methods.

Source

Microsoft is enforcing stricter Content Security Policy (CSP) for Entra ID authentication, blocking unauthorized scripts from executing during sign-in. Organizations using browser extensions or third-party tools that inject scripts into login.microsoftonline.com must identify and replace these tools before enforcement, as they will stop functioning while users can still sign in successfully.

Source

IS Decisions’ UserLock is an identity-and-access-management (IAM) tool that adds multi-factor authentication (MFA), contextual access controls, session management, and login auditing to on-premises (or hybrid) Microsoft Active Directory environments to secure and manage all user access. UserLock 13.0 introduces a redesigned interface and strengthened security features for Active Directory environments. The release focuses on simplified navigation, certificate-based authentication, and improved remote access management while maintaining the solution's core identity and access management capabilities.

Source

Recent Microsoft Entra and Windows updates introduce multiple changes across authentication, identity management, and access control. The updates include an option to replace the legacy EdgeHTML WebView with the Chromium-based WebView2 for Entra ID authentication flows, improved identity constructs for AI agents, public preview support for synced passkeys, and expanded self-service account recovery. Additional changes cover jailbreak detection in Microsoft Authenticator, enforcement of a stricter Content Security Policy for browser-based sign-ins, updates to session revocation behavior, and new capabilities in Entra ID Governance, External ID, and Global Secure Access.

Source

Microsoft Entra External ID now supports SMS-based verification for self-service password reset (SSPR), providing external users an additional recovery method beyond email one-time passcodes. The feature entered public preview in September 2025 and includes built-in fraud protection through integration with Microsoft's Phone Reputation platform.

Source