Category Microsoft

Have you setup MS Office 365? Did you start with security in mind?

Have you reviewed your Security and privacy settings? Nothing is configured out of the box. When implementing o365, start treating the platform as if you were securing your On-Prem infrastructure.

Start with the basics:

• Password Policies
• Privacy Statements

Can you add additional security to users?

Have you enabled and enrolled users to use MFA? Is it Enfored MFA?

Has access been restricted?

https://docs.microsoft.com/en-us/sharepoint/control-access-based-on-network-location

Mobile Device Management, are you applying any controls to apps accessing OneDrive?

Has logging been enabled for the Office 365 Security and Compliance reports and stats

Your one stop shop for the Azure Administrator resource pool of tasks.

POWERSHELL
import-CSV "" | 
foreach 
{ 
$result = Test-Connection -ComputerName 
$_.Name -Count 1 -Quiet $_.name, $result -join ',' | out-file "c:\scripts\PingSweep\computer_results.txt" -Append 
}       


COMMAND /BATCH SCRIPT
Create list of computers to ping Comupters.txt 

Create batch file pingsweep.bat  

for /f %%s in (computer.txt) do (ping -n 1 %%s) open  cmd pingsweep.bat >> PINGSWEEPQUOTES.TXT 


Please test all scripts in a lab environment. We have no liability for any issues caused.


If you would prefer a more advanced script in PowerShell, check out this  example of a ping script in PowerShell written by Jamie Crookes "Ping utility function/module for PowerShell" can be found here http://www.powerscript.net/handy-ping-utility-function/

# Get COMPUTER objects of a specific group ( this example gets the properties “description” of each object ) 
# List in a table format Name and Computer Description Properties

Get-AdGroupMember GROUPNAME | ForEach-Object {        
           $Computer = ($_.Name)             
              foreach ($c in $Computer) { 
Get-ADComputer $c -Properties Description | ft name, description             
}          
}         

# Expected Output 
#Name            Descriptions 
#-----           ------------- 
#Computername    Computer Description  
#Computername    Computer Description  
#Computername    Computer Description   

Run on client machine to see the status of user profiles on a Windows10 machine

Type the following PowerShell command :

gwmi win32_userprofile | select localpath, roamingpath, status

# Out puts computer accounts including status Enabled True or False
# Targets a specific OU
# Lists computer names

# OU Variable to set
$OU_HotWiredUK_location = “OU=Computers,OU=HotWiredHQ,OU=UK,DC=test,DC=com”

# Out put CSV to c:\scripts\…
Get-ADComputer -Properties * -Filter * -SearchBase $OU_HotWiredUK_location | Select Enabled, Name, DistinguishedName | export-csv C:\Scripts\OU_HotWiredUK_location.csv

#List Members of a specific AD group – output Username and User Full Name

Get-ADGroupMember -Identity “AD GROUP NAME” | Select samAccountName, Name

Create a batch file to check a text file is in the location specified, else run a task.

#This batch file checks to see if a text file is in a location, if it does not, then launch notepad.exe

Create IfNot.bat
Add the following :

If NOT exist “C:\Temp\IsThisFileHere.txt”\ (

notepad.exe
)
exit

A requirement to identify the total file size of all files not used in the last 3 months.

This was the solution

#Run as administrator
#You need to have permission of the files or folders 

$date = (Get-Date).AddMonths(-3)

dir C:\temp -Recurse | ?{$_.lastwritetime -lt $date -and !$_.PsIsContainer} | Measure-Object -Property Length -Sum

# oneliner

dir C:\temp -Recurse -Force -ErrorAction SilentlyContinue | `

    ?{$_.lastwritetime -lt (Get-Date).AddMonths(-6)} | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue

# resulting data will be in bytes. To convert them to gigabytes, you may do this:

$files = dir C:\temp -Recurse -Force -ErrorAction SilentlyContinue | `

    ?{$_.lastwritetime -lt (Get-Date).AddMonths(-6)} | Measure-Object -Property Length -Sum -ErrorAction SilentlyContinue

($files.sum / 1gb).ToString(“F02”)

# F02 determines how much digits will appears after comma. In my case – 2 digits.

dir C:\temp -Recurse | ?{$_.psiscontainer} | %{

    Write-Host current folder is $_.fullname;

    dir $_.fullname | measure-object -property Length -sum -ErrorAction SilentlyContinue

} >c:\temp\file sizes

Credit to the  Original post script this is based on

Configuration was :

ESXi 6.7 – vSphere handling all the port groups tagged with VLANs

Firewall – CISCO ASA

Problem : New ESXi 6.7 hosts. A virtual machine if on the same host and vSwitch could communicate no problem. However if a virtual machince was communincating with another virtual machine on another host on a different, subnet they were unable to communicate between subnets and hosts. Both virtual machines could ping their local gateways. Firewall, CISCO ASA was just dropping all packets and showing the following error

Error on the Firewall when capturing ping traffic “No source port  on ping “Error (Type 8, Code 0), Denied ICMP type=8, code=0”

Solution

Sometimes its the simple tick box on the Firewall / ASA config

“Enable traffic between two or more interfaces which are configured with the same security levels”

All traffic started communicating and the virtual machines could talk between the subnets as per the rules on the Firewall.