Kategorie: InfrastructureHeroes.org

Almost two years ago, I wrote the article ‘LM, NTLM and NTLMv2: What needs to be considered before switching off?’. Since then, there have been some changes to my scripts and to the topic of ‘switching off NTLM’. News from Microsoft Microsoft announced new auditing features in KB article 5064479€ dated 11 July 2025. For…

A reliably functioning Windows Server Update Services (WSUS) is a central component for providing updates in modern IT environments. However, as soon as WSUS malfunctions, problems start to pile up: the console responds slowly or freezes, clients no longer send status reports, synchronisations fail, or updates are not delivered. To detect such errors early on,…

Lan Manager (LM), New Technology Lan Manager (NTLM) and NTLMv2 have been haunting networks for decades. And they have not been secure for a long time. It’s time to get rid of them for good. But first, let’s take a look at how long this issue has been around. Lan Manager originates from the OS/2…

In this era, the topic of IT security is becoming more and more important. A possible attack vector has always been the local admin passwords. In most cases, these were hard-wired into the installation image and had not been changed for years. Not only a risk from former employees. The lateral movement also poses a…

Learn about Active Directory Service Recovery Mode (DSRM) – a critical but often overlooked feature of Active Directory. This article highlights the importance of DSRM, how it works, and the risks associated with unauthorised access. It also presents best practices for handling and changing DSRM passwords. Finally, it discusses the role of DSRM in the…

In this article you will find the list of user-specific templates of Microsoft Intune. The release status is 2304, i.e. April 2023. You can find more details and background information, as well as some statistics, in the article „Administrative Templates in Intune (Version 2304)“. The device-specific templates can be found in the article „Device-specific administrative…

In this article you will find the list of device-specific templates of Microsoft Intune. The release status is 2304, i.e. April 2023. You can find more details and background information, as well as some statistics, in the article „Administrative Templates in Intune (Version 2304)“. The user-specific templates can be found in the article „User-specific administrative…

Learn more about the impressive evolution of Administrative Templates in Microsoft Intune since October 2019. The number of available templates has grown from 277 in the original preview to 6966 in the current release (version 2304 – as of 01/05/2023). Discover the revised categorisation and ranges of Administrative Templates to fully exploit the potential of…

Active Directory group policies, also called Group Policy Object (GPO), are one of my core topics. I have a lot to do with this in various projects and as a Microsoft trainer. As a result, I have accumulated a number of templates and links. This link collection should make your search a little easier. Only…

The German IT-Grundschutz forms the basis for IT security in Germany and is internationally recognised. This is a collection of recommendations that help IT systems to be protected against security threats. In this blog article, I would like to take a closer look at the origin, international acceptance and structure of the German IT-Grundschutz. The…

The KMS Client serial numbers help you only if you have a KMS Server or use Active Directory based activation. Read more about KMS in our article KMS Overview. This may not yet be translated. Looking for regular serial numbers for Windows 10, Windows 7, Microsoft Office 2013 or Office 2016? The affiliate links will lead you to Amazon ???? Update:…

This article is about installing the reporting function of Windows Server Update Service (WSUS) on Windows Server 2022. The Windows Server Update Service (WSUS) reporting function is mainly needed when it comes to detailed views, for example for individual updates and their status for the different computers and distribution rings or computer groups. I use…

In this article I show you how to create an Android Test device with Android Studio and how to enroll it to Microsoft Intune. The article Create an Intune enrolled Test Device with Android Studio from Christian Schlotterer was published first on InfrastructureHeroes.org.

I personally like the approach of Google to separate Company and Private data. With Android Enterprise the enrollment will create a kind of Sandbox where the admin can manage everything which is required from a company perspective. The article Setup Managed Google Play in Microsoft Intune from Christian Schlotterer was published first on InfrastructureHeroes.org.

Problems with the same Windows SID have been around for a long time, be it with KMS, WSUS or in support cases. I will show you how to check this. The article The Windows SID – and an old problem from Fabian Niesen was published first on InfrastructureHeroes.org.

I work a lot with Microsoft Intune, Autopilot and also Pre-Provisioning. Especially with the latter, I often have to troubleshoot for my customers when things don’t work out. Michael Niehaus has written several articles on troubleshooting, including: Troubleshooting Windows Autopilot, a reference – Out of Office Hours (oofhours.com) Windows Autopilot diagnostics: Digging deeper – Out…

Especially in test environments, you often need an older release of Windows 10, but how can you set Windows to a target release? Many companies are currently still using Windows 10 1909, and the Enterprise Edition is still supported until 11.05.2022. Unfortunately, I can only defer the feature upgrade in Windows 10 for 365 days.…

Certain VPN solutions require public certificates or public revocation lists. Why not use SSTP VPN with Let’s Encrypt certificates? The article SSTP VPN with Let’s Encrypt certificates from Fabian Niesen was published first on InfrastructureHeroes.org.

In this article we will show you how to install and set up a VPN server with Windows Server 2022. We will go through the setup step by step. This article is based on the article VPN Server with Windows Server 2019 (RAS) and has been updated for Windows Server 2022. To access the corporate…

Windows 11 is looming on the horizon and many are wondering where the journey will take them. In this article I will look at the changes to the life cycle / WaaS (Windows as a Service) and the changes for businesses. Windows 11 and hardware compatibility There has been a lot of discussion on the…