Browsing: Enterprise Security

Enterprise Security

IntroductionWith the 1702 release of Configuration Manager, Microsoft released (pre-release) the Data Warehouse service point that can be used to report on long-term historical data. And with the 1706 release, this feature is no longer a pre-release feature.Setting up the Data Warehouse feature is pretty much straight forward, but depending on your environment you might see some challenges.Prerequisites and Installation guide can be found here: https://docs.microsoft.com/en-us/sccm/core/servers/manage/data-warehouseThe Remote SQL challengesLast week I was asked to setup a new Data Warehouse server for one of my customers. The Data Warehouse Database should be hosted on a new dedicated SQL Server 2016.Setup:SERVER1 (Primary…

Today I was working with a customer that wanted upgrade MBAM from 2.0 to 2.5 SP1. It was a simple stand-alone configuration with a two server setup. Deployed exactly like this example: https://support.microsoft.com/en-us/kb/3046555. Great guide. The upgrade process is (normally) pretty straight forward. Basically, you need to back up the database, uninstall the old version of MBAM, Install the new version of MBAM and then run the configuration wizard. But in this scenario the IIS service didn’t survive the upgrade, so the helpdesk and the self-service portal wasn’t working. So while we’re trying to fix this problem, helpdesk calls for…

If you run System Center 2012 Configuration Manager and wants to use the Report Builder from a remote console, you might see the following error message: Unable to connect to data source The certificate chain was issued by an authority that is not trusted ——————————– A connection was successfully established with the server, but then an error occurred during the login process. (provider: SSL Provider: 0 – The certificate chain was issued by an authority that is not trusted.) To fix this little issue you need to do the following: Export the required certificate: On the Site Server (or the…

A few weeks ago I was working with a customer on a global SCCM Project where the use of Pull Distribution Points would be a huge benefit to reduce WAN traffic between some of the major sites. So we ordered a few new (virtual) servers and installed the Distribution Point Role. Everything looked ok, so we moved on and enabled the Pull Distribution Point option, but we couldn’t specify any source for the Pull Distribution Point. I went back to my lab, where I tried to reproduce this behaivor, but in my lab everything worked just fine. But my lab…

Today I was presenting at Microsoft IT Camp, and an question about why BitLocker should always be implemented came up. So I showed this simple demo on how Windows (and other operating systems) can be hacked, if the disk is left unencrypted. The demo was showed on the latest version of Windows 8.1 Update with all updates installed. Some of the students asked for en guide, so they could show the demo where they work, so here it is… Login using a standard user account Show that the Local Administrator Account is disabled Restart the computer, and boot from a…