Security

Module Monday July 31, 2023

July 31, 2023 by ClaytonT Leave a Comment

Well, here it is! Module Monday, but this one is a module I’ve been working on for a bit and figured it’s time to put it out to the community for others to enjoy and improve. Have you had to test PowerShell scripts on your 365 tenant and really didn’t want to use your production environment, but wanted to keep the close as possible for testing accuracy? Then you’ll want 365AutomatedLab in your tool chest. It can also be used to add multiple users to an environment from an excel sheet or add multiple groups to a user per their title from an excel sheet. Hope you check it out and leave some feedback! So much I want to do with it and super excited about this project that I feel can help so many!

I’ll be doing some blog posts and video tutorials in the near future. Any preferences?

Thanks to Andrew Pla for the extra push 😆

https://github.com/DevClate/365AutomatedLab

Read-Only Friday 365 Developer Program

July 14, 2023 by ClaytonT Leave a Comment

Want to have some fun with Office 365, but don’t want to mess up your production environment? Or what about being able to try out scripts and not having to brace yourself as you run them and hope they don’t clear out all your data? Now you can do whatever you want with the Microsoft 365 Dev Center.

That is right, up to 25 E5 licensed users at your disposal for 90 days and will be renewed as long as you are using it. They will even create 16 users for you, mail traffic, and more. This isn’t just for PowerShell, this all aspects of 365.

Awesome, right? Here are few examples:

You could copy up to 25 of your current users and import them into this Developer tenant and test scripts see exactly how it would work with your information. Think of those times where you test a script with fictional users and your script works perfect, but once you put it into production, your script fails because one username had a character that your test data didn’t have. Now your spending unnecessary time trying to figure out what went wrong when it worked perfectly in proof of concept.
You want to test new features or policies, but you don’t want to enable them in your production environment, as your not 100% sure how it will react to your environment. Configure this test environment how your current tenant is then enable those features or policies you want to test. Much safer to test in the dev environment, then do it in production and all of a sudden your users can’t access critical resources or anything at all!
Your boss wants you do a proof of concept on how to streamline the onboarding process and to make it as simple as possible for the organization. It is recommended that you use Sharepoint and Teams as the company already uses both and are familiar. Instead of using your production environment, you can do this all in the dev tenant without affecting anything in production. You can even invite key players in this project to login and test it with you. Now you don’t have to worry about a teams alert that you setup for when a new hire has been added to AD or Microsoft Entra ID spamming a your production channel because your script or flow errored.

These are just a few scenarios that the 365 Dev tenant can be useful, but there are so many more. I’m barely scratching the surface, and hope you sign up right away for this if you haven’t already. It is free, if you administer or develop 365, you need this.

I hope you found this helpful, and if you have any questions, I’d be glad to help out in anyway I can.

One-Liner Wednesday March 29, 2023

March 29, 2023 by ClaytonT 2 Comments

Can you believe it’s Wednesday already? I can’t either, week is flying by. Could it be the excitement of the PowerShell + Devops Global Summit coming up in a few weeks? Quite possibly! If you haven’t gotten your ticket yet, I highly recommend it. With that said, these next 3 weeks I’ll be highlighting speakers and topics from the summit.

Today’s one-liner is a great one for troubleshooting from Jeff Hicks. He will be heading the Onramp program for attendees who are just getting into IT. It is such a great program and wished it was around when I was getting into IT!

Get-WinEvent -FilterHashtable @{Logname = 'System';Level=1} -MaxEvents 10 | sort-Object ProviderName,TimeCreated

What this one-liner does is searches the System Event Log for the last 10 “Critical” events. Then sorts them by the Provider name and date/time. You could change the level for “lesser” events if needed. Also if you need to check on a remote computer you can add the -ComputerName parameter, but remember that it only takes 1 computer at a time. If you need to connect to multiple computers, you can use ForEach to reach out to all computers needed.

Hope this one-liner helps you out and hope to see you at the PowerShell + DevOps Summit!

Jeff Hicks:
Blog

PowerShell + DevOps Global Summit:
Global Summit

Microsoft Learn:
Get-WinEvent

Module Monday March 20, 2023

March 20, 2023 by ClaytonT Leave a Comment

Hope you had a great weekend, and are ready for today’s Module Monday. Are you using Duo security? Or looking at Duo for your company? Then you need this module. It’s called DuoSecurity.

Why not automate the process of onboarding/terminating employees or removing old phone authenticators? What about reporting on who is in which groups, how many phones they have, or filtering event logs?

So many more things to automate with this module and make your life easier as well as make your company more secure.

If you have used this module before, let me know how you are using it.

PowerShell Gallery:
Duo Security

GitHub:
Duo Security

Read-Only Friday Nov 11, 2022

November 11, 2022 by ClaytonT Leave a Comment

With today being a holiday, and more holidays coming up in the last days of the year, send out reminders to your users to keep be extra careful when clicking on links. Attacks have been more minor so far this year, which makes me feel it’s going to ramp up shortly. For the parents, think of it when your child is quiet for too long by themselves… it usually means they are planning something or doing something they shouldn’t be doing. That’s how I feel about bad actors currently.

A few things to remind them:
- Do you normally get emails from that company service? (ie UPS, FedEx, PayPal, etc)
  - If not, don’t open it, and definitely don’t click on links or download an attachment
- Does that person normally send you links to click on? If they do, are they the type the current email is asking you to open?
  - I’ve seen it before when a company you normally work with gets compromised so spam/virus/malware protection doesn’t pick it up as it is coming from a real email, but the bad actor over took that users account and is sending links/attachments from it.
- Is the email the real identities email?
  - I know the name says it’s your president or CFO, but what is the real email sending it? It can be tougher seeing it quickly on a mobile device, but have them double check. Have them check those headers.
- Don’t respond to the email
  - When responding, you are showing them that the account is live, and they will keep on attempting to compromise that email address.
- If it looks real, contact the person/company from known number
  - If the email looks mostly real, but they don’t normally send you links, call the person/company from a known number. Nothing from that current email. If you normally contact them check previous emails or ask a coworker if they have a direct number. I would say check their website, but that could be compromised as well, so not always the best spot to get their number.

I’m sure all of these are pretty common, but it’s a great reminder for your users, especially with the end of the year rush starts happening.

What are some tips you would give to your end users?

Module Monday November 7, 2022

November 7, 2022 by ClaytonT Leave a Comment

It’s Monday…..

So here is a new module for today! This one is actually expanding on one liner Wednesday form last week.

This module is called “Password Solution” which allows you to easily search, review, and email users, managers, and IT about passwords expiring. You can even create specific templates to send out to depending on who is receiving it. He make makes it so easy, it makes it tough for a reason not to have something like this in place!

Another great feature is the dashboard that he provides you, which saves you a lot of time trying to make your own from the one liner last week.

PowerShell Gallery:
PasswordSolution/0.0.29