Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS), deeply involved in a project to configure Intune for managing AADJ laptops with a Federal customer’s use. Been working a lot lately with 'hardening' the laptops following DISA STIGs. As a result I've developed a few Intune CSPs and security baselines to … Continue reading Microsoft Intune CSP for Google Chrome DISA STIG
Author: Theron Howton (MCS)
MBAM: EventID 112 and Kerberos Encryption Types
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS). I was working with a customer recently to help migrate their Microsoft BitLocker Administration and Monitoring (MBAM) front-end server to Server 2019, and ran into an issue that isn't related to Server 2019 in particular, but instead the new security posture the … Continue reading MBAM: EventID 112 and Kerberos Encryption Types
Intune: Export Policies for Comparison
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS), deeply involved in a current project to configure Intune for a customer's use. As with many of your customers, mine found themselves in a situation where they needed to get a secure 'remote' working solution in place quickly due to the COVID-19 … Continue reading Intune: Export Policies for Comparison
SCOM: MSSQLServer Event ID 28005
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory, but also dabbles with all things Systems Center. Recently, while implementing SCOM 2019 in a customer's environment, I ran into an issue when trying to install agents; the discovery wizard would never complete the 'discovery' process. After making … Continue reading SCOM: MSSQLServer Event ID 28005
AD: Nitty Gritty of Fine-Grained Password Policies
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory. Fine-Grained Password Policies (FGPP) have been around for a while, but in my experience with various customers, they aren't used often, if at all. This post is an attempt to simplify them, provide some details and list some … Continue reading AD: Nitty Gritty of Fine-Grained Password Policies
AD: Domain controllers – discover what you’ve got
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory. During an engagement with a customer a couple of years ago, I needed to identify some info regarding their domain controllers. They were in the process of deploying System Center Operations Manager (SCOM) at the time, but it … Continue reading AD: Domain controllers – discover what you’ve got
AD: Discover what you’ve got
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory. I wrote a really basic script that will scour your domain and return some valuable information regarding its configuration. There are probably several things in the script that could be done differently and if I was to go … Continue reading AD: Discover what you’ve got
AGPM: The case of the missing GPT.ini file – a possible workaround
Hey everyone, Theron (aka T-) here, Senior Consultant with Microsoft Consulting Services (MCS) specializing in Active Directory, amongst other technologies, including Advanced Group Policy Manager (AGPM). Have you ever deployed a GPO via AGPM only to experience either of the two situations? EventID 1058 (GroupPolicy) in a client’s System log or The follow message when … Continue reading AGPM: The case of the missing GPT.ini file – a possible workaround
You must be logged in to post a comment.