The idea behind this blog series came after something I noticed Microsoft does not have from an artifact perspective. Microsoft talks a lot about infrastructure as code by using ARM Templates. ARM Templates make cloud deployments declarative, idempotent, and add ... continue reading

Disaster can hit at any time. When thinking about disaster and recovery, I think of 3 things Be prepared Plan on not involving humans Automatic, not automated Having a good strategy is a must. You want to be able to ... continue reading

Introduction Zero Trust is defined by Microsoft as model that “assumes breach and verifies each request as though it originates from an open network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to ... continue reading

Human-operated ransomware campaigns pose a significant and growing threat to businesses and represent one of the most impactful trends in cyberattacks today. In these hands-on-keyboard attacks, which are different from auto-spreading ransomware like WannaCry or NotPetya, adversaries employ credential theft ... continue reading

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. Lately I have done quite a few Public Key Infrastructure (PKI) migrations for customers mostly because their certification authorities ... continue reading

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. In this post, I am going to show you how to use a minimal set of Group Policy objects ... continue reading

First published on TECHNET on Jul 15, 2014 Hey Everyone, I am back with part 2 of this 3 part series on TPM protected certificates. The topics covered in this are related to Virtual Smart Cards, their benefits, and lastly ... continue reading

First published on TECHNET on Jun 02, 2011 LDAP over SSL (LDAPS) is becoming an increasingly hot topic - perhaps it is because Event Viewer ID 1220 is catching people's attention in the Directory Service Log or just that people ... continue reading

First published on TECHNET on Sep 30, 2010 UPDATE (2/8): Based on some recent questions, additional information has been posted about SHA2 and Windows. Introduction We’ve recently received a couple of requests from customers around the functionality of SHA-256 when ... continue reading

First published on TECHNET on Jun 25, 2010 Below is a list of ports that need to be opened on Active Directory Certificate Services servers to enable HTTP and DCOM based enrollment The information was developed by Microsoft Consultant Services ... continue reading