Introduction And here we are on the 3rd post: Introduction to Autoruns and ProcDump
The Sysinternals suite of tools is a collection of over 70 utilities that can be used to troubleshoot and diagnose a wide range of issues on a Windows system.
And here we are on the 2nd post: Introduction to Process Explorer and Process Monitor.
Before we start, repeat after me “When in doubt, run Procmon!”
Now that we’ve gotten the Russinovich mantra out of the way, let’s delve in!
This is the first post of a series of posts on Windows Troubleshooting.
The idea came after I’ve spent a few weeks troubleshooting a very weird issue with the Windows Spooler, starting from the basic troubleshooting steps we all to through and ending up doing reverse engineering of the service itself and while doing that also going through many videos and books concerning this topic.
One interesting challenge that a recent request via Discord brought was how to handle secrets for automated/unattended processes on onpremise machines.
My initial interest in the Powershell Secret Management module slowly waned as I realized that it’s not really meant for that purpose (though it can be made with a command) so I started wondering if it would be possible to actually have that working through Azure Keyvault in an easy manner.
Disclaimer: This review was written following 7 weeks with a review sample of the book provided by the publisher. The publisher had no early preview, copy approval or editorial inputs of any kind and it provided no compensation in exchange for the review.
Since Microsoft is set to deprecate the Azure AD Powershell cmdlets soon™ I’m taking the opportunity to upgrade some scripts I’m using from AzureAD to Graph API, and the one showcased today is the script to add Graph API permissions to an Azure AD Application.