Local Administrator Password Solution (LAPS) Implementation Hints and Security Nerd Commentary (including mini threat model)

Hi, Jessica Payne from Microsoft Enterprise Cybersecurity Group’s Global Incident Response and Recovery team guest starring on the Platforms PFE blog today. Credential theft is a major problem in the security landscape today. Matching local administrator passwords in an environment often contribute to that problem and are a popular target for bad guys. Far more… Read more

Finding Pesky Stale DNS SRV Records

  Good day to you all – Dougga here with a simple post today using tools you know.   Stale DNS SRV records are common due to no scavenging on DNS zones and each zone has to be setup correctly to have this happen. So, I have often found the "contoso.com" setup correctly, but the… Read more

Using PowerShell for Message Analyzer Text Log Parsers

Using PowerShell for Message Analyzer Text Log Parsers Hi Everyone, Brandon Wilson here with you again to discuss how to use PowerShell to generate parsed data output for log files for Message Analyzer (otherwise known as .matp files). Today we will focus on the text log parsers available as of Message Analyzer 1.3.1, so depending… Read more

How To Provide Feedback On Windows Server

Hey y’all, Mark here. Today is a national holiday in the USA which means technically, for me, Dante from Clerks would say, “I’m not even supposed to be here today!” That being said we had a real quick thing to share out with you. Have you ever thought to yourself, “I wish Windows Server did… Read more

How to Force a Diagnostic Memory Dump When a Computer Hangs

Matthew Reynolds here. My job is to make Windows sing (figuratively) in large enterprises. If you have a machine which freezes you may need to generate a memory dump in order to find the cause. If you can generate the memory dump before calling Microsoft support you might speed up your diagnosis. Use this technique… Read more

Guidance on Deployment of MS15-011 and MS15-014

Hi, my name is Keith Brewer and many of you will know of me from my other Active Directory related posts. A few folks have recently approached me about the recent security updates (The other week we released MS15-011 & MS15-014). Most of the questions were general in nature but a few were specifically in… Read more

RPC Endpoint Mapper Returns Dynamic Port Incorrectly When Active Directory is Configured to Use Static Port

Hi Folks, Gary Green, Lakshman Hariharan and Rick Sasser here with a new post on RPC. The purpose of this post is to draw attention to an issue that our friends in the Directory Services team have uncovered where the RPC Endpoint Mapper (EPM) returns a dynamic port incorrectly instead of the static Active Directory… Read more

Mailbag: New Year New Questions (Issue #5)

Hey y'all, Mark and Tom and some new members to AskPFEPlat to tackle your questions in the new year. Hope everyone was able to take some time off and re-charge. How are those new year's resolutions going? Be healthier? Read more? Learn a new technology? Get certified? More on that later. By this point in… Read more

Six Audit Mistakes Everyone Seems To Make With Windows Server

Hi, this is Richard Sasser 'Rick', MCM, Red shirted dude (security guy). This might seem like old data, but you’d be surprised how many people looked at Security Auditing in Windows Server 2008 and 2008R2, saw that the old policies applied, and subsequently just checked the box and moved forward. Auditing changed. Auditing changed a… Read more

A 5 Second Boot Optimization If You’ve Disabled IPv6 on Windows Client and Server by setting DisabledComponents to 0xFFFFFFFF

Hey, y’all, Mark back with some new info on two of my favorite topics, IPv6 and Slow Boot Slow Logon (SBSL). If you’ve disabled IPv6 long ago this post is one you’ll want to pay attention to. Let’s dig in and get you up to speed. What’s Microsoft Recommend Setting for IPv6? The long standing… Read more