Having a modern, secure infrastructure in 2019 is a requirement. You should implement BitLocker to make sure that in the event of stolen laptop data is not readily extractable and implementing LAPS is a must in a fast changing IT world. But I’m not here to convince you to those two security features. I’m here to show you an easy way to backup LAPS and BitLocker. While having everything stored in Active Directory is excellent, things can get complicated when you don’t have access to your Active Directory, or you restore an older version of it. You see, LAPS, for example, keeps only last Administrator password. This is great and all but what happens if you restore the machine from backup from 6 months back? Your password has already changed multiple times. During our testing of DR scenarios, we wanted to access the computer via their local Administrator credentials and we just couldn’t because that password was already gone.
powershell
I’ve been managing mail service for users for a lot of years now. I don’t do it daily but I’ve spent my fair share of time analyzing spam emails. Mail vendors are doing what they can fighting spam, but it’s not easy. Each month, each year spam is getting more sophisticated. Spam emails either look like a legit email, or worse someone is targeting your company trying to get them to transfer money into a wrong account. While most of those end up in spam, there are those that come thru. It’s even worse if the company you work with has not implemented SPF or their SPF is configured to soft fail which can’t be treated as spam.
Hosting your VM’s in Azure Cloud is excellent. You have all those features, professionally managed and virtually limitless. I don’t want to take your time to sell you Azure Services but to share a solution to one of the things I had to solve in Azure and sooner or later you may end up with on. During the test restore for Active Directory and multiple other machines which were much older (or newer) then Active Directory Domain Controller that was restored it turned out one can’t log in to most of the devices. First of all your domain password is already changed, but that can quickly be addressed. Your second and more significant problem is Network Level Authentication (NLA), and your 3rd problem is broken trust relationship.
I’ve been testing Disaster Recovery scenario restoring Active Directory. One of the servers was restored, and it worked for a moment after restore. If you can regain your Primary DC, it’s best to do so. If you can’t, a standard thing to do during DR is to move all FSMO roles to the restored server so that it can become a master server. You can find out your FSMO holders by using those commands below:
One of the tasks I often get when setting up new Office 365 tenant or installing Exchange Servers is to change the visibility of Room Mailboxes or in some cases even standard users. There’s nothing hard about it, and there are plenty of articles about it. It’s just three simple steps.
I’ve been using Ubiquiti Unifi for some years now, for both home and work usage. It’s great hardware at a great price, and the best thing for a software maniac like me is that it’s continuously updated. Some time ago I upgraded Ubuntu to 18.04, and things went a bit sideways. You see Unifi started to add to their DEB packages that Mongo 3.6 is not supported and therefore blocking any installation. The idea is, it works perfectly fine on MongoDB 3.6 but migration between 3.4 to 3.6 is just not straightforward. Long story short when I upgraded Ubuntu I was suddenly greeted with not working Unifi. I’ve fixed that, and blogged about it how you can do so using manual steps – Ubuntu 18.04 – Fixing Unifi .deb package to run with 3.6 MongoDB. The thing is with each new version out I have to do multiple steps to fix every single package from Unifi (you see where I’m going right?). While a few years ago I would be stuck to use bash or some other workaround which would be a pain for me, this is 2019, and PowerShell Core works excellent on Linux systems! I know that installing PowerShell Core for hardcore Linux fans may not be as fun as it is for me, but you do get a lot of benefits from it.
A new branch of PSWinReporting is slowly coming, and I thought it would be the best time to have a final article about it with all configuration options available for those that will want to stay using PSWinReporting from Legacy branch. The idea is that you may have it working in your systems and it’s good enough for you. You may not want to change it, and with New Hope, the changes are so big it’s a rewrite.
Few weeks had passed since I’ve initially written PowerShell – Few tricks about HashTables and Arrays I wish I knew when I started. I was happily using my tips and tricks myself till today when I noticed a strange problem. Do you know how I showed you that you could use a comma to return Array with just one member (that otherwise would be unwrapped and end up a string)?
A few weeks ago, Mateusz Czerniawski, mentioned that he wants to build a Status Page for his company services. While I haven’t needed for myself, it seems like an excellent idea to try and create one in PowerShell. Since I’ve been working on PSWriteHTML for a while, it wasn’t that far fetched idea. While PSWriteHTML has a long way to go, to be in a state I want it to be, after a few days I had a prototype that didn’t require much work to generate. If you’re wondering what Status Page is it’s a little summary page for your users to check what is the status of services they use. It has been popular in the last few years and is offered by many services (Twitter, GitHub, Office 365 – they all have it). Companies are selling it as a service as well where you can host your status page for your users. This one is free.
Working as a small business often brings you little tasks here and there. Today I’ve decided to shut down the Hyper-V machine to expand its disks. Unfortunately for me, while extending of HDD went great, I couldn’t start Virtual Machine any longer.