Category: Microsoft

The Metaverse needs to be open-source and community-driven

Ulv BjørnssonLeave a comment

The metaverse is coming, and it should be open source. The metaverse is a virtual world that will include all kinds of virtual reality (VR) applications. You can think of it as the internet for VR, but with an emphasis on user-generated content that’s augmented by AI and machine learning technologies. It’s still early days, but this future has been imagined by sci-fi writers for decades—we’re finally getting close to seeing what they were talking about come to life.

The metaverse has been talked about for decades, but now it is finally happening. This is a good thing: the world is becoming increasingly decentralized and open-source, and we should embrace that shift by embracing an open-source metaverse. Open source enables greater diversity of ideas, creativity, and innovation because anyone can contribute to it. It also allows interoperability between systems while avoiding vendor lock-in (where you are stuck with whatever your service provider offers).

For example, if someone comes up with a great idea for a new virtual reality game or social network inside the metaverse then others won’t have to wait for permission from some centralized authority before being able to adopt this new technology into their own systems within the metaverse—they can just take it from them directly as long as they give credit where credit is due!

What it could look like in the future

The metaverse as we want it has a decentralized identity layer, but the challenge is that it is still too centralized in terms of the application layer. In order for VR to become truly open-source, there needs to be interoperability between different applications. The way this can be achieved is by creating an open source standard that all developers must comply to when building their applications. This will ensure that your data won’t be trapped within certain platforms.

Read More »

Progress powered through adversity

Ulv Bjørnsson1 Comment

With technological advancements continuing to develop at an unprecedented pace, deciphering and analysing the digital landscape to determine when, if and how these emerging technologies will impact businesses is increasingly difficult.

While the natural evolution of the market used to be a reliable indicator of progress, the solutions to the challenges of Covid-19 and the continuing pressure of a global supply chain crisis, mounting inflation, environmental concerns and new net-zero regulations have both accelerated and destabilised the global tech community.

Read More »

Security baseline for Windows 10 v1703 now out!

Ulv BjørnssonLeave a comment

Microsoft just published the security baseline for Windows 10 “Creators Update” v1703!

Now you might ask, why should I use a security baseline? First off – it’s for OS hardening, and it saves you a lot of manual work by having ready made settings setup and gives you the importable GPOs, as well as a multitude of custom ADMX files with them visually laid out for you in a spreadsheet.

This allows you to tweak your settings to what best suits your environment.

It’s an incredibly helpful tool for image building, particularly for those of us in verticals that require constant vigilance.

Now if you are new to OS hardening and security baselines, you really should check out Microsoft’s Security Compliance Toolkit!

You can get the Security baseline for Windows 10 “Creators Update (v1703) from here.

Connect to Microsoft Azure with Powershell

Ulv Bjørnsson1 Comment

In this article I’ll walk you through the steps needed to connecting to your Microsoft Azure environment, as well as giving you a glimpse of how you can manage it by starting up a IaaS virtual machine.

There is endless potential, to what you can manage and automate of Azure resources with PowerShell, but from here to there, first step is connecting it!

autoallthings.png

Installing Azure PowerShell Module

First off we are going to install the Azure PowerShell module

WebPlatformInstaller_2017-07-03_13-05-42
The installer takes a few minutes, once installed we will connect to your Azure subscription.

Read More »

Microsoft Azure: Azure PowerShell – ForbiddenError: The server failed to authenticate the request.

Ulv Bjørnsson1 Comment

Hey, so if you are getting this error I’ll walk you through the easiest ways to remedy it.

powershell_2017-07-03_13-53-48.png

PS C:\> Get-AzureVM
Get-AzureVM : ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and i
s associated with this subscription.
At line:1 char:1
+ Get-AzureVM
+ ~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Get-AzureVM], ComputeCloudException
+ FullyQualifiedErrorId : Microsoft.WindowsAzure.Commands.ServiceManagement.IaaS.GetAzureVMCommand

or

Set-AzureSubscription : ForbiddenError: The server failed to authenticate the request. Verify that the certificate is valid and is associated with this subscription.

The solution often is easier then you’d think, just like how browsers have their cache so does your Microsoft Azure PowerShell so you’ll want to input this:

Clear-AzureProfile

powershell_2017-07-03_13-58-31.png

This will clear your current Azure profile.

You should also consider deleting the content of this folder:

C:\Users\%USERNAME%\AppData\Roaming\Windows Azure Powershell

After which you can run

Add-AzureAccount / Login-AzureRMAccount

and then you can execute any Azure PowerShell commands that you’d like to run. For a more detailed walkthrough check my article on connecting and managing Microsoft Azure via PowerShell.

 

PS: If you are still getting errors, you should check whether the mode you are running in is incorrect you can input 

Switch-AzureMode AzureResourceManager

Important to note that “Switch-AzureMode” is deprecated and will be removed in a future release. However doing so seemed to import the certificate and removed the “ServiceManagement” modules that were loaded with this install and installed the correct certificate.

So now to see if it’s working we can run Get-AzureVM or Get-AzureRMvm

which outputs:

powershell_2017-07-03_15-20-32.png

 

chrome_2017-07-03_15-22-47

As always, you can follow me on Twitter at @UlvBjornsson or follow me on here, if you have tips for articles you’d like to read or topics you want to hear more about, hit me up.

Ulv

Watch out bad guys, here comes Windows Defender ATP

Ulv BjørnssonLeave a comment

Busy days, we had WannaCry remind us about the importance of patch compliance and mitigation (add political pun about encryption and weapons) and we saw IT and business rally to mitigate, patch and get their heads over water.

NotPetya spread over the same attack vector and utilized PsExec with the SMBv1 vulnerability but had a much more complicated payload, which turned out to not be ransomware, but a wiper prompting for a ransom, allowing no way to decrypt essentially rendering the data lost.

chrome_2017-06-30_15-40-58.png

So with that in mind I decided to write a post about the upcoming Windows 10 Fall Creators Update, touching on Windows Defender ATP and security in general, and my thoughts surrounding it..

chrome_2017-06-30_15-44-39.png

First off, it integrates Windows Defender Advanced Threat Protection (ATP) into Windows 10 essentially unifying the Windows threat protection stack.

To sum it up, it’s built in and not added on. 

Security is complicated, it involves layer upon layer, there is exterior security, interior security, network, information, os hardening, user training and so on.

One of the best things with ATP?

It integrates with cloud intelligence and the rest of your security, giving you a single pane of glass for administration.

windows-defender-atp-new-dashboard
Windows Defender ATP dashboard view

Now what is the ATP? It covers a range of features such as:

Windows Defender Exploit Guard

Windows Defender Explot Guard (WDEG) uses information from the Microsoft Intelligent Security Graph (ISG) and provides a heavy set of intrusion rules and policies to assist and prrevent advanced threats, as well as zero day exploits.

windows-defender-atp-exploit-guard
Machine timeline from Exploit Guard

 

Windows Defender Application Guard

A real winner here I believe, we’ll see how it turns out when it goes live for everyone, but I like the idea of Windows Defender Application Guard (WDAG) because even if the OS stack, network stack is secure, does not necessarily mean your third-party applications for example your browser is. Example and point: when Tim in accounting accidentally downloads malicious malware or Rambo in security triggers a zero-day worm whilst researching in the wrong container, WDAG will isolate and contain the threat. Keeping your device, apps and data secure. At least in theory.

Windows Defender Device Guard

Also integrated into ATP, Device Guard allows whitelisting of applications on a per-device basis and if anything it gives the Security Operations Center better insight, and automated application control as well as implementation of DDG into ATP gives organizations an easy implementation.
so-what.jpgWell improved detection, response capabilities and a growing detection dictionary that includes more indicators of attacks (IoA) with a large suite being gathered into one product in the Windows threat protection stack will allow you to remedy, as well as spot weaknesses far faster then before, and reduces the overhead required and the custom implementations required to make all the systems “talk“.

 

Updated-Figure-3.jpg

So what is my take from this? I thoroughly believe that the creator of a product (Microsoft) is most likely the best to create a security solution best suited for their product (Windows and surrounding services).

windows-defender-atp-security-analytics.png

To sum it up ATP integrated with Windows 10, and Cloud Intelligence (Office 365, Microsoft Azure) will be a huge step in the right direction, and be a valuable asset to any Service Operations Center or IT operation team.

download (1).png

As always if you have any suggestions about topics, articles, how-to’s and what not hit me up here or on twitter at @UlvBjornsson

Powershell: Move objects from OU to target OU

Ulv BjørnssonLeave a comment

Simple way to move computers from one OU to a target OU using –LDAPFilter which allows you to modify it. Current form is objectClass meaning it’ll move anything that is designated an objectclass from OU to target OU, you can change this to be (name=PC*) with * being a wildcard moving any object starting with PC from OU to target OU.

<#
.SYNOPSIS  

Sets Moves AD object based on -LDAPFilter from OU to target OU.

.DESCRIPTION  Script will search through Active Directory OU and move all objects matching -LDAPfilter to target OU.

.PARAMETER $OU    Enter full name of OU you wish to limit search to

.NOTES  
Version:        1.0  
Author:         ulbjo  
Creation Date:  07/06/17  
Purpose/Change: Initial script development  
.EXAMPLE (name=PC*) will filter search and move only PC starting with PC* to target OU.

#>
$computerstomove = Get-ADComputer -LDAPFilter "(objectClass=*)" -SearchBase "CN=Computers,DC=Customer,DC=ulvbjornsson,DC=com"foreach ($computertomove in $computerstomove) { Move-ADObject $computertomove -TargetPath "OU=Computers,OU=Production,DC=Customer,DC=ulvbjornsson,DC=com"
}

#(name=PC*)

 

As always hit me up, I got a lot of articles in the pipeline so stay tuned.

You can find me here, or interact with me over twitter @UlvBjornsson

Creating a Windows Master Control Panel shortcut .{ED7BA470-8E54-465E-825C-99712043E01C}

Ulv BjørnssonLeave a comment

The Windows Master Control Panel, also known as Windows God Mode, or the All Tasks folder is a shortcut to access a variety of control settings found in any operating system later then Windows Vista.

It is one of those stories that hits the blogosphere and spins; however the background for the registry key “ED7BA470-8E54-465E-825C-99712043E01C”  was actually just an “All Tasks“-page created by Windows developers to make it easier to find what was needed.

So if you use the search box in the “Control Panel“-window, see illustration below. It will leverage the key “ED7BA470-8E54-465E-825C-99712043E01C“.

2017-05-12_16-09-47.png

The key that it looks up you can find it under:
HKEY_CLASSES_ROOT\CLSID\{ED7BA470-8E54-465E-825C-99712043E01C}

2017-05-12_16-15-03.png

So now let’s create and give you a shortcut to the blogosphere’s godmode, or the Windows developers “All Task”-folder.

Read More »

Allow Domain User To Update Department Field in Active Directory

Ulv BjørnssonLeave a comment

In this article we’ll go through the steps to allow a domain user that is a member of a security group, to update the Department field in Active Directory

So open up Active Directory Users and Computers and create a Security Group that we will delegate control to, for this example we have created a group called “RL_Update_AD_Users_Department_Field”

pep

Now we have to also choose the container that this group can edit Users in to for this example we have a “Users”-container in our “domain“.

RoyalTS_2017-05-08_13-58-06

This opens up the Delegation of Control Wizard. Hit Next.

2017-05-08_14-11-21

Read More »