Basic Network Capture Methods

Hi everyone. This is Michael Rendino, a Premier Field Engineer from Charlotte, NC and former member of the CTS networking support team. With my networking background, I have spent years reviewing network captures. One thing I always run into with my customers is that they often don’t know the best or easiest solution to get… Read more

Announcing Extended Support for WSUS 3.0 SP2

Hi everyone! Brandon Wilson here just passing along a friendly note that consumers of WSUS will probably be jumping for joy to hear. Nathan Mercer and Michael Niehaus have published some useful news in this blog post (contents can also be read below). So, without further delay….here it is in Nathan and Michael’s words: —–… Read more

Securing Credentials for Privileged Access

  Hello, Paul Bergson back again. I have been on the road a bit more than normal doing security training/POC deliveries (POP-SLAM *1) for our customers related to Pass-the-Hash and credential protection. I have noticed an alarming trend in how credential protection is thought to resolve a customer’s credentials from being compromised. Enterprises that are… Read more

A Bit About the Windows Servicing Model

Hello, Paul Bergson back again with a discussion on the upcoming changes to our monthly patch releases to align down-level supported operating systems, updating practices to coincide with the Windows 10 Service Model. This includes Windows 7/8/8.1 and Windows Server 2008 R2/2012/2012R2. “From October 2016 onwards, Windows will release a single Monthly Rollup that addresses… Read more

Using PowerShell Runspaces to Generate GPO Reports

Stephen Mathews here to talk to you about generating Group Policy Object reports quickly and efficiently. I had a customer ask me if there was an easy way to find all the RunOnce GUIDs in their GPOs. The customer was concerned that they would generate duplicate GUIDs in their deployment of Group Policy Preferences. Yes,… Read more

WPT: Peeking at Logon Delays

Hi everyone, Randolph Reyes (Randy) here with another blog contribution. In this particular engagement, I was working doing an Active Directory Offline Security Assessment (awesome delivery), and one employee with knowledge of using Windows Performance Toolkit stopped me on my way to lunch. Customer: Can we see how long takes an employee to type their… Read more

Preparing for DAC

Hello everyone. This is Randy Turner to share some insights learned with implementing Dynamic Access Control (DAC.) There are numerous posts which I will share at the end to discuss the steps to implement all the features covered by DAC, but very little on how to adopt these changes. DAC is just an outcome from… Read more

The Importance of KB2871997 and KB2928120 for Credential Protection

Hello, my name is Paul Bergson and this is my first time writing a blog for AskPFEPlat. I am a platforms PFE in the Premier division of Microsoft. If my name looks familiar, it could be because I spent about 10 years in TechNet’s Directory Service Forum as an MVP and Moderator (pbbergs). I wanted… Read more

Down and Dirty WinPE USB for Surface

Hi everybody! My name is Stephen Mathews and you may know me from my 3-part PowerShell Basics video series on Taste of Premier. Today I’m here to show how to create a bootable Windows PreInstallation Environment USB drive to use on our Microsoft Surface devices. I was onsite with one of my customers, as a… Read more

Reading the fine print on the Protected Users Group

Hi all – This is Jerry Devore back again with a quick post on the “Protected Users” group.  As a PFE, I work with several enterprise customers who have a global presence, and have become very focused on protecting highly privileged accounts.  The major concern that’s at the top of their list is “How do… Read more