The days of updating the default tombstone lifetime for Active Directory may be long forgotten, but if your Active Directory Forest has been running since Windows Server 2000/2003 and you have never verified the tombstone lifetime, it may be worthwhile to do so. As I have found first-hand with my customer, there are some deployments out there that may still be using a tombstone lifetime of 60 days. Expecting a value of 180 days and realizing too late that this is not the case may cause unnecessary complications in the future.
Some of you may remember, but during the Christmas/NYE season last year (2020), an official PowerShell module for Azure Sentinel saw the light of day. Just a few hours ago, this module finally hit 1.0.0, hence its been released for General Availability. How cool is that?? Download it from here: PowerShell Gallery | Az.SecurityInsights 1.0.0 … Continue reading Azure Sentinel PowerShell Module Hits GA at Version 1.0.0
I automate most of my application installs so I can easily install on Windows Virtual Desktop (WVD), Virtual Desktop Infrastructure (VDI), or individual Azure Virtual machines. The code downloads the latest Microsoft Code build and installs the version with minimal PowerShell specific customizations (that I have discovered so far). This script can be executed from … Continue reading How I install Microsoft Code
There's a few PowerShell options out there (including the official module) to help automate content and collateral deployment to your Azure Sentinel workspace. But, this latest one from Jan Geisbauer is highly recommended. Jan notified me about this late last week, and after some testing, I can say it's a very worthwhile PowerShell module to … Continue reading How to Import One or Multiple Analytics Rules into Azure Sentinel
I had a situation recently where I needed to test to determine if a specific cmdlet for the Azure Sentinel PowerShell module would run in a specific Azure region. Cloud Shell instances require storage to function. When you initiate a Cloud Shell instance and accept the defaults it generates a random set of storage account … Continue reading Creating Cloud Shell Storage Resources in a Different Azure Region
On December 29th, when the rest of the world wasn't watching, the Microsoft team unleashed the first rev of a PowerShell module specifically for Azure Sentinel. You can find Az.SecurityInsights version 0.1.0 here: https://www.powershellgallery.com/packages/Az.SecurityInsights/0.1.0 I've been playing with it the last couple days when my wife isn't looking. I'm off until January 4th and have … Continue reading Official Azure Sentinel PowerShell Module Released
Automation is always good in large or small organizations to minimize error and remove the tediousness of repetitive tasks. This script will install the Software Update Point (SUP) role on one or multiple site system servers in their assigned site. This script will run the following task Check if the site server and admin domain … Continue reading SCCM Software Update Point (SUP) automated install via PowerShell
I recently assisted a customer with missing OU's in Active Directory. We found that the OU's were not deleted (thanks to the AD Recycle Bin), but were actually moved to another OU instead. These occurrences can easily be prevented by using a feature that was introduced with Active Directory on Windows Server 2008. Now this is nothing new, but since we are still finding occurrences of this at our customers, I decided to publish this post as a reminder to review all OU's in your Active Directory forest, and ensure they are protected from accidental deletion.
The Question In a recent Workshop I wanted to explain how you could use webhooks in clever ways to kick off specific tasks in Azure Automation. Specifically I wanted to create a Power App where I could just click a button and all my Az Modules in my Azure Automation Account gets updated. You can … Continue reading Azure – “Executing Runbooks with Power Platform and Webhooks”
Introduction Writing Runbooks in Az Automation is possible in the following languages: PowerShell and Python, in PowerShell it is also possible to write PowerShell Workflow. In this blog post, I will walk through some highlights in writing 'PowerShell Workflow' and how to upload it to 'Runbook gallery' in Azure Automation. The pros and cons of using Workflow The … Continue reading Publish Custom PowerShell Workflows to Azure Automation