why do KVM console sessions suck so much ass???
let go of my god damn keyboard
ctrl+alt+f12 is a lie

me: hey you gave me an IP outside of the range i was expecting
network: its a /22
me: sorry to bother you, i dont know how subnetting or networking works
network: thumbs up

but thats how i finally understood when to use a subnet calculator

looking forward to never having to be the person to walk someone else through how to enroll an account into Microsoft Authenticator ever again

Do you know how to revoke a user's access in an emergency? This could be due to a compromised account, employee termination, insider threat or another reason.

In short you need to

❌ Disable the user in Active Directory
❌ Reset the user's password twice in the Active Directory
❌ Disable the user in Microsoft Entra ID
❌ Revoke the user's Microsoft Entra ID refresh tokens
❌ Disable the user's devices

The good news is there's a really good doc that includes the cmdlets you can use for automating the steps 👇

https://learn.microsoft.com/en-us/entra/identity/users/users-revoke-access

this was in response me explaining how to use a password manager

"users should be able to use the same password on multiple accounts. you security people make things too difficult just being reactive. you should be spending your time focusing on not letting bad people do bad things... im going to do whats easy and thats using the same password on all my accounts ."- basically the gist of a convo i just had with someone who has worked in IT for over 30 years

Bad people shouldn't be doing bad things folks

It only takes one strategically placed meeting to ruin an entire day’s productivity.

@ktneely we all would love to actually say this, but in reality it doesn't work like that

@mttaggart
Archer (tv show) Season 3:
Randy:
Do you want to have sex with my wife?

Archer:
No! I... I swear, this was just an extremely unlikely mishap with the barbed wire.

Randy:
Because we would be amenable to that. Well? Why do you look so nonplussed?

Archer:
Because I wasn't sure if you knew what "amenable" actually meant, until you followed it up with "nonplussed."

the irony of the M365 team members never checking their email or teams

Does anyone in #identityaccessmanagement actually have a CAMS, CDP, or CIPA certificate? And did you get it from the Identity Management Institute?

#iam #infosec #accessmanagement #identitymanagement #cybersecurity

i hate my job i hate my job

why do people send screenshots of things i need to type somewhere else?

send me the ticket number or folder path or users name or id in plain text for the love of god so i can just copy-paste that shit

user: Hey how do i get this thing done?

me: here is a knowledge article that outlines the process

user: ok, but that looks like its just instructions for IT

me: first step is to have you contact the help desk, if they arent sure what to do advise them to reference this document

user: ok great... So do i still need to do that or can you just help me?

me: *face palm*

"hoteling" is the dumbest office concept ever.
Who doesnt love coming in every day to find out after you left someone else sat at your desk, moved and touched everything and switched chairs around?????

i love having to clean everything before sitting down

mondays are dumb

its too early in the week for this shit

@StuartAdams interesting point, i will try checking against each DC. Thank you!

riddle me this...

why do some users in AD have a line for logon hours and others do not?

Get-AdUsee user1 -properties logonhours | select-object -expandproperty logonhours

255
255
255
... etc

BUT

Get-AdUsee user2 -properties logonhours | select-object -expandproperty logonhours

select-object: Property "Logonhours" cannot be found.

logonhours is not listed in -properties * for User2

both users have logon permitted (in UI), so youd expect they both have the same output

only difference i can think of is, user1 had logonhours toggled to denied and set back?

#wtf #powershell #activedirectory

@nixCraft i still have the CD to install it