A curated hub of my most valued scripts, tools, blogs, and best practices across the Identity landscape—including Active Directory, Entra ID (Azure AD), SSO, MFA, and hybrid identity solutions.
Whether you’re an admin, architect, engineer, or security professional, you’ll find handpicked resources to streamline identity management, enhance security, and solve real-world challenges.
What's Included
- Active Directory (on-prem & hybrid)
- Entra ID / Azure AD (cloud identity, SSO, MFA)
- SSO & Federation (SSO, external identity)
- Identity Security & Hardening (zero trust, privileged access, passwordless)
- Hybrid & Migration (Entra Connect, identity lifecycle management)
Quick Jump
Scripts
Invoke-EntraAppReport.ps1 (Blog Post)
PowerShell script for exporting and auditing enterprise applications (service principals) in Entra ID (Azure AD), including assignment, sign-in, and permissions data.
Personal note: Essential for visibility into app usage, staleness, and risk in Entra ID. Streamlines audits that would otherwise require multiple Graph queries.Invoke-EntraAuthReport (Blog Post)
PowerShell script for reporting Entra ID authentication methods usage and status.
Personal note: Great for quickly auditing user auth method enrollments and gaps.
Tools
ADFastReporter
Fast, user-friendly tool for generating Active Directory reports—including users, groups, computers, and more.
Personal note: Perfect for quick audits and exportable CSV reports without PowerShell. Free version covers most common needs.GPOZaurr
Powerful PowerShell module for auditing, reporting, and troubleshooting Group Policy Objects (GPOs) in AD environments.
Personal note: Indispensable for deep GPO analysis and cleanup—especially before domain upgrades or security hardening.Maester
Cloud-based AD and Entra ID security assessment tool. Offers fast, automated health checks and risk reports for hybrid identity environments.
Personal note: Excellent for at-a-glance hybrid security posture, and for comparing on-prem AD with Entra ID risks. Free tier covers most essentials.PingCastle
Free Active Directory security assessment and risk scoring.
Personal note: Fantastic for getting a security “pulse check” with straightforward remediation reports.Purple Knight
Free, comprehensive AD security risk assessment by Semperis.
Personal note: Uncovers modern attack paths and exposures; pairs well with PingCastle for thorough reviews.Testimo
Open-source PowerShell-based AD health and security assessment framework.
Personal note: One of the best automated ways to validate and document AD health for audits or migrations.
Blogs & Articles
- OurCloud Network
Deep dives, practical guides, and regular updates on Microsoft cloud, Entra ID, security, and automation topics.
Personal note: One of my go-to sources for new features, scripts, and best practices across Entra ID and M365. The author frequently releases actionable PowerShell scripts and reporting tools.
Documentation
Best Practices
- Conditional Access Framework v4
Comprehensive, step-by-step framework for architecting, deploying, and maintaining Microsoft Entra ID Conditional Access in modern environments—includes principles, policy templates, diagrams, and tuning advice.
Personal note: My top reference for any organization looking to build or mature their CA strategy. Deeply practical, well-maintained, and widely respected in the identity/security community.