Platforms

Nordic Infrastructure Conference

Alex Mags
While hunting for some Hyper-V videos, I came across recorded sessions from the 4th Nordic Infrastructure Conference. No sales pitches, only some great talks from field hardened consultants. The sessions are focused on Enterprise Infrastructure (Microsoft Windows Server, System Centre, Azure, PowerShell DSC, Identity Management, Security/hacking). Session Info http://2015.nicconf.com/sessions Recorded sessions: https://www.youtube.com/channel/UChu8zqu8d1mjWxNRLlGXUAw

RHEL on Azure. Finally!

Alex Mags
I got a message today from our Red Hat account manager to let me know that Microsoft has signed Red Hat’s Certified Cloud Service Provider agreement, meaning that over time they will make available, and be available to host, Red Hat products in Azure. RHEL will become the premium Enterprise Linux offering in Azure. This is fantastic news for Red Hat Customers. Previously Azure was not a Red Hat Certified Platform.

Hashicorp Terraform for Infrastructure as Code

Alex Mags
Terraform is a tool by Hashicorp (who do Vagrant, Packer and other ops tools). You maintain a single configuration file and it trues up your environment, creating and deleting machines, to match the configuration file. Their products are coming together into a cohesive suite. The first part describes the Terraform product. At 30 mins there’s a description of “DevOps” (that cuts through much of the BS). Basically: Developers care about:

Windows Authentication in Blackberry Enterprise Server (BES) 12

Alex Mags
Update to previous post on older BES version ( “Test intranet access from Blackberry and other mobile platforms”). For BES12 create a krb5.conf file and upload to the “Single-sign on” profile (obv. switch mycompany.com to your own FQDN. And specify the FQDNs for one or more domain controllers. This has been case sensitive in the past.)``` [libdefaults] default_etypes = aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 des3-cbc-sha rc4-hmac default_realm = MYCOMPANY.COM [realms] MYCOMPANY.COM = { kdc = tcp/DC1.

OS Hardening guides

Alex Mags
In the bad old days Windows would install in user friendly, super accessible mode. You’d then run scripts to lock it down, improving security permissions on registry keys, files and folders, reg tweaks, and potentially break stuff too. There were lots of security guides around. I’d use these NSA guides and tips from McGraw Hill’s Hacking Exposed. Now days Windows comes secure out of the box and you install roles before it’ll do anything.