HTTP Security Headers for IIS 8 and up

Bored of those wannabe “Security Researchers” who respond to your Bug Bounty program because you don’t have a HSTS policy set or some ‘exploit’ that you can only do to yourself? Here I wrote down a few examples that you can copy/paste in your Powershell console to apply to your sites.

Of course, be careful and read up about the possible consequences of these settings! I will try to give a brief overview about the possibilities where it applies in a later stage.
(more…)

View members of a dynamic distribution group

Recently I noticed it wasn’t easy to view members of a dynamic distribution group, which was set up by a somewhat incapable sysadmin. The following line shows how the list was set up: ((((((((((((((((((((CustomAttribute1 -eq ‘All_everyone’) -or (Company -eq ‘[companyname1]’))) -or (Company -eq ‘[companyname2]’))) -and (((((RecipientType -eq ‘UserMailbox’) -or (RecipientType Read more…

Move Exchange Mailboxes using a CSV

The Problem: Corrupted Exchange System User

Today we faced a challenge. Since one the administrative users in our MS Exchange environment was corrupted, we decided to create a new mailbox database (MDB) and move the users to that new database.  Sound quite easy, don’t you think? Here is what we came up with.

(more…)