Select Page

Author: Kang Arman

Get Local Group Members Report

Staying on top of local group membership is essential to Microsoft Windows Server security and good IT hygiene. In particular, you need to pay attention to the privileged groups on local machines, such as the local Administrators group. Sometimes Active Directory user accounts are added to these groups so users can install the programs they need to do their jobs without asking for help, and once local access rights are granted, they are rarely revoked. While this approach reduces helpdesk workload, it can significantly increase security risks on your systems by increasing the attack surface area and the risk of privilege abuse. If you have enough PowerShell knowledge and experience, you can create a script that lists the membership of all local groups, including the local Administrators group. However, exporting all user objects into .CSV format might not be the most effective way to establish a baseline of the members of local groups and spot inappropriate changes to those groups. Original – 3 Steps total Step 1: Open the PowerShell ISE Open the PowerShell ISE → Create a new script with the following code and run it, specifying the computer name and the path for export: Step 2: Script Code $strComputer = get-content env:computername #Enter the name of the target computer, localhost is used by default Write-Host “Computer: $strComputer” $computer = [ADSI]”WinNT://$strComputer” $objCount = ($computer.psbase.children | measure-object).count Write-Host...

Read More

Public Cloud vs Private Cloud (and Hybrid Cloud too)

You’ve probably heard people use the terms private cloud, public cloud, and hybrid cloud. But how many really understand what they actually mean? These concepts are sometimes used incorrectly in everyday conversation, so we’re here to set the record straight based on the official definition of cloud put forth by the National Institute of Standards and Technology (yes the US government actually created a cloud computing definition).   Public Cloud vs Private Cloud Differences Most conversations about “the cloud” refer to public clouds, where different organizations share cloud resources in a data center owned by a cloud provider such as Amazon, Microsoft, or Google. The big difference between public and private cloud is that a private cloud is used exclusively by a single organization, which most often means that the computing resources are located on-premises in the offices of that organization. Most people understand that fundamental distinction between cloud types, but sometimes people butcher the term private cloud because they don’t understand the basic definition of cloud computing. To qualify as cloud computing, any cloud model (whether public, private, or hybrid) must first meet the 5 criteria of cloud computing: On-demand self-service, shared resource pooling, rapid elasticity, measured service, and broad network access. Just because you have several local computers in a server, it doesn’t mean you have a private cloud.   Why would you use a private cloud? In...

Read More

IaaS? PaaS? SaaS? Differences between cloud service models

The 3 main cloud computing models: Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), and Software-as-a-Service (SaaS) allow you to outsource varying degrees of computing work and hardware maintenance to a cloud provider like Amazon or Microsoft. These cloud services are hosted in gigantic datacenters strategically located around the world. An easy way to remember the differences between IaaS, PaaS, and SaaS, is by differentiating these 3 cloud service models by the amount of control over computing resources they provide and the relative ease of managing them. On one hand with a Software-as-a-Service model, you outsource almost everything to the cloud provider, making setup and management extremely simple. On the other hand, Infrastructure-as-a-service gives you almost full control over server instances, making for a highly customizable but relatively complicated environment. PaaS falls somewhere in between. An easier way of learning the differences between IaaS, PaaS, and SaaS is using an easy-to-understand analogy compares cloud services to painting.   Analogy comparing IaaS, PaaS, SaaS and on-premises servers to painting In both painting and setting up cloud services, your end goal is to create a masterpiece, whether that’s a beautiful painting hanging on your wall or fully functioning IT services. In both cases, you can get to the end result by doing everything yourself or outsource much of the work.   On-premises servers: DIY everything You buy the paints, brushes, easel, and canvas. Then you...

Read More

Need To Migrate Exchange 2003 To Office 365

How to migrate Exchange 2003 to Office 365 using the built in migration tool. 21 Steps total Step 1: Discovery Phase Expand Discover how many mailboxes, what the DB size is and what subset of mailboxes will actually be moved. Get the answers to the following questions via the intro / discovery phone call and via the remote sessions to the Exchange 2003 Server. 1- Point Of Contact (email, phone, mobile) 2 – Exchange MDB Size 3- Mailbox Count (Total Count At This Time) 4- ID Any Email Enabled Applications(Spiceworks) 5- D Any Email Enabled Hardware(scanners) 6- ID The Domain(s) Name(s) to be migrated 7- Does The Client Have At Least 2008 R2 Member Server For DirSync? 8- What Is The Local AD Domain Name (*.local) 9- What OS Flavor Does The Workstations Have? 10- What Version Of Office Are End Users Working With? 11- Who Hosts External DNS For The Domains Being Migrated 12- Is The Client Using Spam Filtering Service (MX Logix, AppRiver) 13- Is The Client Using Any Email Archiving Service? 14- ID How You Are Going To Gain Remote Access Into The Servers(LogMeIn, RDP) Step 2: Get DNS Login Request Login and verify DNS zone file access so you can update External DNS when needed. Step 3: Get Domain Admin Login to Exchange and DirSync Servers Get client to provide you with domain admin login...

Read More

Setup Email Notifications For Azure Backup

Microsoft’s Azure backup client is a useful and simple way to set up offsite backups. However, an essential part of running backups is checking that they have worked. The Azure backup client has no built-in notification functionality. In this how-to, you will learn how to combine the event log, task scheduler, and PowerShell to send email notifications of backup events. 7 Steps total Step 1: Email scripts Expand You will need to create two simple PowerShell scripts using PowerShell ISE – one to notify of success, and one of failure. Save them somewhere easy to find. The scripts are one-liners: end-mailmessage -from “FS01 Azure Backup <>” -to “Backups <>” -subject “FS01 Azure Backup Successful” -body “Backup of FS01 to Azure has been successful” -smtpServer You will obviously need to change the details to suit your environment 🙂 Step 2: Task Scheduler setup Expand The next step is to create tasks to monitor the event log for the relevant events. We’ll start with the ‘failure’ event, as it’s slightly more complex. Open Task Scheduler, and click ‘Create Task’. Give it a suitable name, select a suitable service account to run it (which will need to have admin rights on your server), and make sure to tick ‘Run whether user is logged in or not”! Step 3: Task Scheduler triggers Expand Move to the Triggers tab. Click New, and select...

Read More