May 2014 archive

PowerShell: Useful WMI Classes

Here are some WMI Classes I have found useful: Get-WmiObject -Class Win32_BIOS Get-WmiObject -Class Win32_ComputerSystem Get-WmiObject -Class Win32_OperatingSystem Get-WmiObject -Class Win32_NetworkAdapter Get-WmiObject -Class Win32_NetworkAdapterConfiguration Get-WmiObject -Class Win32_Product Enumerating Win32 WMI Classes: [array]$WMINames = Get-WmiObject -Query ‘Select * From Meta_Class WHERE __Class LIKE “win32%”‘ | Where-Object { $_.PSBase.Methods } | Select-Object Name, Methods $WMINames = $WMINames …

Continue reading

PowerShell Code: Get & Set Active Directory Tombstone Lifetime and Active Directory Delete & Recycle Operations

Active Directory is a multi-master database replicated among multiple Domain Controllers. In order to ensure that objects are fully replicated before deletions are processed (purged), objects that are marked for deletion before they are completely purged from Active Directory. Active Directory marks the object as deleted by performing the following actions on the object: The …

Continue reading

Microsoft TechEd 2014 Sessions Posted

One of the toughest parts of being in the IT field is staying up to date with technology trends, directions, and products. I have found that free-to-view online content is a great way to do this. Microsoft has TechEd sessions posted going back to 2008: 2014 2013 2012 2011 2010 2009 2008 Here are some …

Continue reading

Virtualization Updates to Active Directory 2012

As part of the many updates to Active Directory, one of the most interesting is virtualization safeguarding in Windows Server 2012. Active Directory Domain Controllers running Windows Server 2012 can now identify if they are virtualized and have been improperly restored or cloned (copied). Windows Server 2012 introduces a new feature called the VM Generation …

Continue reading

Microsoft BlueHat Resources

Microsoft has their own internal employee security conference called “BlueHat“. Here are session links from the past few years:

Continue reading

Group Policy Preferences Password Vulnerability Now Patched

Looks like Microsoft finally removed the ability to set admin account passwords through GPP due to the Group Policy Preferences password  exposure vulnerability. More information on how Group Policy Preferences are attacked is in the post “Finding Passwords in SYSVOL & Exploiting Group Policy Preferences“. Because of the security concerns with storing passwords in Group …

Continue reading

Active Directory Changes in Windows Server 2012

Active Directory, aka Directory Services, has been updated quite a bit in Windows Server 2012. Here are some of the major updates: Virtualization: Rapid deployment with cloning & safeguarding Dynamic Access Control DirectAccess Offline Domain Join Active Directory Federation Services (AD FS) Active Directory Administrative Center Improvements PowerShell version 3 commandlets including Active Directory Replication …

Continue reading

How to Clean up the WinSxS Directory and Free Up Disk Space on Windows Server 2008 R2 with New Update

It’s finally here! After pages and pages of comments from you requesting the ability to clean up the WinSxS directory and component store on Windows Server 2008 R2, an update is available. http://support.microsoft.com/kb/2852386 As a refresher, the Windows Server 2008 R2 update is directly related to my previous blog post announcing a similar fix for …

Continue reading

Active Directory FSMO Placement Guidance

FSMO Placement Guidance Summary: Make sure the PDC is highly available and connected. Place the PDC on your best hardware in a reliable hub site that contains replica domain controllers in the same Active Directory site and domain. Place the Forest FSMOs on the forest root PDC (schema master & domain naming master). Place the …

Continue reading

Windows Server 2012 MCSM Reading List

Here’s a link to download the MCM/MCSM Directory Services Reading List document that I developed for the MCSM Directory Services (Windows Server 2012) program and was created after the MCSM Directory Services (Windows Server 2012) test questions were written. It is based on the original one created for the MCM DS program provided to candidates. …

Continue reading