Direct Acces – Troubleshooting client with PowerShell

Get-DAClientExperienceConfiguration Ensuring that the DirectAccess Client Settings group policy has been applied to the client is one of the first steps in troubleshooting failed DirectAccess connections. While it is possible to use gpresult to do this, using the Get-DAClientExperienceConfiguration PowerShell command is much simpler. If DirectAccess client settings have been applied, the output of the command willContinue reading “Direct Acces – Troubleshooting client with PowerShell”

How to update group membership without logoff / logon /restart

This might be very useful for certain situations where you want to update a user’s or computer’s group membership without the need to re-logon / restart. The whole magic is behind the issued kerberos tickets after you logged on to a machine or a machine has been started. The tool “klist.exe” cannot only be usedContinue reading “How to update group membership without logoff / logon /restart”

AD CS (PKI) Network Device Enrollment (NDES/SCEP)

NDES is the Microsoft Implementation of SCEP: NDES installation and operations: http://social.technet.microsoft.com/wiki/contents/articles/9063.network-device-enrollment-service-ndes-in-active-directory-certificate-services-ad-cs.aspx https://gsecse.wordpress.com/2015/10/06/ndes-deployment-and-troubleshooting/ https://docs.microsoft.com/en-us/intune/certificates-scep-configure   (NDES) Frequently Asked Questions (FAQ): http://social.technet.microsoft.com/wiki/contents/articles/12610.network-device-enrollment-services-ndes-frequently-asked-questions-faq.aspx   Configuring Network Device Enrollment Service for Windows Server 2008 with Custom Certificates: http://blogs.technet.com/b/askds/archive/2008/04/28/configuring-network-device-enrollment-service-for-windows-server-2008-with-custom-certificates.aspx   NDES enrollment process: 1) Generate a key pair and install it on your device by using procedures provided byContinue reading “AD CS (PKI) Network Device Enrollment (NDES/SCEP)”

DNS – how to use DIG utility ?

Collection of Web resources about dig usage: http://www.danesparza.net/2011/05/using-the-dig-dns-tool-on-windows-7/ http://anouar.adlani.com/2011/12/useful-dig-command-to-troubleshot-your-domains.html https://library.linode.com/linux-tools/common-commands/dig Download dig (part of Bind): http://www.isc.org/downloads/ Some commands: What is the website’s IP address ? dig +short amazon.com How to identify the name servers associated with a domain ? dig NS +short anouar.im What does the delegation path to my zone look like ? dig google.com +trace WhichContinue reading “DNS – how to use DIG utility ?”

AD – Troubleshooting replications 2/2

How to Troubleshoot Active Directory Replication Issues In the previous article: https://itworldjd.wordpress.com/2018/04/02/troubleshooting-ad-replications/ we explained all the methodology to troubleshoot AD replication: This second article will deep dive with the most well known and out of the box AD utility called REPADMIN.exe This utility recommended to run as Domain Administrator or Enterprise Administrator. repadmin /replsummary /bydestContinue reading “AD – Troubleshooting replications 2/2”

Office 365 – difference between AIP and Security and Compliance Sensitivity labels

Good articles to explain the differences and how to merge the S&C Sensitivity labels and AIP labels, https://www.itpromentor.com/aip-vs-365-labels/ https://www.petri.com/unifying-office-365-sensitivity-labels   MS technet: S&C labels: https://docs.microsoft.com/en-us/Office365/SecurityCompliance/sensitivity-labels AIP labels: https://docs.microsoft.com/en-us/azure/information-protection/configure-policy-protection    

Azure Cloud shell

Overview: https://docs.microsoft.com/en-us/azure/cloud-shell/overview URL: https://shell.azure.com On first launch Cloud Shell prompts to create a resource group, storage account, and Azure Files share on your behalf. This is a one-time step and will be automatically attached for all sessions. A single file share can be mapped and will be used by both Bash and PowerShell in CloudContinue reading “Azure Cloud shell”

Azure DevOps

Azure DevOps Services provides development collaboration tools including high-performance pipelines, free private Git repositories, configurable Kanban boards, and extensive automated and continuous testing capabilities. For the on-premises platform, Azure DevOps Server (previously named Visual Studio Team Foundation Server), see Azure DevOps Server Documentation. Main portal: https://dev.azure.com Azure devOps and AzureAD groups (security of O365groups): https://docs.microsoft.com/en-us/azure/devops/organizations/accounts/manage-azure-active-directory-groups?view=azure-devopsContinue reading “Azure DevOps”