The future of old apps with Windows 10

The past is hard to let go of, let’s be honest. In the IT world, there is a lot of truth to some of the old tools are also some of the best. You SCCM (or dare I still say SMS) guys should know this, for those who still use things like ccmclean instead of…


PS without BS: Creating Random Test Users in Active Directory

This was an interesting ask, and kind of showcases a couple of different techniques. The ask was to create 20 random users in Active Directory for test purposes. So, I grabbed a list of (debateably) a list of the most common male and female first names and the most common surnames. I then randomize these…


Clean up Group Policy Now! – How and Why

ACT I: Introduction In my mind, one of the things that put Windows over the top in the (cough) post Windows NT4 era was the ability to manage it with this new phenomenon called “Group Policy”. If anyone remembers the days of using logon scripts (some still do), AT commands (anyone remember Kixstart?), SMS, and…


Securing Privileged Access for the AD Admin – Part 2

Hello everyone, my name is still David Loder, and I’m still PFE out of Detroit, Michigan. Hopefully you’ve read Securing Privileged Access for the AD Admin – Part 1. If not, go ahead. We’ll wait for you. Now that you’ve started implementing the roadmap, and you’re reading this with your normal user account (which no…


The Risk of Security Only Updates

This week I worked with a customer to resolve an issue where there was concern that users were having an Active Directory Kerberos authentication issue.  Users were unable to log into LINUX systems using their Active Directory credentials.  The prevailing thought was that an update had broken the system and needed to be rolled back. …


Securing Privileged Access for the AD Admin – Part 1

Hello again, my name is still David Loder, and I’m still a PFE out of Detroit, Michigan. I have a new confession to make. I like cat videos. Your end users like cat videos. You may like cat videos yourself. Microsoft will even help you find cat videos. Unfortunately, cat videos may have it out…


Kalenderwoche 36 im Rückblick: Zehn interessante Links für IT-Experten

Was hat sich in der vergangenen Woche für IT-Professionals getan? Gab es wichtige Ankündigungen oder neue Wissensressourcen? Unser IT Pro Hub-Team hat zehn interessante Links für Sie zusammengestellt. Viel Spaß beim Stöbern! Das Windows 10 Fall Creators Update erscheint am 17. Oktober (engl.) Preview: Windows Defender ATP Windows 10 Fall Creators Update (engl.) Sneak Peek:…


New, Improved Group Policy Link Report with PowerShell

A peer asked me to update one of my classic Group Policy reporting scripts this week, so I thought I would share the update with y’all. Continuous Improvement Over the years I have released a number of Group Policy scripts. This one shows you all kinds of goodness: GPOs linked to OUs OUs where block-inheritance…

1

Function to Create Certificate Template in Active Directory Certificate Services for PowerShell DSC and CMS Encryption

Today I’m cleaning out my code closet. I found this script that I have wanted to share for a while now. Problem Active Directory Certificate Services does not include a template for Document Encryption. This is required for DSC credential encryption and the CMS encryption cmdlets. Current processes require manual effort to create the template….

2

Active Directory Management Pack – Addendum for Trust Monitoring

Hi there, After long time I came back on an issue that some of my customers were facing. They were struggling with the Trust Monitoring scenario included in the Active Directory Management Pack for SCOM. The problem they had, was pretty simple (as well as its solution). They “just” wanted to monitor trust status, but…

2