Slackmojis March 14, 2017, 9:01 a.m.

Custom Slack Emojis 🌮

Well-known security identifiers in Windows operating systems March 9, 2017, 10:09 a.m.

A security identifier (SID) is a unique value of variable length that is used to identify a security principal or security group in Windows operating systems. Well-known SIDs are a group of SIDs that identify generic users or generic groups. Their values remain constant across all operating systems.

Japanese style Faces March 8, 2017, 1:28 p.m.

щ（ﾟДﾟщ）

Figure.NZ March 8, 2017, 11:06 a.m.

Figure.NZ sources data from other organisations, including corporations, public repositories, government departments and academics. We import that data into a powerful open source database, we carefully validate it and standardise it. We then make the data available in a series of standardised forms, both human and machine-readable, with rich metadata about the sources, licensing and datatypes.

Simmonds Stewart Legal Templates March 8, 2017, 9:45 a.m.

Library of legal templates is available for use by business users, including legal services providers.

Windows audit policy and best practices March 6, 2017, 4:43 p.m.

Windows Audit Policy is used to determine the amount of data logged by Windows security on domain controllers and other computers on the domain. These definitions were found to be most effective from both a best practice and compliance standpoint and are based on customer experience and recommendations from Microsoft.

Best practice for Default Domain Policy and Default Domain Controllers Policy March 6, 2017, 4:33 p.m.

Microsoft has some good guidance on this topic, but it’s not always clearly and consistently stated. Here’s a quick Q&A that might help.

Create the Key Distribution Services KDS Root Key March 3, 2017, 8:10 a.m.

The domain controllers will wait up to 10 hours from time of creation to allow all domain controllers to converge their AD replication before allowing the creation of a Group Managed Service Account (gMSA). Workaround with Add-KdsRootKey –EffectiveTime ((get-date).addhours(-10)).

Strategies for reducing memory usage in Django migrations Feb. 25, 2017, 10:48 a.m.

This post is a collection of strategies for reducing memory usage during Django migrations.

Image-to-Image Demo Feb. 24, 2017, 3:50 p.m.

The pix2pix model works by training on pairs of images such as building facade labels to building facades, and then attempts to generate the corresponding output image from any input image you give it.

Reflections on Trusting Trust (pdf) Feb. 24, 2017, 3:28 p.m.

To what extent should one trust a statement that a program is free of Trojan horses? Perhaps it is more important to trust the people who wrote the software.

Active Directory Naming Contexts and Application Partitions Feb. 24, 2017, 3:09 p.m.

Think of a domain as a big data partition, which is also referred to as a naming context. Only domain controllers that are authoritative for a domain need to replicate all of the information within that domain. Information about other domains is not needed on those domain controllers. On the other hand, there is some Active Directory data that must be replicated to all domain controllers within a forest.

PowerShell – Move AD FSMO Roles Feb. 24, 2017, 12:53 p.m.

Move-ADDirectoryServerOperationMasterRole -Identity “Target-DC” -OperationMasterRole SchemaMaster,RIDMaster,InfrastructureMaster,DomainNamingMaster,PDCEmulator

Matrix - ITA Software by Google Feb. 23, 2017, 3:03 p.m.

Matrix showcases some of the freshest travel search ideas from ITA Software. Cost per mile filter, Geo Search – search by airport code, city, or nearby airport, Interactive Calendar – explore date ranges and lowest fares, Real-time Filters – focus on flights that suit your preferences, Color-coded Time Bars – compare flights at a glance

How to Find Specific Exceptions to Use with Try/Catch in PowerShell Feb. 23, 2017, 2:17 p.m.

$Error[0].Exception.GetType().FullName

System Error Codes (Windows) Feb. 22, 2017, 4:06 p.m.

The System Error Codes are very broad.

Active Directory Delegation via PowerShell – May I see your ID(entity)? Feb. 22, 2017, 2:42 p.m.

The pseudo code for doing this is pretty simple:

1. Get the current DACL on the object we desire to set permissions on.
2. Append the existing DACL with a new ActiveDirectoryAccessRule.
3. Re-apply the DACL.

Active Directory's Object Specific ACEs and PowerShell Feb. 22, 2017, 2:38 p.m.

Active Directory ACE (access control entries) are different from your regular ACEs (for example, NTFS), because they can be used to grant permissions only on specific types of objects, and to propagate only to specific types of child objects. My question is - how do I replicate this in PowerShell?

Who can add workstation to the domain Feb. 22, 2017, 2:32 p.m.

1) If you have delegated rights on the OU, you can join unlimited computers to the domain. Regardless of what is in the DDC policy. 2) If you do not have delegated rights on the OU, but are listed within the DDC policy, then you can add machines up to the limit of the “ms-DS-MachineAccountQuota” attribute.

Dump a list of all schemaIDGUIDs with PowerShell Feb. 22, 2017, 2:26 p.m.

There are well known methods for setting Access Control Entries (ACEs) on Active Directory objects using Powershell, which rely on you knowing the schemaIDGUID of the schema object classes you are working with (e.g. User, Computer, Group). Unless you know your way around AD it’s not always immediately obvious where to find the schemaIDGUIDs that you need. To help you with this, I’ve thrown together a couple of PowerShell snippets.