0

Quick Tip–Verify VHDs Mounted In Hyper-V VMs

Using PowerShell to List All Virtual Hard Disks

If you want to easily view all of the VHD or VHDX files that have been configured on Hyper-V VMs, the below PowerShell command makes this easy.

Since I may use a temporary VHDX as a mechanism to copy files into VMs, it sometimes get left mounted and this makes it easy to see which VM has that particular disk file attached.  Creating a temporary VHDX makes it easier to copy large source files to VMs… Read the rest “Quick Tip–Verify VHDs Mounted In Hyper-V VMs”

1

How To Generate File Hash Using Certutil

Create File Hash using Certutil

Windows has the ability to easily generate a hash for a given file using the Certutil.exe utility.  Administrators may have previously used to this tool when they need to generate TLS certificates or to perform other tasks against AD Certificate Services.  As an example of the former, this was a common task for AD FS certificates as described in this post.

To generate the file hash we will use the … Read the rest “How To Generate File Hash Using Certutil”

0

Quick Tip – How Do I View The Deleted Objects Container

Windows Server 2008 R2 Active Directory added the AD Recycle Bin feature.  This allowed for an easier way to recover from an “oops” moment when a small number of objects were mistakenly deleted.  The option to perform an authoritative restored remains to recover from mass deletion events.  The AD Recycle Bin can be enabled via the AD Admin Centre or AD PowerShell using the Enable-ADOptionalFeatureRead the rest “Quick Tip – How Do I View The Deleted Objects Container”

0

MDI–Assign & Verify Permissions To Deleted Objects Container

Granting Permissins to Deleted Objects Containter for MDI

In Active Directory, the Deleted Objects container is a hidden location where objects reside temporarily after they have been deleted, before they are fully removed by the tombstone or recycle bin process. This container plays a critical role in object recovery and directory hygiene.  By default, permissions on it are limited and the container itself is often overlooked since it is out of sight.

Th… Read the rest “MDI–Assign & Verify Permissions To Deleted Objects Container”

0

Time To Stop Using The Legacy Azure MFA & SSPR Portal

Legacy Azure MFA Portal - Time To Migrate

In today's threat landscape, passwords alone are no longer sufficient to protect access to cloud systems. Enter Multifactor Authentication (MFA): a security mechanism that requires users to present two or more independent validation factors—typically something you know (e.g. password), something you have (e.g. a mobile authenticator or hardware key), or something you are (e.g. biometric data)—befo… Read the rest “Time To Stop Using The Legacy Azure MFA & SSPR Portal”

1

Using PowerCfg To Set Server Power Plan From Command Line

Set Power Plan Via Command Line

Being able to automate and set Power Plan options via the command is useful for both automation and tasks on Server Core.  We can use powercfg.exe to control power plans - also called power schemes - to use the available sleep states, to control the power states of individual devices, and to analyze the system for common energy-efficiency and battery-life problems.

Below are multiple examples of the … Read the rest “Using PowerCfg To Set Server Power Plan From Command Line”

0

Stale DNS Server Blocking Captive Portal Or Simply Inaccessible

Stale DNS Server Entries Causing Issues On Windows 10 and 11

It’s always DNS.  That’s the typical mantra when troubleshooting AD issues.

But what about a fully updated Windows 10/11 machine totally ignoring the DNS server it was told to use via DHCP?  Yes, that unfortunately was a recent problem.  On the machine it appeared to have the public Google DNS server (8.8.8.8) stuck.  Regardless of what network the machine connected to, it ignored the DNS server as… Read the rest “Stale DNS Server Blocking Captive Portal Or Simply Inaccessible”

0

Quick Tip – Easily Allow JIT to Azure VMs In A Resource Group

Azure Portal Connect to VM

Controlling connections to Azure VMs using the just in time (JIT) policy of Microsoft Defender for Cloud (MDC) certainly improves the overall security of the Azure resource.  However, then having to enable JIT on a given VM runs into issues pretty quickly.

Azure Portal Too Permissive

Who thought it was a great idea to have “All configured IPs” as the default option? No thanks – I do not want to enab… Read the rest “Quick Tip – Easily Allow JIT to Azure VMs In A Resource Group”

0

Quick Tip – Easily Start All Azure VMs In A Particular Resource Group

Quick Tip Easily Start Azure VMs Using Azure Cloud Shell

Manually starting up lab VMs is painfully slow, and since many organisations will implement management policy to auutomatically shut them down to save costs you may find yourself powering them on a lot...

While you can set up automated tasks to power them on, not all really need to be running every day.  For example, I always want the DC's running so they are able to maintain replication and there … Read the rest “Quick Tip – Easily Start All Azure VMs In A Particular Resource Group”

0

Kerberos Issues November 2022

Kerberos Issues November 2022

The November 8, 2022 and later Windows updates address a  security bypass and elevation of privilege vulnerability with Authentication Negotiation by using weak RC4-HMAC negotiation.

This update will set AES as the default encryption type for session keys on accounts that are not marked with a default encryption type already.

To help secure your environment, install the Windows update that is dated … Read the rest “Kerberos Issues November 2022”