The hunt for EventID's

-
What should you look for when you go into the even viewer in Windows?

Is there any events that are more important that others?


Of course but its not just easy to know what you should be looking for, going to this site and you will have a better overview of what EventID there is.

A little list over important security related events

EventID - Event
  4782    - The password hash an account was accessed
  4720    - A user account was created
  4722    - A user account was enabled
  4740    - A user account was locked out
  4625    - An account failed to log on
  4649    - A replay attack was detected
  4728    - A member was added to a security-enabled global group

Popular posts from this blog

Installing Android on a Hyper-V virtual machine

-
Image
Working with mobile device management (MDM) require a lot of testing. With Windows 10 testing is no problem (except those things that demand to be done on a physical device by different reasons), they can easily be run virtual. But when it comes to phones and tablets it have not been that easy. Visual Studio and some other solutions where out there, but they did not come with Store access or they had dependence which excluded Hyper-V from running. Some Emulators runs in a Hyper-V VM with Windows 10, but not on the host itself. So, if you got it to work it was usually slow and painful.
Read more

Quick guide on how to run BgInfo background as Group Policy login

-
Image
I know, it's simple. But I always forget some minor details when it have been a while since last time. So this blogpost is more a reminder to my self. Goal = Get same background picture an all PC (and/or Server) Doing it very simplified and easy in this guide, but you should normally use  folder structure for the files and a suitable Group Policy or more for the setting themself.
Read more

MDT: TimeZoneName and index number list

-
Remebering time zone name and number are a hasle so here are the list for the next time you (or I) need it. Norwegian settings for MDT are: TimeZone=110 TimeZoneName=W. Europe Standard Time (InputLocale=0414:00000414) (KeyboardLocale=nb-NO) The complete list are as following:
Read more