Microsoft has released multiple security updates in last Patch Tuesday. One off them fixes a high risk vulnerability (CVE-2021-38647) Also know as OMIGOD. This vulnerability can be used remotely, so exploitation is expected soon.
This flaw doesn’t directly affect Windows at all, because it’s a bug in Microsoft’s open source Open Management Infrastruture (OMI) tool that is designed for Linux in general, and for Azure-hosted Linux servers in particular. However, a lot of resources in Azure do use it
A brief overview
Simplified, OMI is Microsoft’s Linux based answer to WMI, that sysadmins use to keep managing their Windows Networks.
Like WMI, the OMI code runs as a priviliged process on your servers so that sysadmins, and system administration software, can query and control what’s going on, such as enumerating processes, kicking off utility programs, and checking up on system configuration settings.
Unfortunately, cyber criminals love WMI/OMI like we sysadmins do.
Sadly, OMIGOD is an OMI bug that, in theory, offers criminals the same sort of distributed power over your Linux servers…
Today I had to renew my Azure Solutions Expert certification. This was a first time I had to do that. By going to your certification profile you can do a online exam with just 26 questions with numerous things that have been changed in the past year.
I have to say this is a nice way of renewing, and made me think and search and update my Azure knowledge.
STEP 1: First we will need to install AD connect. Run the setup wizard and follow the steps, this is an easy process. After installation the configuration wizard starts, and this is where it gets interesting.
STEP 2: Let’s go through the wizard, first agree with the license terms and click Continue. Feel free to actually read the license terms 🙂
Today I had the honors to do another workshop Ethical hacking together with Erik Loef. It is always good to share your knowledge, and help other people with their work, now and in the future. I hope that these students will embrace what they have learned, and that they will apply this newly obtained knowledge at their (future) employers.
You might have noticed that it’s quiet on 2azure.nl. On the 19th of November my wife got very ill, with unknown brain damage she was hospitalized in the Erasmus University Medical Center. But despite all efforts she passed away on the 6th of December 2019 in the age of 29.
She was my soulmate in everything. Caring for me, for our children, and always interested in other people. Such a lovely wife. You are always in my heart.
STEP 1: First we will need to make sure that our admin account has the correct permissions. Go to the Exchange Online Admin center, and then to permissions – admin roles and click on the + sign to add a new role
We will now create a new role group. Give it the name Address List Management and assign the role Address lists, and make sure to add the administrator account as a member. Click Save when ready.
I started this blog at the end of March this year to share my knowledge, share my passion about IT. And in just 6 months, I’ve published 65 posts in the past 26 weeks… which is over 2 posts a week, more than I anticipated to create… I found out that creating articles, writing up what I do is easier than I expected! And I have received great reactions from people around the world. So I would like to thank you all for your support and nice words!
Logo & stickers
In the last 2 months I have been working on creating my own logo. And with success! Recently I received that package at home with some nice 2azure.nl stickers. If your based in Europe, and you would like to have a few stickers, just use the contact form, and I will try to send them to you!
After a half year, I wanted to look back, and see when and where visitors are checking my website. Every week I am noticing an increase on visitors, coming in from Search Engines, blog trackers, but other websites that mention my articles as well. Where I started with around 12-15 unique visitors a day in the first 2 months, the average has exceeded the 100 line in September.
Microsoft has announced a new service: Azure Data Share. It is a new data service for sharing data across organizations. This can be used to easily share big files and data with external organisations instead of using FTP or other data sharing services.
Today I have given a hands on lab with Erik Loef on security and ethical hacking. We had created 5 different labs for the 21 participants to learn them more about security. This way we allowed them to think as a hacker, find out weaknesses in the system, and how to take measures against hackers. We did create the following 5 labs:
Wifi hacking (retrieve logindetails from end users by using a roque access point)
Create your own virus
Exploit a backdoor in Windows
Hack a webserver
From user to domain admin in 15 minutes
All sessions where created to learn about security. With Azure and Office 365 we do our outmost best to secure your environment. I hope to give you more information in the near future how to improve security in Azure and Office 365.
Frequently I get the question, how are we going to manage our legacy Azure IaaS servers? Should we deploy domain controllers? or should we setup a VPN connection with our on-premise environment?
Before we can start answering these questions we will need to learn more about AD DS.
Azure AD Domain Services provides managed domain services such as domain join, group policy, LDAP, Kerberos/NTLM authentication that are the same as traditional domain controllers. You can consume these domain services without the need for you to deploy, manage, and patch domain controllers in the cloud. Azure AD Domain Services integrates with your existing Azure AD tenant, thus making it possible for users to log in using their corporate credentials. The AD DS is available in a VNet of your choice.
AD DS works with cloud-only or synced with on-premise AD. Important to know is that Password hash synchronization is mandatory for hybrid organizations to use Azure AD domain services. This requirements is because users credentials are needed in the managed domain to authenticate using NTML or Kerberos.
Recently I was notified by a customer that Outlook search wasn’t working anymore as expected (Search not working at all, or missing results). After some searching I found out that this was caused by a Windows 10 Update where a shared DLL was updated: KB4467684
In the the end there is a quick fix by running a simple command that repairs the effected MSWB7.dll file.: sfc/scannow (run as administrator)