Configure and Deploy Microsoft LAPS

June 29, 2017 by Leave a comment

IT Security is essentially a risk mitigation game. There is no such thing as a totally secure system, certainly nothing you can ‘set and forget’ and so we are left to decide what we can do, to best protect our systems.

We don’t want an unauthorised person to use our computer, so we use a password. We know passwords can be guessed, or cracked, so we choose more difficult passwords. More powerful attackers can crack more difficult passwords, so we use 2 Factor Authentication.

The list goes on and on and on, but with each risk we can look for a mitigation that works in our environment, knowing that there is nothing we can do to fully protect ourselves but we can make things as difficult as possible for a would be attacker, in the hopes that he or she may look for some lower hanging fruit elsewhere.

With that in mind we are going to look at managing the Local Administrator password for your client computers to help prevent lateral movement through your network.

Read more of this post

Filed under General, PowerShell, Tips & Tricks Tagged with , , , ,

DirectAccess, Essentials 2012 and the mystery of DNS Failures

August 30, 2013 by 3 Comments

I am writing this post in order to try and highlight the issues people are having with DA, and suggest a course of action. Rather than simply reply to comments about various bits not working.

It was October last year when i posted my process for enabling DA on Essentials 2012, and at the time i was really excited about the new OS and the possibilities that having a supported DA configuration for SMB would bring. If you are not on-board with DA and what it can bring your customers – you need to consider it. Just like PowerShell i think DA is a really important technology for people to be picking up and deploying for small businesses.

Unfortunately, it is not working as smoothly as i had hoped, and, Microsofts response so far has not been ideal and has sapped a lot of the passion i had for this product.

Read more of this post

Filed under Essentials, General, WSE Tagged with , , ,

Quick Fix: SBS 2008 ‘Sites’ Self Signed Certificate Expired

December 7, 2011 by 26 Comments

SBS2008Please note this article is not for renewing expired certificates used with remote web access!

I had a call today from a partner IT firm who we work with sometimes that had an issue on an SBS 2008 Server. One of the default SSL Certificates had expired, and in turn knocked out Sage 200 that was installed and running on this server. Sage links into the Default website and some of its operations require an SSL certificate. I wont pretend to understand what or why or even how because what i know about Sage can be written on top of a pin head with a power drill.

However, i did manage to help said partner replace his SSL Certificate and make Sage a happy bunny again.

Firstly i found that on my own SBS 2008 server,

Read more of this post

Filed under General, Quick Fix, SBS2008, SSL, Tips & Tricks Tagged with , , , , , ,

%d bloggers like this: