On deploying the Policy for Essential 8 Unprivileged accounts cannot logon to privileged operating environments. We added the Azure AD Entra group Privileged Users to this rule […]
Category: Research
Research Undertaken
The boot configuration data store could not be opened.The system cannot find the file specified. EFI Disk
This is the Boot Partition you need to put a drive letter on it via diskpart Now you can run
bcdedit /store Access is denied
Make sure you run CMD as Administrator
Server Manager is loading very slow while accessing RDS farm.
Trying to Load the Window comes up with “Connecting to the RD Connection Broker server…” for 10 Minutes , eventually loads When you open the RD Services […]
Advanced Hunting to Find Word and Excel Macros in Environment with Defender
a failure occurred during the operation Package manager on machine is not healthy – mdatp
CloudAppEvents Log Analytics Table Empy
Was trying to query the CloudAppEvents Table in Advanced Hunting to only find out it was Empty Turns out only M365 E5 License has Cloud Apps or you […]
Microsoft Windows Defender – Network Protection Audit Mode
How to see all the Logs of items that would have been blocked like ASR Reporting via Advanced Hunting Query
Essential 8 – Web browser security settings cannot be changed by users.
Deploy these where you see fit as a New Policy -> Intune-ACSC-Windows-Hardening-Guidelines/office/scripts/OfficeMacroHardening-PreventActivationofOLE.ps1 at main · microsoft/Intune-ACSC-Windows-Hardening-Guidelines · GitHub for Edge and Chrome Then Lock down users access […]