Using Office 365 to Protect Your Email

exchange-2014No doubt everyone reading this is familiar with spoofed email. Where an attacker crafts a message to appear as though it comes from a legitimate sender, in the hopes the recipient will reveal personal information or part with their hard earned cash.

With the rise in so called ‘spear phishing’, being able to effectively block spoofed email is no longer just desireable, it is critical.

Also bear in mind that whilst technologies like Sender ID and DKIM exist, they require both parties of an email to be using them for them to be effective.

You may think any domain you have moved to Office 365 recently is automatically protected by Exchange Online Protection however, like previous versions of Exchange, SenderID checking is disabled by default, as are advanced spam filtering and malware protection. Read more of this post

Migrate SBS 2011 Standard to Windows Server 2016

Drawing1

Your trusty old SBS 2011 is finally being retired. It had a good run. It probably still works but you cant get the parts, and the cloud is so appealing and for whatever reason you have, you are putting in a new on premises DC.

Hey, you don’t have to justify it to me. Chances are you shipped Exchange off to the cloud long ago, your clients never really ‘got’ SharePoint and SQL was just used by the backup software and WSUS.

The only thing we want to migrate is Active Directory and File & Print services. Read more of this post

SBS 2011 How To Backup Your EFS Recovery Agent Certificate

Backup your EFS what? That is the reaction I have had from most people I mentioned this to.

I am working on a document to walk through migrating Active Directory from SBS 2011 to Windows Server 2016. As part of that document I wanted to include backing up the EFS Recovery Agent Certificate. Only I couldn’t because on my SBS Server, something had broken.

First off, a bit of background. If you don’t know, EFS is the Encrypted File System that is built into Windows. It allows anyone to encrypt a file.

Read more of this post

MDT 2013 Windows 10 and the MSP Part 6

mslogo4Part 6, I feel like I have written a lot, yet still not scratched the surface of what MDT can do. I am confident I am right about that.

The last thing I wanted to talk about was how your Task Sequence can be further controlled based on the Client Hardware.

Everything I have written so far in my examples is based around a single Task Sequence to deploy Windows 10. You can create multiple Task Sequences of course, and it is straight forward enough to make them, you can even copy and paste them if you want to. Creating one Task Sequence for HP, one for Dell, one for the Microsoft Surface perhaps? That’s fine but we have three Task Sequences to manage now, and where is the fun in that?

Read more of this post

MDT 2013 Windows 10 and the MSP Part 5

mslogo6In Parts 1 – 4 we have covered topics like Installing and customising MDT, adding Operating Systems and Applications and creating Task Sequences.

Catch up here!

http://wp.me/p1i7Su-1Di – Part 1
http://wp.me/p1i7Su-1Dk – Part 2
http://wp.me/p1i7Su-1FR – Part 3
http://wp.me/p1i7Su-1EY – Part 4

In Part 5 we will look at more customisation, but of the Deployed Operating System.

I expect most people reading this will have deployed at least one Windows 10 device. You will also no doubt be familiar with some preinstalled Apps, such as Candy Crush or the plethora of other crap items that are loaded into the default start menu.

Read more of this post

MDT 2013 Windows 10 and the MSP Part 4

mslogo6In Part 1 we looked at installing MDT, In part 2 we configured MDT and deployed a Windows 10 computer via PXE boot, in Part 3 we looked at some more advanced customisations of MDT.

In part 4 we will add some Applications and Operating System Packages.

A computer is not much use without applications. Installing applications is a day to day and frankly boring task. Especially when deploying 20 computers and each need 4 or 5 applications. Read more of this post

MDT 2013 Windows 10 and the MSP Part 3

mslogo2In Part 1 we looked at Installation, Part 2 was configuring the basics of MDT. In Part 3 we will look at some more advanced settings for CustomSettings.ini.

When a client connects up to MDT, via PXE, USB or UNC it will launch LiteTouch.vbs. This is the script that kicks off the whole MDT process.

LiteTouch.vbs itself then kicks off a lot of other scripts and wizards that finally present you with your TaskID choices that you create with Task Sequences.

Before those TaskIDs are shown, your system has been interrogated for information about the architecture, vendor, bios version etc. This information can be used to shape the choices that MDT presents to you.

Read more of this post

%d bloggers like this: