It is quite easy for security professionals to get aggressive with introducing controls into systems. I should know, I have worked with so many and I hold a CISSP, myself. But the overall intent of security is to make sure that systems are available for legitimate purposes. The old notion that the only secure system … Continue reading An Overly Aggressive Security Posture?
After completing a migration to Exchange Online, it is common to have questions like: 1) What is the best practice for provisioning mailboxes? 2) How do I provision mailboxes? 3) Why should I keep this Exchange server around? Well, these are good questions. Let's start with the last question. When an organization migrates to Exchange … Continue reading How to Provision Exchange Online Mailboxes
In a hybrid Exchange scenario, mailboxes should be stamped with aliases that are mapped to the tenant unique namespaces (e.g. *.onmicrosoft.com). If a mailbox does not contain these aliases, it will fail to migrate. These aliases are normally applied via Email Address Policies, but if the AD object is set to block Email Address Policies … Continue reading Identifying Mailboxes without a Cloud Alias
Over the past few years, I have had to address cryptographic vulnerabilities on Windows Server by disabling SSL v2, SSL v3, TLS v1, and RC4. Here is a script that I cobbled together (could definitely be improved): Harden-SslTls
With the news that PowerShell has been open sourced and brought to Linux and Mac OSX, we are witnessing the fruits of Microsoft's journey to embrace other platforms in an effort to reach and support customers' needs. It is pretty exciting as my personal journey with technology began on the other side, using Linux and … Continue reading Considerations for an Open Sourced PowerShell
In the course of my work, I am often times dealing with large CSV files that need to be broken up into smaller files, for whatever reason. If the CSV file has a header, I can't simply use something that breaks up the file by number of lines because I need to retain the header … Continue reading Splitting CSV files in PowerShell with Split-Csv
This week I had a request that seemed rather simple. Given a CSV file containing the User Principal Name of the user, determine if the user is a member of a specific Active Directory group, remove it, and add it as a member to another specific Active Directory group. I am not sure of what … Continue reading Moving an AD User from One Group to Another via PowerShell