If you have installed a new domain controller in an environment that uses AD to store BitLocker Recovery keys, you’ll notice that by default the Recovery Key tab is not present.
In this article I’ll show you how to add it.
Category Archives: Security
Office 365 / Exchange: Stop Display Name Spoofing
Display Name Spoofing / Impersonation is a simple but effective way hackers will try and obtain information, divert funds, and defraud you and your staff.
The hackers will look for executives within your company and then create valid email addresses with their display names on common mailing platforms, and then send requests through requesting funds transferred, bank details etc.
In a busy workplace with only a glance at the display name it would be easy to action these requests without further thought.
The problem is this type of spoofing uses valid email addresses from valid domains, but with the same display name as executives, so mechanisms like SPF, DKIM and DMARC won’t pick them up.
However, by implementing a simple mail-flow rule, you can easily add a warning to this type of message which should prompt the end use to proceed with caution.
Here’s how to set it up.
Office 365: How to enable SharePoint Auditing
In this post we’ll look at how to enable SharePoint auditing. Recently I’ve been investigating some mysterious folder moves which the end users couldn’t explain, but folders were disappearing and reappearing elsewhere.
My first thought was that they have been dragged and dropped by mistake with a touchpad, it’s so easy to do if you aren’t careful.
My second thought was to check the SharePoint audit logs. Read on to learn how to enable SharePoint Auditing and view the available reports.
By default SharePoint Auditing isn’t enabled in Office 365.
How to fix “Your Active Directory Domain Services schema isn’t configured to run BitLocker Drive Encryption.”
BitLocker Drive Encryption is the technology in Windows 10 which can encrypt your hard disk drive and keep your data safe. It will usually require you to enter a pin/usb key/certificate to allow access to the encrypted hard disk drive.
Your Windows administrators are able to manage many of the settings in Active Directory, which helps in getting consistent settings across all end user computers. If you try and turn on BitLocker and you get the following error read on how to fix it.
“Your Active Directory Domain Services schema isn’t configured to run BitLocker Drive Encryption. Contact your system administrator.”
Continue reading
Vendors’ response to Meltdown and Spectre Vulnerabilities
The Meltdown and Spectre are two new vulnerabilities in Intel, AMD and ARM processors which will effect everyone.
There is a very good technical article that the Sophos team have put together explaining in detail the issue, you can read it here, as well as many other websites which are covering the story so I won’t go into much detail, just type Meltdown/Spectre into your favourite search engine.
Instead below is a list of the major vendors which we and customers use and links to any articles they have regarding Meltdown and Spectre and their products.
Keep checking back as I will update this as more details from vendors become available.
If you know of any other Vendor statements regarding the Meltdown/Spectre bugs please add a comment below, and I will incorporate it into the post. Continue reading
Top 10 Blog posts of 2017
Happy New Year!
In 2017 the OxfordSBSGuy.com blog has gone from strength to strength, with 26 posts and 863,000 views. In 2017 I implemented SSL and been working on some tweaks here and there to improve performance. This year I’m considering a redesign and new hosting is in the pipeline to improve performance further. Thank you for your support.
Below are the top ten articles in 2017
- PowerShell: Get-ADComputer to retrieve computer last logon date – part 1 (103,582 views)
- PowerShell: Get-ADUser to retrieve password last set and expiry information (83,394 views)
- Exchange PowerShell: How to list all SMTP email addresses in Exchange (63,442 views)
- How to convert a Hyper-V VHDX to VMDK for VMware Workstation (31,337 views)
- PowerShell: Get-ADUser to retrieve login scripts and home directories – Part 1 (31,017 views)
- How to install Exchange 2010 (SP3) on Windows Server 2012 (43,232 views)
- Server 2012: “Your current security settings do not allow this file to be downloaded” (29,374 views)
- Exchange PowerShell: How to enumerate Distribution Lists, managers and members (24,264 views)
- Dell PERC: How to clear the foreign configuration on a HDD using the Raid Configuration Utility (21,799 views)
- How to resolve VMware Workstation “The network bridge on device ‘VMnet0’ is not running” (21,737 views)
Looking forward to 2018, the industry recently has been focusing on security so I’ll be brushing up on some Security Skills with Sophos and WatchGuard, and with more and more clients moving to Office 365, I intend to write a few more PowerShell scripting to help manage end users and computers in the cloud.
I hope you have a great year!
Carl
www.OxfordSBSGuy.com
WatchGuard Fireware v12.1 released
WatchGuard have released Fireware 12.1 on 18 December 2017. This replaces the previous version of 12.0.2.
Full release notes can be found here. Please read them before upgrading! Your Firebox must be running, XTM v11.7.5, v11.8.4 or v11.9 or higher before upgrading.
Fireware v12.x is not supported on Firebox X 5 Series devices, models 505, 510, 520 or 530.