Warning - this blog contains opinions, strong language, occasional bold text, and HTML. Viewer discretion is advised.


Don't forget about the old school

I'm downsizing my network at home and I want to get rid of my on-premise domain controller.  So I'm converting to using Azure AD and Windows 10 machines.  All of my devices have been upgraded to Windows 10, but because I also happen to use Google Apps and Google Drive, I ran into THIS annoying problem:

Google Drive on Windows 10 with Azure AD Sign in will not start properly: https://productforums.google.com/forum/#!topic/drive/-Q3no-2OoRw

So, temporarily forced back to using local logins, I was also faced with implementing login restrictions.  Windows 10 Parental Controls are TOO restrictive for my tastes (in addition to now FORCING you to use Microsoft Accounts for all family members), so after some digging I discovered this old school way.  Basically, you can't do login restrictions for local accounts from the GUI, but you can from the command line, below.  You'll probably want to combine this with screen saver timeouts forced with local policy editor:

net user username /times:m-th,2pm-4pm;f-s,1pm-3pm;su,6pm-8pm

So, this will have to suffice until Google Drive fixes their issue with Azure AD logins, and Azure AD lets us perform user logon restrictions like on-prem AD does.


Now this is hot....replication to Azure

This tab has been sitting open in my browser since the day Aidan announced it:


So I finally did it today, and now one of our mission critical servers is currently replicating itself to Azure.  Can't wait to test it.



Windows Nano Server & Hyper-V Containers

Oh man, I really need to spend some time to go through all this cool new stuff coming in Windows Server.  VM containers, Nano Servers, oh my.



Not upgrading from Windows Server 2003?

Aidan Finn running into some obvious frustration with people pushing back against moving away from Windows Server 2003...people that should know better.



Great Article on Cryptowall 3.0 from blogs.cisco.com

Worth a read:


My only question is why would the dropper care whether it's running in a virtual environment?  A bit more digging reveals that the malware author is assuming that if his code ends up running in a VM, it's probably a sandbox and being studied, so the malicious code refuses to co-operate.  Clever.

Here's the analysis of Cryptowall 2.0, from the same blog:



Is my blog dead?

No, my blog is not dead.  Well, I guess it is, sorta.  I've been extremely busy in both my personal and professional life, and since writing is last on my list of things to do, that's how my blog ends up so dusty and stale.  I've been doing some cool stuff though:

- checking out Check Point's new SMB appliances (underwhelmed)
- re-engaging with CompTIA's Security Trustmark process
- learning lots of Hyper-V tips and tricks from Aidan Finn
- getting back into lifting heavy and often using Jim Wendler's 5/3/1 program
- continuing to contribute and play for my local rugby club
- helping run an IT consulting firm, no big deal
- watching my three amazing kids grow into men

So yeah, got a few things going on.  I'll try and add more interesting stuff though.



If you’re into unlocking your own phones and don’t mind paying a few bucks, I do _NOT_ recommend these folks: www.unlock-code-express.com.

I bought a code from them, it didn't work on my handset.  So, that’s lie #1:

Lie #2, from the instructional email you get when you purchase:

I raised my ticket with them Monday, and still haven’t heard back.  I also sent a direct email to support on Monday, no reply there either.  I raised another ticket to them Tuesday night asking for a refund, still haven’t heard back on that one either. 

So, don’t use these guys.   Instead use gadgetrepair-canada.  He’s good people: 

That is all.