Category: Other
-
Even strong passwords are… stupid
While this blog is mostly focused around passwords and how to ensure people can login, the new direction within Microsoft is to get rid of passwords. I can already feel the shock from many security officers reading this post, but hear us (eeuh Microsoft) out on this one. Passwords are by default unsecure, they require…
-
Azure Stack Development Kit – Deployment overview (troubles)
Side Note: The experience of ASDK as described in this post are based on the late July bits of Azure Stack on a Dell T710. Future experience might (I certainly hope so..) be better and more integrated.. The T710 described in an earlier topic was purchased to run Azure Stack. And while I’m still waiting…
-
The hardware
Sometimes I get the question; what do you work with.? as in .. which computers.. and to provide an answer: This “oh look at my hardware” post.. or more like “the hardware pissing contest equivalent” on many of the blogs.. In short, I don’t like to buy brand new stuff.. its expensive, it looses value like…
-
PowerBI Gateway and Proxies
The PowerBI Gateway can be used to connect on-premises database sources into PowerBI, Microsoft Flow, Logic Apps and PowerApps. The advantages are many, and if installed correctly it will work flawlessly. However, the default install of the connector is based on the gateway being able to connect directly to the internet. While it’s the fastest…
-
Pass the Hash
When you create a new forest or new domain, you use the Domain Admin credentials. Through the use of the “Administrator” account you can control each and every workstation and server. You can install Exchange, System Center products and much much more. But Microsoft is probably thinking twice now about the framework they have chosen…
-
RDS Gateway through WAP
I’ve been trying to get RDS Gateway to work behind my WAP proxy server which is included in Windows Server 2012 R2 and v.Next version. While it is possible to implement ADFS based authentication based on the URL: http://technet.microsoft.com/en-us/library/dn765486.aspx But what if we wanted to publish the simple RDS Gateway on our backend server for…
-
Geo-Clustering
Geo Clustering exists in many options, and dependent highly on the requirements and technical capability. This post is to discuss some options and things to consider before deploying any geo-cluster. Data GEO- Redundancy The first dependency in clustering is storage capability. Data from the workload in the cluster will be written to disk and that…
-
Data Offloaded Transfers – ODX
As we are seeing more and more Windows 2012 based Clouds and services.. I wanted to alert you to the following technology which is becoming more and more available in backend storage systems (and Windows 2012): ODX If you are implementing Hyper-V, File services or any other Windows Server 2012 with a backend SAN…
-
Mitigating attacks on your Active Directory network
Microsoft released a new whitepaper this week that gives an insight in why you should protect your privileged accounts. One of the techniques described is the PassTheHash attack which is a sophisticated attack but fairly easy to execute. These attacks have been seen in the “field” and are being used today. If you work with…
-
MBAM – Install guide – tips
So as promised.. the install guide.. or at least some small tips as the installation is not that hard.. First of all, we are going to use a three server architecture. One server for the databases, one for the administration and monitoring and a group policy server. To start, we need to create some groups…
-
Microsoft BitLocker Administration & Monitoring – intro
Why we should BitLocker (or any other drive encryption) should be clear. A stolen laptop is only worth as much as the retrievable data on it + the value of the laptop. In large enterprises this could be millions of dollars, but for personal use this could lead to embarrassment or worse. But enterprises seem…