Per information here : https://www.4armed.com/blog/llmnr-nbtns-poisoning-using-responder/ , in a Pentest you might fail this unless you do the below

• Disabling LLMNR:
  • Open the Group Policy Editor in your version of Windows
  • Navigate to Local Computer Policy > Computer Configuration > Administrative Templates > Network > DNS Client
  • Under DNS Client, make sure that “Turn OFF Multicast Name Resolution” is set to Enabled
• Netbios over TCPIP disabled
  • DHCP option “001 Microsoft Disable Netbios Option” configured for all scopes with value of 0x2
  • NetbiosOptions value changed to 2 in registry for all interfaces with PS script
  • LLMNR disabled using GPO
  • Configured Secure only dynamic updates for all DNS zones
• WPAD
  • Microsoft suggested workaround applied, powershell script to add to host file (https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-077)
  • Added option 252 on DHCP scopes and pointed WPAD to 255.255.255.255

• No Comments

When you join a Cisco Spark Hub Device to your Webex account , you need to use this trust to create a new local user and password. You need to use the cloud account to login to the device to create a local username and password

On the same network as the device , login to https://admin.webex.com/devices with your webex Administrator details

Select your device and click on Device Web Portal – Launch Web Portal per below which will login to the device as your cloud details

Set a local Username and password here

• No Comments

1. Put the device in a place
2. Navigate to places
   
3. Click on the place and edit the services
   

   

4. Turn on calendar and enable the email address
   

   

• No Comments

Sharepoint’s “Open with File Explorer” uses the WebDav Protocol ( Web Client Service ) in windows to map through the Directory to Windows

This is not installed by default

Install-WindowsFeature WebDAV-Redirector

The Server will then need to be restarted

• No Comments

Recently trying to install Exchange 2016 CU 15 , the setup stopped for 1 hour at 

8 of 17 Languages

The last line in C:\ExchangeSetupLogs\ExchangeSetup.log

Was

 [1] Finished updating performance counter strings

If you see this in your environment, just wait! This process took 4 hours in my environment in the end

• No Comments

I’ve seen documentation online about password resets for AD Self Service but nothing for ADAudit Plus

The process is similiar : 

• No Comments

• control smscfgrc (for ConfigMgr Client applet)
• control printers (for devices & printers)
• sysdm.cpl (for System Properties, joining workgroup/domain)
• mstsc -v:<serverName> (for RDP session)
• dsa.msc (for ADUC)
• gpmc.msc (for Group Pol Mgmt Console)
• gpedit.msc (for Local Grou Pol Console)
• devmgmt.msc (Device Management)
• lusrmgr.msc (local users mgmt console)
• mmc.exe (blank mmc console – add your snap-ins)
• ncpa.cpl (Network Connections) 
• appwiz.cpl opens add/remove programs
• certmgr.msc opens certificate manager
• certlm.msc Local computer certificate management instead of going through MMC to add it
• diskmgmt.msc (Disk Management)

• No Comments

Install 2019-11 Cumulative Update (either for 1903 or for 1909), this will uninstall the problem KB4517389

The update breaks something on the user profile  , you will need to backup and delete faulty profile from workstation and rebuild

• No Comments

• No Comments

Solution for Auskey Firefox \ Chrome

Auskey installation puts the program for the Extension to user in this location for whoever installed the program

C:\Users\%username%\AppData\Local\AUSkey

This folder and file need copying to the correct user profile and then you need the extension for Chrome and Firefox Installing

• No Comments