Troubleshooting Active Directory Based Activation (ADBA) clients that do not activate

Hello everyone! My name is Mike Kammer, and I have been a Platforms PFE with Microsoft for just over two years now. I recently helped a customer with deploying Windows Server 2016 in their environment. We took this opportunity to also migrate their activation methodology from a KMS Server to Active Directory Based Activation. As… Read more

Azure Automation: Shutting Down Custom Tagged Virtual Machines

UPDATE (1/10/2018): The script attached to the article has been updated to correct minor inconsistencies.   Hello everyone! Christopher Scott, Premier Field Engineer. I have recently transitioned into an automation role and like most people my first thought was to setup a scheduled task to shutdown and startup Virtual Machines (VMs) to drive down consumption… Read more

AskPFEPlat Happy New Year Invitation!

HAPPY NEW YEAR everyone, and welcome to 2018! This is Brandon Wilson (Platforms and Active Directory PFE), and with the introduction of the New Year, I wanted to take some time to thank all our outstanding readers we’ve had over the years. And, now that the celebrations are (mostly) over, I wanted to pick all… Read more

Simple PowerShell Network Capture Tool

Hello all. Jacob Lavender here again for the Ask PFE Platforms team to share with you a little sample tool that I’ve put together to help with performing network captures. This all started when I was attempting to develop an effective method to perform network traces within an air gapped network. My solution had to… Read more

Implementing Multiple AGPM Servers

Hi Everyone, Paulo here, a Microsoft Premier Field Engineer (PFE), recently I have had several customers querying about how to deploy multiple AGPM Servers per Forest/Domain. As you know AGPM was designed to centralize change control over Group Policies so not exactly developed for this intended purpose. The configuration of Group Policy in a single… Read more

Windows Backups Failing with Associated VSS 8193 Errors

  Hi, this is Michael Koeppl again. I’m with the Premier Mission Critical (PMC) Team and assisting customers when they hit OS issues in their critical infrastructure, and today I wanted to talk with you about an interesting Windows Backup issue I encountered. My customer realized that his System State Backups (https://technet.microsoft.com/en-us/library/cc938537.aspx) on one of… Read more

Securing RDP with IPSec

Hi Everyone, this is Jerry Devore back with a follow-up topic from my previous post on Privileged Administrative Workstations (PAW) which is a hardened device configuration used to protect privileged credentials. In that post, I mentioned that it is possible to use IPsec to ensure an admin can only make a RDP connection to Tier… Read more

Hey Dude, Where’s My Winlogon.log?

Hi this is Michael from the PMC PFE Team, I recently helped a customer during the implementation of their Windows Server 2016 systems. When checking the Event viewer, we spotted a well-known Event ID: Log Name:      Application Source:        SceCli Date:          08.03.2017 17:49:21 Event ID:      1202 Task Category: None Level:         Warning Keywords:      Classic User:          N/A Computer:     … Read more

Network Capture Best Practices

Hi Diddly Doodly readers. Michael Rendino here again with a follow up to my “Basic Network Capture Methods” blog, this time to give some best practices on network capture collection when troubleshooting. As you may have guessed, one of my favorite tools, due to my years in networking support, is the network capture. It can… Read more

How to Secure an ARM-based Windows Virtual Machine RDP access in Azure

  Hi, Mark Rowe here, and I am the creator of Augmented Living, a Developer/Architect for Microsoft’s Modern Applications Solution Center as a senior consultant, and a long-time Microsoft fanboy and blogger. One of the most hit aspects of security is RDP on the default ports with poor password governance. People are busy, we all… Read more