• Josh Rickard liked comment of Jack on Manage Amazon AWS S3 with PowerShell. (So far, Jack has 1 likes for this comment.) 3 years, 10 months ago

  • You can manage Amazon's Simple Storage Service (S3) cloud storage solution with help of the Amazon Web Services AWS Tools for PowerShell. In this post, I will introduce you to the cmdlets that allow you access S3.

  • Hello Daniel,

    Certain policies can only be applied once in a domain and those are typically in a Default Domain Policy. For example, password policy can only be applied once in a domain and will trump anywhere else that it is configured.

    If a OU has blocked inherentance but the parent (or any parent above it) with enforce enabled will trump that blocked inheritance setting.

    Does that answer your question?

  • In my last post, I explained how to install Docker and how to run containers. Today, we will walk through creating a Docker container using a Dockerfile.

  • Docker is an operating-system level virtualization technology that allows you to isolate applications in so-called containers without the overhead of conventional virtual machines. In this post, you'll learn how to install Docker on Windows and run your first containers.

  • Whether you are a pro with PowerShell or a beginner, PowerShell ISE snippets can speed up your scripting and assist when you are unsure of formatting.

  • In this post, I explain how to create a PowerShell function to process CSV data. This allows you to reuse your code whenever you are working with CSV files in PowerShell.

  • Group Policy order can be confusing. To understand how exactly Windows applies one GPO (Group Policy Object) versus another, you can use the "LSD OU" rule.

  • Luc, thanks for commenting!  Yeah, I have used -File but -Command seems to work better in some (weird) situations.  Also, I actually choose NOT to use -Noninteractive and -Noprofile parameters.  This is because I actually use these to alert for malicious activity.  These parameters are typically (https://www.sans.org/summit-archives/file/summit-archive-1492186586.pdf) used by malicious actors, so when my workstation logs are forwarded to my SIEM then I can setup alerts for specific keywords. 🙂

    I wonder if this would be interested to anyone as blog post?

    Thanks!

  • DeployGuy, thank you for commenting!  Yes, you hit the nail on the head!  I have definitely seen this in the wild and it works great for gathering system inventory without SCCM or another inventory tool.  Thanks again for commenting, and sorry for the late reply (was on vacation for a bit. 🙂 )

  • Hey Vinicius, you are correct!  I have definitely done both, but adding the members explicitly to restricted groups ensures that no one is "injected" into a group without first having a layer of approval to that GPO to edit said group.  By adding to the member of, all the permissions I technically need is OU Admin rights (which, we can compromise by phishing another IT member 🙂 ).

    You are correct though, adding by group definitely has it's place and benefit!

    Thanks!

  • Josh Rickard liked comment of VINICIUS DELLAGLIO on %COMMENT_POST%. (So far, VINICIUS DELLAGLIO has 3 likes for this comment.) 4 years, 5 months ago

  • Hey Luc, sorry for the late reply.  I was away on vacation for a bit. 🙂  You can apply a GPO to manage the Domain Admin group in any location.  It really depends on if you have alerting or any automation to notify if your Domain Admin group gets changed.  If you do not, then you can apply it at the root of your domain.  This will ensure that it is applied anytime that Group Policy is updated.  If you do, then I would still apply it at the root of your domain and adjust my alerting (but that's me).

    If you are using Domain Admins on your systems (workstations & servers) then you will want to make sure that any changes made to the Domain Admin group is applied and reflected across your systems as quick as possible.  You may not want to wait 90 minutes for permissions to update on a server/workstation.

    Thanks and sorry again for the late reply.

  • To run a PowerShell script on multiple computers via Group Policy, you can work with an Immediate Scheduled Task. The main advantage over logon scripts is that you can execute your script with admin rights.

  • Group Policy allows you to add and remove users to an Active Directory (AD) group. Using this feature improves security because you can ensure that high-risk security groups only contain the users that you specify via Group Policy.

  • Josh Rickard liked comment of David Figueroa on %COMMENT_POST%. (So far, David Figueroa has 1 likes for this comment.) 4 years, 6 months ago

  • Josh Rickard liked comment of Kirill Nikolaev on %COMMENT_POST%. (So far, Kirill Nikolaev has 1 likes for this comment.) 4 years, 6 months ago

  • Josh Rickard liked comment of Itamar on %COMMENT_POST%. (So far, Itamar has 1 likes for this comment.) 4 years, 6 months ago

  • Thank you all! If someone wants to add a Pull Request I'll review and accept. If not, I will add this functionality as soon as I have time.

    Thank you for reading!

  • Load More
© 4sysops 2006 - 2021

CONTACT US

Please ask IT administration questions in the forums. Any other messages are welcome.

Sending

Log in with your credentials

or    

Forgot your details?

Create Account