Security Identifiers (SIDs) and how to understand them [Part 2]

Welcome to Part 2 of a planned four-part series!   Part 1: Security Identifiers (SIDs) and Object Permissions in Windows Part 2: Security Identifiers (SIDs) and how to understand them (you’re reading this it now!) Part 3: Converting Azure Object IDs in Azure into Security Identifiers (SIDs) Part 4: Security Identifiers (SIDs) and User Rights Management In Part 1 we…

Read More

Credential Guard: Protect Windows from pass-the-hash and pass-the-ticket attacks

Credential Guard is a component of Microsoft’s Virtualization-based Security Suite (VBS). With the help of the hypervisor, it protects the hashes of the credentials cached in RAM from attackers. And it is super simple to enable using Intune or Group Policy! So how does Credential Guard work? After successfully logging on to Active Directory, Windows…

Read More

How to set up a NAT network with subnets in Hyper-V

Today we’re going to be looking at Network address translation (NAT) networking in Hyver-V. This should particularly useful if you’re coming from my quick ‘n dirty homelab guides about setting up and Doman Joining the brand new Windows 10 and Windows Server VMs you set up Hyper-V!   Let’s get going! So, what’s NAT?   A public IP address is required to access…

Read More

Assigning Local Log on User Rights via Intune Settings Catalog

As helpful as wizards like Intune Security Baselines are useful for greenfields and inexperienced admins, those needing a little umph in their setups (especially those admins used to on-premise GroupPolicy Administrative Templates) found Intune’s offerings lacking – forced to use CSP policies and custom OMA-URIs like in the example above.   The settings catalogue aims…

Read More

Intune Security Baselines – What are they and how to use them?

Security baselines are intended to make it easier to configure security-related settings in Windows or Edge. They are available from Microsoft as Group Policy packages, or they can be configured through the interfaces for mobile device management such as Intune.   In my opinion, they are mainly intended for clients who have limited experience with Intune and/or security, i.e.,…

Read More

Group Policy Administrative Templates (ADMX): What are they? How are they used? And what if I need to update them?

Group Policy Administrative Templates are registry-based policy settings and provide an XML-based structure for defining the display of administrative template policy settings in the Group Policy Editor. Now I know the name of this blog is Thomas’ head in the cloud so why all the focus on on-premise tech? It’s because understanding how these templates…

Read More