Introduction One of the recommendations to protect privileged accounts from credential theft is to prevent administrative accounts from exposing credentials to unsecure computers, on this post I will show you how to protect administrative accounts using Authentication Policies and Silos. Definition A quick definition from Microsoft web site.Authentication policy silos and the accompanying policies provide … Continue reading Protect Administrative Accounts with Authentication Policies and Silos
Introduction:In the previous blog we looked at the two paths, "whitelisting" and "blacklisting", you could follow implementing AppLocker. In this blog I will look at the AppLocker Rules, Rule Conditions and how to enforce them.NB. The Application Identity service is required to run for AppLocker to function. This can be configured in a GPO to … Continue reading AppLocker – Part 2
Introduction:AppLocker has been around for a few years and whilst the concept is very simple, the implementation can get very complex. In this series of blogs, I will look at AppLocker rules and the implementation of these rules . Blacklisting vs WhitelistingThe first decision you face to decide if your organization can benefit from deploying … Continue reading AppLocker – Part 1
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory. Fine-Grained Password Policies (FGPP) have been around for a while, but in my experience with various customers, they aren't used often, if at all. This post is an attempt to simplify them, provide some details and list some … Continue reading AD: Nitty Gritty of Fine-Grained Password Policies
Microsoft has released the public preview for Azure Bastion, allowing an additional factor and separate subnet to be your protection from the hordes of hackers who scan the Internet every day looking for open port 3389 with easy passwords or vulnerable patch-level. And things are simpler for you as well - no more unnecessary PIP's … Continue reading The new way to avoid exposing port 3389 in Azure – Bastion!
a Question that was raised this week by quite a few customers is around importing updates into the SCCM environment, that are not available on WSUS, but are on Microsoft Update. The below steps will guide you through the steps to get the updates into the environment quickly As per the CVV article, there are … Continue reading Quick blog – Importing Updates into WSUS – CVE-2019-1367
The Issue A Common issue that keeps being experienced across customer sites, is the application of Group Policies on machines By default when a GPO is created and linked, it should apply to all the machines that the policy was linked to, and in most cases this works pretty perfectly, however, how do you know … Continue reading Using SCCM DCM Feature to monitor GPO application in the environment