Code as Code – Managing Azure Automation with Terraform

Introduction Azure Automation is a robust tool that provides administrators with the ability to execute tasks either on Azure or on-premises (through a hybrid worker). If you're familiar with Azure Automation, you've likely configured a lot of settings, including runbooks, schedules, RBAC permissions, variables and PowerShell modules. In certain organizations, these configurations can amount to … Continue reading Code as Code – Managing Azure Automation with Terraform

Azure AD PowerShell to Microsoft Graph PowerShell

Overview: You might have heard about AzureAD PowerShell module deprecation. So, in this article we will summarize the migration between Azure AD PowerShell to Microsoft Graph PowerShell and will provide you with all the relevant info and links in one place, to get you up and running with the new MS Graph Module. The best … Continue reading Azure AD PowerShell to Microsoft Graph PowerShell

Permanently delete objects from the Active Directory Recycle Bin

With the Active Directory Recycle Bin enabled, deleted Active Directory objects can be easily recovered. The deleted items can be recovered for as long as the Active Directory tombstone lifetime. Based on default configuration this should be 180 days. I recently received a request from a customer to know how they can permanently delete user … Continue reading Permanently delete objects from the Active Directory Recycle Bin

How to Import One or Multiple Analytics Rules into Microsoft Sentinel

There are a few PowerShell options out there (including the official module) to help automate content and collateral deployment to your Microsoft Sentinel workspace. But the one from Jan Geisbauer is highly recommended. Jan's original blog post announcement about this new module is here: Alertrule from github to Azure sentinel | (emptydc.com) The PowerShell module … Continue reading How to Import One or Multiple Analytics Rules into Microsoft Sentinel

Determine the Windows release version from the build version

With Windows 10 21H2 and Windows 11 initial release the release version is marked as 2009 in the registry. The Windows product group left the release version at the 2009 level for backwards compatibility. To test use the powershell command $(Get-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion\').releaseid On Windows 10 21H2 and Window 11 intial release it will … Continue reading Determine the Windows release version from the build version

Schedule a Reboot for Manual installation of Windows 10 Feature Updates

With the various methods of deploying Windows 10 Feature Updates, the Feature Update Rollouts via Application Deployment does not provide restart notifications to the user and as such the device will automatically reboot if the “/noreboot” switch is not added to your batch file or if the switch is added the reboot will not happen … Continue reading Schedule a Reboot for Manual installation of Windows 10 Feature Updates

Azure Sentinel PowerShell Module Hits GA at Version 1.0.0

Some of you may remember, but during the Christmas/NYE season last year (2020), an official PowerShell module for Azure Sentinel saw the light of day. Just a few hours ago, this module finally hit 1.0.0, hence its been released for General Availability. How cool is that?? Download it from here: PowerShell Gallery | Az.SecurityInsights 1.0.0 … Continue reading Azure Sentinel PowerShell Module Hits GA at Version 1.0.0

Creating Cloud Shell Storage Resources in a Different Azure Region

I had a situation recently where I needed to test to determine if a specific cmdlet for the Azure Sentinel PowerShell module would run in a specific Azure region. Cloud Shell instances require storage to function. When you initiate a Cloud Shell instance and accept the defaults it generates a random set of storage account … Continue reading Creating Cloud Shell Storage Resources in a Different Azure Region

Official Azure Sentinel PowerShell Module Released

On December 29th, when the rest of the world wasn't watching, the Microsoft team unleashed the first rev of a PowerShell module specifically for Azure Sentinel. You can find Az.SecurityInsights version 0.1.0 here: https://www.powershellgallery.com/packages/Az.SecurityInsights/0.1.0 I've been playing with it the last couple days when my wife isn't looking. I'm off until January 4th and have … Continue reading Official Azure Sentinel PowerShell Module Released