Latest Entries »

Yammer and Office 365 groups

Advertisements

Recently I am facing remote desktop login problem in on Windows 2003 Server.
While I am enter user name and password server give me logon error.

“The system cannot log you on due to the following error:
The RPC server is unavailable.
Please try again or consult your system administrator.

 

From another member server with admin rights,

open the eventvwr and connect remotely to the faulty server (application log): errors on UserEnv

then to solve this issue:

open the remote registry using regedit and connect to the faulty server remotely

then create this registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server

Create a new Value selecting Dword and name it as IgnoreRegUserConfigErrors and give a value as 1

Reboot is not required.

Now try doing an RDP – it should work!

 

How to repair servermanager.exe on 2012 R2 ?

if servermanager crash and if there is an event on application event log:

Event ID: 1000
Faulting application path: C:\Windows\system32\ServerManager.exe
Faulting module path: C:\Windows\system32\wmidcom.dll

Solution:

Rename the registry key HKLM\SOFTWARE\Microsoft\ServerManager\ServicingStorage\ServerComponentCache
to
HKLM\SOFTWARE\Microsoft\ServerManager\ServicingStorage\ServerComponentCache.old
Reboot to take effect then if KO remove the .old registry keys

 

“Regarding Azure, it has nothing to do with users or products; you buy upfront a ‘monetary commitment’ and you pick and choose platform(s)/storage/MS apps from the MS cloud environment, so you should see Azure as a ‘Cloud services’ sort of instance which you pay as per you use.

In order to achieve this, we need an Azure Subscription assigned to an O365 account  as it is described here:

https://docs.microsoft.com/en-us/azure/billing/

https://docs.microsoft.com/en-us/azure/billing/billing-use-existing-office-365-account-azure-subscription

Pricing list described here:

https://azure.microsoft.com/en-us/pricing/details/functions/

Example of services:

Key vault

Azure functions

Storage account with queue

 

Manage monetary commitments:

https://ea.azure.com 

 

Presentations and how-tos:

https://1drv.ms/b/s!Am0e5elsDFPqh-0aW7dYRKY-InN5yg

Change the tenant of a subscription: https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-how-subscriptions-associated-directory

Azure and resources access: https://docs.microsoft.com/en-us/azure/architecture/cloud-adoption/getting-started/azure-resource-access

AD – DCShadow attack

Description of the attack: https://www.dcshadow.com/

 

Detection of the attack:

PowerShell: https://github.com/AlsidOfficial/UncoverDCShadow

ATA Azure ATP detection: https://techcommunity.microsoft.com/t5/Enterprise-Mobility-Security/How-Azure-Advanced-Threat-Protection-detects-the-DCShadow-attack/ba-p/265740

Other articles:

https://blog.stealthbits.com/detecting-dcshadow-with-event-logs/

 

 

 

 

Linux security in a nutshell

 

 

ADFS – export RP and its claims

If you choose not to use the AD FS Rapid Restore Tool, then at a minimum, you should export the “Microsoft Office 365 Identity Platform” relying party trust and any associated custom claim rules you may have added. You can do this via the following PowerShell example

(Get-AdfsRelyingPartyTrust -Name “Microsoft Office 365 Identity Platform”) | Export-CliXML “C:\temp\O365-RelyingPartyTrust.xml”

Implement password hash synchronization:

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-password-hash-synchronization

 

Migrating from federated authentication (ADFS) to password hash synchronization:

https://github.com/Identity-Deployment-Guides/Identity-Deployment-Guides/blob/master/Authentication/Migrating%20from%20Federated%20Authentication%20to%20Password%20Hash%20Synchronization.docx

 

AAD Connect configuration documenter is a tool to generate documentation of an Azure AD Connect installation. Currently, the documentation is only limited to the Azure AD Connect sync configuration.

The current capabilities of the tool include:

  • Documentation of the complete configuration of Azure AD Connect sync.
  • Documentation of any changes in the configuration of two Azure AD Connect sync servers or changes from a given configuration baseline.
  • Generation of the PowerShell deployment script to migrate the sync rule differences or customisations from one server to another.

https://github.com/Microsoft/AADConnectConfigDocumenter

https://docs.microsoft.com/en-us/azure/active-directory/fundamentals/active-directory-data-storage-eu