Friday, 23 August 2013

Getting Started with PowerShell 3.0 on MVA

 I have just completed the 'Getting Started with PowerShell 3.0' Jump Start course on the Microsoft Virtual Academy.
These are the recordings of the live event from 18th July 2013 presented by Jeffrey Snover, the inventor of PowerShell, and Jason Helmick, Senior Technologist at Concentrated Technology.

Wednesday, 14 August 2013

Microsoft Licensing Fundamentals on MVA

I have just taken the Microsoft Licensing Fundamentals course on Microsoft Virtual Academy, and after watching the 30 min training video I'm starting to understand the Licensing suites and how they enable transitioning from On-Premise to Cloud based solutions.

If anyone is interested in Microsoft Licensing 101 (Level 100) take a look at this online course which can count as credit towards you becoming your companies Microsoft Licensing Expert.

Microsoft Licensing Fundamentals on MVA

Tuesday, 4 June 2013

Best Practices for Securing Active Directory

Bret Arsenault, Microsoft Chief Information Security Office has recently released a refreshed version of 'Best Practices for Securing Active Directory' with additional scope to cover Windows Server 2012. This document comes as part of the 'How Microsoft does it' series

The newest version of this Document direct from Microsoft covers:

  • Avenues to Compromise
  • Reducing the AD attack surface
  • Monitoring AD for signs of Compromise
  • Planning for Compromise

Anyone using Active Directory should certainly give this document the time of day, although daunting at over 300 pages, Bret goes into some great detail of Who, What, Why, When and How with some great advice on how to harden your Business Critical System.

Grab yourself a copy from here.

Tuesday, 26 March 2013

Updating Microsoft Exchange custom attributes - LDAP vs EMC/EMS

Microsoft Exchange Server 2010 and Exchange Server 2007 include 15 extension attributes. You can use these attributes to add information about a recipient, such as an employee ID, organizational unit (OU), or some other custom value for which there isn't an existing attribute. These attributes aren't used by any Exchange components. They can be used to store Active Directory data without having to extend the Active Directory schema.

We use CustomAttribute1 to store the primary SMTP domain for the user and configure Exchange Recipient Policies to add SMTP addresses dynamically for each mailbox.

Recently we have replaced our User Creation Engine with an internally developed ASP solution (more to follow on this in a later post) and have discovered that the Recipient Policies have not been applied or refreshed.

After some investigation and testing it would appear that (and no real surprise when you think about it) when the AD attribute is edited or updated directly using LDAP Exchange Management doesn't refresh the Recipient Policies.

After more testing if we edited CustomAttribute1 using either the Exchange Management Console (EMC) or Exchange Management Shell (EMS) the Recipient Policies were refreshed. After this enlightening, but not surprising revelation we are planning to edit our User Creation Engine to use the PowerShell command in our custom RunSpace.

Set-Mailbox <Identity> -CustomAttribute1 <Value>


Thursday, 31 January 2013

Can anyone remember how this all works?

After we made the switch to MAC OS X for the front office provision it was decided it was about time we re-visited our existing Group Policy implementation.
Had a great day with some members of the Directory Services Team and the Broadcast Infrastructure Team evaluating our existing group policies and how we can improve and speed up our systems.
Great Day chaps!