-
I was recently on a call with a customer who had migrated their VMs to a new Hyper-V host (and away from VMWare) and had a few Ubuntu VMs for hosting their PHP stack of applications. Part of the call we were doing a review of some of the VMs and the customer complained that […]
-
I was recently engaged to review a organisation’s Entra configuration around Password Security and their Conditional Access policies. Now I’ve seen tenants with the number of policies ranging from a handful to hundreds of policies over the years, these guys had about 50, which is still quite a few to go through by hand. Now […]
-
I was recently building a PoC Lab environment for a client where I only had a couple of virtual machines to play with to build a Remote Desktop Services environment to host a line of business application. I needed to be able to publish the application as a Remote App as well as have a […]
-
I was recently in a bit of a bind and needed to get a large file from a server to another workstation, the server had IIS and was already live on the internet but when I copied across the file and tried to download it but was getting a 404 File not found. The file […]
-
I’ve been recently doing some consulting for a school using a piece of software (a SIS called Synergetic) that uses Crystal Reports and switching to a new workstation has meant there were a few things I needed to get set up again. One of the frustrations I quickly found was that the Data Expert view […]
-
An MSP I do some consulting for use PRTG for their monitoring of environments. SNMP is a lightweight monitoring method for PRTG which trumps WMI monitoring. and doesn’t require admin rights on the local machine (or the shortcut of using a domain admin account). I’ve got a quick PowerShell script that will install the SNMP […]
-
Licensing your Entra Administrator accounts for email is a common practice to ensure you are across service health updates, user, security and billing alerts but by doing this it introduces security risks and additional costs for mailbox licensing. As a best practice, privileged accounts should remain isolated from unnecessary communication channels to minimise vulnerabilities or […]
-
Over the years I’ve come across a number of different environments with many running Active Directory in many different states. Replication is an important part of ensuring that your AD environment is healthy and highly available to service end users. I’ve compiled some notes around Active Directory Replication commands and gathering information. Firstly, just give […]
-
I was recently doing a new FortiGate deployment for a customer and one of the requirements included setting up Deep Packet SSL Inspection for their users. The customer already has an Internal CA so we generated a certificate for the FortiGate to use for encryption and clients already trusted the certificate as it was part […]
-
One thing I like to get going whenever taking on a new tenant or client is the password protection features. By Default, Entra already has some password protection for your cloud users which detects and blocks known weak passwords such as password and password123 or qwerty as well as looking at well-known passwords that are […]
-
So I’m working on getting all of our external systems connected into the CrowdStrike Next-Gen SIEM as part of our internal Falcon Complete tenancy. Following the documentation in the CrowdStrike portal, getting and installing the Log Collector and setting up the connector were a pretty straightforward affair. I’ve got a Windows VM setup as a […]
-
I was recently decommissioning an old file and print server and one of the final tasks on our list was moving printers from one to another. It’s been a while since I’ve done this using vanilla print management, but happy to know there is now an import/export wizard for Printers. Since the source is 2019 […]
-
I was recently helping out a colleague in implementing and testing some new conditional access policies around Geo Blocking and we wanted to understand if what we had setup was going to work. Traditionally this can be quite difficult depending on your scenarios, however Microsoft have recently introduced What If, so that you can test […]
-
I have a usb of Ventoy in my everyday carry, it has Windows, Linux and Recovery images and has saved my bacon a number of times over the years. In my lab environment outside of the VM Host it can often be difficult to get exactly what I need loaded quickly, especially when my bag […]
-
One of our FortiWeb clients is releasing a new app and they’ve requested us to block IPs not associated with Australia. There are a number of ways we can achieve this whether it’s via the FortiWeb, a FortiGate in front or other methods. In this instance, we’ll be using the FortiWeb IP Protection feature. This […]
A Windows System Admin's Blog
Covering Server Administration, Endpoint Management, Scripting and Network Management