Written on 17. December 2023

Powershell Signing

In the realm of Windows domain security, ensuring the execution of only signed PowerShell scripts is a crucial aspect of maintaining a robust defense against unauthorized code. With the proliferation of scripts either written in-house or generated by AI tools, it’s increasingly important to have a mechanism that verifies the authenticity and integrity of these scripts. Signing your PowerShell scripts, and configuring a Group Policy to allow only signed scripts to run, plays a vital role in safeguarding your IT environment. In this step-by-step guide, we will walk through the process of creating a suitable certificate, signing a PowerShell script, verifying its signature, and setting up a Group Policy Object (GPO) to enforce the execution of only signed scripts across all clients and servers.

Read more…

No Comments on Powershell Signing

Written on 17. December 2023

Move FSMO Roles and demote old Domain Controller

In the dynamic world of my IT environment, a pivotal change was due. An old domain controller, running on Windows Server 2012, needed to be demoted and removed from the domain. This task required a meticulous approach, beginning with the transfer of FSMO roles to a newer server, followed by the decommissioning of the old one. Here’s a walkthrough of how I tackled this challenge.

Read more…

No Comments on Move FSMO Roles and demote old Domain Controller

Categories
Last entries
  • Enhancing PowerShell Security with the Activation of Constrained Language Mode
  • Powershell Signing
  • Move FSMO Roles and demote old Domain Controller
  • How to Update VMware ESXi 8.x
  • Basic Security on Debian Server
  • Apache2 as reverse proxy with ModSecurity and OWASP Ruleset on Debian
  • Synology Active Backup for Business - Last backup to USB drive