Tags: Security

Local Administrator Password Solution (LAPS)

Feb 24, 2016 - Active Directory - 0 Comments - Standard

I had done a project to implement a local admin account password management system a few years ago, and just today stumbled across “Local Administrator Password Solution” aka LAPS – a free, officially supported Microsoft solution for managing local admin passwords within Active Directory.  You can download it from Microsoft here.  And here is a […]

Windows 10 Device Limit Reached

Jul 30, 2015 - Windows 10 - 0 Comments - Standard

Yesterday I updated my Dell Venue 8 Pro with a clean install of the official Windows 10 release.  Shortly after, I got emails and about a billion system popups notifying me that I’ve reached my device limit, like so: What?  I have three Windows 10 devices.  My Lumia 1520 and home computer have been running […]

Local Administrator Password Management Solution

Jul 16, 2014 - Active Directory - 0 Comments - Standard

I had a client that was dinged on a penetration test by having one communal password for the local administrator account on all machines.  This is convenient for help desk, but is obviously very insecure.  In the case of this client, the local admin password was commonly known, so they ran some sort of linuxsuperhacker […]

The Curse of the Infineon TPM Driver and BitLocker

Jun 25, 2014 - BitLocker, MBAM, Scripting - 0 Comments - Standard

During a recent BitLocker and MBAM implementation, I came across a curious issue: a sizeable percentage of the client’s computers used an Infineon driver for the TPM.  This doesn’t outwardly seem to be a concern, but BitLocker requires the built-in Windows TPM driver. In researching the issue, I found another blog that gave me the […]

My Spiceworks Article about BitLocker

Jun 05, 2014 - BitLocker, MBAM - 0 Comments - Standard

This is a brief overview-ish article I wrote after I’d completed a few BitLocker and MBAM projects.  It was published as part of the Spiceworks’ Spotlight on IT series.  Even in just the few months since then, I’ve tackled more complex MBAM deployments than I’d imagined at the time that I wrote it.  At some point I’d […]