Core Infrastructure and Security Blog - Microsoft Tech Community

Microsoft Tech Community

Options

211

DanielMetzger on 02-23-2020 03:00 PM

Use a Windows 10 laptop and convert it to a secure Hyper-V host to run the offline root CA.

832

Bruno Gabrielli on 02-21-2020 11:22 AM

Hello Security universe, today I came across an interesting news directly from the Product Group. After quite some time,...

1,802

DanielMetzger on 02-20-2020 08:37 AM

I am going to show you how to use a minimal set of Group Policy objects to isolate domain admins and domain controllers ...

759

BrandonWilson on 02-19-2020 05:54 AM

Some reports were received where app publishing is failing when using a User Configuration File applied to the packages....

3,169

Zoheb Shaikh on 02-13-2020 12:00 AM

Hi all! Zoheb Shaikh here again, and this time I will be sharing an interesting script to alert on Expiring certificates...

4,600

John_Clyburn on 02-10-2020 12:00 AM

Hello everyone, my name is John Clyburn and I am a Sr. consultant in MCS. I’ve recently been working with SCVMM 2019. I ...

3,182

Tim_Beasley on 02-06-2020 02:10 PM

Ever wonder how potentially vulnerable your tenant is in Azure? Learn how to enable the vulnerability assessment check i...

1,583

hspinto on 02-04-2020 07:21 AM

Learn how to use Azure Automation Hybrid Worker in on-premises scenarios where you need to authenticate against local re...

7,655

Jon Warnken on 01-30-2020 06:53 AM

With the end of support for Windows 7, Windows Server 2008, and Windows Server 2008 R2 on January 14, 2020, many of our ...

1,537

Sean Greenbaum on 01-28-2020 09:19 AM

In this post, lets look into how to convert ETL files captured by NETSH into a .PCAP file format that can be used by oth...

845

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Dec 12, 2018 Hello all, Tochi Ezebube here again from the Active Directory Certificate Ser...

601

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Mar 12, 2018 Wes Hammond here from Premier Field Engineering.

469

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Feb 24, 2017 Hey Everyone,A little while back I posted this article to my own personal blo...

384

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Nov 30, 2016 Hi there!This is Tochi Ezebube with the Active Directory Certificate Services...

432

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Jul 24, 2015 A fellow engineer at Microsoft, Roger Grimes, has published a great article o...

439

NoMoePwds on 01-24-2020 02:10 PM

First published on TECHNET on Apr 26, 2015 Setting up NDES using a Group Managed Service Account (gMSA)Hallo everybody, ...

464

NoMoePwds on 01-24-2020 02:09 PM

First published on TECHNET on Sep 08, 2014 Hey Everyone, I am back with the last part of this 3 of this series on TPM pr...

450

NoMoePwds on 01-24-2020 02:08 PM

First published on TECHNET on Jul 15, 2014 Hey Everyone, I am back with part 2 of this 3 part series on TPM protected ce...

439

NoMoePwds on 01-24-2020 02:07 PM

First published on TECHNET on Jun 05, 2014 Hey Everyone, This is Wes Hammond with Premier Field Engineering back to shar...

379

Amer_Kamal on 01-24-2020 02:07 PM

First published on TECHNET on Apr 28, 2014 Hello All, This is Wes Hammond with Premier Field Engineering back with follo...

450

Amer_Kamal on 01-24-2020 02:06 PM

First published on TECHNET on Mar 05, 2014 Hey everyone this is Wes Hammond from Premier Field Engineering and I wanted ...

339

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on Feb 21, 2014 Digital certificates are a key mechanism for establishing identity on the Int...

309

Amer_Kamal on 01-24-2020 02:05 PM

First published on TECHNET on Sep 19, 2013 A common question in the field is about upgrading a certification authority r...

377

Amer_Kamal on 01-24-2020 02:05 PM

First published on TECHNET on Aug 27, 2013 Working with Internet Information Services (IIS) certificates can be a bit ch...

320

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on May 08, 2013 Paul Fox has uploaded a revision of his former Windows PowerShell CRL Copy sc...

315

NoMoePwds on 01-24-2020 02:05 PM

First published on TECHNET on Mar 22, 2013 Tonight I spent a couple of hours reorganizing the PKI Documentation and Refe...

376

Amer_Kamal on 01-24-2020 02:05 PM

First published on TECHNET on Mar 21, 2013 Windows Server 2012 System State Backup allows an administrator to back-up se...

342

NoMoePwds on 01-24-2020 02:02 PM

First published on TECHNET on Mar 08, 2013 I have consolidated and updated two command line utilities recently:CertreqCe...

301

Amer_Kamal on 01-24-2020 02:02 PM

First published on TECHNET on Dec 27, 2012 It is very common to check the configuration of any certification authority u...

309

Amer_Kamal on 01-24-2020 02:02 PM

First published on TECHNET on Dec 20, 2012 Many customers must perform a regulatory audit annually to comply with indust...

Latest Comments

in Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering on 02-21-2020

Hi Wolfgang Thanks for pointing this out. I have corrected this in the article.

1 Likes

in Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering on 02-21-2020

Hi Daniel,if the setting for "T1-SystemsAccessibleTo-T0-System" results in "Deny access to this computer from the network" for the security groups "Tier0-Users" and "Tier0-Computers", Domain Controllers wouldn't have the exception they should get, would they?Kind RegardsWolfgang

0 Likes

in Configuration Manager Current Branch Antivirus Exclusions on 02-20-2020

Hello @Anton_Elufimov! Thank you for your inquiry. As of today, I'm not aware of any authoritative sources for that recommendation. I suggest if your AV product may be causing issues with the content library to test out what may work best for your environment while keeping it operationally secure.

0 Likes

in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-20-2020

@Thomas Garrity sorry but this is not quite true. As PFEs we cannot provide information that is not published to the public. Articles will be update as soon as possible. March update will NOT make any changes so there is no super urgency on this, probably by the end of the month they will be updated...

0 Likes

in LDAP Channel Binding and LDAP Signing Requirements - March update NEW behaviour on 02-20-2020

I told a PFE about this early last week. They don't seem to care that they are continuing to misinform customers.

0 Likes