If you have configured specific BitLocker policies in your tenant to silently enable BitLocker and have started enrolling devices, you might encounter an issue related to “escrow/backup.” In some cases, the device may fail to back up the BitLocker Drive Encryption recovery information to your Azure AD. This failure is […]
Blog
End-to-end encryption of SMB sessions was introduced in version 3 of the Server Message Block protocol (SMBv3). Windows allows you to configure encryption for all shares or just specific shares. One disadvantage is that the communication will only be encrypted if both parties are running Windows 8 or Windows Server […]
A network adapter is a piece of hardware that connects a computer to a network. A laptop, for example, typically has two network adapters, one for the Ethernet connection and one for the wireless connection. A network adapter, like any other hardware component of a computer, has its own representation […]
A Trusted Platform Module (TPM) chip is a specialized hardware component that provides security-related functions and serves as a secure root of trust for a computing system. It is a microcontroller that is integrated into a computer’s motherboard or added as a discrete component. TPM chips are designed to enhance […]
In my first post regarding this topic I have constructed a simple PowerShell script that exports all the available software on the machine. In the second post I have modified the script so that you can search for a particular application and get the necessary information without having to pass […]
The previous designed script is showing all the uninstall keys which are present on a particular machine in terms of installed Software. But what about if you want to search for a particular application and get this information? You can use the following PowerShell script: # Define the registry paths […]
Credential Guard is a new security feature developed by Microsoft to protect passwords and other sensitive information. Credential Guard stores the secrets in an even more isolated memory. Even Windows processes and device drivers cannot access this isolated memory. It only has a small number of binaries loaded. Without Credential […]
Microsoft Windows can be set up to automatically logon using a pre-defined user account without prompting the user for logon credentials at boot time. Windows retrieves login account information from the registry, specifically three registry values: DefaultPassword,DefaultUserName,\sDefaultDomainName. Anyone who has physical access to the computer can access the computer’s contents, […]
Local user accounts in Windows are accounts that are created and managed on a specific local computer. These accounts are specific to the individual computer and are not part of a domain or network. Each local user account has a unique username and password, which is used to authenticate and […]
In many organizations, users are not allowed to configure power options on their laptops. This is because organizations want to maintain control over power consumption and ensure consistent settings across all devices. For instance, employees may not be allowed to change the sleep mode settings on their laptops, as this […]
Learn how to deploy VBScript for application installation in Intune. This guide will walk you through the process of using VBScript when deploying an application from the Intune portal. Deploying Win32 applications from Intune is a popular feature that offers various use cases. By utilizing VBScript deployment, you can streamline […]
Managing password settings and preferences is a crucial aspect of maintaining security in an organization’s IT infrastructure. With Group Policy Objects (GPOs), administrators can enforce and control password policies across Windows-based systems. In this post, we’ll explore how GPOs can be utilized to manage password settings effectively. Group Policy is […]