$PSVersionTable.PSVersion If the variable doesn’t exist, then the system is running version 1.0.
Category: Technical Reference
Jul 01 2014
LSASS Crashing, CNF Objects May Be the Cause
What Happens and How Do I Know if I’m Affected? When CNF mangled NTDS settings objects are created, the Lsass.exe process may crash and unexpectedly reboot one or more domain controllers. So there is a pretty good chance you’ll know about it. You may not know the root cause of the crash. More specifically though …
Jun 17 2014
57 Tips Every Admin Should Know
GFI’s 57 Tips Every Admin Should Know: The longer a person serves as a network admin, the more tips and tricks they are likely to pick up along the way. Some could be shortcuts, others might seem like magic, but all are intended to save you time and help you solve problems. Assume that all …
Jun 10 2014
PowerShell 101: PowerShell Guide/CheatSheet
Michael Sorens has put together a comprehensive guide to using PowerShell: This series of articles evolved out of my own notes on PowerShell as I poked and prodded it to show me more. As my collection burgeoned, I began to organize them until I had one-line recipes for most any simple PowerShell task. Simple, though, …
Jun 05 2014
Great InfoWorld Interview with Mark Russinovich on Azure and Cloud Computing
InfoWorld has a great Interview with Mark Russinovich, Microsoft Technical Fellow, on Azure and Cloud Computing. I included my favorite quotes below: Intro: Mark Russinovich is a legendary figure in the computer industry. A former teenage hacker who went on to earn a PhD in computer engineering from Carnegie Mellon, Russinovich cofounded Winternals Software — …
Jun 02 2014
Active Directory 2012 DCPromo
Starting with Windows Server 2012, DCPromo is no longer used to promote a member server to be a Domain Controller. Since DCPromo no longer works (Microsoft calls this featured deprecated), there is a new GUI option and associated Powershell commandlets. There are major changes to the promotion process which integrate the process. This simplified process …
May 29 2014
PowerShell: Useful WMI Classes
Here are some WMI Classes I have found useful: Get-WmiObject -Class Win32_BIOS Get-WmiObject -Class Win32_ComputerSystem Get-WmiObject -Class Win32_OperatingSystem Get-WmiObject -Class Win32_NetworkAdapter Get-WmiObject -Class Win32_NetworkAdapterConfiguration Get-WmiObject -Class Win32_Product Enumerating Win32 WMI Classes: [array]$WMINames = Get-WmiObject -Query ‘Select * From Meta_Class WHERE __Class LIKE “win32%”‘ | Where-Object { $_.PSBase.Methods } | Select-Object Name, Methods $WMINames = $WMINames …
May 22 2014
Virtualization Updates to Active Directory 2012
As part of the many updates to Active Directory, one of the most interesting is virtualization safeguarding in Windows Server 2012. Active Directory Domain Controllers running Windows Server 2012 can now identify if they are virtualized and have been improperly restored or cloned (copied). Windows Server 2012 introduces a new feature called the VM Generation …
May 20 2014
Microsoft BlueHat Resources
Microsoft has their own internal employee security conference called “BlueHat“. Here are session links from the past few years:
May 15 2014
Group Policy Preferences Password Vulnerability Now Patched
Looks like Microsoft finally removed the ability to set admin account passwords through GPP due to the Group Policy Preferences password exposure vulnerability. More information on how Group Policy Preferences are attacked is in the post “Finding Passwords in SYSVOL & Exploiting Group Policy Preferences“. Because of the security concerns with storing passwords in Group …
Recent Comments