This week the annual Dutch Experts Live meeting was there again in Den Bosch, I was there together with some of my colleagues from NEXXT, and this is my impression of the event 🙂
Security
Intune Proactive Remediation for “Microsoft Windows Unquoted Service Path” / CVE-2013-1609, CVE-2014-0759, CVE-2014-5455
Microsoft Defender has security recommendations for the "Fix unquoted service path for Windows services.” (CVE-2013-1609, CVE-2014-0759, CVE-2014-5455) These might be reported for things like Dell services, and you can fix them manually by editing the Registry on the affected device. But... There is an easier way 🙂 This blog post will show you how to create a Proactive Remediation in Intune for it.
Configuring NTFS permissions using PowerShell
Configuring NTFS permissions is something that you can do using your Windows Explorer, Server Manager, or by using command-line tools like subinacl.exe or icacls.exe. In this blog post, I will show you how to set NTFS permissions in two different ways using PowerShell 🙂
Custom Compliance PowerShell script for detecting additional local Administrators
One of our customers wanted to be sure that there were no additional accounts in the local Administrators group on their Intune devices, and... That's where Custom Compliance policies come in 🙂 In this blog post, I will show you how to automatically check the Administrators group and mark the device as non-compliant if needed.
Import Exchange Relay Connector IP-Addresses to IIS SMTP instance
For one of our customers, who's moving away from their On-Premise Exchange 2016 server, I needed to move all the relay connectors (Used by legacy applications, appliances, and hardware) to an IIS SMTP instance. Pretty straightforward, but typing the long list of addresses myself... No 🙂 In this blog post, I will show you how to easily migrate the IP-Addresses from a Receive Connector into an IIS SMTP instance.
Retrieve all local group members of Active Directory member servers
For one of our customers, we needed a report on all local groups, and their members on all Active Directory joined servers. You can connect all servers one by one with Computer Management and check... But, luckily, PowerShell is there for you 🙂 In this blog post, I will show you an easy way to get a report on the memberships, and yes... I used the ImportExcel module, too (Needed for the Export-Excel cmdlet) 😀
Test if Microsoft services TCP ports are accessible
In a previous blog post, I showed how to retrieve all the Microsoft Services FQDNs, ports, and IP-Addresses. Nice to know those in secure environments where not everything is allowed to go onto the internet, but how can you test if they are accessible? This blog post will show how to test most of these services using PowerShell.
Using PowerShell scripts in Endpoint Manager Compliance Policies
I wrote a blog post about where you could use PowerShell scripts in Endpoint Manager here, but I didn't mention the possibility of using it in Compliance Policies. In this blog post, I will 🙂
Create a report on local DNS lookups using PowerShell
When troubleshooting a system, you sometimes need to know what DNS lookups are being done. This will give you a good insight into traffic from the systems to the local network or internet. You can do this with DNS auditing on your Windows server or in your local Pihole server, but that's not always available 😉 This blog post will show you an easy way to create a report without extra tools.
Report on Active Directory Container permissions using PowerShell
In a previous blog post (Link), I showed a way to create a report on OU (Organizational Unit) permissions. One of the replies I got about that was: How about the Container permissions? Those are important too 🙂 And that's correct, they are! In this blog post, I will show you how to create a report on those (The script is based on the OU report)