Windows 10 – Disable / Remove OneDrive
Jul17

Windows 10 – Disable / Remove OneDrive

KB ID 0001328 Dtd 17/07/17 Problem Microsoft have done a good job of embedding OneDrive into Windows 10. While Ive got nothing against OneDrive, for some admins the thought of users storing data out of their networks is quite worrying. So how do you ‘un-couple’ OneDrive from Windows 10? Solutions Option 1: Remove OneDrive ‘Quick and Dirty’ Open ‘Regedit’ and navigate to; HKEY_CLASSES_ROOT > CLSID...

Read More
Cisco FirePOWER Management Center Appliance – Allowing Domain Authentication
Jun28

Cisco FirePOWER Management Center Appliance – Allowing Domain Authentication

KB ID 0001117 Dtd¬†28/06/17 Problem Once deployed, authentication is handled by the appliances own internal user database, in larger organisations this is a little impractical. So the ability to create an Active Directory Group, and delegate access to Firesight to members of that group is a little more versatile. Solution I’m making the assumption that the appliance does not already have external authentication setup at all, so...

Read More
Microsoft PKI Planning and Deploying Certificate Services Part 3
May15

Microsoft PKI Planning and Deploying Certificate Services Part 3

KB ID 0001312 Dtd 15/05/17 Problem Following on from Part Two, now we have an offline Root CA, and a CRL server, our next step is defined by our PKI design, are we three tier, or two tier? (Look in Part One for a definition). Solution As previously mentioned, Microsoft just treats Intermediate CAs and Issuing CA’s as the same thing (SubCAs). So the next step is identical for either. But I would suggest one difference, If I was...

Read More
Microsoft PKI Planning and Deploying Certificate Services Part 2
May14

Microsoft PKI Planning and Deploying Certificate Services Part 2

KB ID 0001310 Dtd 14/05/17 Problem In Part One we deployed our offline Root CA Server, now we are going to deploy a ‘Certificate Revocation Location’ server. Solution Before you start: Create a DNS record for ‘pki‘ that points to the IP address, that you will have the CRL web server hosted on. I’m installing my CRL server on a separate web server because thats good practice. Starting with a domain joined...

Read More
ADMT (Active Directory Migration Tool) Domain Migration ‚Äď Part 4
May13

ADMT (Active Directory Migration Tool) Domain Migration ‚Äď Part 4

KB ID 0001308 Dtd 17/04/17 Problem On the homeward stretch now, back in Part Three, we migrated service accounts, groups, and users. Now we turn our attention to our machines. Note ADMT 3.2 Only support the migration of Operating Systems up to Windows 7, (that doesn’t mean Windows 8 and Windows 10 wont work, it just means they are not supported). Migrating Windows 8 and 10 throws a lot of security translation errors, because of...

Read More
Microsoft PKI Planning and Deploying Certificate Services
May13

Microsoft PKI Planning and Deploying Certificate Services

KB ID 0001309¬†Dtd¬†14/05/17 Problem “I don’t know what it is about Certificates, I just¬†don’t like them, I don’t understand them, and I don’t like working with them” I hear this a lot, In fact I heard it this week, and as I’m usually the ‘go-to-guy’ for certificates and PKI, it winds me up! IT pros take the time to learn concepts like DNS, DHCP, Kerberos etc. But mention Certificate...

Read More