Charalambos Geronikolas

Charalambos Geronikolas

How to Block Access USB via Intune

Learn how to block USB access in Microsoft Intune using three methods: Settings Catalog, Attack Surface Reduction (ASR), and Custom Templates with OMA-URI. This guide shares real-world experience and practical steps to secure your environment against unauthorized data transfers and potential threats from removable media devices.

Rolling Over Kerberos Decryption Key for AZUREADSSOACC

The AZUREADSSOACC computer account is created during the activation of seamless single sign-on (SSO) in Microsoft Entra Connect, facilitating automatic sign-ins for users on corporate networks. It requires secure management by Domain Administrators, with regular updates of the Kerberos decryption key recommended every 30 days to ensure security.

How to Implement Windows LAPS in Microsoft Entra ID and Microsoft Intune

The Windows Local Administrator Password Solution (LAPS) enhances security by automatically managing unique passwords for local administrator accounts, thereby reducing unauthorized access risk. It simplifies password management, ensures compliance with auditing, centralizes password storage, minimizes the attack surface, and is easy to implement, making it beneficial for organizations of all sizes.

Azure Bastion – Transfer Files via Native RDP

Azure Bastion enhances security for remote access to virtual machines (VMs) using RDP and SSH while preventing exposure through public IPs. To enable native RDP access, users must upgrade from Basic to Standard tier in Azure Bastion and use Azure CLI or PowerShell for configuration. The article details required steps and commands.

How to Reset the KRBTGT Account: A Step-by-Step Guide

The KRBTGT account is a crucial component of Active Directory, facilitating secure Kerberos authentication. This article explains its significance and provides guidance on resetting its password to prevent potential attacks. It outlines various modes for executing the reset, emphasizing the necessity of password replication across domain controllers for security.

Essential Repadmin Commands for Domain Controllers

The post discusses the use of the repadmin command for troubleshooting Active Directory replication issues among domain controllers in Windows systems. It outlines several common commands for immediate replication, checking replication status, summarizing replication health, managing queued replications, and isolating replication errors, emphasizing the command's utility for administrators.