PowerShell Azure Resource Manager Module 6.0.1!

Hi everyone!  Just a quick post to let you know that the AzureRM PowerShell module version 6.0.1 (MAY2018) is now available!  Check the page for the release notes to see what’s new.  I recently went through an exercise to encrypt some Azure IaaS VMs using Azure Key Vault, and so the following changes are sparking…


Case of the Hit or Miss Windows 10 Servicing Fail

Hello All, I hope this finds everyone well and gearing up for summer!  As Windows 10 deployments accelerate and you successfully tackle bare metal and legacy to uefi conversion/refresh scenarios, we also find ourselves in a third scenario:  Servicing Windows 10.  Servicing is a new approach to updating Windows and has been introduced and discussed…


Windows 10 1709 Hyper-V Networking Enhancement

Hello All,  today I want to share a new feature in Windows 10 1709 client hyper-v.  This change is specifically in the Hyper-V networking stack, and is a direct result of a design change request filed by one of our customers.  The change centers around how a virtual machines network traffic is routed via the host. …


Smart Card Logon Enforcement – Long Edition!

Hey everyone – it’s been a while since the last post with so much going on in IT; the boom of the cloud, security breaches/incidents, new products, etc.  Wanted to take a little time to talk about something that hit my desk again recently and most folks in the DoD and other spaces wind up…


OCSP Responder Signing Certificate from a Stand Alone CA + Configs

Hello All, Recently I came across a scenario that required a manually enrolled and assigned OCSP signing certificate for the online responder service and configurations, and wanted to share a couple things on this topic.  So today I’m going to talk about manually requesting an OCSP signing certificate from a stand-alone CA, and some PowerShell…


Was a Smart Card Used for Logon?

Hello All, This has been discussed before and it recently hit my desk again.  Though the information is out there it seems most of it is a bit dated, circa 2007 and 2012.  The preferred method (for the majority) is to search the security event logs on domain controllers to make this determination and/or provide smart card usage…


Smartcard Authentication with Outlook 2016

Hello Everyone, Just wanted spread the word for those that have been banging their heads on the keyboard with trying to use Smartcard authentication with Outlook 2016.  Microsoft recently released an update for Outlook 2016 then enables this functionality that we enjoyed with previous versions.  There is a two stage process here to resolve this…


MSFT OCSP Responder + New DoD Configs!

Hello All, wanted to jump in with a quick post on updating the Microsoft OCSP revocation providers for some new DoD certificate authorities that have been commissioned.  This is based on my post a while back on setting up our OCSP responder with DoD configurations here.  There are roughly about 20 or so new revocation configurations that…


MIM-CM 2016 + Virtual Smart Card Modern App Part I

Hello All and Happy New Year!  I hope everyone is recharged from a most excellent holiday season!  I'm back with another security focused topic, virtual smart cards and also taking a look at MIM CM 2016 to life cycle the credential.  The threat landscape today is more fluid and dynamic then ever before and organizations are…


Windows 10 Cheat Sheet Compilation!

Hello all, I hope your summer is going well!  As you know Windows 10 is here and has hit general availability!!  With that in mind I wanted to put out a few quick things that may be helpful to get the gears turning for testing and evaluation of Windows 10.  Windows 10 Build 10240 is…