Local Administrator Password Solution (LAPS) Implementation Hints and Security Nerd Commentary (including mini threat model)

Hi, Jessica Payne from Microsoft Enterprise Cybersecurity Group’s Global Incident Response and Recovery team guest starring on the Platforms PFE blog today. Credential theft is a major problem in the security landscape today. Matching local administrator passwords in an environment often contribute to that problem and are a popular target for bad guys. Far more… Read more

Finding Pesky Stale DNS SRV Records

  Good day to you all – Dougga here with a simple post today using tools you know.   Stale DNS SRV records are common due to no scavenging on DNS zones and each zone has to be setup correctly to have this happen. So, I have often found the "contoso.com" setup correctly, but the… Read more

Using PowerShell for Message Analyzer Text Log Parsers

Using PowerShell for Message Analyzer Text Log Parsers Hi Everyone, Brandon Wilson here with you again to discuss how to use PowerShell to generate parsed data output for log files for Message Analyzer (otherwise known as .matp files). Today we will focus on the text log parsers available as of Message Analyzer 1.3.1, so depending… Read more

How To Provide Feedback On Windows Server

Hey y’all, Mark here. Today is a national holiday in the USA which means technically, for me, Dante from Clerks would say, “I’m not even supposed to be here today!” That being said we had a real quick thing to share out with you. Have you ever thought to yourself, “I wish Windows Server did… Read more

How to Force a Diagnostic Memory Dump When a Computer Hangs

Matthew Reynolds here. My job is to make Windows sing (figuratively) in large enterprises. If you have a machine which freezes you may need to generate a memory dump in order to find the cause. If you can generate the memory dump before calling Microsoft support you might speed up your diagnosis. Use this technique… Read more

Guidance on Deployment of MS15-011 and MS15-014

Hi, my name is Keith Brewer and many of you will know of me from my other Active Directory related posts. A few folks have recently approached me about the recent security updates (The other week we released MS15-011 & MS15-014). Most of the questions were general in nature but a few were specifically in… Read more

RPC Endpoint Mapper Returns Dynamic Port Incorrectly When Active Directory is Configured to Use Static Port

Hi Folks, Gary Green, Lakshman Hariharan and Rick Sasser here with a new post on RPC. The purpose of this post is to draw attention to an issue that our friends in the Directory Services team have uncovered where the RPC Endpoint Mapper (EPM) returns a dynamic port incorrectly instead of the static Active Directory… Read more

ADFS Deep Dive: Planning and Design Considerations

  In the previous blog post on comparing sign-in protocols, the goal was to give you a primer on the terminology so when we start talking about WS-FED or SAML, you have an idea of what we’re talking about. If you haven’t read it yet, it’s available here: http://blogs.technet.com/b/askpfeplat/archive/2014/11/03/adfs-deep-dive-comparing-ws-fed-saml-and-oauth-protocols.aspx In this blog, we’re going to… Read more

Attempting to Install .NET Framework 3.5 on Windows Server 2012 R2 Fails with Error Code 0x800F0906 or “the source files could not be downloaded”, even when supplying source

In one of my prior posts, I mentioned a step required when installing .Net Framework 3.5 on Windows Server 2012 or later operating systems. Specifically, I mentioned the need to supply the source for the .Net files because this is one of the few components we do not stage to the component store on Windows… Read more

Six Audit Mistakes Everyone Seems To Make With Windows Server

Hi, this is Richard Sasser 'Rick', MCM, Red shirted dude (security guy). This might seem like old data, but you’d be surprised how many people looked at Security Auditing in Windows Server 2008 and 2008R2, saw that the old policies applied, and subsequently just checked the box and moved forward. Auditing changed. Auditing changed a… Read more