Get-MgDirectoryOnPremiseSynchronization : Insufficient privileges to complete the operation as the Global Administrator?
What are the additional required permissions on top of the Global Administrator to execute the below read only command? Connect-MgGraph -Scopes OnPremDirectorySynchronization.ReadWrite.All Get-MgDirectoryOnPremiseSynchronization The error I am…
Need some help to target the Group Policy to enable the NTLM audit?
I must audit any computers still using NTLM v1 in my AD Domain. Do I need to enable these group policies for all Windows servers and workstations in my AD Domain or just the Domain Controllers? Computer Configuration\Windows Settings\Security…
Procedure for enabling and configuring the LDAPs feature for the existing Domain Controllers globally.
I need to globally configure the LDAPS feature in over 20 on-premises Domain Controllers/Global Catalogs to support new security software integration. My existing AD Domain controllers are Windows Server 2016 with Windows Server 2016 FFL/DFL. What steps…
Effective Mail Security applications for Exchange 2019 on-prem
I currently use Symantec Mail Security for Microsoft Exchange on our on-prem Exchange 2019 environment but am looking for a new product. The environment is not connected to the Internet, but on a large stand alone network and I initially wondered if…
what are Microsoft security recommendation for Microsoft Entra
hello, We are setting up a Microsoft Enterprise tenant; what basic recommendations can we make to make it more secure? Like we know, we like to implement MFA,CA ,PIM ,Audit log anything apart for this specially from IAM side security. Thanks Richa
Credential Validation Audit Failure -Event ID 4776 - MICROSOFT_AUTHENTICATION_PACKAGE_V1_0 - Error Code: 0xc000006a/0xC0000234
Hello all, thanks for reading and attempting to help, I have been having an ongoing issue for the past month or so with having my account get locked multiple times throughout the day due to error listed in the title. Every time it happens I go check…
Delegate Control Wizard reports
Does the Delegate Control Wizard in AD allow an auditor to view which permissions have already been 'delegated' within AD/a domain? Or is it purely for delegating new permissions? If it does not, how exactly could you determine where such permissions…
Certificate is not valid - Issuer: MS-Organization-Access
Hi, On several Servers, I have certificates where the certificates are listed as: Issued to: 0882ac7e-3ff6-4231-a45b-5a654aa4303f Issued by: MS-Organization-Access SCOM reports these as "Certificate is invalid". Chain Details: ---…
How to implement tiering model in Microsoft Entra
Hello, Microsoft recommends the tiering model for AD that we implemented. is there any tiering model concept that Microsoft recommends for designing Microsoft Entra so we can implement it in new tenant . incase no tiering model recommended the…
SSO to get into Outlook account
I cannot seem to figure out how to do this, or if it's even possible. I am the admin of our Azure. I am trying to set up an SSO into our Outlook accounts. As in, when someone signs into Outlook, they are taken to another screen to authenticate them. I'm…
How to disable MFA for a single user
How can I disable MFA for a single user in Azure
How to handle a SEC_I_RENEGOTIATE received in TLS 1.3 Negotiation
I have a client application that uses SCHANNEL to negotiate TLS 1.1 and TLS 1.2 which has worked for years. I recently changed to use SCH_CREDENTIALS and it still works for TLS 1.2 (and I presume TLS 1.1) on Windows 10. When run on Windows 11, it…
What is the best security method to secure our data and credentials?
What should be the best security programs or techniques to save my data from cyberattacking and cyber bullying?
TLS 1.3 using SChannel - DecryptMessage Failed with CONTEXT EXPIRED
Team, Do we have example client/server programs in C/C++ for implementing TLS 1.3 using SChannel? DecryptMessage() function first initial call return SEC_I_RENEGOTIATE and when we reinitiate the connection it get expire and connection close. If you…
Auditing NTLMv1
Hi, I have enabled NTLM auditing to discover any use of NTLMv1. As I understand I can look for events under Applications and Services Log\Microsoft\Windows\NTLM I do see the following events but not sure if there is NTLMv1 traffic blocked here. From the…
Fix Root AD CA certificate on Win Server 2022 for Apache Tomcat 9 website not loading?
We setup a Windows Active Directory Certificate Authority on our Windows Server 2022 and issued a certificate for an Apache Tomcat 9 server website. When a user accesses the website, logging in with a valid AD logon, the website will show the website…
How do I stop the twice hourly automatic attempts to fraudulently sign into my webmail account
Twice hourly automatic attempts to fraudulently sign into my Hotmail account from random IP addresses across the world. How do you to stop these ? Sooner or later I assume the brute forcing will work. The amount of notifications is annoying as well
Windows CA WebEnrollement certificate problems
We are using a Windows Server 2012 R2 as Windows CA for our Windows 10 environment. Certificates are getting automatically enrolled through GPO which is great, unless you get Mac devices in your environment. To get them the required User and Machine…
Trojan:Win32/Wacatac.B!ml >> Microsoft Safety Scanner found several infected files during scan but end result shows nothing
Windows Defender has detected the Trojan:Win32/Wacatac.B!ml I started the scan with MS Safety Scanner, it took about 24 hours to complete the full scan. During the scan, I can see that it shows about 250 infected files. However, the result, shows that…
NPS condition syntax Client Friendly Name in 2012R2
Newbie here. Trying to find the right syntax for matching the Client Friendly Name attribute in NPS 2012R2 network policy. An example name is RA-CORP-IT-FP01 The conditions I'm trying to figure out matches the starting "RA-" and then…