Halloween is over but the the world is still a scary place. In a continuation of a thought from an article I wrote a few weeks back for Auditing AzureSQL Firewall Policies, I thought I would also include a short function for auditing azure storage accounts that are currently configured for “public” access. Why are […]

I periodically review Azure PaaS resource edge security. As a part of that process I examine and cleanup AzureSQL firewall rules. Once you have more than a handful of subscriptions and AzureSQL databases, doing this manually starts becoming unfeasible. To that end, Azure Powershell is your friend… As is typical, you need to install the […]

The current state of the world has caused some unique stresses on IT infrastructure. For IT departments servicing internal teams, remote access infrastructure in particular has felt the brunt of the blow. To that end, I spent a couple of weeks testing out enterprise VPN solutions.

I have been using Powershell to manage pieces of Azure on and off for about a year and half now. I had heard tell of Azure Automation but never really had a good reason to justify spending the time climbing that particular mountain (hill really…). Then the request came through… let’s scale AzureSQL databases up […]

A colleague of mine recently solved one of the biggest pain points I have dealt with regarding Office365 – that is, Microsoft’s seemingly hit-or-miss modern authentication. Symptoms look like this: 1. Outlook client can’t connect and/or authenticate for end-users 2. Turning on Azure MFA for an end-user ruins their life (and yours) because all office […]

FIRST – I am stealing code here and re-sharing (with very little modification). All credit goes the fine gentleman that wrote these two articles, I would urge you to read them: Bulk Add IP Access Restrictions to Azure App Service Using AZ Powershell Bulk Add Cloudflares IPs to Azure App Service Access Restrictions Using AZ […]

I have been taking a free networking class from Stanford University’s online “open source” education platform. I have really been enjoying the first unit of the course as it has started filling in some gaps in the foundation of my understanding regarding networking, the internet, and TCP/IP. I highly recommend this to anyone that has […]

Let’s Encrypt is an incredible, FREE, service that allows you to get trusted SSL certificates for your website. The certs expire every 90-days but what is great is that there are a lot of tools for auto-renewing the certificate without you ever having to touch anything on your server… until that process breaks. Case-in-point: If […]

I have decided to give Ubuntu 17.04 LTS Desktop a go. On a whim I installed it on a laptop I had lying about (being an IT person they tend to proliferate over a given period of time in my office… older units becoming doorstops, newer units lovely “Jenga” blocks and maybe the occasional Proxmox […]

One of most difficult things to find (imho) is information about API and Service URL’s for just about any and all applications. Microsoft is better than some (Dell, I am looking at you…) but it can still require some metaphorical google search back flips to get to the right information. That said… I wanted to […]

The Event Viewer is a very useful tool however, like any log management solution, the biggest hurdle can be filtering out the noise and returning only the meaningful log data that you care about. This is a follow-up on a previous article which can be viewed here: Finding Human Logins in the Windows Event Viewer […]

I have written articles on how to start using RealmD and SSSD for integrating ubuntu into a windows network. However, prior to that I wrote an article on using PBIS. RealmD and SSSD is, by far, the superior method IMHO and experience, so for all of those folks that want to switch, you probably want […]

For this tutorial I will be walking through how to use a tool called Realmd to connect an Ubuntu Server or Ubuntu Desktop system to a Windows Active Directory Domain. In the past I wrote an article talking about how to use Powerbroker Identity Services to do the same thing, but the scope of the […]

I have a limited number of IPv4 addresses available to me on my servers. So I am really frugal with how I assign them. Whenever possible, my preference is to use NAT off of the main Proxmox IP. However I struggled to get this setup while also using the built-in Proxmox firewall that comes in […]