Windows Admin Center is a powerful tool that was Generally available after Easter this year and was presented last year under the code-name Project Honolulu.
Windows Admin Center is a lightweight, browser-based GUI platform and toolbox for IT Admins to manage Windows Server and Windows 10. It’s the evolution of a familiar in-box administrative tools, such as Server Manager and Microsoft Management Console (MMC) into a modernized, simplified, integrated, and secure experience.
Windows Admin Center is a natural evolution from the traditional in-box server management tool when you need to connect via RDP to a server or use MMC, RSAT(Remote Server Administration tools) / Server Manager to a Modern web app. The benefit of deploying WAC on your environment is that will help you manage windows machines (server/computers) on premise or Azure cloud VMs.
Continue reading “How to deploy Windows Admin Center on Windows Server 2016 Core with Powershell”
If not well designed or managed, User and Administrator privilege separation for users/system administrators on a Windows OS can be painful for both sides. Indeed, Windows OS doesn’t have a simple and neat management like a SUDO on Linux OS, but settings need to be tailored with GPO or at least with different users.
Regular user accounts (e.g. Domain Users) should not be a member of the local administrators group for a security point of view.
Using separate users: a standard one and an admin member of the local administrators group is at least a good way to mitigate the risk of potential/malicious/accidental damage to the system. It doesn’t matter if most of the today’s threats can deal with the regular user context.
Nothing new if you’re familiar with the least privilege access, if is something you’ve never think about it… Well, I can use a simple effective analogy for allowing user with local admin rights on their workstation.. it’s like to let them run with the scissors all the time… is it worthy or simply asking for trouble?
Continue reading “How To Create a Local Admin Account with Powershell”
I like to keep it simple, but I think that “secure-by-default” description of PowerShell is telling the story wrong, like saying that powershell is just a glorified command prompt or a modern replacement for VB Script. It not setting the right context and showing which goal we want to reach.
Continue reading “PowerShell Security Policies (Types and Scopes)”
My career in IT started in Software Development and most of the time I take for granted some of the common practices and basics of programming that I learnt are also clear for every one of my IT Pro colleagues.
In brief, as developers, when we try to solve problems we define objects and writing source code we describe them into classes. That class definition has attributes and methods that let us interact with that object. Continue reading “PowerShell Dot Sourcing”
When we write code we make assumptions on the environment and the correct execution and most importantly obtaining the expecting result strictly depends on it.
I will not touch on software design or testing process, but just focus on an essential foundation that everyone should think to write better code and more efficient. Preventing to revisit code looking for answer the question of why is not working as expected.
Continue reading “PowerShell Requires Statements”