Removing all "Unknown" object from permission/access list in Azure (IAM)

-

I do not like to have permission in Azure that gives access to "Unknown". I consider this a "visual" disturbance, a documentation issue, and a potential security risk. So I usually delete them when I find them.

You can find them by browsing around the entire portal manually or you can find them by using a script to document all access like my script explained in "Documenting Azure resources access (AIM)" 

To ease the cleanup process I created a script based on my findings from this blog. I basically extended it to go through all my subscriptions and document what it does during the process

So it will go through all subscriptions (with some exceptions). Documents all findings in a CSV file, remove the unknowns and then documents what has been removed in a text file at the end. I Was not able to test the text file part, since I already had cleaned up everything when I figured out that documentation of what actually got removed was something that should be included.

You will find the script in my GitHub repo here:

Scripts-For-Sharing/iam-removeunknown.ps1 at master · OTvedt/Scripts-For-Sharing (github.com)

Popular posts from this blog

Installing Android on a Hyper-V virtual machine

-
Image
Working with mobile device management (MDM) require a lot of testing. With Windows 10 testing is no problem (except those things that demand to be done on a physical device by different reasons), they can easily be run virtual. But when it comes to phones and tablets it have not been that easy. Visual Studio and some other solutions where out there, but they did not come with Store access or they had dependence which excluded Hyper-V from running. Some Emulators runs in a Hyper-V VM with Windows 10, but not on the host itself. So, if you got it to work it was usually slow and painful.
Read more

MDT: TimeZoneName and index number list

-
Remebering time zone name and number are a hasle so here are the list for the next time you (or I) need it. Norwegian settings for MDT are: TimeZone=110 TimeZoneName=W. Europe Standard Time (InputLocale=0414:00000414) (KeyboardLocale=nb-NO) The complete list are as following:
Read more

Quick guide on how to run BgInfo background as Group Policy login

-
Image
I know, it's simple. But I always forget some minor details when it have been a while since last time. So this blogpost is more a reminder to my self. Goal = Get same background picture an all PC (and/or Server) Doing it very simplified and easy in this guide, but you should normally use  folder structure for the files and a suitable Group Policy or more for the setting themself.
Read more