Azure AD custom extensions

How to work with custom extensions: Reference: https://docs.microsoft.com/en-us/powershell/azure/active-directory/using-extension-attributes-sample?view=azureadps-2.0     Examples:   # Connect to Azure AD with Global Administrator Connect-AzureAD   # Get a User and Read Extension Properties $aadUser = Get-AzureADUser -ObjectId <youruser> $aadUser | Select -ExpandProperty ExtensionProperty   # Serialize User Object to JSON $aadUser.ToJson()   # Explore Object Properties $aadUser | Get-Member   # HowContinue reading “Azure AD custom extensions”

Compare AD DS, Azure AD, Azure AD DS

Compare self-managed Active Directory Domain Services, Azure Active Directory, and managed Azure Active Directory Domain Services: To provide applications, services, or devices access to a central identity, there are three common ways to use Active Directory-based services in Azure. This choice in identity solutions gives you the flexibility to use the most appropriate directory forContinue reading “Compare AD DS, Azure AD, Azure AD DS”

Security – ANSSI provide forensic toolkit for windows

DFIR ORC, where ORC stands for “Outil de Recherche de Compromission” in French, is a collection of specialized tools dedicated to reliably parse and collect critical artefacts such as the MFT, registry hives or event logs. It can also embed external tools and their configurations. DFIR ORC collects data, but does not analyze it: itContinue reading “Security – ANSSI provide forensic toolkit for windows”

Windows – how to delete credential manager entries

How to clear credential manager entries: https://blogs.technet.microsoft.com/rmilne/2019/01/11/script-to-clear-credman/ @echo off cmdkey.exe /list > "%TEMP%\List.txt" findstr.exe Target "%TEMP%\List.txt" > "%TEMP%\tokensonly.txt" FOR /F "tokens=1,2 delims= " %%G IN (%TEMP%\tokensonly.txt) DO cmdkey.exe /delete:%%H del "%TEMP%\List.txt" /s /f /q del "%TEMP%\tokensonly.txt" /s /f /q echo All done pause view raw clear-credential-manager.cmd hosted with ❤ by GitHub    

New PS module for Azure Information protection

Microsoft has release a new PS  module to manage Azure Information Protection : AIPService. At the same time, MS is deprecating the previous AIP module called AADRM (for the 15th, July  2020). https://docs.microsoft.com/en-us/azure/information-protection/install-powershell https://docs.microsoft.com/en-us/powershell/azure/aip/overview?view=azureipps