Skip to content

ThatLazyAdmin Posts

Step-by-Step Guide to Running the Defender for Identity Sizing Tool

In this post, I’ll walk you through how to run the Microsoft Defender for Identity Sizing Tool on your domain controllers. This tool is essential to ensure that your environment is ready to deploy Microsoft Defender for Identity by analyzing and reporting on key system metrics like CPU, memory, storage, and bandwidth requirements. Here’s a…

Leave a Comment

Optimizing Attack Surface Reduction (ASR) Exclusions on Microsoft Servers: Best Practices with Intune

Optimizing Attack Surface Reduction (ASR) Exclusions on Microsoft Servers: Best Practices with Intune When managing file and process exclusions for Attack Surface Reduction (ASR) rules on Microsoft servers using Intune Security policies, it’s essential to follow best practices to ensure that security is not compromised while maintaining the functionality of necessary applications and services. Here’s…

Leave a Comment

Automate Microsoft Defender for Endpoint Deployment on Windows Server 2012 R2 and 2016

Automate Microsoft Defender for Endpoint Deployment on Windows Server 2012 R2 and 2016 Introduction Ensuring that servers are protected with the latest security measures is crucial for maintaining a secure IT environment. Microsoft Defender for Endpoint is an essential component in this strategy, providing robust protection against a wide range of threats. However, deploying Defender…

Leave a Comment

Efficiently Copy Entra ID Device Group Members with PowerShell

Efficiently Copy Entra ID Device Group Members with PowerShell The Copy-EntraIDDeviceGroupMembers.ps1 script is designed to make your life easier by automating the process of copying members between Entra ID device groups. This script prompts you for the names of the source and destination groups, retrieves all members from the source group, and adds them to…

Leave a Comment

Enhancing Security with Idle Session Timeout in Microsoft 365

Enhancing Security with Idle Session Timeout in Microsoft 365 Idle sessions can pose a significant security risk, especially on unmanaged devices. Configuring idle session timeouts helps mitigate this risk by automatically signing out users after a specified period of inactivity. This blog post will guide you through the process of setting up an idle session…

Leave a Comment

Enabling Defender for Cloud at the Resource Level with PowerShell

Enabling Defender for Cloud at the Resource Level with PowerShell Efficiently managing Azure resources can be challenging, especially in large environments. To help with this, I’ve developed a PowerShell script designed to automate the process of managing Defender for Cloud pricing configurations across various Azure resources, including Virtual Machines (VMs), Virtual Machine Scale Sets (VMSS),…

Leave a Comment

Enhancing Your Security Posture with Entra ID Audit Logs

Enhancing Your Security Posture with Entra ID Audit Logs Ensuring the security of your organization’s identity and access management systems is vital. One of the most effective strategies to enhance your security posture is by regularly reviewing and updating your Entra ID (formerly Azure Active Directory) audit logs. These logs offer a detailed record of…

Leave a Comment

Enhanced Security in Microsoft Teams: New Controls to Block External Access in Trial-Only Tenants

Enhanced Security in Microsoft Teams: New Controls to Block External Access in Trial-Only Tenants Overview Microsoft Teams continues to evolve with enhanced security measures to safeguard communications. A significant update is on the horizon that introduces a new admin control aimed at strengthening defenses against malicious activities through Teams trial-only tenants. Starting from July 29,…

Leave a Comment

Best Practices for Managing Azure Arc-Enabled Servers

Best Practices for Managing Azure Arc-Enabled Servers As the complexity of IT infrastructures expands, so does the need for streamlined management solutions. Azure Arc offers a powerful way to manage servers across diverse environments from a single plane, leveraging Azure’s capabilities. This article discusses the best practices for managing Azure Arc-enabled servers, ensuring they remain…

Leave a Comment

New Feature in Microsoft Entra: Step-by-Step Guide to Assigning Roles via Access Packages

New Feature in Microsoft Entra: Step-by-Step Guide to Assigning Roles via Access Packages Microsoft Entra now supports a new public preview feature that allows administrators to assign roles using access packages. This addition is particularly beneficial for organizations that require efficient role management across various resources, such as applications, SharePoint sites, groups, and teams. This…

Leave a Comment

Enhancing Email Security with the “SecureMailBannerInjector” PowerShell Script

Enhancing Email Security with the “SecureMailBannerInjector” PowerShell Script Introduction In an era where cybersecurity threats are continually evolving, organizations must proactively defend their communication channels. Email, a critical business tool, is often exploited by attackers to deploy phishing scams, spread malware, or execute social engineering attacks. To address these risks, I’ve developed a PowerShell script,…

Leave a Comment

Streamlining Microsoft Azure Security Posture Checks with the Microsoft Azure CIS Checker Script

Streamlining Your Azure Security Posture with the Microsoft Azure CIS Checker Script As an Azure administrator, ensuring your Azure environment complies with industry standards is paramount. Regular checks and reviews against benchmarks like the CIS (Center for Internet Security) standards are essential to maintain a secure and compliant infrastructure. However, performing these checks manually can…

Leave a Comment