Microsoft Security compliance toolkit / Windows hardening / GPO settings

Microsoft security compliance toolkit: Il remplace Security Compliance Manager. Cet outil permet de planifier, créer, et monitorer des baselines de sécurité pour vos postes clients. Le remplacement a été choisi par Microsoft du fait de la complexité de SCM et de la difficulté à maintenir l’outil pour chaque version de Windows. Aujourd’hui, SCT ne supporteContinue reading “Microsoft Security compliance toolkit / Windows hardening / GPO settings”

Microsoft Graph / Graph API

Introduction: The Microsoft Graph APIs exposes RESTful services. This makes it very flexible because REST is compatible with almost any modern platform programming languages. The exchange format is essentially in JSON and it can be encapsulated into the HTTPS transport security. The central point of Microsoft Graph is the concept of User, the authentication andContinue reading “Microsoft Graph / Graph API”

Azure – How to know who have created specific resource?

Reference: https://docs.microsoft.com/en-us/azure/azure-monitor/platform/activity-logs-overview   By default the log events are stored for 90 days. You have to archive the logs to storage account if you want to keep more than 90 days.     By default log is stored in 90 days you have to archive the logs to storage account if you want to keepContinue reading “Azure – How to know who have created specific resource?”

Exchange/EXO/Outlook performance and troubleshooting

Troubleshooting Logs and Tools https://blogs.technet.microsoft.com/exchange/2016/05/31/checklist-for-troubleshooting-outlook-connectivity-in-exchange-2013-and-2016-on-premises/ SaRA tool to assess OUTLOOK client: https://diagnostics.outlook.com/#/ Also on CTRL + right click on OUTLOOK icon on the system tray! to get the connection status Test connectivity from outside using: https://testconnectivity.microsoft.com/ Also check potential source of problems: Check ADFS policies Check set-CASmailbox – (post authentication) ; if POP or imapContinue reading “Exchange/EXO/Outlook performance and troubleshooting”

Windows – Windows Admin Center

Windows Admin Center: https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/understand/windows-admin-center Installation: You can install Windows Admin Center on the following Windows operating systems: Version Installation mode Windows 10, version 1709 or newer Desktop mode Windows Server Semi-Annual Channel Gateway mode Windows Server 2016 Gateway mode Windows Server 2019 Gateway mode Desktop mode: Launch from the Start Menu and connect to theContinue reading “Windows – Windows Admin Center”

How to determine which version of .net framework is installed?

Reference: http://support.microsoft.com/kb/318785 Microsoft .net Framework is a software package that is used by many applications, it runs in a software environment as opposed to hardware environment. Free program called .NET Version Detector ( download here ). PowerShell: how to get version of .net framework on a remote computer: https://gallery.technet.microsoft.com/scriptcenter/Detect-NET-Framework-120ec923 To query the local Registry usingContinue reading “How to determine which version of .net framework is installed?”

Windows – How to repair WMI ?

Run the script below on the client machine that’s generating the WMI corruption errors. It recompiles all .mof WMI files found in the %windir%\System32\Wbem\Repository folder. @ECHO OFFsc config winmgmt start= auto reg add HKLM\SOFTWARE\Microsoft\Ole /v EnableDCOM /t REG_SZ /d “Y” /f reg add HKLM\SOFTWARE\Microsoft\Ole /v LegacyAuthenticationLevel /t REG_DWORD /d “2” /f reg add HKLM\SOFTWARE\Microsoft\Ole /vContinue reading “Windows – How to repair WMI ?”

Free Tools for System and Network or DB Administrators

Free tools for Windows sysadmin   – Find string if files on Windows: using findstr /s /i findstr /s /i /C:”provider=sqloledb” d:\dir\*.* Find and replace string in file (Find and Replace == fnr) : http://findandreplace.io/download other tool requiring also JAVE: FAR https://sourceforge.net/projects/findandreplace/ – Test SSL and TLS: https://www.qualys.com/sslchecker _Well-known online tools for network engineers: https://dnschecker.org https://www.whois.net/ https://mxtoolbox.com/ https://whatismyipaddress.com/ http://ping-test.org/ https://www.portcheckers.com/Continue reading “Free Tools for System and Network or DB Administrators”

How to configure Windows Event forwarding (WEF) ?

Introduction: In summary: Windows Event Forwarding allows for event logs to be sent, either via a push or pull mechanism, to one or more centralized Windows Event Collector (WEC) servers. WEF is agent-free, and relies on native components integrated into the operating system. WEF is supported for both workstation and server builds of Windows. WEFContinue reading “How to configure Windows Event forwarding (WEF) ?”

What if PSRemoting and Unrestricted Execution are disabled?

Remotely enable PSRemoting and Unrestricted PowerShell Execution using PsExec and PSSession, then run PSRecon Option 1 — WMI: PS C:\> wmic /node:”10.10.10.10″ process call create “powershell -noprofile -command Enable-PsRemoting -Force” -Credential Get-Credential Option 2 – PsExec: PS C:\> PsExec.exe \\10.10.10.10 -u [admin account name] -p [admin account password] -h -d powershell.exe “Enable-PSRemoting -Force” Next… PSContinue reading “What if PSRemoting and Unrestricted Execution are disabled?”