So, I know I’ve been quiet on here for a while! But that hasn’t stopped work behind the scenes. I’ve been working away on GPOs that adhere to the MS best practices. Granted, I could just use the secure baselines but where’s the fun in that?! In preparation for this, which I will add to […]
Blog post about deploying LAPS to your environment. Free security tool from Microsoft.
Quick review on the Windows 10 (1703) Security Baseline from Microsoft.
Configuring Change Notification Replication for faster replication and DNS Netmask ordering for use with subnets other than Class C
In this post, we deploy Advanced Group Policy Manager, configure it to use a Group Managed Service Account and use least privileged models to restrict the service account permissions.
Before we get too deep in to configuring our nice domain service, we will enable a useful feature. The Recycle Bin. This allows us to quickly and easily restore an object we accidentally delete. Enabling the recycle bin just requires a forest functional of 2008 R2 or higher. We provisioned full 2016 so lets enable […]
With the recent attacks of WannaCry and NotPeyta, SMB1 has been shown to have the security features of a chocolate fire guard. NetBIOS Name resolution is the equivelant of shouting for Bob in a room of people and accepting the first person who replies “Yes thats me!” Given we are putting together a nice secure […]