In a previous post in this Kubernetes guide, you learned about deploying stateful applications with Kubernetes StatefulSets. Today, we will discuss role-based access control (RBAC) in Kubernetes, which controls who can access Kubernetes cluster resources. It uses roles and role bindings to grant permissions to subjects, such as users, groups, or service accounts.The post RBAC in Kubernetes first appeared on 4sysops.
Microsoft Entra Connect, formerly named Azure AD Connect, is an on-premises application used to synchronize your local Active Directory objects to Microsoft Entra ID, also known as Azure AD. This post will guide you through the process of migrating Microsoft Entra Connect to a new server.The post Migrate Microsoft Entra Connect (Azure AD Connect) to a new server first appeared on 4sysops.
An Ansible playbook is a YAML file that contains a set of instructions and configurations for automating tasks on one or more remote machines using the Ansible automation tool. In this post in our Ansible beginner's series, I will explain how to use an Ansible Playbook by example.The post Ansible Playbook examples first appeared on 4sysops.
- SystoLOCK in review: Logging in to Active Directory with multi-factor authentication without passwords
SystoLOCK offers a robust solution for enhancing security through multi-factor authentication (MFA) without passwords in an Active Directory environment. Unlike other methods, SystoLOCK does not rely on cloud services. The solution introduces the convenience similar to smartcard-based authentication, eliminating the need for complex password management. Moreover, SystoLOCK allows users to log in securely via VPN connections and supports offline login functionality.The post SystoLOCK in review: Logging in to Active Directory with multi-factor authentication without passwords first appeared on 4sysops.
In a previous post in this Kubernetes guide, you learned about deploying stateful applications with Kubernetes StatefulSets. Today's post will discuss Kubernetes CoreDNS. Earlier versions of Kubernetes used kube-dns to provide service discovery and name resolution within the cluster, which was based on dnsmasq and SkyDNS. The kube-dns had many problems, such as security vulnerabilities, scalability concerns, and higher latency, so starting with Kubernetes version 1.13, CoreDNS became the default cluster DNS server.The post Kubernetes CoreDNS first appeared on 4sysops.
Many organizations are behind the curve in understanding their SaaS applications and governance. In fact, for many IT admins, SaaS applications and SaaS app governance can be very challenging in terms of visibility and control. ENow has introduced a free assessment tool called AppGov Score that quantifies the governance state of Microsoft Entra ID apps and gives admins visibility into SaaS apps in the Microsoft cloud.The post What’s your ENow AppGov Score? Free Microsoft Entra ID app security assessment first appeared on 4sysops.
Defender for Office 365 and Exchange Online Protection monitor all emails hitting your domain and block harmful messages and spam. However, emails from legitimate sources can sometimes also be blocked for various reasons. In this scenario, as an admin, you want to whitelist the sender or the domain. In this post, you will learn how to whitelist a domain in Microsoft 365 and the necessary precautions you must take while doing so.The post Whitelist a domain in Microsoft 365 first appeared on 4sysops.
Leveraging TPM 2.0 to unlock Linux Unified Key Setup (LUKS) encrypted partitions ensures an added layer of protection, utilizing hardware-backed security measures to safeguard critical data while automating the unlocking of encrypted drives at boot time.The post Unlock Linux Unified Key Setup (LUKS) encrypted partitions with TPM 2.0 first appeared on 4sysops.
Are you wondering why your printer spooler stopped? This article addresses common Windows print spooler errors and various methods for fixing them.The post If the print spooler stops—how to fix common print spooler errors first appeared on 4sysops.
The advent of Secure Boot technology has significantly changed the security landscape and gradually gained traction in operating systems, including Linux, offering an additional layer of protection against various forms of malware and unauthorized system alterations.The post Install Secure Boot in Linux first appeared on 4sysops.
In the previous post of this Ansible beginner series, we covered the installation of Ansible, as well as some basic deployment tasks. In this post, we will explore Ansible's remote management features in more detail. The Ansible shell mode is a command-line tool that allows users to execute commands directly on remote hosts through Ansible. It is used for running arbitrary commands that don't require a module, providing a quick and direct way to perform tasks on managed nodes.The post Ansible shell module: Run remote shell commands first appeared on 4sysops.
Windows 11 23H2 introduces a range of new Group Policy settings. These target new features like Dev Drive and extend the management options for existing components. The corresponding ADMX templates are already available for download, as is the setting reference spreadsheet.The post New Group Policy settings in Windows 11 23H2 first appeared on 4sysops.
One of the main new features of Windows Server 2022 is SMB over QUIC. QUIC serves as an alternative to TCP and RDMA, providing a secure connection to a file server over untrusted networks. This protocol is based on UDP and TLS 1.3, enhancing the security and performance of file shares. Windows Server 2025 will include it in all editions, along with the new QUIC Client Access Control. QUIC has been exclusive to the Azure Edition until now.The post Windows Server 2025 will support SMB over QUIC in all editions first appeared on 4sysops.
The new graphical console brings a number of improvements over the classic console host. However, for the foreseeable future, both environments are available. In Windows 11, the new terminal is already set as the default, but you can switch between both as needed. Unfortunately, the coexistence between the two terminals is suffering from some inconsistencies.The post Switch between Windows Terminal and the legacy console first appeared on 4sysops.
Ansible, an open-source automation platform, is rapidly gaining popularity among IT experts and organizations seeking simple yet powerful solutions for automation. It streamlines IT operations by automating configuration management, application deployment, and task automation. It speeds up tasks and ensures infrastructure consistency. This Ansible beginner tutorial will take you through the essential steps of getting started with Ansible, providing you with a foundational understanding, and examples to kickstart your automation journey.The post Ansible beginner tutorial first appeared on 4sysops.
Linux's logical volume management (LVM) system manages and provisions data on physical disks. In this article, I will explain how LVM functions, how to manage it on a single volume, and how to encrypt it using Cockpit. In future articles, we'll discuss how to set up your Linux distribution with full-disk encryption, Secure Boot, and TPM2.0 integration (similar to BitLocker on Windows or FileVault on Mac).The post Encrypt Linux LVM with Linux Unified Key Setup (LUKS) using Cockpit first appeared on 4sysops.