The new way to avoid exposing port 3389 in Azure – Bastion!

Microsoft has released the public preview for Azure Bastion, allowing an additional factor and separate subnet to be your protection from the hordes of hackers who scan the Internet every day looking for open port 3389 with easy passwords or vulnerable patch-level. And things are simpler for you as well - no more unnecessary PIP's … Continue reading The new way to avoid exposing port 3389 in Azure – Bastion!

System Center Configuration Manager – “Error Deploying Windows 10 In Place Upgrades with McAfee DLP Endpoint”

The Issue Trying to do an In Place Windows 10 Upgrade with McAfee DLP Endpoint fails. As soon as the Operating System is applied the machine restarts and simply starts up to the "Repair" screen. The Investigation In this case the In Place Upgrade was being performed by System Center Configuration Manager using an In … Continue reading System Center Configuration Manager – “Error Deploying Windows 10 In Place Upgrades with McAfee DLP Endpoint”

Using SCCM DCM Feature to monitor GPO application in the environment

The Issue A Common issue that keeps being experienced across customer sites, is the application of Group Policies on machines By default when a GPO is created and linked, it should apply to all the machines that the policy was linked to, and in most cases this works pretty perfectly, however, how do you know … Continue reading Using SCCM DCM Feature to monitor GPO application in the environment

Security – Transport Layer Security(TLS) 1.2 Calculation

Enabling TLS and SSL on Windows machines requires you to set registry keys. https://support.microsoft.com/en-us/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-default-secure-protocols-in-wi 2. If you want to enable more than one (In case you are scared not using TLS 1.1 or 1.0 will break your websites), you need to add up the values in Calculator in Programmer mode and choosing HEX (800+200+20) = … Continue reading Security – Transport Layer Security(TLS) 1.2 Calculation

System Center Configuration Manager – Powershell Query .MIF .SID and .SIC files in inboxes

The Issue Is there a script that can 'read' through the Configuration Manager inboxes ( \Microsoft Configuration Manager\inboxes\auth\sinv.box\BADSinv) and can output/return a list of computer names which failed their software inventory? There was a similar query that does this for Hardware Inventory by Querying *.MIF files $ConfigMgrBoxPath = "C:\Program Files\Microsoft Configuration Manager\inboxes\auth\dataldr.box\BADMIFS" Get-ChildItem -Path $ConfigMgrBoxPath … Continue reading System Center Configuration Manager – Powershell Query .MIF .SID and .SIC files in inboxes

System Center Configuration Manager – PXE Error – “Windows Failed to start Status: 0xc0000001”

The Issue When using System Center Configuration Manager to image machine the download of the boot image freezes and stops. The error message "Windows Failed to start" Status: 0xc0000001. The Investigation If you are familiar with Configuration Manager Operating System Deployment and PXE process then below concepts will be easy to grasp. Event Viewer : … Continue reading System Center Configuration Manager – PXE Error – “Windows Failed to start Status: 0xc0000001”

System Center Configuration Manager – Keep User Domain Profile after reloading

The issue: A Task sequence was used to reload a machine from Windows 7/10 to Windows 10 that has User Data on the D: Drive and Operating system on the C: Drive. After the machine was added to the domain the user data was put back to the D: drive but upon first login a … Continue reading System Center Configuration Manager – Keep User Domain Profile after reloading