Let me paint a picture for you: High level exec walks in and says someone has been on his computer. “I want to know every time someone has logged into my computer in the last month!” Okay, not so bad. Get into the event viewer of the machine either locally or remotely, go to your […]
The ability for a user to change their password when it has expired via the Remote Desktop Services webpage is disabled by default. Enabling the feature is quite simple, but with anything take a moment to consider the security implications and make sure that your organization is okay with the risk. Connect to the server […]
I have inherited some pretty messy domains over the last couple years when it comes to GPO’s, and knowing the short and sweet way to reset the Default Domain and Default Domain Controller policies has come in handy. As I hope you know, Microsoft only suggests only making changes to these policies for account, account […]
You may have gotten the hint over the last few posts that I had some brute force issues from a particular set of IPs (a couple /24’s to be exact). Well after much heartache I found the solution. Thinking about it now this is probably a pretty common on-prem Exchange configuration option, but alas I […]
Client Access Rules give you a lot of control over who can access Exchange Online from where. Microsoft gives a pretty good definition so I’ll just throw that at you because I’m lazy: Client Access Rules help you control access to your Exchange Online organization based on client properties or client access requests. Client Access […]
Brute force attacks can be quite the nuisance for users, especially if they manage to start hitting your AD FS portal with authentication attempts. The Extranet Lockout feature can help alleviate these pains by preventing the users local AD account from being locked out, but it is by no means a complete solution. Please see […]
When users were trying to authenticate through Office 2016 to activate the product, they were receiving the following error message upon being redirected to their AD FS login page while on the internal network. An error occurred An error occurred. Contact your administrator for more information. Error details Activity ID: 00000000-0000-0000-c32d-00800000005e Relying party: Microsoft Office […]
I figured it was time to bite the bullet and start converting all of my scripts from using the MSOnline V1 module to the new and shiny AzureAD 2.0 module. Since I was finding few to no posts on pulling licensed users using the new module out there on the interwebs, I figured I’d share […]
I had a request come to me today for an AD group that will always contain all of the users in a particular OU. If you have come across my little place on the internet before, you are likely familiar that I do a lot of work with AD FS. Keeping that in mind, I wanted […]
I’ve been working with hybrid Office 365 environments for quite some time now and liked to think that I had come across most of the weird errors, but of course just when you think that there has to be another random msExch attribute to come along and muck things up. I came across just such […]