Windows 10 Always On VPN and Network List Manager Policies

Hi everyone, Short story about Windows 10 Always On VPN, Trusted Network Detection and Network List Manager Policies. When you deploy Windows 10 Always On VPN to your environment, there is a thing called “Trusted Network Detection”. This is a value defined in your VPN profile that tells the VPN if you are connected to …

Continue reading "Windows 10 Always On VPN and Network List Manager Policies" »

Windows Server 2019 Core WITH graphical management!

With the release of Server 2019, Microsoft made some change to what and how the CORE (the one without a GUI) version behaves. First and important: while installing choose wisely between core or desktop experience version, because you cannot change your mind after installation. You cannot uninstall the desktop experience (aka the GUI), neither can …

Continue reading "Windows Server 2019 Core WITH graphical management!" »

gMSA and SSL in SQL, a true journey

Info Lately when I set up a Microsoft SQL server I’ll always implement SSL and a gMSA account to run SQL from. Why? Convince yourself reading this blog post. Because this post focuses on a specific issue, I’ll not explain implementing SSL as such. Here’s the Microsoft documentation I follow for my implementations: https://support.microsoft.com/en-us/help/316898/how-to-enable-ssl-encryption-for-an-instance-of-sql-server-by-using-mi This …

Continue reading "gMSA and SSL in SQL, a true journey" »

New and preview Azure AD features for Office 365 and Premium Licensing

Since Ignite 2017 last September, we got to have more insight in new features coming to Azure Active Directory. Some (most) of them require a Azure AD premium P1 license, commonly bought in the license pack EMS P1 (Enterprise Mobility + Security). It is my and other colleagues experience that Microsoft is currently not technically …

Continue reading "New and preview Azure AD features for Office 365 and Premium Licensing" »

How to prevent man in the middle SQL injection attacks

As a SQL engineer with an interest in security I’m convinced that security is a concept that should be implemented throughout an organization. Just placing a (properly configured) firewall and forcing password policies doesn’t suffice. In light of that last statement I wondered whether or not it was possible to gain access to a MS …

Continue reading "How to prevent man in the middle SQL injection attacks" »