Infrastructure + Security: Noteworthy News (January, 2018)

Hello there! Stanislav Belov here to bring you the next issue of the Infrastructure + Security: Noteworthy News series!   As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis. Enjoy!  Microsoft Azure Start/Stop VMs during off-hours… Read more

AskPFEPlat Happy New Year Invitation!

HAPPY NEW YEAR everyone, and welcome to 2018! This is Brandon Wilson (Platforms and Active Directory PFE), and with the introduction of the New Year, I wanted to take some time to thank all our outstanding readers we’ve had over the years. And, now that the celebrations are (mostly) over, I wanted to pick all… Read more

Using Group Policy Preferences to Manage the Local Administrator Group

Hello Everyone! Graeme Bray back with you today to talk about how you can reduce the audit and risk surface within your environment. If you can’t tell, Microsoft has taken a strong stance towards security. In a previous life, I was responsible for providing results for audit requests from multiple sources. One risk (and management… Read more

Implementing Multiple AGPM Servers

Hi Everyone, Paulo here, a Microsoft Premier Field Engineer (PFE), recently I have had several customers querying about how to deploy multiple AGPM Servers per Forest/Domain. As you know AGPM was designed to centralize change control over Group Policies so not exactly developed for this intended purpose. The configuration of Group Policy in a single… Read more

Cluster Network Name Resources fail to come Online with Error 2114

Hello, my name is Chuck Timon and this is my first blog post as a Premier Field Engineer. Previous to my current position, I posted to the Core Team blog and the System Center: Virtual Machine Manager Engineering Blog. In this post, I examine a customer issue where two cluster network name resources in a… Read more

Replication Hurricanes: Why Restricted Groups are a No-Go for Domain Based Groups

Hi everyone! My name is Tim Medina, Premier Field Engineer, and today we are going to take a brief look at GPOs with a focus on restricted groups. More importantly, we will discuss how, if used in an unsupported manner, you can cause your very own replication hurricane. But, before we get into that let’s… Read more

Windows Backups Failing with Associated VSS 8193 Errors

  Hi, this is Michael Koeppl again. I’m with the Premier Mission Critical (PMC) Team and assisting customers when they hit OS issues in their critical infrastructure, and today I wanted to talk with you about an interesting Windows Backup issue I encountered. My customer realized that his System State Backups (https://technet.microsoft.com/en-us/library/cc938537.aspx) on one of… Read more

Securing RDP with IPSec

Hi Everyone, this is Jerry Devore back with a follow-up topic from my previous post on Privileged Administrative Workstations (PAW) which is a hardened device configuration used to protect privileged credentials. In that post, I mentioned that it is possible to use IPsec to ensure an admin can only make a RDP connection to Tier… Read more

Viewing Memory in PowerShell

Hello there, this is Benjamin Morgan, and I’m a Premier Field Engineer covering Active Directory and Platforms related topics.  This is my first blog post, and I hope you are all as excited about this as I am! Today I want to talk with you about a couple of quick ways for querying system memory (and provide… Read more