Posts

Quick & Dirty Domain Controller Migration

It's the year 2023 now and it astounds me to know that there are still businesses running Active Directory and other domain services on Server 2003 and Server 2008 boxes. Migration of domain controller roles from old servers to new isn't as difficult as you might think. Honestly the hardest part is probably figuring out Microsoft licensing for Server 2019/2022. Over the last few years since upgrading our own domain controllers, I've helped others with the simple setup steps below.  Also, I'm assuming that anyone reading this is not a complete dunce when it comes to Windows Server and Active Directory because there's a lot of stuff around AD that I'm not taking time to spell out. (You can probably get away with being about a 75% dunce ;) just not a complete one.) QDDCM - Quick & Dirty DC Migration  (For On-Prem Active Directory Domain Services on Server 2019/2022 with GUI) I'm going to just dive right in here with out much preamble. Following this guide w

Safely and Securely Back Up Your Virtual Machines on Someone Else's Computer

Image
In healthcare, it's critical that IT professionals have a solid backup game. The workflow at job.current has undergone several iterations of backup strategies, and our offsite backup plan has never been as cohesive as I'd like it to be. Our infrastructure has undergone many changes over the last two years, and upon realizing that our offsite backup strategy had gaps, I escalated the priority of closing those gaps to SEV1. Prior to Windows 7's demise, we were running several Citrix XenServers which served up a Win 7 VDI grid as well as infrastructure servers (LDAP, Print Servers, File Servers, app servers), and one legacy VMWare ESXi server (more of the same minus the VDIs). Each of our servers were running on identical 2u SuperMicro whitebox servers with 24 cores of Intel Xeon CPU power, 192GB of memory, and a RAID-6 array of 2tb spinners. As we phased out our VDI infrastructure, we were looking to also move away from XenServer completely, as Citrix had unfavorably changed

Neither Imap nor Yourmap: Yeet Legacy Authentication!

Image
Every so often, the prevailing forces in the IT industry collectively decide that a protocol must be deprecated. The Internet Messaging Access Protocol (IMAP) appears to be one of the latest victims of this phenomenon. This has caused some inconveniences, but I'm okay with the reasoning behind this: an increased emphasis on security and requiring of multi-factor authentication. Of the tech giants I've seen addressing this, it seems Microsoft hates IMAP more than Google. I use a library that reads my Gmail messages through IMAP, and Google's way of handling the inherent flaws in the protocol is to set up different credentials to access Gmail via IMAP . From a security standpoint, this seems like a half-measure, but it's better than nothing. Microsoft is strongly recommending that Exchange administrators disable IMAP and POP3 (seriously, why is anyone still using POP3?) and making sure two-factor authentication is on for all of tenant accounts, whether they're shared