Hi All! Jerry Devore back again with another hardening Active Directory topic. Before we jump into the technical stuff, I would like to briefly share some tips for structuring a protocol hardening project. I picked up these suggestions from working with customers who have been successful in their protocol hardening efforts. Tip #1 – Collaborate …
Active Directory Hardening Series – Part 2 – Removing SMBv1 Continue Reading
Hello, it has been a while since I have posted any articles, but my little buddy Raven (my miniature schnauzer) and I are here to talk about the Microsoft Monitoring Agent (MMA). Raven has an old, worn-out bed that she has been using for years. It has lost its cushioning, doesn’t offer much comfort anymore, …
Heya folks, Ned here again. Starting with Windows 11 Insider preview Build 25992 (Canary), the SMB client now supports connecting to an SMB server over TCP, QUIC, or RDMA using alternative network ports. Today I’ll explain how to configure this and talk about the near future of this in Windows and Windows Server Insiders a bit. Previous port behaviors …
SMB alternative ports now supported in Windows Insiders Continue Reading
Heya folks, Ned here again. Starting with Windows 11 Insider preview Build 25992 (Canary), creating SMB shares changes a longtime Windows Defender Firewall default behavior. Before Previously, creating a share automatically configured the firewall to enable the rules in the “File and Printer Sharing” group for the given firewall profiles. This began in Windows XP SP2 with the …
SMB firewall rule changes in Windows Insider Continue Reading
Heya folks, Ned here again. Today I’m sharing advice on migrating from Distributed File System Replication (DFSR) to Storage Replica. This includes deciding when SR is a good replacement, inventorying your DFSR and DFS Namespaces, backing up your existing configuration, validating your existing replication and converging it, migrating to SR, then updating your disaster recovery …
DR 2.0: Migrating from DFSR to Storage Replica Continue Reading
October 10, 2023 Update: By request of our customers, we’re now sharing a sample PowerShell script that we’ve been using at Microsoft to replace Azure AD naming in documentation or content. Get the Azure AD rename code sample on Microsoft Learn and edit it according to your needs. The rename of Azure Active Directory (Azure …
We are grateful for the trust our customers have placed in Windows Server 2012/R2 as a part of their organizations for the past decade. With this release of Windows Server having launched 10 years ago, it reaches end of support on October 10th, 2023, per our 10-year lifecycle policy. After this date, no more security …
Secure Windows Server 2012/R2 workloads with options from Azure Continue Reading
How to deploy S2D on a 4-node cluster. Perform each step in preparation to manage and support the core cluster in a production environment. Part 1 of 4.
SQL Server has brought reliability and security to mission-critical workloads for 30 years. SQL Server 2022, released November 2022, delivers performance enhancements as well as Azure connectivity for disaster recovery, analytics, and governance. Now customers like Mediterranean Shipping Company (MSC) are using SQL Server 2022 to expand their capabilities to better support a truly worldwide …
Protect SQL Server 2014 workloads with Azure flexibility Continue Reading
Hello everyone, Jerry Devore back again after to along break from blogging to talk about Active Directory hardening. In my role at Microsoft, I have found every organization has room to improve when it comes to hardening Active Directory. Many times, customers are aware of issues but are afraid of unintended impacts if they make …
Active Directory Hardening Series – Part 1 – Disabling NTLMv1 Continue Reading
