VMware: Creating a Storage Encryption Policy
KB ID 0001471 Problem This is essentially part-two of deploying encrypted virtual machines, in a vSphere VMware (6.5 and above) environment. Back in part-one we deployed a KMS server and registered it with vCenter. Now we will create a storage policy that enforces encryption, then apply that policy to a virtual machine. Solution While logged into vCenter > Home > Policies and Profiles > VM Storage Policies > Create VM...
VMware vSphere Virtual Machine Encryption
KB ID 0001470 Problem Other that learn this for an exam I’ve never had to deploy this in anger. So when I heard we had a customer at work who wanted to take a look at it I was quite keen to take a look. To encrypt a VM you need to have an additional KMS (Key Management server) which VMware do not provide. They do provide a list, so theres no point me posting a list that will be out of date in a couple of weeks. Our client...
PowerShell: Bulk Enable / Disable Users
KB ID 0001469 Problem I needed to work out how to bulk disable some domain users from a .CSV file this week, so I thought I’d write it up. Disable Domain Users in Bulk from CSV Well firstly, you need to have your users in a CSV file. For the live job I just exported all the SamAccountNames to a CSV, but here for testing I just loaded a few in manually; Then execute the following two commands; Import-Module ActiveDirectory ...
Exchange and the LegacyExchangeDN Problem
KB ID 0001468 Problem Why do we have the Exchange LegacyDN? It’s a throwback, from a time when we had our users, and our mail users in different databases. Below you can see the ExchangeLegacyDN for this Exchange on-premises user; /O=First Organisation/OU=Exchange Administrative Group (FYDIBOHF23SPDLT)/cn=Recipients/cn={something-user-specific} Who cares? Well they are still important, if you send an internal email (to someone...
Forward Mail From Exchange (On-Prem) To Office 365
KB ID 0001467 Problem WARNING: Do not do this, if you are carrying out a Hybrid migration to Office 365! I’ve been doing an On-Prem to Office 365 migration recently. It was a little unusual because the ‘on-prem’ Exchange was not in the clients domain. So rather than migrate all the mail to their domain, and them migrate it to Office 365 we chose to use a third party migration solution ODME (Quest On Demand Migration...