Hello Everyone, my name is Moni and I am a Support Engineer in the Windows Devices and Deployment team here at Microsoft. In this post, I’ll be discussing an issue where the Server Cleanup Wizard for WSUS 3.0 Service Pack 2 times out when attempting to delete computers that have not contacted the server in 30 days or more. ...
Details of the error are as follows:
The WSUS administration console was unable to connect to the WSUS Server Database.Verify that SQL server is running on the WSUS Server. If the problem persists, try restarting SQL.System.Data.SqlClient.SqlException — Access to table dbo.tbDownstreamServerClientSummaryRollup is blocked because the signature is not valid.Source.Net SqlClient Data ProviderStack Trace:at System.Windows.Forms.Control.MarshaledInvoke(Control caller, Delegate method, Object[] args,
When Active Directory replication breaks, IT is in trouble. PowerShell comes with a few cmdlets that allow you to test if Active Directory replication is working properly.
Source : 4sysops
Just Enough Administration (JEA) is a new extension in the Windows Management Framework that allows you to restrict the rights of IT admins in remote PowerShell sessions. In this first part of my JEA series, I will give an overview of the basic concepts.
Just Enough Administration (JEA) – Part 1: Overview Just Enough Administration (JEA) – Part 2: An example Source : 4sysops.com
Occasionally you may find that you want to start over in WSUS with a fresh database (SUSDB). There can be any number of reasons for this, but typically I see people doing this if their SUSDB is rather old, has a ton of unneeded updates in it, and maintenance has not been done on the SUSDB in years. In those cases you can find that a rebuild may be faster and easier than fixing the problematic SUSDB. Typically speaking, I see people wanting to recreate the just the content dir if they accidentally unchecked the “download update files to this server only when updates are approved” and ended up with a hard drive full of unneeded files. Whatever
In this article, I'll show you how to create a tool in PowerShell that will allow you to update multiple SQL servers in one swath with a single command.
Source : 4sysops
The Problem
From time to time, various users have complained to the IE team that they’re unable to log into assorted websites and services that they care about: Hotmail and GMail are two common examples. They report that after entering their credentials into the login page, the page seems to get caught in some sort of redirect loop, redirecting from the login page to the site back to the login page. This pattern either continues endlessly or until an error message is displayed. Source : IEInternals
The Security Compliance Manager (SCM) is a free tool from Microsoft that enables you to quickly configure, and manage the computers in your environment using Group Policy and Microsoft System Center Configuration Manager. This version of SCM supports Windows 10, and Windows Server 2016.
Source : Microsoft Security Guidance
LGPO.exe is a command-line utility to automate the management of local group policy objects (LGPO). Version 1.0 was released last January. The PRE-RELEASE LGPO.exe v2.0 is attached to this blog post, and adds support for Multiple Local Group Policy Objects (MLGPO) and 64-bit REG_QWORD registry values. It also adds support for /e mnemonic options to enable the GP client side extensions for LAPS, Credential Guard, and Device Guard.
Source : Microsoft Security Guidance
As you may have seen, there has been an update to the extended support lifecycle for WSUS 3.0 SP2 (WSUS 3.2). We received feedback that ending this product’s life in July 2017 would cause a significant disruption for those Windows Server 2008/R2 deployments that planned to rely upon it until January 2020. As such, the end of life for this product is now January 2020.
Source : WSUS Product Team Blog
Storage Replica is a new feature in Windows Server 2016 that allows us to do storage-agnostic block-level replication of data.
Source : 4sysops
Hi all,
I’m Jeff Patterson, Program Manager for Work Folders and Offline Files.
Jane wrote a blog last year which covers how to use Folder Redirection with Work Folders. The blog is great for new environments. If Folder Redirection and Offline Files are currently used, there are some additional steps that need to be performed which are covered in this migration guide.
Server Storage at Microsoft
On August 18, 2016, the PowerShell Team announced that we were now providing PowerShell as an open source project on GitHub, available on Windows, Linux and macOS! The official announcement blog can be found here and the PowerShell Webinar is here.
CANITPRO
VSCode is the primary way to edit and debug PowerShell scripts on Mac OS and Linux. If you do not have it yet, follow these instructions on GitHub on installing VSCode on Mac OS/Linux/Windows and adding its PowerShell extension.
Source : Dmitry's Blog
As you have probably heard by now, Microsoft has just open-sourced PowerShell and made it available for Linux and Mac OS X. In this blog post, I will take you through the steps to download, install and run PowerShell on a Mac.
Source : Dmitry's Blog
As you can see this announcement is huge – not only you can freely read and change the code of the PowerShell itself, you can build it and run it almost anywhere.
Source : www.powershellmagazine.com Ref : blogs.msdn.microsoft.com/powershell
The Connect app in Windows 10 Anniversary Update gives smartphone users the ability to “cast” their screens to a PC or laptop running Microsoft’s latest version of its ever-evolving operating system. Let’s call this feature the “poor-man’s Continuum.” But, more importantly, it gives Android users something that has been solely constrained to Windows devices – the ability to mirror smartphone and tablet screens to Windows 10. Notably, this feature doesn’t work for iOS and the host device must support Miracast.
Source : SuperSite for Windows
Excellent tool to search for WordPress vulnerabilities !
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails & urls, with an internal custom validation junction for each target / url found
Source : GitHub - googleinurl/SCANNER-INURLBR
Although Microsoft provides Windows Defender as an integrated part of Windows 10 they do not mandate that as your only option.
Once you install your favorite third party anti-virus/malware solution Windows Defender gets out of the way and is turned off so it does not cause any conflicts with your scanning/protection software of choice.
In the recently released Windows 10 Anniversary Update there is a new option for those of you using third party security software that allows you to take advantage of the years worth of research Microsoft has invested into protecting systems from viruses and malware.
Source : SuperSite for Windows
So as many of you may know, yesterday Microsoft released a security hotfix that changed the behavior of Group Policy. Put simply if you have a security group filtered User Group Policy Object and you also removed the “Authenticated Users” group from the policy it will no longer apply after you install MS16-072.
Source : Group Policy Central
Today, I will introduce to my favorite PowerShell ISE add-ons: Script Browser, Module Browser, and ISE Geek. At the end of the post, I'll leave you with a hand-selected list of some other ISE add-ins.
Source : 4sysops
To build fast sites, developers need powerful tools to analyze the performance of their sites and debug issues. In-browser tools like the F12 Developer Tools are a great start and the primary tools for analyzing what’s happening behind the scenes when a page slows down. However, some scenarios require measuring performance characteristics in the context of other applications and the operating system itself. For these scenarios, we use the Windows Performance Toolkit.
Source : Microsoft Edge Dev Blog
IIS is a mature technology with a large amount of configuration available. Historically the configuration of IIS has been done through WMI, Appcmd, PowerShell, and graphically through IIS Manager. All of these technologies have continued to serve their purpose, allowing users to configure the web server to meet their needs. Recently the IIS team has been working on a project to open up IIS configuration even more by creating a REST API that exposes the configuration system. This API is not meant to replace any of the existing configuration access mechanisms, but stand beside them and offer an open method for interacting with IIS. The REST API communicates with HTTPS making it accessible from any device that knows
A set of functions to dump OUs, Users, Groups and GPOs from one Active Directory and mirror them to another, test Active Directory. Perfect for creating a test environment.
Source : gallery.technet.microsoft.com
I’ve lost count of the number of Wi-Fi routers I’ve been through over the last ten years, most ranging from just OK to the plain terrible. When I started experiencing problems with WI-FI connectivity a few months ago, I decided once again it was time to replace my router, and after lots of research, I picked the Asus RT-AC66U.
SOurce : Petri
A new update is available for Windows Server 2012 and 2012 R2. This update requires manual steps in order to complete the installation. While the KB itself covers those steps, this post provides additional details on the release.
Source : WSUS Product Team Blog
If its happen that you like to run your honeypot on a Windows system then Honeyport is something worth to try.
Honeyports is a powershell script that will Creates a job that listens on TCP Ports specified and when a connection is established, it can either simply log or add a local firewall rule to block the host from further connections.
The script is written by John Hoyt, Carlos Perez and Greg Foss and it’s available on https://github.com/Pwdrkeg/honeyport/
Source InfoSec Handlers Diary Blog
Hi all, Herbert Mauerer here. In this post we’re back to talk about the built-in AD Diagnostics Data collector set available for Active Directory Performance (ADPERF) issues and how to ensure a useful report is generated when your DCs are under heavy load.
Source : Ask the Directory Services Team
One of the most noticeable things about Windows 10, as compared to previous iterations of the Microsoft operating system, is the amount of time it takes for the first logon—that is, the logon time when a user doesn’t have a profile on the local machine.
Source : 4sysops
Hello, Ryan Ries here again with some juicy new Active Directory hotness. Windows Server 2016 is right around the corner, and it’s bringing a ton of new features and improvements with it. Today we’re going to talk about one of the new things you’ll be seeing in Active Directory, which you might see referred to as “expiring links,” or what I like to call “temporary group memberships.”
One of the challenges that every security-conscious Active Directory administrator has faced is how to deal with contractors, vendors, temporary employees and anyone else who needs temporary access to resources within your Active Directory environment. Let’s pretend that your Information Security team wants to perform an automated vulnerability scan of all
Hi all, Ned here again with a quick chat about mixing Continuous Availability and Offline Files. As you know, we have severalpublic docs recommending against combining CA and Client Side Caching (aka CSC aka Offline Files) because when users attempt to go offline, it will take up to six minutes. This usually leads to unhappy humans and applications. Today I’ll explain more and give you some options.
Source : Server Storage at Microsoft
We are happy to announce that an Android app for Work Folders has been released into the Google PlayStore® and is available as a free download.
Source : Server Storage at Microsoft
The proper way to remove a DC server in an Active Directory infrastructure is to run DCPROMO and remove it. The following video provides an example of these steps...
Source : Canadian IT Professionals
In the previous post, we installed Ubuntu in a VirtualBox VM. Now it’s time to install SAMBA and configure the domain controller.
Source : 4sysops
Another day, another sensational report from Forbes. Oh my goodness, is Windows 10 really "phoning home" thousands of times a day? Nope. in fact, anyone who has even a basic understanding of how networks work should cringe at this shoddy report.
Source : ZDNet
First things first, do not panic. This article will guide you through the process of cleaning a hacked WordPress website. The process is documented in an easy to follow step by step format; identifying the source of the hack, identifying the infection, cleaning the code, regaining control of your WordPress website or blog and removing the Google malware alert. This guide will help you recover from the typical WordPress hacks such as backdoors, malware, spam and other similar types of infections.
Source : wpwhitesecurity
In the last post of this series, I described how to prepare your VirtualBox environment. In today’s post, I’ll show you how to install the Ubuntu server with the help of the netboot.xyz iPXE .iso.
Source : 4sysops
Fast startup was introduced in Windows 8 and uses session 0 hibernation to save the kernel state to disk. Reading the kernel state from disk is 30 to 70 percent faster than a full system initialization on most systems. While fast startup should be beneficial in most cases, especially in combination with UEFI, it can also be problematic. For example, I’ve come across systems that refuse to connect to wireless networks without a cold boot, assumedly due to a problem with the reinitialized driver. But if an updated driver doesn’t solve the problem, you might want to disable fast startup.
Source : Petri
If you want to run a domain controller on your network but don’t have access to a Windows Server license, you can use SAMBA, the free open-source software, and VirtualBox, the free virtualization software. We’ll describe the procedure for setting up a virtual server using VirtualBox and netboot.xyz iPXE and move on to setting up your domain controller with SAMBA.
Source : 4sysops
After months of complaints, Microsoft has finally opened a Windows 10 Update History web site that will document the changes it makes to its flagship OS.
Source : Thurrott.com
A new preview release model for the PowerShell ISE The biggest news is that we've developed a new strategy to ship a separate preview edition of the PowerShell ISE. This enables us to add new features and release them to all of you much faster than before. Previously you had to wait for new Windows or WMF releases before you would get an updated ISE. Thanks to the PowerShell Gallery, we can now ship the Windows PowerShell ISE Preview as often as we like!
Source : Windows PowerShell Blog
If you have ever used the search feature in Windows 10, and there is a good chance you have, there is a new way to filter search results that should help you find what you are looking for, faster. It looks like this feature was added in a recent update and if you haven’t tried it yet, here’s how it works ... Source : Thurrott.com
Early on in many penetration test or security assessment, you will often find yourself wading through what seems like hundreds or thousands of text files, each seemingly hundreds or thousands of pages long (likely because they are). One key to success in these situations is to automate the analysis of these files as much as possible – you want to get the “drudgery” job done and move on to subsequent tasks that need real eyes on the screen and hands on the keyboard.
Let’s look at NMAP for instance. It’s a valuable tool, we all use it. But if you are scanning a /16 or a /8 network (or even lots of /24’s), the volume of output can
A new hotfix is available that enables Windows Server Update Services (WSUS) on a Windows Server 2012 or Windows Server 2012 R2 to sync and distribute feature upgrades for Windows 10. Note that this hotfix is not required to enable WSUS to sync and distribute servicing updates for Windows 10. This hotfix also addresses an issue where Windows 10 computers are displayed as Windows Vista.
Source : Microsoft WSUS and Software Update Team Blog
Building on our last conversation about HTTPS and Powershell, let’s look at another common thing you’d do with HTTPS in a system administrator, or in a security assessment or penetration test – let’s assess the HTTPS certificates themselves.
Source InfoSec Handlers Diary Blog
As indicated in a previous post, we are making changes to WSUS 4.0 and later that will provide a smoother Windows 10 servicing experience. Because WSUS 3.0 SP2 is already in extended support (receiving no support at all after July 2017), and we are not shipping these improvements further down-level, it is a good idea to start planning your WSUS migration now. Here is some guidance on how to respond to the recent changes based on your current situation, with the assumption that you intend to deploy Windows 10 in your environment.
Source : WSUS Product Team Blog
Microsoft is please to announce the final release of the security configuration baseline settings for Windows 10 version 1511, also known as "November Update," "Build 10586," "Threshold 2," or "TH2." The downloadable attachment to this blog post includes importable GPOs, tools for applying the GPOs to local GPO, custom ADMX files for Group Policy settings, and all the settings in spreadsheet form. We will also be publishing SCM .CAB files for this Windows 10 baseline shortly, and will announce their availability on the Security Guidance blog. (Note that we will not be providing updated SCM .CAB files for the IE11 guidance. For that content, see the attachment on this blog post.)
Source : Microsoft Security Guidance
Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs). It can highlight when a set of Group Policies has redundant settings or internal inconsistencies, and can highlight the differences between versions or sets of Group Policies. It can also compare GPOs against current local policy settings and against local registry settings. And you can export its findings to a Microsoft Excel spreadsheet.
Source : Microsoft Security Guidance
One of the great additions to PowerShell 5.0 is the new information stream. You can use this stream as a logging mechanism in your scripts and functions, which is something I want to demonstrate today.
Source : Petri
In the first article of this series, I taught you how to install and configure the Git version control system (VCS) to help you manage your Windows PowerShell scripts. Today, you'll learn how to sync your PowerShell scripts between your computers.
Source : 4sysops
Software as a service (or SaaS) is a relatively new model of how a lot of software companies are conducting their business today – often to great success. So it comes as no surprise that malware writers and cyber crooks are attempting to adopt this model for their own nefarious purposes. In the past year a whole bunch of these “Ransomware as a Service” campaigns appeared, like for example Tox, Fakben or Radamant. Today we want to spotlight the newest of these campaigns.
Source : Meet Ransom32: The first JavaScript ransomware
PowerSploit is an offensive security framework for penetration testers and reverse engineers. It was born out of the realization that PowerShell was the ideal post-exploitation utility in Windows due to its ability to perform a wide range of administrative and low-level tasks all without the need to drop malicious executables to disk, thus, evading antivirus products with ease.
Source : PowerShell Magazine
Below I will show few methods which can prevent WPScan scan.
Source : security.szurek.pl
Hello everyone, this is Ayesha Mascarenhas on the Remote Desktop team. We released the Remote Desktop client preview for Mac in August this year. Over the last few months many of you have shared feedback and feature suggestions. Today, I’m sharing with you some of the updates we have made to the Remote Desktop client preview app for Mac since it was first released.
Source : Remote Desktop Services (Terminal Services) Team Blog
In the second week of this month, Microsoft had alerted Windows Live Mail 2012 users that some chnages are coming to users of Microsoft accounts like Outlook, Live, Hotmail, MSN accounts that may prevent mails being delivered to Windows Live Mail 2012. And it said, in order to continue using this Mail client, you need to install this update.(Update for Windows Live Essentials Mail 2012 (KB3093594) )
Source : meraTechPort
You’ve adopted an Android smart phone, but your contacts, email, and calendaring information are tied up in your Outlook.com or Office 365 account. No worries, you can access it all from Android, and even make sure that your phone calls and text messages correctly identify who’s reaching out to you. The best news? You can make this work no matter which apps you choose to use to manage your contacts, email and calendar.
Source : Thurrott.com
When using WPScan you can scan your WordPress website for known vulnerabilities within the core version, plugins, and themes. You can also find out if any weak passwords, users, and security configuration issues are present. The database atwpvulndb.com is used to check for vulnerable software and the WPScan team maintains the ever-growing list of vulnerabilities. Last time, we taught you how to install WPScan on Mac and Linux. This time we are going to dive into how to use WPScan with the most basic commands. Source : Sucuri Blog
NirSoft released the free MMCSnapInsView tool that allows you to view and launch all MMC snap-ins that are installed on a Windows computer. Source : MMCSnapInsView – MMC snap-in launcher
Concurrent Remote Desktop allows you (the administrator) to simultaneously use a client computer while a standard user is still interactively using it. For IT, this is huge! Imagine never having to kick a person off of their computer because you need to work on it. Concurrent Remote Desktop (CRDP) makes this possible. This guide will cover CRDP setup for Windows 10. Source : DeployHappiness
