incomplete code snippet
bgavin commented on Windows Defender Application Control (WDAC): Secure Windows 10 / 11 against malicious apps and rogue drivers with recommended WDAC block rules 19 hours, 43 minutes ago
Interesting article.
It appears the Windows open operating system is going the direction of the Mac and many commercial firewalls. It is moving away from Promiscuous mode to Restricted. I’m not a Mac guy, but I can understand the value of a closed system, same as a closed firewall, to keep the bad actors at bay.1. Note, if your organisation has disabled RDP for security reasons, **do not** go about with processes like this to enable it, unless you have the specific blessing of that team.
2. PsExec is a very handy tool, to be sure. But it is a huge security risk and will be flagged as a malicious executable by many AV systems. This is because it is literally just too powerful 🙂 So don’t run this on any corporate network without first talking to your security team.
Group Policy should always be the preferred course of action which negates the need for any of these actions in the first place.
But for home users, the write-up is ideal. :thumbsup:Amnesia commented on Migrating roles and features to Windows Server 2022 using WSMT 1 day, 9 hours ago
I was having trouble with memory errors when running WSMT (2016 -> 2022).
I came across this page looking for a solution.
I followed the instructions given and found the solution immediately.
Thank you very much.
From Tokyo,Japan.Mohammad Usama commented on Configuring data loss prevention for email from the Compliance Center in Microsoft 365 1 day, 15 hours ago
Hi,
Can we setup alerts for emails that breach our DLP policies?
bgavin commented on Pulumi vs. Terraform 1 day, 18 hours ago
Wow… that was a very impressive article.
I have just under 50 years in the computer business, and it all went over my head.
My last employed position was doing PowerShell automation for system deployment.After reading the above, I see just how much the world has moved on.
Kudos to those who can, and do, work in the above environment.
I’m glad to be retired now.Note that while Windows Contacts also offers a vCard export option, a long-standing bug in all versions (Vista through 11) converts Unicode characters to question marks in the VCF files (CSV export does not suffer from this issue): https://tinyapps.org/blog/201402210715_editing_vcards_with_bash.html
Bob Larkin commented on Importing PST files to Office 365 with LAE Software PST Migrator 5 days, 18 hours ago
It’s not a question of how worthy it is. It’s a question of what is going to happen.
And this IS going to happen. I read up on how the tool works and it will find and copy every email in every pst the end users have regardless of where it resides, with the exception of copies of pst files with the same contents.
Many of these end users also have legal obligations to retain emails for extensive amounts of time. So, like I said, this is going to happen. So how is performance affected when it is moving the contents of say a 20 gb pst file to the archive? And if it’s local, how long would that take? And if they still (many do) have their pst’s on network drives and are on vpn. how will that affect performance?Bob Larkin commented on Importing PST files to Office 365 with LAE Software PST Migrator 5 days, 18 hours ago
I am in IT at a global IT company working in an enterprise environment. While the video was educational, I don’t see how Outlook performance will not be degraded if the pst migrator tool is moving literally 10’s of gigabytes of data, often over a vpn connection to a network drive.
Even if the files are all local, I have personally seen pst files in the 60 gb and higher range or a number of them totaling that much space. How is moving that much data not going to impact Outlook performance and what measures can be implemented in the event this occurs? I saw the configuration guide but at my level, I won’t have access to that. I’m fairly certain they are deploying via gpo. What kinds of issues HAVE you seen with this software?Good idea there, didn’t know that option existed, will come in useful.
You can get directly to the path regardless of the user using this rather than having to put in username too:
%userprofile%contacts
Mark commented on
Test-NetConnection vs. Test-Connection – Testing a network connection with PowerShell 6 days, 6 hours ago
Is there any way that i can use powershell or powercli to test if port open or not and then tell where packet gets dropped and what is the interface ip
Fabian Riechsteiner commented on LAPS in Windows 11: Password encryption and DSRM account management 6 days, 9 hours ago
As soon as the restored machine boots it will contact the domain and set a new password.
If you only want some files use file level recovery.
If you want the full machine but not connected to the network get the attribute from your AD backup (you backup your AD, right?) or boot from a DaRT CD and use Locksmith to set a new local admin PW.
I can’t see any problem.
Hi Mohammed,
Thank you for a clear and neat explanation of affinity and anti-affinity rules.
fivesoul commented on LAPS in Windows 11: Password encryption and DSRM account management 1 week ago
Same with me. LAPs is useless. More damage from curing…
Peter Wisse commented on LAPS in Windows 11: Password encryption and DSRM account management 1 week ago
We are using LAPS and facing the next issue.
When we have to restore a machine from the backup before the moment the LAPS password has changed ,we cannot login with the local administrator account.
Do you have a solution for this issue?Hi Graham,
very useful post for users who wish to track daily spend proactively. thanks.
One question, on this topic. AWS organizations with multi account setup and have centralised billing. In such cases, If we setup this daily spend alerts at root account, Is it going to send consolidated spend of all member accounts including root account?
Regards
GaneshHow is this? Rather than try to grant permissions to a folder when it becomes created, what about just giving authenticated users full-control of the outer folder which already is there?
How do I define “all users”appdatalocal? That is all I need. I can grant full control to the local folder with inheritable permissions inward. I just can’t figure out the correct syntax to define the all-usersappdatalocal folder.
Hello,
I haven’t tried this. However, I will check and let you know. This is the link where they explain about advanced hunting query language.Michael Webber commented on
Get-ADComputer – Display computers in OU or AD group with PowerShell 1 week, 2 days ago
I used this to get the OU:
Get-ADComputer -Filter {OperatingSystem -Like “*Server*”} -Properties * | select Name, @{n=’OU’;e={$_.canonicalname -replace “/$($_.cn)”,””}}, Enabled
Mohammad commented on Troubleshoot 401 – Unauthorized: Access is denied due to invalid credentials in IIS 1 week, 2 days ago
Thank you so much saved the day
- Load More