Previously, MVP Nicolas Blank wrote an interesting article "Having an Identity Crisis" and it talked about all kinds of attacks on your environment. One such attack is on user email. Users tend to choose a password that is easy for them to remember and this makes the password weak and easy to guess by others. Even with some social engineering, user passwords are easy to retrieve, as can be seen on this YouTube clip What is your password?
Azure & Active Directory Center
ENow Software's Azure & Active Directory blog built by Microsoft MVPs for IT/Sys Admins.
Powershell functions can be created as advanced functions. These functions behave very similarly to built-in Powershell cmdlets. Because I can't do without the ability to add a -Verbose or -Debug parameter to my functions now nowadays, these are the only kind of functions I build. Advanced functions, just like "dumb" functions, have parameters. The parameters are the values that are passed into the function from your script.
Now that you've got an understanding of Powershell's advanced functions and the ValidateSet() parameter validation method in the first part of this blog, “Validating Powershell Advanced Function Parameters” you can begin Part #2 of this small post series. Part 2 of this series goes deeper by demonstrating how to dynamically create your sets for ValidateSet() so they aren't hardcoded in. This is essential when dealing with values that may constantly change or even if you just want to practice writing good scripting and have no static references.
So now that I've dazzled you with the magic tab-completion of parameter attributes with ValidateSet() in my last post let's take it one step farther. In that simple instance, I only had 2 values to filter on; True and False. Simply typing them out is easy enough but what if the values you'd like to use aren't so cut and dry? Let me give you another real-world example I just finished today.
I had a need to create a function around the Set-Acl cmdlet. I needed the ability to easily change permissions on files and folders. I found a great example but I needed to set permissions on a ton of files/folders. Also, I really didn't want to have to remember the entire the 4 lines it took to get this done so I decided to create an advanced function to help me out. In my new function I just wanted to type Set-MyFileSystemAcl and add a few parameters like the username and what kind of access I'd like that username to have.
As more and more organizations move to Office 365 the challenge shifts from “How do we get into Office 365?” to “How do we manage our data within Office 365?” Keeping your organization’s data secure inside the service is a major concern for many organizations, as well as for Microsoft itself.
Modern authentication has been around for a while now, and it’s great. It brought support for the latest and greatest in authentication and authorization protocols and made new scenarios available. It gave us simple, unified experience across devices and platforms and improvements to the Alternate Login ID feature. On top of all that, it enabled proper support for two-factor authentication for all clients and put an end to the Office 2013 RTM fiasco (bye-bye rich clients, rest in peace app passwords!).
In the previous two parts of this series I took you through building a Windows 2012 server on Hyper-V Server and then in the second part took you through the process of installing Active Directory Domain Services.
In this part of the series I would like to take you through the process of installing and configuring Microsoft Active Directory Certificate Services on your domain controller. By then end of this article; our test lab will be one fourth complete – and looks like the following schematic:
In the previous part of this series (Part 1) I took you through to the point where you now have a basic Hyper-V guest which can be used as the domain controller for your Exchange 2013 Test Lab. In this part I would like to take you through how you can install Active Directory on that guest machine.
Now it is important to note that the process of installing AD on Windows Server 2012 is very different to previous versions of Windows. In versions of Windows from 2000 through to 2008R2 it was as simple as dropping to a command line and typing “DCPROMO” – but in Windows 2012 DCPROMO has been depreciated. You can type it in – but you will be told to use the Server Manager to perform an install of Active Directory Domain Services.
You can use the Server Manager to install Active Directory (but where is the fun in that?) – so, you guessed it – you can also use PowerShell.
So for the purposes of this article in the series I decided to write an Powershell automation script for the installation of Active Directory on the domain controller in our LAB.
Want to learn more about Active Directory?
Active Directory Administration Cookbook, 2nd Edition
In this book, Microsoft MVP & Technical Editor of ENow's Azure & Active Directory Center, Sander Berkouwer will share the intricacies of managing Azure AD, Azure AD Connect as well as Active Directory for administration in the cloud and on Windows Server 2022.