Nathan McNulty
@NathanMcNulty
Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | 🦋@nathanmcnulty.com
Hi, I'm Nathan McNulty 👋 I am here because I enjoy learning and helping others. I feel like I've already accomplished more than I ever dreamed, and I truly want that for everyone else. If you ever find yourself questioning my intent - start there, DM me, or call me out
Something I've been asking for, for about 2 years now. I'm glad Microsoft finally delivered!
Nice explainer on OAuth consent phishing, and even better news, users will no longer be able to consent like this by default (already started rolling out) mc.merill.net/message/MC1097…
Did you know Entra stores LAPS password history? :) The Entra/Intune portal only shows the most recent one, so if you happen to do a lot of snapshots/reverts for testing like I do, the below command will show you all passwords and when they changed $name is device name
$name = 'abc' (Get-MgDirectoryDeviceLocalCredential -deviceLocalCredentialInfoId (Get-MgDevice -Filter "DisplayName eq '$name'").DeviceId -Property credentials).credentials | % { $_.BackupDateTime,[Text.Encoding]::UTF8.GetString([Convert]::FromBase64String($_.PasswordBase64)) }
📢macOS LAPS in Intune is now available! 🥳 Securely provision a local administrator account during setup assistant for devices going through Automated Device Enrollment and configure the first account as a standard user or an admin. See learn.microsoft.com/intune/intune-… for more info.
Friendly reminder to set up (or review) your security.txt securitytxt.org
Some companies really make it hard to do the right thing. Found a neat "feature" and want to report it. Have tried contact form on their site, emails to IT staff I've enumerated, even tried messaging employees on LinkedIn. Maybe the WHOIS contact will work.
Seeing a lot of folks frustrated with the Microsoft.Graph #PowerShell SDK...missing modules, bloat, weird errors. If you just need to hit a few endpoints without the overhead: Install-Module Microsoft.Graph.Authentication Connect-MgGraph Invoke-MgGraphRequest #MSGraph
Evergreen tweet I remind myself of this every few seconds now
There is a remote chance this is entirely made up
Looks like the Entra QR code authentication method is going GA 🥳 They've also added some great guidance on suppressing the camera permission prompt for iOS :) learn.microsoft.com/en-us/entra/id…
There is a remote chance this is entirely made up
A paper on the probability words used in intelligence analysis. Each word is meant to relate to a specific probability range. But people interpret these words in varied ways. "Participants greatly overestimated the probability for realistic possibility" tandfonline.com/doi/full/10.10…