Reblogged from my company blog: https://tech.xenit.se/just-enough-administration-rds/ — The Problem? Microsoft RDS has limitations when delegating access, in fact there is no built-in access delegation whatsoever! The solution? Powershell! A Just enough Administration (JEA) endpoint, also known as a Constrained Powershell Endpoint. The endpoint is restricted to only access List collection, list users and subsequently force…

Reblogged from my company blog: https://tech.xenit.se/recursively-search-azure-ad-group-members/ — When working with on-premise Active Directory an administrator often has to recursively search AD groups, this is easy using the ActiveDirectory module with cmdlet “Get-AdGroupMember <Group> -Recusive”. For the AzureAD equivalent this is no longer an option, the cmdlet Get-AzureADGroupMember has three parameters. PARAMETERS -All <Boolean> If true,…

Reblogged from my company blog: https://tech.xenit.se/azure-automation-running-scripts-locally-vm-runbooks/ — I was tasked to create a powershell script to run on a schedule on a Azure VM. Normally this would be running as a scheduled task on the VM but seeing as we’re working with AzureVM and schedule tasks are legacy I wanted to explore the possibilities of…