Local Administrator Password Solution (LAPS) Implementation Hints and Security Nerd Commentary (including mini threat model)

Hi, Jessica Payne from Microsoft Enterprise Cybersecurity Group’s Global Incident Response and Recovery team guest starring on the Platforms PFE blog today. Credential theft is a major problem in the security landscape today. Matching local administrator passwords in an environment often contribute to that problem and are a popular target for bad guys. Far more… Read more

Finding Pesky Stale DNS SRV Records

  Good day to you all – Dougga here with a simple post today using tools you know.   Stale DNS SRV records are common due to no scavenging on DNS zones and each zone has to be setup correctly to have this happen. So, I have often found the "contoso.com" setup correctly, but the… Read more

Using PowerShell for Message Analyzer Text Log Parsers

Using PowerShell for Message Analyzer Text Log Parsers Hi Everyone, Brandon Wilson here with you again to discuss how to use PowerShell to generate parsed data output for log files for Message Analyzer (otherwise known as .matp files). Today we will focus on the text log parsers available as of Message Analyzer 1.3.1, so depending… Read more

How Shared VHDX Works on Server 2012 R2

Hi, Matthew Walker here, I’m a Premier Field Engineer here at Microsoft specializing in Hyper-V and Failover Clustering. In this blog I wanted to address creating clusters of VMs using Microsoft Hyper-V with a focus on Shared VHDX files. From the advent of Hyper-V we have supported creating clusters of VMs, however the means of… Read more

How To Provide Feedback On Windows Server

Hey y’all, Mark here. Today is a national holiday in the USA which means technically, for me, Dante from Clerks would say, “I’m not even supposed to be here today!” That being said we had a real quick thing to share out with you. Have you ever thought to yourself, “I wish Windows Server did… Read more

How to Force a Diagnostic Memory Dump When a Computer Hangs

Matthew Reynolds here. My job is to make Windows sing (figuratively) in large enterprises. If you have a machine which freezes you may need to generate a memory dump in order to find the cause. If you can generate the memory dump before calling Microsoft support you might speed up your diagnosis. Use this technique… Read more

Guidance on Deployment of MS15-011 and MS15-014

Hi, my name is Keith Brewer and many of you will know of me from my other Active Directory related posts. A few folks have recently approached me about the recent security updates (The other week we released MS15-011 & MS15-014). Most of the questions were general in nature but a few were specifically in… Read more

RPC Endpoint Mapper Returns Dynamic Port Incorrectly When Active Directory is Configured to Use Static Port

Hi Folks, Gary Green, Lakshman Hariharan and Rick Sasser here with a new post on RPC. The purpose of this post is to draw attention to an issue that our friends in the Directory Services team have uncovered where the RPC Endpoint Mapper (EPM) returns a dynamic port incorrectly instead of the static Active Directory… Read more

Mailbag: New Year New Questions (Issue #5)

Hey y'all, Mark and Tom and some new members to AskPFEPlat to tackle your questions in the new year. Hope everyone was able to take some time off and re-charge. How are those new year's resolutions going? Be healthier? Read more? Learn a new technology? Get certified? More on that later. By this point in… Read more

ADFS Deep Dive: Planning and Design Considerations

  In the previous blog post on comparing sign-in protocols, the goal was to give you a primer on the terminology so when we start talking about WS-FED or SAML, you have an idea of what we’re talking about. If you haven’t read it yet, it’s available here: http://blogs.technet.com/b/askpfeplat/archive/2014/11/03/adfs-deep-dive-comparing-ws-fed-saml-and-oauth-protocols.aspx In this blog, we’re going to… Read more