Conditional Access Policy Audit with Microsoft Graph (2026)
Conditional Access is the only thing standing between Entra ID and a credential dump. Here is the Graph SDK audit that finds the gaps that look "covered" in the portal....
Windows Administration
Windows Server, Active Directory, and PowerShell guides
Mailbox Forwarding Audit with Microsoft Graph (2026)
A forwarding rule to an external address is the single most reliable indicator of a compromised mailbox. Here is the Graph SDK audit you should run weekly....
Microsoft 365 License Report with Microsoft Graph (2026)
Microsoft 365 licensing waste is the easiest cost win in any tenant. Here is the SDK script that finds dormant E3s, double-licensed users and unused service plans....
Microsoft Graph MFA Audit: Find Users Without Strong Authentication in 2026
The "MFA enabled?" question is the wrong question. The real question is what authentication methods each user has registered. Here is the audit, the SDK calls, and the score....
Microsoft Graph PowerShell SDK: A 2026 Getting-Started Guide
The Microsoft Graph PowerShell SDK replaces MSOnline, AzureAD and most of the Office 365 modules. Here is the 2026 way to install it, authenticate cleanly, and query the right endpoint....
PowerShell Constrained Language Mode: Audit and Enforcement in 2026
Constrained Language Mode is the only thing that stops PowerShell from being a generic .NET runtime. Here is how to detect, enforce and audit CLM at scale....
PowerShell JEA: Just Enough Administration in 2026
Helpdesk does not need Domain Admin. Service accounts do not need to be local admin. JEA gives every role exactly the cmdlets it needs and writes a transcript per session....
PowerShell SecretManagement: A Practical 2026 Guide
Hard-coded credentials in scripts are the slowest-burning incident in any infrastructure team. SecretManagement is the official PowerShell answer โ here is how to actually adopt it....
PowerShell Logging and Transcription: The 2026 Reference
Without PowerShell logging, an incident review is a guessing game. With it, every command, every script block and every session is replayable. Here is how to enable it without flooding the SIEM....