How to add Linux Backup proxy servers at Veeam Backup for Microsoft 365 8.2
Linux Backup proxy servers are auxiliary servers that you can configure to improve performance, scalability, and flexibility.
In-Place Upgrade Veeam Backup Enterprise Manager from v12.3.2.4165 with Windows Server 2022 to v13.0.1.180 with Windows Server 2025
To execute an in-place upgrade of Veeam Backup Enterprise Manager on a server being upgraded to Windows Server 2025, Veeam Backup Enterprise Manager must first be upgraded to a compatible version.
How to Add Microsoft Windows Backup proxy servers at Veeam Backup for Microsoft 365 8.2
Veeam Backup for Microsoft 365 consists of Backup proxy servers, Backup Proxy Pools, Backup Local repositories, and Object storage repositories. These are configured as locations for Microsoft 365 backup data. These can be configured on-premises, in the cloud, or in a hybrid configuration.
Windows Backup proxy servers are auxiliary servers that you can configure to improve performance, scalability, and flexibility.
Install Veeam Backup and Replication Console 13 on Microsoft Windows Server 2025
The Veeam Backup & Replication console is installed on the backup server automatically when you install Veeam Backup & Replication v13. You can utilize the web user interface (UI) or install the Veeam Backup & Replication console on a dedicated computer to access Veeam Backup & Replication remotely.
Add Microsoft 365 organizations with an existing Microsoft Entra application for Veeam Backup for Microsoft 365 8.2
When you add an organization using the modern app-only authentication method, Veeam Backup for Microsoft 365 automatically grants permissions for Microsoft Entra applications.
Anyway, if you prefer to use a custom application of your own, grant all the permissions as below.
Install Veeam Backup Enterprise Manager v13 on Microsoft Windows Server 2025
Veeam Backup Enterprise Manager v13 is a centralized management and reporting tool designed by Veeam Software for overseeing Veeam Backup & Replication deployments. It allows administrators to control and monitor their backup infrastructure through a web-based interface, making it easier to manage large-scale environments.
Add Microsoft 365 Organizations with Register a New Microsoft Entra Application Automatically for Veeam Backup for Microsoft 365 8.2
Registering a new Microsoft Entra ID application automatically is unavailable if you want to back up team chats and have selected Team chats at the Organization Deployment Type step.
Install Veeam Backup and Replication v13 on Microsoft Windows Server 2025
Veeam Backup & Replication v13 is available for Microsoft Windows as self-managed installable software and as a fully managed software appliance.
The Veeam Backup & Replication console is installed on the backup server automatically when you install Veeam Backup & Replication v13. You can utilize the web user interface (UI) or install the Veeam Backup & Replication console on a dedicated computer to access Veeam Backup & Replication remotely.
Update Veeam Backup for Microsoft 365 8.2 and Cumulative Patches
Veeam released a version of Veeam Backup for Microsoft 365 v8.2.0.2202 (P20251031) on November 06, 2025, and it resolved the issue – A backup job may fail when processing Archive Mailbox objects with the following error:
Processing archive mailbox: username@organization.com failed with error: Mailbox is not fully configured.
How to Install Veeam Explorers for Tenants
When setting up Backup as a Service with Veeam Backup for Microsoft 365 for tenants, you can install Veeam Explorers using this installation scenario.
How to Install Veeam Backup for Microsoft 365 V8.1 REST API and Restore Portal on a Separate Computer
When you install Veeam Backup for Microsoft 365, the REST API and Restore Portal are automatically installed on the backup server.
How to Install Veeam Backup for Microsoft 365 v8.1 PowerShell Toolkit on a Separate Computer
When you install Veeam Backup for Microsoft 365, the PowerShell Toolkit is automatically installed on the backup server. If you want to run Veeam Backup for Microsoft 365 PowerShell sessions on remotely, you can install the PowerShell Toolkit on a dedicated machine.
How to Install Veeam Backup for Microsoft 365 V8.1 Console on a Separate Computer
When you install Veeam Backup for Microsoft 365, its console is automatically installed on the backup server. If you want to access Veeam Backup for Microsoft 365 remotely, you can install the Veeam Backup for Microsoft 365 console on a dedicated machine. You can install as many remote consoles as you need.
How to Install Veeam Backup for Microsoft 365 v8.1
Veeam Backup for Microsoft 365 is a complete solution that lets you backup and restore data from your Microsoft 365 organizations, including those that use Microsoft Teams, Microsoft Exchange, Microsoft SharePoint, Microsoft OneDrive for Business, and on-premises Microsoft SharePoint.
How to Upgrade Veeam Backup and Replication Console to version 12.3.2.4165
Veeam released the Backup & Replication v12.3.2.4165 on October 14, 2025.
How to Upgrade Veeam Backup and Replication to version 12.3.2.4165
Veeam Backup & Replication should be upgraded after Veeam Backup Enterprise Manager is upgraded.
How to Upgrade Veeam Backup Enterprise Manager to v12.3.2.4165
Veeam released the Backup & Replication v12.3.2.4165 on October 14, 2025.
How to in-place upgrade Hyper-V server to Windows Server 2025
Today, I am going to show you how to perform an in-place upgrade of a Hyper-V server to Windows Server 2025.
AuditWindows PowerShell and AI to Better Clarity on BitLocker and LAPS
Introduction It can be challenging for IT teams to maintain a clear understanding of their Windows device security posture, especially when it comes to critical controls such as BitLocker and LAPS. Manually cross-referencing data across Entra ID (formerly Azure AD)...
Automating Microsoft Patch Tuesday Analysis with PowerShell
Hey Checkyourlogs Fans, One of the challenges we face every month as IT professionals is keeping up with the sheer number of Microsoft Patch Tuesday vulnerabilities. The Microsoft Security Response Center (MSRC) does a good job publishing advisories, but digging into...
How to Create Microsoft Entra ID Log Backup Jobs from Veeam Backup and Replication 12
Veeam Backup for Microsoft Entra ID Logs to protect tenant audit and sign-in logs.
Introducing the Definitive Installation Script, Install-WinGetV2.ps1
Introduction The Windows Package Manager, commonly known as winget, has rapidly evolved from a promising utility for power users into an indispensable tool for modern Windows administration, configuration, and DevOps workflows. Its ability to script and automate...
De-Hybridizing Exchange: To Shut it Off or Uninstall? Pros, Cons, and Workarounds
Hey Checkyourlogs Fans, Organizations that have moved most or all their mailboxes to Exchange Online will often reach a point where their on-premises Exchange servers are primarily serving as the “last Exchange server” (LES). That means they are still needed for...
When BeyondTrust or CrowdStrike causes Teams to crash (WebView / New Teams client)
Hey Checkyourlogs Fans, Suppose your organization uses third-party security or endpoint software such as BeyondTrust, CrowdStrike Falcon, or others. In that case, you may have noticed Microsoft Teams crashing, freezing, or acting unreliably (especially around the...
The Hidden Dangers of Microsoft Teams Open Federation
The Hidden Dangers of Microsoft Teams Open Federation Microsoft Teams has become a backbone of enterprise collaboration, connecting employees across departments and even across organizations. However, its open federation feature – enabled by default – can be a...
Stop Searching, Start Solving: Get Instant Answers with the MSIX PSF Coach
Meet Your New MSIX Packaging Assistant: The MSIX PSF Coach Struggling to get your desktop applications running smoothly in an MSIX container? You're not alone. Application compatibility can be a major hurdle in modernizing application delivery, often leading to...
The Servicing Symbiosis: Why On-Device AI in Windows 11 Is Tied to Your Update Cadence
Section 1: The Next Evolution of the Enterprise Endpoint: On-Device AI Introduction to the Strategic Shift The paradigm of enterprise computing is undergoing its most significant architectural evolution in over a decade. For years, the prevailing model has been a...
Tenant Breach porting to new tenant – Hybrid Configuration Wizard Fails with TimeoutException Exchange 2016 to Office 365
Hey Checkyourlogs Fans, While working through a tenant-to-tenant migration due to a client having an existing tenant hacked. We initiated a project to migrate the existing on-premises environment to a new Office 365 / Azure / EntraID Tenant. We encountered a...
Installing Exchange Server 2019 Hotfix KB50557651 (CU15 on Windows Server 2022)
Hey Checkyourlogs Fans, Microsoft Exchange Server 2019 Hotfix KB50557651 (Cumulative Update 15 Hotfix) is an optional update designed to enhance the server’s security and stability. It addresses several non-security bugs introduced in earlier updates and includes all...
Upgrading Exchange Server 2019 CU14 to CU15 on Windows Server 2022
Hey Checkyourlogs Fans, Upgrading Microsoft Exchange Server 2019 from Cumulative Update 14 (CU14) to Cumulative Update 15 (CU15, KB5042461) is a critical maintenance task that brings your server to the latest supported build. CU15 (released Feb 10, 2025) is the final...
How to Create Microsoft Entra ID Tenant Backup Jobs
One backup job can protect the data of only one tenant.
May 2025 Patch Tuesday: Critical KB Updates, Security Flaws & Hotpatch Insights for Windows 11 Admins Using Intune
This May 2025 Patch Tuesday, Windows administrators, particularly those managing Windows 11 environments with Intune, face another round of critical updates and security advisories. This month sees a continued focus on enhancing Windows 11 security and functionality,...
Windows Update and KB Review: NTLM Vulnerability (CVE-2025-24054) & Critical WinRE Fixes Impacting Windows 11
Windows Update Alert: NTLM Vulnerability (CVE-2025-24054) & Critical WinRE Fixes Impacting Windows 11 Staying ahead in the world of Windows management requires constant vigilance, especially when it comes to security and stability updates. This week (April 23-29,...
Azure Virtual WAN Project Questionnaire / Discovery Call Sheet (Mid-Market)
Hey Checkyourlogs Fans, Azure Virtual WAN is a managed networking service in Azure that unifies and simplifies connectivity for distributed environments. It combines branch connectivity, VPN (site-to-site and point-to-site) access, ExpressRoute private circuits, and...
Notes from the Field: Migrating Azure AD Connect to Microsoft Entra ID Connect (Before the April 30, 2025 Deadline)
Hey Checkyourlogs Fans, Migrating from Azure AD Connect to the new Microsoft Entra ID Connect has become urgent for many organizations. Microsoft has set a deadline of April 30, 2025, for upgrading to the latest Entra Connect V2 release. More details here:...
Intune Service Updates: Week of April 21, 2025 (Service Release 2504)🚀
The latest Microsoft Intune update brings a range of enhancements across app management, device configuration, enrollment, security, and the admin experience. It’s a lengthy release, so let’s start with some highlights. Specific areas to note are the better...
Day 3 at VeeamON 2025: From AI to Mai Tais
Morning Tech Keynote and Day 2 Keynote highlights – AI-Powered Data Protection Unveiled Day Three kicked off with a bang at the Technology Keynote, where Veeam’s executives rolled out visionary announcements that blend cutting-edge AI with data resilience. The energy...
VeeamON 2025 – Day 2 Recap: BBQ, Edge Servers & Immutable Storage
VeeamON 2025 – Day 2 Recap: BBQ, Edge Servers & Immutable Storage Kansas City BBQ and Top Gun Vibes Day 2 kicked off not just with tech but with a taste of San Diego culture. I took a lunch break at Kansas City Barbeque – famously known as the “Top Gun bar” where...
Cloud-First Backups with Veeam v12.3: SMB Guide to Direct-to-Object Storage
Small and midsize business (SMB) IT admins increasingly adopt cloud-first backup strategies. Veeam Backup & Replication v12.3, combined with Veeam Data Cloud, enables direct backups to cloud object storage – eliminating the need for on‑premises backup hardware. In...
Getting Started with Veeam Data Cloud (Azure Blob): My VeeamON Lab Adventure
Ever attended a hands-on lab at a tech conference and felt genuinely excited about backups? That happened when I dove into the “Getting Started with Veeam Data Cloud” lab at VeeamON. As an IT pro and Veeam enthusiast, I expected to learn a thing or two about the new...
Microsoft Entra ID Token Protection Misfire Leads to Mass Account Lockouts
Last weekend, IT administrators worldwide were startled by widespread account lockouts in Microsoft Entra ID (formerly Azure Active Directory). User accounts were suddenly flagged for “leaked credentials” and automatically locked, even though there was no evidence of...
VeeamON 2025 Day 1: San Diego Arrival, Attractions, Food, and Tech Highlights
April 21, 2025 – San Diego, CA Welcome to VeeamON 2025! Day One kicked off in sunny San Diego, and as an IT professional attending this conference, I felt the perfect mix of excitement for tech insights and eagerness to explore the local scene. If you’re considering...
Containing Rogue Devices on the Network: Microsoft Defender for Endpoint’s New IP Containment and How It Stacks Up
Hey Checkyourlogs Fans, Unmanaged and rogue devices lurking in a corporate network pose a security risk. These could be personal laptops, IoT/OT devices, or compromised systems that lack a security agent, making them “invisible” to traditional endpoint protection....
The case of how to Cleanly Move Azure Arc-Enabled Servers to a New Log Analytics Workspace for Change Tracking & Inventory
In a recent pilot, about 10 Azure Arc-enabled Windows servers were onboarded to the wrong Log Analytics workspace for Change Tracking and Inventory (CT&I). The team needed to move these machines to a new, correct workspace – and do so without breaking CT&I....
Hardening IPMI Interfaces on Intel Servers with RADIUS & Duo MFA
Hey Checkyourlogs Fans, Introduction: Intelligent Platform Management Interface (IPMI) controllers (Baseboard Management Controllers or BMCs) provide powerful out-of-band management capabilities for servers. However, if left insecure, IPMI can become a severe...
VeeamON 2025: Get Ready for San Diego’s Must-See Sessions
A Personal Welcome to the VeeamON Community Hey, Veeam community! Can you feel the excitement? We’re just days away from VeeamON 2025 in sunny San Diego (April 21–23), and I couldn’t be more thrilled. As a proud Veeam Vanguard and longtime VeeamON attendee, I know...
The Case of Connected Machine Agent and Microsoft Monitoring Agent on the Same Server with Azure Arc
Hey Checkyourlogs Fans, Today, we encountered an issue when deploying Azure Arc with a customer and discovered that when deploying the Azure Arc Connected Machine Agent, some machines had a very old version of the Microsoft Monitoring Agent deployed. These seemed to...
The Case of Tracking Down a Weekly Memory Leak on Windows Server 2025 Using PoolMon.exe
Hey Checkyourlogs Fans, This post explores how we used PoolMon.exe, part of Microsoft’s Windows Driver Kit (WDK), to identify and remediate a weekly memory leak in a production Windows Server 2025 environment. This leak occurred across physical and virtual servers,...
🔐 Weekly Security & KB Reports Are Here! 🎉
🚨 It’s that time again, IT pros and patching warriors — our PortalFuse Weekly Security Update and KB Report for April 22, 2025, are now live and loaded with insights! Whether you're tracking CVEs 🐞, critical KBs 📦, or just want to stay ahead of the latest security...
Time-Based Access Control: Least Privilege, Refined
In the ever-evolving landscape of cybersecurity, the principle of least privilege (PoLP) remains one of the most effective strategies for reducing attack surfaces. However, enforcing it in dynamic, modern IT environments requires more than just role definitions and...
3-2-1 Backup Rule Revisited
My last few posts were centred around Backup. It makes sense to revisit the 3-2-1 backup Rule, a golden Backup Rule. The 3-2-1 Backup Rule is a time-tested and widely adopted best practice for ensuring data protection and disaster recovery resilience. Living in a...
EDR vs. Antivirus: Clarifying the Confusion in Endpoint Protection
In today’s threat landscape, endpoint protection is more critical than ever. However, many IT professionals and business stakeholders are still confused by the differences between traditional antivirus (AV) and modern Endpoint Detection and Response (EDR) solutions....
Windows 365 Weekly Update: April 14, 2025
Welcome back. After working out some kinks with my workflow, I am back to bring Windows 365 Updates with a little guidance to help you understand what's new in this ever-evolving cloud-based world. This week, several important updates and enhancements were introduced...
📝 Weekly Security Report – April 15, 2025
📅 Coverage: April 9–15, 2025🔗 Read the full article 📊 Explore the full CVE report Welcome back, CheckYourLogs.net readers! 👋 We’ve just published our latest PortalFuse Weekly Security Report, and this one’s a heavy hitter. If you’re a System Administrator, Security...
Intune Update for the Week of April 14, 2025: Hotpatch Updates for Windows 11 Now Generally Available
Microsoft has announced that Hotpatch updates for Windows 11 Enterprise are now generally available through Intune, marking a significant advancement in how organizations can maintain security and productivity with minimal user disruption. Earlier on, I shared what...
Microsoft Defender for Identity: Detecting Insider Threats Before They Strike
In today’s complex threat landscape, perimeter defences are no longer enough. Insider threats—whether from malicious intent or compromised credentials—pose a significant risk to enterprise security. Microsoft Defender for Identity (MDI) is designed to detect these...
History of Microsoft Pluton Architecture
Microsoft Pluton is a “chip-to-cloud" security processor designed to enhance PC security by integrating a secure crypto-processor directly into the CPU rather than an external TPM chip. This technology has evolved from Microsoft's earlier security innovations, such as...
Disable Acronis Active Protections, Which Compete with the Microsoft Defender Suite
To disable the Acronis features that overlap or compete with the Microsoft Defender Suite while retaining the core backup and recovery functions of Acronis Cyber Protect Backup Advanced, you'll want to disable Acronis's cyber protection capabilities (like...
Acronis Cyber Protect Backup Advanced: The Affordable Backup Solution for Small Business
If you are looking for an affordable and intuitive way to deploy a Backup solution, Acronis Cyber Protect Backup Advanced should be a consideration. It is exceptionally inexpensive and feature-rich compared to other offerings. As I reviewed Backup solutions for my...
🛠️ KB Report Summary – April 8, 2025 (I know, a little late :))
Greetings to our fellow IT pros and CheckYourLogs.net readers! 👋 We’re excited to share something new with you this month—our PortalFuse KB Report, now available in a KB-first format designed to help sysadmins, patch managers, and security teams make sense of the...
Notes from the Field: Building a 3-Node Lenovo ThinkAgile S2D Cluster on Windows Server 2025
Setting up a 3-node Lenovo ThinkAgile cluster with Storage Spaces Direct (S2D) on Windows Server 2025 requires careful planning and adherence to best practices. This guide provides IT professionals with a detailed technical walkthrough—from preparing the nodes and...
Third-Party Patching for Windows Servers with Patch My PC and Azure Update Manager
Hey, IT pros, let’s discuss a common weak link in cybersecurity: third-party application patches. We all patch our Windows OS regularly, but what about apps like Java, Adobe Reader, 7-Zip, or Chrome? Unpatched third-party apps are often the Achilles’ heel in patch...
Azure Arc in the Small Business Datacenter: Hybrid Management for Windows Servers
Managing a hybrid data center with 10–200 on-premises Windows Server 2019/2022 machines can be challenging for a small IT team. Patching servers, tracking configuration changes, and monitoring security often require multiple tools or manual effort. Microsoft Azure Arc...
Enabling Change Tracking & Inventory on Azure Arc-Enabled Servers with Azure Policy
Azure Arc is a hybrid cloud solution from Microsoft that projects your existing on-premises and multicloud servers into Azure Resource Manager for unified management. In practice, you can apply Azure’s governance and management tools – like Azure Policy, role-based...
🚨 April Patch Tuesday Breakdown: Elevation of Privilege, RCE, and More
Introduction Hi there, CheckYourLogs.net fans! I have been working with a friend to teach AI about Windows patching. While it might not be able to prevent issues in your environment directly, I have found that the weekly reports in blog format have been gaining...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 10
Finalizing the Active Directory Migration – Raising Functional Levels to 2025 In this concluding part of our zero-downtime Active Directory migration series, we will raise the Domain and Forest Functional Levels to Windows Server 2025. After migrating from Windows...
Maximizing Hyper‑V Quick Create in Windows 11 24H2 for Home Lab Power Users
IT professionals and power users often maintain home lab environments with shared storage and robust hardware. For these users, Hyper‑V on Windows 11 (24H2) offers a powerful yet convenient feature: Quick Create. Hyper‑V Quick Create simplifies spinning up virtual...
New Release – Migrating to Server 2025 and Azure – Hands on Lab Guide
Migrating to Server 2025 and Azure is a comprehensive, hands-on guide for IT professionals, system administrators, consultants, and trainers looking to modernize their infrastructure through upgrades to Windows Server 2025 and integrating Azure Hybrid services....
Introducing a New Must-Have Resource: Fundamentals of Active Directory – Hands-On Lab Guide
We’re excited to officially announce the release of Fundamentals of Active Directory – Hands-On Lab Guide, a brand-new publication authored by Cristal Kawula and published by MVPDays Publishing. This book is a game-changer for IT professionals, educators, and students...
New Release: Red Teaming and Blue Teaming with Microsoft Defender XDR
The cybersecurity landscape has rapidly evolved. To stay ahead, IT professionals need both offensive and defensive strategies. Microsoft Defender XDR is a unified solution for threat prevention, detection, investigation, and response across endpoints, identities,...
Calgary Windows Server and Azure Hybrid User Group
5th Meetup – March 30, 2025, @ Langdon Firehouse We’re celebrating our fifth meetup of the Calgary Windows Server and Azure Hybrid User Group — and this one’s special! Not only do we have a killer lineup of technical sessions, but we’re also recognizing the release of...
The Case of the Tattooed SCCM Defender Policies – Clearing the Group Policy Cache
Hey CheckYourLogs Fans, I’ve got a real-world troubleshooting story for you today. Recently, I encountered a Windows environment where we uninstalled the SCCM (System Center Configuration Manager) client from several servers, only to find that Windows Defender...
Troubleshooting Veeam Backup Failures: RPC Server Unavailable Error #Veeam @VeeamVanguard
Hey Checkyourlogs Fans, When dealing with Veeam Backup & Replication (VBR), backup failures can be frustrating, especially when the error messages seem complex. Recently, while troubleshooting a backup job failure after upgrading a VBR server to version 12.3, we...
Finding Veeam WAN Accelerators That Are Not Running the Easy Way – #Veeam @VeeamVanguard
Hey Checkyourlogs Fans, When working with Veeam Backup & Replication (VBR), WAN Accelerators are crucial in optimizing backup and replication traffic across wide area networks. However, sometimes backup jobs fail because the WAN Accelerator service is not running,...
Upgrading a Hyper-V Cluster with Storage Spaces Direct on Windows Server 2025 leveraging Veeam VBR Replication
Hey Checkyourlogs Fans, Upgrading a Hyper-V cluster running Storage Spaces Direct (S2D) from Windows Server 2019 to Windows Server 2022 or 2025 can be complex. We follow a best-practice approach that minimizes downtime and ensures a seamless upgrade. This process...
Troubleshooting Server 2022 Storage Spaces Direct (S2D): Fixing Unsupported Miniport Drivers
Hey Checkyourlogs Fans, When migrating a Storage Spaces Direct (S2D) Cluster from Windows Server 2019 to Windows Server 2022 with a fresh OS rebuild, a common issue arises during cluster validation. Specifically, unsupported miniport drivers, such as IaRNVME, can...
How to Resolve Read-Only Storage Spaces Pool in Windows Server 2022
Hey Checkyourlogs Fans, When rebuilding or upgrading a Windows Server 2022 operating system, several unexpected challenges related to legacy configurations can arise, especially when dealing with Storage Spaces. One such issue is encountering an old Storage Spaces...
Troubleshooting Event ID 216: The Target Principal Name is Incorrect – Resolving SSPI Context Issues After Moving to Azure SQL Managed Instance
Hey Checkyourlogs Fans, In cloud migrations, connectivity and security issues often arise when transitioning applications from on-premises infrastructure to cloud-based services. One such issue many administrators encounter is Event ID 216 with the error message: The...
Directory Tiering in AD in your Lab Environment for Testing
Hey Checkyourlogs Fans, This post outlines the steps needed to create and configure Group Policy Objects (GPOs) for tiering your Active Directory environment. The goal is to restrict access for Domain Admins, Server Admins, and Desktop Admins based on their tiered...
Switch Embedded Teaming (SET) in Hyper-V on Windows Server 2025
SET vs. Traditional NIC Teaming Switch Embedded Teaming (SET) is a software-defined NIC teaming feature introduced in Windows Server 2016 as an alternative to traditional NIC Teaming (often called LBFO for Load Balancing/Failover). Unlike legacy NIC teaming which...
Red Team Lab Series (Part 10):Embracing Purple Teaming – Uniting Red and Blue for Stronger Security
Welcome to the final installment of our blog series for IT professionals transitioning into security! In Part 10, we wrap up John’s Red Team and Blue Team training journey with Microsoft Defender XDR and Microsoft Sentinel by introducing the concept of Purple Teaming....
Red Team Lab Series (Part 9):SOC Readiness and Career Growth
Welcome back to Part 9 of our Microsoft Defender XDR and Sentinel journey! So far, you’ve rolled up your sleeves and tackled technical challenges head-on – now it’s time to pause, look at the big picture, and see how far you’ve come. In this post, we’ll recap how the...
Red Team Lab Series (Part 8):Threat Hunting with Microsoft Sentinel
In this eighth installment of our Blue Team training series, we’ll step into Microsoft Sentinel – Microsoft’s cloud-native SIEM and SOAR platform – to supercharge our threat hunting and automated defenses. In previous posts, John (our IT pro protagonist) witnessed how...
Red Team Lab Series (Part 7):Blue Team Detection and Response Guide
Welcome back to our series! In Part 6, we walked through how the Red Team compromised our lab environment – John’s computer test001 – using a Covenant Grunt (malicious agent), established persistence with a scheduled task, escalated privileges (with tools like...
Navigating Trust Failures After Upgrading to Windows 11 24H2 via Intune and WUfB
As organizations begin piloting Windows 11 24H2 deployments across their enterprise environments, unexpected anomalies may surface during early adoption. One such issue has emerged in a recent pilot: a workstation, upgraded via Windows Update for Business (WUfB) from...
Red Team Lab Series (Part 6):Persistence and Evasion – Lateral Movement, Privilege Escalation & Data Exfiltration
Welcome back to the final post in our red teaming blog series! Part 7 and on from here will focus on Blue Teaming. So far, we’ve obtained a foothold on the lab workstation test001 as user John, established a Covenant C2 connection (a “Grunt”), and even set up...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 9
Part 9: Deploying a Domain Controller in Azure and Integrating It Many organizations are embracing hybrid architectures, extending their on-premises Active Directory into Azure for better resiliency and to support cloud-based workloads. Now that our AD DS environment...
Red Team Lab Series (Part 5):Persistence and Evasion – Keeping Our Access (Red Teaming with Defender XDR)
In our previous posts, we gained access to the target machine test001 as user John and explored the environment using Covenant C2. Now, we focus on persistence – how an attacker maintains access after the initial compromise – and a light introduction to evasion...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 8
With the new domain controllers fully in place and the old ones retired, one often-overlooked aspect is configured correctly: time synchronization (NTP). In Active Directory, proper time sync is crucial because Kerberos authentication relies on timestamps. By default,...
Red Team Lab Series (Part 4):Credential Access with Mimikatz & Rubeus and Lateral Movement with Evil-WinRM
Part 4: Credential Access with Mimikatz & Rubeus and Lateral Movement with Evil-WinRM We'll pivot to credential access and abuse techniques in this fourth installment of our red teaming blog series. So far, we have established a foothold on our lab workstation...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 7
After decommissioning the old domain controllers, one final polish step can make your migration airtight: reassigning the IP addresses of your legacy DCs to the new ones. This isn't required for Active Directory to function correctly, but it can eliminate surprises...
Red Team Lab Series (Part 3): Detecting C2, Persistence, Lateral Movement, and Hunting
In Part 2 of this series, we established a Covenant C2 connection by launching a Grunt on the victim system (test001) under user John. Now that the Grunt session is live, what happens next? In this post, we’ll explore the immediate blue team detection, the attacker’s...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 6
Part 6: DNS Migration and Decommissioning Legacy Domain Controllers With FSMO roles now on the new DCs, our old Windows Server 2016 domain controllers are ready for retirement. The final steps are to migrate the remaining services, like DNS, and to demote the old DCs...
Red Team Lab Series (Part 2): Your First Covenant C2 Session with Commando VM
Welcome back! In Part 1, we set up our Commando VM attack platform. Now in Part 2, we’ll get our hands dirty with a basic Command-and-Control (C2) scenario. We’ll walk through three main tasks step by step: Disabling Microsoft Defender on a Windows 10/11 target VM (to...
Red Team Lab Series (Part 1): Getting Started with Commando VM & Covenant
So, you’re an IT professional curious about offensive security? Welcome to the first post of our 10-part Red Team tooling series! In this series, we’ll build a Windows-based cyber range to simulate real-world attacks and improve our defenses. Today, we introduce...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 5
Active Directory operates with a multi-master replication model, but certain operations are single-master by design. These are handled by the FSMO roles (Flexible Single Master Operations), sometimes called “Operations Masters.” In a single-domain environment, there...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 4
With deploying the new Windows Server 2025 domain controllers and their successful replication, it is time to gradually shift the workload and client connections to these new servers. This transition should occur smoothly, ensuring that the older Windows Server 2016...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 3
With the schema now extended for Windows Server 2025, it's time to move forward with installing Active Directory Domain Services (AD DS) on our new Server 2025 machines and promoting them to domain controllers. This is where our new infrastructure begins to take form....
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 2
One of the first technical steps in introducing Windows Server 2025 Domain Controllers is updating the Active Directory schema. The schema acts as Active Directory’s "blueprint", defining all object types and attributes. Each new Windows Server version that functions...
Packaging the Remote Help Client as a #Win32App in #Intune
Introduction Deploying the Remote Help application in Microsoft Intune can be approached in several ways, and choosing the right method can make a huge difference in efficiency and security. If you have access to Microsoft’s Enterprise Application Management feature...
Zero-Downtime AD DS Migration from Windows Server 2016 to 2025 (10-Part Series) – Part 1
In this series, we’ll walk through a hands-on, zero-downtime Active Directory Domain Services (AD DS) migration from Windows Server 2016 to Windows Server 2025, including hybrid integration with Azure. The journey spans health checks, schema prep, introducing new 2025...
Migrating DHCP to Windows Server 2025: Common Issues and How to Resolve Them
If you are planning a DHCP migration to an on-premises Windows Server 2025, this post will be of assistance. Having migrated numerous DHCP servers over the years, I have encountered various issues. In this blog, I will discuss common problems that may arise during a...
Analyzing Suspicious Files Like A Pro: A Comprehensive Guide
Introduction When faced with a suspicious file, a systematic and cautious approach is crucial to preventing potential system compromise. Here's an expanded guide, drawing from expert techniques and industry-standard tools, to help you analyze potentially malicious...
How to #Package #Win32Apps for #Intune Like a Pro!
Introduction Buckle up, as this is a long one. Why? I thought it would be good to get a bunch of Intune packaging concepts out there in one adventure, such as packaging a piece of software with unique behaviors. It didn’t go perfectly smoothly, so I got to show some...
A Look into Windows Servicing Stack Updates: What They Are and What’s New
When you consider keeping your Windows system secure and up to date, most of your attention goes to the regular security patches and cumulative updates. However, lurking behind the scenes is an unsung hero who makes sure these updates are installed correctly: the...
Troubleshooting Windows Update for Business (WUfB) Deployments in Intune
Troubleshooting Windows Update for Business (WUfB) Deployments in Microsoft Intune Patching workstations in Intune uses Windows Update for Business (WUfB), a modern cloud-based solution that enables administrators to manage Windows Updates without the need for...
How to Add Microsoft Entra ID Tenants to Backup Microsoft Entra ID
After you’ve added a Microsoft Entra ID tenant to the backup infrastructure, you can backup and restore Entra ID resources managed by the tenant.
Upgrading to Windows 11: A Proactive Roadmap for a Smooth Transition
Introduction Windows 11 introduces a host of new features and improvements designed to enhance productivity, security, and the overall user experience. However, many organizations find themselves delaying the upgrade due to concerns about hardware and software...
How to Create Log Backup Repositories with Microsoft Azure Blob Storage to Backup Azure Entra ID
A log backup repository is a storage area where Veeam Backup for Microsoft Entra ID keeps backups of audit and sign-in logs from protected Microsoft Entra ID tenants.
From Linux Package Managers to Windows Winget: The Evolution of Software Distribution
Introduction In the world of computing, installing and managing software has come a long way from manual downloads and installations to sophisticated package management systems. Package management began as a solution to handle streamline software installationand...
How to Create Cache Repositories Locally to Backup Microsoft Azure Entra ID
Beginning with version 12.3, the Veeam Backup & Replication solution allows you to add Microsoft Entra ID tenants to the backup infrastructure and manage data protection and recovery operations for these tenants from a single console.
The Evolving Windows Application Deployment Landscape: Embracing the MSIX Era
Introduction In the ever-evolving world of Windows application deployment, IT professionals and software developers are continuously seeking ways to simplify installation, streamline updates, and improve security. We came from very messy beginnings where nearly all...
How to Restore On-Premises VMS to Microsoft Azure
This section describes how to recover (or move) a backup VM to Microsoft Azure.
How to Create a Backup Copy Job offloads backups to Azure Blob Storage
This section describes creating a backup copy job that off-loads to the Azure blob after performing a full backup. It will not use the Azure Blob archive tier.
How to Create a Backup job using Azure Blob repositories as Cloud Redundant Data
This section describes creating a backup job that backs up at local repositories to sync backup files with Azure cloud and off-loads Azure blob after performing a full backup. It would be best to have a scale-out repository ready before beginning this backup job.
How to Create a Backup job using Azure Blob repository as a Backup Repository
This procedure immediately creates a backup job to backup to Azure Blob Repository without local repositories.
How to Add Azure Blob Object Storage Repositories as Performance, Capacity and Archive Tier of Scale-out Repository
This section describes how to add Azure Blob Object Storage Repositories as the performance tier (hot tier), a capacity tier (cool tier) and an archive (cold tier) tier of the scale-out repository.
How to Add Local and Azure Blob Object Storage Repositories as Scale-out Repositories without Archive Tier
A scale-out backup repository allows for horizontal scaling for multi-tier data storage.
How to Upgrade Veeam Backup for Microsoft 365 to v8.1
Veeam released a version of Veeam Backup for Microsoft 365 v8.1 on January 23, 2025, and it has some enhancements, including support for Ubuntu 24.04 and RedHat 9.4 as backup proxy operating systems, multiple stability, performance, and scalability improvements delivered to ensure product reliability. It also resolved some issues.
How to Add Microsoft Azure Archive Blob Storages as Immutability Archive Object Repositories
This section explains adding Microsoft Azure Archive Storage as an immutability archive backup repository to the backup infrastructure. This repository can only be used as an archive extension of the scaled-out backup repository.
CIS Level 1 Benchmarks Impacting Windows 11 24H2 In-place Upgrade
A client’s pilot deployment of Windows 11 24H2 (2024 H2 update) did not go as planned. What was intended as a routine in-place upgrade from Windows 11 23H2 turned into a troubleshooting saga. Multiple devices experienced severe issues during or after the upgrade...
Calgary Windows Server and Azure Hybrid User Group
4th Meetup – January 31, 2025, @ Langdon Firehouse We’re kicking off the new year with another packed session of the Calgary Windows Server and Azure Hybrid User Group! Whether you're navigating the cloud journey, automating deployments, or planning a significant...
Active Directory Just Got Smarter: What’s New in AD DS for Server 2025
Windows Server 2025 brings forward a host of enhancements across the board, but one of the most strategic and security-focused areas of improvement is Active Directory Domain Services (AD DS). As the backbone of enterprise identity and access management, AD DS...
ReFS Gets a Major Upgrade in Server 2025: Performance and Resiliency Like Never Before
Windows Server 2025 brings several powerful enhancements to the enterprise data center, and among the most exciting is the upgrade to the Resilient File System (ReFS). With a clear focus on high availability, scalability, and data integrity, ReFS has evolved...
Windows Server 2025 Meets SMB over QUIC: Secure File Sharing Without a VPN
With the advent of Windows Server 2025, secure remote access has evolved further, highlighting one of its most transformative features: SMB over QUIC. As organizations increasingly adopt hybrid and remote work models, the need for seamless, secure, and...
Hot patching in Windows Server 2025: Reboot-less Updates for Core Infrastructure
Windows Server 2025 is expected to be a significant server operating system release from Microsoft. Among its features, one innovation gaining attention among IT professionals and system administrators is Hotpatching. Initially available only for Azure Edition in...
How to Add Microsoft Azure Archive Blob Storages as Archive Object Repositories
These steps show how to add Microsoft Azure Archive Storage to the backup infrastructure as a backup repository. This repository can only be used as an archive extension of the scaled-out backup repository.
How to Add Microsoft Azure Blob Storage as an Immutability Object Repository
Veeam Backup & Replication allows you to prevent data deletion from the object storage repository by making it momentarily immutable and protecting data from malware activity by keeping several versions of a single backup.
How to Add Microsoft Azure Blob Storage as an Object Repository
To add Microsoft Azure Blob Storage as an object repository without immutability, you normally integrate the Azure Blob Storage service to store and manage objects without enforcing retention or immutability requirements.
How to Create Veeam Cloud Credential for Microsoft Azure Compute Accounts
To add Microsoft Azure Compute Accounts to Veeam Backup & Replication (or Veeam Backup for Microsoft Azure), you must first integrate your Azure environment with Veeam, which will manage the backup and restoration of Azure Virtual Machines and other computing resources.
Creating Veeam Cloud Credential for Microsoft Azure Storage Accounts with Entra ID Authentication
This Veeam cloud credential is for a Microsoft Azure Blob Object Storage Account with Entra ID authentication connecting to the following sorts of accounts.
Creating Veeam Cloud Credential for Microsoft Azure Storage Accounts with Share Key Authentication
This Veeam cloud credential is for a Microsoft Azure Blob Object Storage Account with Share Key authentication connecting to the following sorts of accounts,
Creating Microsoft Azure Storage Accounts for Immutable Archive Backup Repositories
Veeam Backup & Replication allows you to prevent data deletion from the archive extent by making it temporarily immutable. It is done to improve security: immutability safeguards your data against loss due to attacks, malware activity, or other malicious actions.
Creating Microsoft Azure Storage Accounts for non-Immutable Archive Backup Repositories
Azure Archive Storage is a low-cost, high-durability cloud storage tier inside Azure Blob Storage specifically built for infrequently accessed data and long-term storage. It is the most cost-effective storage tier for data you do not need to access frequently, making it suitable for backup data you wish to keep for an extended term.
Creating Microsoft Azure Storage Accounts for Immutable Backup Repositories
There are some immutability limits in the Azure Blob Storage.
Creating Microsoft Azure Accounts for non-Immutable Backup Repositories
Veeam Backup&Replication supports different types of storage accounts.
How to Upgrade Veeam Backup and Replication Console to v12.3.0.310
Veeam released the Backup & Replication Console v12.3.0.310 on December 03, 2024.
How to Upgrade Veeam Backup and Replication to v12.3.0.310
Veeam released the Backup & Replication v12.3.0.310 on December 03, 2024.
How to Upgrade Veeam Backup Enterprise Manager to v12.3.0.310
Veeam released the Backup & Replication v12.3.0.310 on December 03, 2024.
How to Upgrade Veeam ONE to v12.3
The release version of Veeam ONE 12.3 is available on December 3rd, 2024.
Fix Veeam Backup Enterprise Manager Vulnerability (CVE-2024-40715)
Veeam released the hotfix for the vulnerability in Veeam Backup Enterprise Manager, allowing attackers to bypass the authentication while performing a Man-in-the-Middle (MITM) attack.
Enable Hot Patching in upgraded Server 2022 Azure Edition VM
Hey Checkyourlogs Fans, Hot patching is a powerful feature that allows Windows Server 2022 Datacenter: Azure Edition virtual machines (VMs) to install security updates without requiring a reboot after installation. This blog post focuses on enabling Hot patches for...
How to Build a WordPress Web Site with Azure Database for MYSQL
With an Azure free account, you can use Azure Database for MySQL – Flexible Server for 12 months, and it’s free.
Upgrading from Server 2022 to Server 2022 Azure Edition
Hey Checkyourlogs Fans, Microsoft's Windows Server 2022 Datacenter Azure Edition introduces Azure-exclusive features such as Hot patching, which enables the application of security updates without restarting, and Azure Auto manage for streamlined management. This...
Troubleshooting failing Windows Server In-Place Upgrades with Setupdiag.exe
Hey Checkyourlogs Fans, Upgrading to Windows Server 2022 can occasionally cause issues, leaving IT admins scrambling for answers. One of the most effective tools for diagnosing upgrade failures is Microsoft’s SetupDiag.exe. This lightweight utility is designed to...
Troubleshooting Azure Web Apps Using Kudu+
Hey Checkyourlogs Fans, Azure Web Apps is a robust platform-as-a-service (PaaS) offering that enables developers to seamlessly deploy, manage, and scale web applications. However, troubleshooting issues in production environments can be daunting, especially when...
Troubleshooting Azure VM Connectivity Issues for SportCo – Azure Connectivity Troubleshooter AZURECT
Hey Checkyourlogs, Connectivity issues can sometimes arise when working with Azure Virtual Network Gateway connections from an on-premises environment to an Azure VM. For SportCo, identifying and resolving these issues requires an understanding of the network...
On-Prem Patch Management using Azure Arc and Azure Update Manager
Hey Checkyourlogs Fans, I just wanted to do a quick post on the success of using Azure Update Manager to connect to on-prem Machines for Patch Management. As with many of us, I’m in charge of Patch Tuesday for our customer base. This solution is working amazingly for...
Critical Error – Your Start Menu isn’t working,
Hey Checkyourlogs Fans, Today, while patching some server infrastructure, I encountered an interesting issue. When I clicked on the Start menu, I received a Critical Error message: “Your Start menu isn’t working. We’ll try to fix it the next time you sign in.” Sign...
30 Days of Azure and Office 365 Hands On Labs and Training
Hey Checkyourlogs fans, I am sharing a conceptual outline for 30 full days of classes at a local college that I am pitching to learn the fundamental skills required for Azure and Hybrid Infrastructure. During this course, we will learn how to migrate core elements of...
TechMentor Live! 360 Speaker Experience
Last week, I had the exciting and rewarding opportunity to participate in TechMentor Live! 360 Orlando as a speaker. The sessions were "Security Is Not Meant to Be a Matter of Convenience" and "Advanced Configuration of Microsoft Defender for Endpoint." As it was my...
Resolving RAID Failure on a SuperMicro Windows Backup Target with Veeam Agent for Windows and Recovery Media Creation
Hey Checkyourlogs Fans, In this scenario, we encountered a critical RAID failure on a SuperMicro Windows Backup target, where both drives in the RAID array were lost. Thankfully, we had been using Veeam Agent for Windows, which allowed us to create physical backups...
Hyper-V in Windows Server 2025: What’s New and Why It Matters
As Microsoft prepares the release of Windows Server 2025, Hyper-V is once again front and center in the evolution of virtualization. From GPU partitioning and workgroup clustering to enhanced Linux support and hybrid capabilities, this latest update reaffirms...
Calgary Windows Server and Azure Hybrid User Group
3rd Meetup – October 31, 2024, @ Langdon Firehouse Our community continues to grow—and so does the depth of our content! Join us for the third meetup of the Calgary Windows Server and Azure Hybrid User Group, happening on Halloween night – October 31, 2024. We’ll be...
Navigating Installation Delays During Veeam 12.2 Upgrade
Recently, while upgrading Veeam to version 12.2, I encountered an issue that added approximately 45 minutes to the expected installation time. The delay wasn't due to anything malfunctioning with Veeam itself; it was related to Windows Defender SmartScreen, the...
How to Upgrade Veeam Backup for Microsoft 365 to v8
Veeam released a version of Veeam Backup for Microsoft 365 v8 on September 11, 2024, and includes Immutable backups with the ability to store on any object storage, Enterprise scale and efficiency delivered by Veeam Proxy Pools, Backup for private and shared Teams channels, and Linux-based backup proxies…
Issues Onboarding ARM64 Snapdragon Surface Laptops to Defender Endpoint
Hey Checkyourlogs Fans, Today, I was tasked with onboarding some new Microsoft Surface ARM64-based devices, which had the Snapdragon X 12-core processor. The issue is that we received the following error message when trying to onboard to Defender Endpoint. As you can...
How to Upgrade Veeam ONE to v12.2
The release version of Veeam ONE 12.2 is available on August 28th, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.2 build.
How to Install Veeam ONE v12.2
The release version of Veeam ONE 12.2 is available on August 28th, 2024. You can download it at:
https://www.veeam.com/products/veeam-data-platform/monitoring-analytics.html
How to Upgrade Veeam Backup and Replication Console to v12.2.0.334
To gain remote access to Veeam Backup & Replication v12.2.0.334, you must first upgrade the Veeam Backup & Replication console to v12.2.0.344 on a dedicated machine.
Upgrade Veeam Backup and Replication Console to v12.1.2.172
To gain remote access to Veeam Backup & Replication v12.1.2.172, you must first upgrade the Veeam Backup & Replication console to v12.12.172 on a dedicated machine.
How to upgrade Veeam Backup Enterprise Manager to v12.2.0.334
Veeam released Backup & Replication v12.2,0,334 on August 28, 2024. Veeam Backup & Replication 12.2 is the newer build of version 12, and the major new features and enhancements were added in Veeam Backup & Replication v12.2. The details are as link...
How to upgrade Veeam Backup and Replication to v12.2.0.334
Veeam released Backup & Replication v12.2.0.334 on August 28, 2024.
How to upgrade Veeam Backup Enterprise Manager to v12.1.2.172
Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
How to upgrade Veeam Backup and Replication to v12.1.2.172
Veeam released the Backup & Replication v12.1.2.172 on May 21, 2024.
The vulnerabilities documented in these sections were fixed starting in the 12.1.2.172 build.
WinRE Too Small – Microsoft KB5034439 Canceled
This post attempts to add value and perhaps some joy to your day by summarizing the WinRE Road trip, which was first introduced with KB5034439 in January of this year. Microsoft canceled KB5034439 on August 13, 2024, and replaced it with KB5042322, as noted under...
Why didn’t high availability clusters prevent the CrowdStrike outage?
I was asked to describe clustering to a person that doesn't know much about this stuff, so here goes (Before anyone asks, the answer is no...I didn't use ChatGPT for this): When you hear "server cluster," you think of a bunch of servers that are joined together...
Calgary Windows Server and Azure Hybrid User Group
2nd Meetup – July 31, 2024, @ Langdon Firehouse We’re back! After the fantastic turnout and energy at our inaugural session in April, we’re thrilled to announce the second meetup of the Calgary Windows Server and Azure Hybrid User Group, which will be held once again...
Enabling Enterprise State Roaming in Entra ID
Introduction Enterprise State Roaming is a feature introduced in Windows 10 (1511) that allows modern applications and Windows settings to follow a user from device to device. It supports a work-anywhere theme by providing a consistent user experience across different...
Making Information Security Policies Accessible and Understandable for Everyone
In today's fast-paced digital world, information security is a critical concern for all organizations. Yet, too often, the policies designed to protect our information are filled with technical jargon that leaves many employees feeling confused and disconnected. It's...
Introducing Zero Trust DNS
Introduction Strangely, identity and name resolution have become interesting to me as they essentially underpin the infrastructure of the modern Internet. In some ways, the industry has given up on the security of DNS, with its ability to be susceptible to...
Embracing the Next Chapter: Leveraging My Three Decades of IT Experience to Drive Organizational Transformation and Nurture Future IT Leaders
Embracing a New Chapter: Leveraging Three Decades of IT Experience to Drive Organizational Transformation and Nurture Future IT Leaders After an incredible journey spanning three decades in the IT industry, filled with countless challenges, triumphs, and invaluable...
Reducing Cyber Insurance Premiums The Most Impactful Cybersecurity Controls
Reducing Cyber Insurance Premiums: The Most Impactful Cybersecurity Controls In today’s digital age, cyber threats are a significant concern for organizations of all types and sizes. The increasing frequency and sophistication of cyberattacks have prompted many...
The Hidden Dangers of Exposing An Organization’s Azure API Key
In the digital era, businesses increasingly rely on cloud services, and the security of application programming interfaces (APIs) is paramount. Understanding the risks associated with API key exposure—particularly concerning Microsoft Azure—is critical for executives...
Microsoft Defender Secure Score Recommended Action (RA) – Ensure that no sender domains are allowed for anti-spam policies
Effective email security is not just about filtering spam; it's about strategically controlling which messages reach your users to prevent threats and minimize disruptions. A common misstep in configuring anti-spam policies is inadvertently allowing sender domains...
Microsoft Defender Secure Score Recommended Action (RA) – Set action to take on bulk spam detection
In the cluttered landscape of organizational email, bulk spam can significantly hinder productivity and expose users to potential security risks. Microsoft Defender offers a robust solution to mitigate these challenges through its advanced spam detection capabilities,...
Intune Certificate Connector: Something Went Wrong
With my adventures implementing Intune, I've found all sorts of interesting errors that can be unhelpful, especially when they involve a user or administrator licensing issue. In my latest error, I was left with a very puzzling error while trying to connect the Intune...
Microsoft Defender Secure Score Recommended Action (RA) – Create zero-hour auto purge policies for phishing messages
Phishing attacks are a pervasive threat in the cybersecurity landscape, often causing significant damage to organizations through data breaches and financial loss. To combat these threats effectively, organizations must adopt proactive measures that can neutralize...
Microsoft Defender Secure Score Recommended Action (RA) – Ensure Safe Attachments policy is enabled
In today's digital age, email remains a primary vector for cybersecurity threats, ranging from phishing attempts to sophisticated malware attacks. As organizations strive to fortify their defenses, it's crucial to leverage every tool available to safeguard sensitive...
Microsoft Defender Secure Score Recommended Action (RA) – Set action to take on spam detection
Secure Score Recommended Action "Actions to Take on Spam Detection" allows organizations to swiftly respond to spam threats, mitigating the risk of data compromise and disruption to business operations. With the implementation of this Recommended Action, enterprises...
Microsoft Defender Secure Score Recommended Action (RA) – Set action to take on high confidence phishing detection
Secure Score Recommended Action "Set action to take on high confidence phishing detection" is a measure that empowers organizations to swiftly respond to imminent phishing threats, mitigating the risk of data compromise and operational disruption. Note: “Recommended...
Microsoft Defender Secure Score Recommended Action (RA) – Create zero-hour auto purge policies for malware
Staying ahead of malicious threats is paramount. With the proliferation of sophisticated malware, organizations face an uphill battle in safeguarding their digital assets. Microsoft Defender Secure Score emerges as a beacon of defense, offering actionable insights to...
Cyber Safe is the New Safety First Initiative for All Organizations
Hey, checkyourlogs.net fans, in the complex and ever-evolving digital landscape, cybersecurity has become a central concern for organizations across all sectors. As cyber threats continue to grow in sophistication and frequency, establishing robust cyber defenses...
How to Configure App Protection Policies (MAM) for Unmanaged Android, iOS, and Windows 11 Devices
For organizations already leveraging Microsoft Intune for corporate device management through Mobile Device Management (MDM), expanding the scope to include personal devices requires a focused approach on Mobile Application Management (MAM). The goal is to protect...
Microsoft Defender Secure Score Recommended Action (RA) – Ensure mobile devices require the use of a password
In the ever-evolving landscape of cybersecurity, safeguarding sensitive data and devices is paramount. As organizations embrace mobility and remote work, the need to fortify defenses against potential threats on mobile devices becomes increasingly critical. Microsoft...
Ensure that mailbox intelligence is enabled
Welcome to our guide on implementing a crucial recommendation from Microsoft Defender Secure Score: Ensuring that mailbox intelligence is enabled. In today's digitally interconnected world, email remains a primary conduit for communication, but it's also a prime...
Microsoft Defender Secure Score Recommended Action (RA) – Turn on Safe Attachments in block mode
As part of Microsoft Defender Secure Score's recommended actions, enabling the “Turn on Safe Attachments in block mode” feature is paramount in fortifying your organization's email security. Let's bolster your defense against malicious email attachments and stay ahead...
Microsoft Defender Secure Score Recommended Action (RA) – Create Safe Links policies for email messages
Welcome to my latest blog post! Today, we delve into the world of cybersecurity with a focus on enhancing email security. Specifically, we'll explore the implementation of a crucial Microsoft Defender Secure Score recommended action: 'Create Safe Links policies for...
Microsoft Defender Secure Score Recommended Action (RA) – Enable Microsoft Entra ID Identity Protection sign-in risk policies
Today we configure the Microsoft Defender Secure Score Recommended Action (RA) “Enable Microsoft Entra ID Identity Protection sign-in risk policies". This is a strategic action to battle against unauthorized access and identity breaches. Note: “Recommended action”...
Introducing the Calgary Windows Server and Azure Hybrid User Group
First Meetup – April 30, 2024, @ Langdon Firehouse We’re excited to announce the launch of the Calgary Windows Server and Azure Hybrid User Group, a new community for IT professionals, sysadmins, and cloud enthusiasts who live and breathe all things Windows Server and...
KB5025885: How to manage the Windows Boot Manager revocations for Secure Boot changes associated with CVE-2023-24932
This Blog Post intends to highlight a “proceed with caution” towards implementation of Microsoft KB5025885 associated with CVE-2023-24932 introduced in April 2024. KB5025885 is not routine and must be acted upon with convincing knowledge of its content and with...
Microsoft Defender Secure Score Recommended Action (RA) – Enable Conditional Access policies to block legacy authentication
This blog post reviews the essential recommended actions provided by Microsoft 365 Defender Secure Score: Enabling Conditional Access policies to block legacy authentication. Legacy authentication methods, often less secure than modern alternatives, can be a weak link...
Advanced Troubleshooting Failed Replacement of Physical Disk Storage Spaces Direct S2D / Azure Stack HCI
Troubleshooting Active Directory Account Lockouts with Lockoutstatus.exe
Hey Checkyourlogs Fans, Today, let's tackle a frustrating issue: recurring user account lockouts. This headache can affect any website or app lacking proper security measures. Recently, we ran into this problem with a fictional user named Dave at one of our clients'...
Troubleshooting Remote Connectivity Using netsh wlan show wlanreport
Hey Checkyourlogs Fans, In the modern landscape of remote work, maintaining seamless connectivity is paramount. However, as anyone grappling with VPN or wireless issues can attest, troubleshooting connectivity problems for remote users can be daunting. Enter netsh...
Real Time Logging using PowerShell (TAIL)
Hey Checkyourlogs Fans, Having the right tools is crucial in server troubleshooting. PowerShell is a go-to for many administrators, offering commands like Get-Content -Tail -Wait, which can be incredibly helpful, especially when monitoring real-time log files....
Microsoft Defender Secure Score Recommended Action (RA) – Ensure all forms of mail forwarding are blocked and/or disabled
In the intricate landscape of organizational cybersecurity, one often overlooked vector for data leakage and unauthorized access is the seemingly innocuous feature of mail forwarding. Microsoft Defender's Secure Score, a dynamic metric designed to evaluate and enhance...
Microsoft Defender Secure Score Recommended Action (RA) – Block users who reached the message limit
Good day security-aware colleagues. There is more on our agendas today than the Solar Eclipse. That being Security. In the realm of cybersecurity, maintaining a robust defensive posture is key to protecting an organization's digital assets. Microsoft Defender's Secure...
Split Brain DNS no problem with PortProxy NAT rules on Windows Servers
Hey Checkyourlogs Fans, In the intricate world of IT troubleshooting, encountering peculiar challenges is par for the course. Recently, I had the opportunity to assist a client grappling with a DNS Split Brain issue – a perplexing dilemma that had plagued their...
Unveiling S2D and Azure Stack HCI Monitoring with PowerShell
Hey Checkyourlogs Fans, Dave Kawula here, thrilled to share an invaluable insight into monitoring S2D (Storage Spaces Direct) and Azure Stack HCI environments. As an operator of these solutions, I understand the challenges of identifying and efficiently...
