Author Archives: rcmtech

Search through Pwned Passwords with PowerShell

Troy Hunt recently released over 300 million SHA1 hashes of passwords that his Have I Been Pwned website has been collecting. The site allows you to search the database to see if your passwords are included in those from many … Continue reading

Rate this:

Posted in PowerShell, Security | Tagged , , , , , , , | Leave a comment

Fixing ADFS AADSTS50008: Unable to verify token signature. The signing key identifier does not match any valid registered keys

Today my Office 365 ADFS sign in process was broken. Skype for Business (running from Office 365) wouldn’t sign in, and when I tried to sign in to portal.office.com I ended up at a page saying: Sign In Sorry, but … Continue reading

Rate this:

Posted in Security | Tagged , , , , , , , , | Leave a comment

GUI to log off Remote Desktop users by non-admins

I’ve blogged about the issues with the well-intentioned but ill-though-out Remote Desktop Management Server concept in Windows Server 2012 (inc R2) before, trying to come up with workarounds to all the things you used to be able to do easily … Continue reading

Rate this:

Posted in PowerShell, Remote Desktop, Windows | Tagged , , , , , , , , , , , | Leave a comment

No more excuses, sort out your IT management basics!

I am fed up. This is a bit of a rant, but with good reason: companies and services that I and all of us pay good money for are not being managed properly. I say: Enough, no more excuses. The … Continue reading

Rate this:

Posted in Business, Security | Tagged , , , , , , , , , , , | Leave a comment

Function to invoke PowerShell ISE from shell

Another little function to add to your PowerShell profile. If you’re in the PowerShell Integrated Scripting Environment you can use the command psedit <filename> to open the file in the ISE editor – and it doesn’t just have to be … Continue reading

Rate this:

Posted in PowerShell | Tagged , , , | Leave a comment

Get Uptime with Get-Uptime

I’ve been using this for ages, and have now finally got around to a) blogging it, and b) updating it to use Get-CimInstance. The latter makes it particularly easy to code and thus makes the function very compact due to … Continue reading

Rate this:

Posted in PowerShell | Tagged , , , , , , | Leave a comment

Remote PowerShell to an IP Address

PowerShell remoting works over the WS-Man protocol, which in Windows is implemented via WinRM. By default this uses Kerberos authentication, and in most domain environments everything “just works”. If the machine isn’t correctly registered in DNS you’ll get an error: … Continue reading

Rate this:

Posted in PowerShell | Tagged , , , , , , | Leave a comment

Find out what’s really happening in your network with LogRhythm NetMon Freemium

I recently discovered that LogRhythm, as well as very a full-featured Security Intelligence Platform and SIEM, also provide a “freemium” Network Monitor.┬áThe “freemium” refers to that fact that the software is 100% free, full-featured and not time-limited, but is capacity-limited. … Continue reading

Rate this:

Posted in Networking, Security | Tagged , , , , , , , , , , , , , , , | Leave a comment

PowerShell Transcription to a file share breaks everything, and how to fix it

There’s been a bit of noise about PowerShell-based malware recently, and given the “assume breach” security mindset, I thought it was about time I enabled some of the PowerShell logging features in Windows. The basis behind “assume breach” is that … Continue reading

Rate this:

Posted in PowerShell, Security | Tagged , , , , , , , , , , , | Leave a comment

Collect user and group SIDs and names from Active Directory

Ever found yourself looking through the Access Control List of a file/folder/share and mixed in along with the group names (hopefully not user names!) you see some SIDs? These look something like S-1-5-21-0123456789-0123456789-0123456789-0123. These are the Security IDs of deleted … Continue reading

Rate this:

Posted in PowerShell, Security, Windows | Tagged , , , , , , | Leave a comment