Windows allows a large amount of security settings to be configured, either through Group Policy, or Local Security Policy: With improved focus on cyber security in the entier ICT industry there may be a requirement to tighten these settings. This can be tricky. It's one thing to implement a high security scheme when you start … Continue reading Configuration options for the Local Security Authority
Software
Alternate computernames
One of the neat little things that ahs been around for a while is that computers in a Windows network can have multiple names. This is especially convenient when dealing with lifecycle management, where clients may be configured to use fixed names. Even if you could change that manually at the client level, that could … Continue reading Alternate computernames
Redirecting the default Users and Computers containers
I mentioned earlier that I prefer to not define policies at the domain root level unless they need to apply to everything in the domain, which means applying them at OU level. The problem is that by default, newly created users or computers are not in an OU but in the default users or computers … Continue reading Redirecting the default Users and Computers containers
Remote query of priviliges for local principals
As part of investigations, you may need to query which privilege is held by a local principal, such as a local user or group. There is of course 'whoami' which tells you everything you need to know when logged in on a given system. And there is the ProcessExplorer utility which is incredibly powerful, and … Continue reading Remote query of priviliges for local principals
Cannot connect to SQL Server
In dealing with a hardened SQL Server, connecting may be problematic. The general idea in hardening any piece of software is basically to decrease its outside surface as much as possible while still allowing the minimum required surface. And if you are trying to interface with a SQL Server that the vendor didn't intend for … Continue reading Cannot connect to SQL Server
Local Security Policy not showing up in GPRESULT
I was double checking some security settings on one of our systems. I could trace back everything to group membership and Group Policy, except for one thing. There was a 'SeImpersonatePrivilege' in a user token (verified via ProcessExplorer) yet it was nowhere to be found. Normally this is the sort of thing you'd find via … Continue reading Local Security Policy not showing up in GPRESULT
Setting up local administrators
As I am building a small virtual network of machines for development purposes, I figured I might as well try to do things the right way instead of just running everything as Domain Administrator for the sake of convenience 🙂 Given that my main platform focus is Windows 10 / Server 2016 currently, I want … Continue reading Setting up local administrators
Back in the saddle
Quite a while I used to be a software developer, doing lots of interesting systems programming projects for companies like IMEC, JDS-Uniphase, Alactel Space, ... mainly in the C++ language. I focused on kernel level programming, real-time software, inter process communication, things like that. I switched to an admin job to be close to home … Continue reading Back in the saddle
