Security Focus: Generate an Alphanumeric Password

If you have to have a password, it’s best to have a password that could contain special characters… but, what if you want to generate a password without special characters? Here’s a little function to do just that:   function New-AlphaNumericPassword { ##14 characters ##no special characters ##ASCII #48 -> 57 :: 0 -> 9…

0

Security Focus: User PowerShell to Obtain Microsoft Security Update Information

Want to use PowerShell to create a html report of Microsoft security updates? No problem. Read on…   Back in November 2016, the Microsoft Security Response Centre (MSRC) team announced the Security Update Guide portal. Furthering our commitment to security updates   This portal also provides a new RESTful API to obtain Microsoft security update…

0

Security Focus: Get Mail Enabled Admin Users

Browsing the internet with an admin account is a very, very bad thing to do. Using an admin account to send / receive email is also a very, very bad thing. Why? Well you expose the credentials to a high risk of being stolen and used to compromise your enterprise. Want do to some checks against Active…

1

Security Focus: Enable / Disable MFA on Azure AD Admin Account

Last week I presented a little function that I use to reset my Azure AD admin account passwords. This week I want to show how to enable / disable Multi Factor Authentication on an Azure AD account.   Enable $St = New-Object -TypeName Microsoft.Online.Administration.StrongAuthenticationRequirement $St.RelyingParty = “*” $Sta = @($St) Set-MsolUser -UserPrincipalName ifarr@contoso.com -StrongAuthenticationRequirements $Sta…

3

Security Focus: Update Azure AD Admin Account Password

Got to love this cmdlet – Update-AzureADSignedInUserPassword ! I use it to update admin credentials on Azure AD instances that I only occasionally use. This avoids expiry aches and pains.   Want to take a look? First up, go get yourself a copy of the AzureAD module from PSGallery… Find-Module -Name AzureAD Install-Module -Name AzureAD -Verbose   Now, I…

1

Security Focus: Set ConstrainedLanguage Mode on My Test Computer

Whilst doing some research, for a presentation on Security and PowerShell, I came across what I assume is an UNSUPPORTED setting, due to a lack of documentation: [Environment]::SetEnvironmentVariable(‘__PSLockdownPolicy’, ‘4’, ‘Machine’)   After running it, look what happens when I try and start PowerShell. Damn, my profile script won’t run… but, what’s this? I can’t do other…

0

Security Focus: Check Credential Guard Status with PowerShell

In Windows 10 Enterprise and Windows Server 2016, Credential Guard uses virtualization-based security to isolate secrets so that only privileged system software can access them. Unauthorized access to these secrets can lead to credential theft attacks, such as Pass-the-Hash or Pass-The-Ticket. Credential Guard prevents these attacks by protecting NTLM password hashes and Kerberos Ticket Granting…

0

One-Liner: Use PowerShell to Verify Domain Controller Location

It’s generally a bad thing if a domain controller isn’t in the domain controllers OU. For example, the default domain controllers policy may not be applied. Here’s a cheeky one-liner to check you’re good:   Get-ADDomainController -Filter * | ForEach-Object { if ($_.ComputerObjectDN -notmatch “CN=$($_.Name),OU=Domain COntrollers,$($_.DefaultPartition)”) { Write-Output “$($_.Name) computer object DN set to $($_.ComputerObjectDN)” }…

1

Security Focus: Use PowerShell to List Authentication Policy Silo Members

A while back, I wrote a couple of posts on implementing Authentication Policies and Authentication Policy Silos. Authentication Policy Silos   We can use an Authentication Policy Silo to restrict the authentication scope of high privileged users, e.g. user A can only authenticate against server A and server B… if they try and logon somewhere else,…

0