Author: Link State

Senior System Engineer in an Enterprise Telecommunications Company. Over 25 years of experience in IT, Virtual environments, Datacenter & Cloud (Azure) with Microsoft focus :MCP,MCTS, MCITP,MCSA x3, MCSE x2 Core Infrastructure & Coud Platform - Azure Administrator Associate - Vmware: VCP-DCV 2022, specialized in data protection & DR systems - Veeam: Veeam Legend - VMCE - VMCA. Security-oriented. (Backups are never enough!).

Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion

Posted on Link State By Link State No Comments on Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion
Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion

In modern cloud environments, infrastructure protection is no longer optional. Organizations operating on Microsoft Azure must ensure that business-critical workloads, networking components, storage accounts, and security services are protected not only from accidental human errors, but also from unauthorized or malicious actions. In this guide, we shall discuss “Azure Resource Locks: Protect Resources from Accidental…

Read More “Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion” »

AWS/Azure/OpenShift

Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator

Posted on Link State By Link State No Comments on Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator
Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator

The Hidden Backdoor: Auditing Domain Controller Ownership with Purple Knight. In today’s threat landscape, Active Directory (AD) remains one of the most critical and most targeted components of enterprise infrastructure. In this guide, we shall discuss “Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator”. Please see Set Special File…

Read More “Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator” »

Windows Server

AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7

Posted on Link State By Link State No Comments on AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7
AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7

In this article, we shall discuss the folloing topic “AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7”. Updating a managed Kubernetes environment is rarely just a routine maintenance task. It is a critical operation that directly affects the platform’s stability, security, and the availability of its features. Please, see How to protect…

Read More “AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7” »

AWS/Azure/OpenShift

Azure File Sync : How to enable Self-Service restore

Posted on Link State By Link State No Comments on Azure File Sync : How to enable Self-Service restore
Azure File Sync : How to enable Self-Service restore

Azure File Sync is a service for centralizing an organization’s file shares in Azure Files while keeping the flexibility, performance, and compatibility of a Windows file server. In this article, we shall discuss “Azure File Sync : How to enable Self-Service restore”. Please, see Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD, how to replace Veeam…

Read More “Azure File Sync : How to enable Self-Service restore” »

AWS/Azure/OpenShift

Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD

Posted on Link State By Link State No Comments on Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD
Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD

This article discusses “Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD”. On March 10, 2026, Microsoft disclosed a new security vulnerability affecting Active Directory Domain Services (AD DS). Please, see How to run Apps as an administrator on Windows, and how to Enable Exploit Protection feature on Windows using the Windows Security App, Microsoft Endpoint Configuration…

Read More “Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD” »

Windows Server

Resolving VSS Errors: Veeam AD Backups failing with SentinelOne

Posted on Link State By Link State No Comments on Resolving VSS Errors: Veeam AD Backups failing with SentinelOne
Resolving VSS Errors: Veeam AD Backups failing with SentinelOne

Veeam application-aware backups of Active Directory domain controllers can fail when SentinelOne blocks the VSS and BCD operations Veeam needs for NTDS-aware snapshots. These failures usually appear as VSS errors and “Updating BCD failed” or similar messages in Veeam job logs. In this guide, we shall discuss the “Resolving VSS Errors: Veeam AD Backups failing…

Read More “Resolving VSS Errors: Veeam AD Backups failing with SentinelOne” »

Backup

Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13

Posted on Link State By Link State No Comments on Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13
Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13

Veeam Data Platform v13 adopts a “security-first” architecture, actively protecting backup infrastructure against modern threats, and continues to support advanced security features for Windows-based components, including VMware Virtualisation-Based Security (VBS) and Microsoft Group Policy Object (GPO) Credential Guard. In this guide, we shall discuss “Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO…

Read More “Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13” »

Backup, Windows Server

How to create a two-way Active Directory Trust

Posted on Link State By Link State No Comments on How to create a two-way Active Directory Trust
How to create a two-way Active Directory Trust

In this guide, we shall discuss how to create a two-way Active Directory Trust. A two-way trust will be created between these domains. This means that the two domains will be able to share their resources with each other. Please, see [AZURE] MSSQL Creating a new Azure SQL Database (PaaS), [AZURE] Restore MSSQL Server on…

Read More “How to create a two-way Active Directory Trust” »

Windows Server

How to create a new Azure SQL Database [PaaS]

Posted on Link State By Link State No Comments on How to create a new Azure SQL Database [PaaS]
How to create a new Azure SQL Database [PaaS]

In this article, we shall discuss “how to create a new Azure SQL Database [PaaS]” using the Azure Portal, highlighting the key steps, the most relevant configuration options, and the architectural considerations to keep in mind from the very beginning. Please, see How to create a two-way Active Directory Trust, [AZURE] Restore MSSQL Server on…

Read More “How to create a new Azure SQL Database [PaaS]” »

AWS/Azure/OpenShift, Oracle/MSSQL/MySQL

Restore MSSQL Server on Azure VMs using Azure Backup

Posted on Link State By Link State No Comments on Restore MSSQL Server on Azure VMs using Azure Backup
Restore MSSQL Server on Azure VMs using Azure Backup

In this guide, we shall discuss how to restore MSSQL Server on Azure VMs using Azure Backup. Data protection is only as effective as the ability to restore data quickly and reliably. When running Microsoft SQL Server on Azure Virtual Machines, having a robust backup strategy is essential. Please, see Convert Google Forms Into Microsoft…

Read More “Restore MSSQL Server on Azure VMs using Azure Backup” »

Network | Monitoring

MSSQL Server Error 833: Synthesis of Real-World Case Studies

Posted on Link State By Link State No Comments on MSSQL Server Error 833: Synthesis of Real-World Case Studies
MSSQL Server Error 833: Synthesis of Real-World Case Studies

In this article, we shall discuss “MSSQL Server Error 833: Synthesis of Real-World Case Studies”. MSSQL Server Error 833 is an informational warning indicating that a disk I/O request (read or write) has taken longer than 15 seconds to complete. This is known as “stalled I/O” and points to an issue with the underlying storage…

Read More “MSSQL Server Error 833: Synthesis of Real-World Case Studies” »

Oracle/MSSQL/MySQL

Pull and Push Commvault Images to Azure Container Registry

Posted on Link State By Link State No Comments on Pull and Push Commvault Images to Azure Container Registry
Pull and Push Commvault Images to Azure Container Registry

This procedure is part of the prerequisites for performing a backup of a Kubernetes cluster using the Commvault. In this guide, we shall discuss how to Pull and Push Commvault Images to Azure Container Registry. The adoption of Azure Kubernetes Service (AKS) has become a standard approach for organisations seeking scalable, resilient, and cloud-native container…

Read More “Pull and Push Commvault Images to Azure Container Registry” »

AWS/Azure/OpenShift

[AZURE] Security Service Edge (SSE) and Microsoft Entra ID

Posted on Link State By Link State No Comments on [AZURE] Security Service Edge (SSE) and Microsoft Entra ID
[AZURE] Security Service Edge (SSE) and Microsoft Entra ID

Hello everyone, MS Azure is changing its approach on cloud security, implemented the new Security Service Edge (SSE) solution. In this article, we shall discuss “[AZURE] Security Service Edge (SSE) and Microsoft Entra ID”. Please, see Pull and Push Commvault Images to Azure Container Registry, how to Install SQL Server Always On & Configure Veeam Plug‑in…

Read More “[AZURE] Security Service Edge (SSE) and Microsoft Entra ID” »

AWS/Azure/OpenShift