Many people have heard the term cloud used in the context of computers and the Internet, but the term is used for many other purposes that it can be hard to understand what exactly the cloud is. “What is the cloud?” There are different answers depending who is defining the cloud. I prefer to use a narrower, enterprise IT focused definition of cloud that avoids marketing fluff and promotes the aspects of cloud computing that are unique and useful.
Windows Update for Business: Closing the feedback loop with Azure OMS Update Compliance
For some companies, switching from Windows Software Update Services (WSUS), to Windows Update for Business (WUfB), may have benefits.
Instead of managing approving updates through WSUS, let Microsoft roll out updates while still exercising some control over when and how they are installed. WUfB will pull updates from Microsoft servers, or using peer-to-peer with other clients on the LAN to save bandwidth.
Unlike WSUS, there isn’t a central place to check if updates are being installed successfully.
Now with the new OMS Update Compliance solution, currently in preview, you can find problem clients and fix them.
FIX: Security Log empty – Audit Policy set to No auditing
Today I encountered a domain controller that was not collecting any events in the security log. I checked the Audit Policy and found everything set to No auditing.
Security Settings->Local Policies->Audit Policy
Continue reading “FIX: Security Log empty – Audit Policy set to No auditing”
Event ID 6038 Auditing NTLM usage
When browsing through the System log on a Domain Controller, you may see the following Warning:
Microsoft Windows Server has detected that NTLM authentication is presently being used between clients and this server. This event occurs once per boot of the server on the first time a client uses NTLM with this server.
NTLM is a weaker authentication mechanism. Please check:
Which applications are using NTLM authentication?
Are there configuration issues preventing the use of stronger authentication such as Kerberos authentication?
If NTLM must be supported, is Extended Protection configured?Details on how to complete these checks can be found at http://go.microsoft.com/fwlink/?LinkId=225699.
This post will explain how to detect which applications are using insecure protocols in your environment.