Author: Link State

Senior System Engineer in an Enterprise Telecommunications Company. Over 25 years of experience in IT, Virtual environments, Datacenter & Cloud (Azure) with Microsoft focus :MCP,MCTS, MCITP,MCSA x3, MCSE x2 Core Infrastructure & Coud Platform - Azure Administrator Associate - Vmware: VCP-DCV 2022, specialized in data protection & DR systems - Veeam: Veeam Legend - VMCE - VMCA. Security-oriented. (Backups are never enough!).

Azure Application Gateway: Practical Configuration Guide

Posted on Link State By Link State No Comments on Azure Application Gateway: Practical Configuration Guide
Azure Application Gateway: Practical Configuration Guide

In this article, we shall discuss “Azure Application Gateway: Practical Configuration Guide”. This post provides a practical, real-world inspired walkthrough for configuring an Azure Application Gateway. The goal is to help engineers quickly understand how to design, name, and connect all required components for a production-ready setup. Please see Azure Managing Subscriptions with PowerShell: From…

Read More “Azure Application Gateway: Practical Configuration Guide” »

AWS/Azure/OpenShift

Azure Arc for SQL Server PAYG: Installation, Connectivity Requirements and Operational Best Practices

Posted on Link State By Link State No Comments on Azure Arc for SQL Server PAYG: Installation, Connectivity Requirements and Operational Best Practices
Azure Arc for SQL Server PAYG: Installation, Connectivity Requirements and Operational Best Practices

Int his topic, we shall discus “Azure Arc for SQL Server PAYG: Installation, Connectivity Requirements and Operational Best Practices”. As organizations increasingly adopt hybrid and multi-cloud strategies, Azure Arc-enabled SQL Server with Pay-As-You-Go (PAYG) offers a flexible way to extend Azure governance, security, and billing capabilities to on-premises and non-Azure environments. Pleaae see How to…

Read More “Azure Arc for SQL Server PAYG: Installation, Connectivity Requirements and Operational Best Practices” »

AWS/Azure/OpenShift

How to Assign a Public IP to Azure Virtual Machine (VM)

Posted on Link State By Link State No Comments on How to Assign a Public IP to Azure Virtual Machine (VM)
How to Assign a Public IP to Azure Virtual Machine (VM)

This guide describes the procedure for associating a Public IP address to an Azure Virtual Machine (VM) at the network interface (NIC) level. In Azure, VMs are deployed with private IP addressing by default within an Azure Virtual Network (VNet), ensuring internal-only communication unless explicitly exposed. Please see How to Upgrade Veeam ONE to 13.0.2.6723…

Read More “How to Assign a Public IP to Azure Virtual Machine (VM)” »

AWS/Azure/OpenShift

Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion

Posted on Link State By Link State No Comments on Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion
Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion

In modern cloud environments, infrastructure protection is no longer optional. Organizations operating on Microsoft Azure must ensure that business-critical workloads, networking components, storage accounts, and security services are protected not only from accidental human errors, but also from unauthorized or malicious actions. In this guide, we shall discuss “Azure Resource Locks: Protect Resources from Accidental…

Read More “Azure Resource Locks: Protecting Critical Cloud Resources from Accidental and Malicious Deletion” »

AWS/Azure/OpenShift

Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator

Posted on Link State By Link State No Comments on Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator
Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator

The Hidden Backdoor: Auditing Domain Controller Ownership with Purple Knight. In today’s threat landscape, Active Directory (AD) remains one of the most critical and most targeted components of enterprise infrastructure. In this guide, we shall discuss “Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator”. Please see Set Special File…

Read More “Active Directory Vulnerability Assessment with Purple Knight: Domain Controller Owner Is Not an Administrator” »

Windows Server

AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7

Posted on Link State By Link State No Comments on AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7
AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7

In this article, we shall discuss the folloing topic “AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7”. Updating a managed Kubernetes environment is rarely just a routine maintenance task. It is a critical operation that directly affects the platform’s stability, security, and the availability of its features. Please, see How to protect…

Read More “AZURE Kubernetes Service (AKS) upgrade minor version from 1.32.3 to 1.33.7” »

AWS/Azure/OpenShift

Azure File Sync : How to enable Self-Service restore

Posted on Link State By Link State No Comments on Azure File Sync : How to enable Self-Service restore
Azure File Sync : How to enable Self-Service restore

Azure File Sync is a service for centralizing an organization’s file shares in Azure Files while keeping the flexibility, performance, and compatibility of a Windows file server. In this article, we shall discuss “Azure File Sync : How to enable Self-Service restore”. Please, see Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD, how to replace Veeam…

Read More “Azure File Sync : How to enable Self-Service restore” »

AWS/Azure/OpenShift

Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD

Posted on Link State By Link State No Comments on Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD
Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD

This article discusses “Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD”. On March 10, 2026, Microsoft disclosed a new security vulnerability affecting Active Directory Domain Services (AD DS). Please, see How to run Apps as an administrator on Windows, and how to Enable Exploit Protection feature on Windows using the Windows Security App, Microsoft Endpoint Configuration…

Read More “Unicode Manipulation: CVE-2026-25177 Privilege Escalation in AD” »

Windows Server

Resolving VSS Errors: Veeam AD Backups failing with SentinelOne

Posted on Link State By Link State No Comments on Resolving VSS Errors: Veeam AD Backups failing with SentinelOne
Resolving VSS Errors: Veeam AD Backups failing with SentinelOne

Veeam application-aware backups of Active Directory domain controllers can fail when SentinelOne blocks the VSS and BCD operations Veeam needs for NTDS-aware snapshots. These failures usually appear as VSS errors and “Updating BCD failed” or similar messages in Veeam job logs. In this guide, we shall discuss the “Resolving VSS Errors: Veeam AD Backups failing…

Read More “Resolving VSS Errors: Veeam AD Backups failing with SentinelOne” »

Backup

Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13

Posted on Link State By Link State No Comments on Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13
Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13

Veeam Data Platform v13 adopts a “security-first” architecture, actively protecting backup infrastructure against modern threats, and continues to support advanced security features for Windows-based components, including VMware Virtualisation-Based Security (VBS) and Microsoft Group Policy Object (GPO) Credential Guard. In this guide, we shall discuss “Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO…

Read More “Hardening Your Infrastructure: A Guide to VMware VBS and MS GPO Credential Guard in VBR v13” »

Backup, Windows Server

How to create a two-way Active Directory Trust

Posted on Link State By Link State No Comments on How to create a two-way Active Directory Trust
How to create a two-way Active Directory Trust

In this guide, we shall discuss how to create a two-way Active Directory Trust. A two-way trust will be created between these domains. This means that the two domains will be able to share their resources with each other. Please, see [AZURE] MSSQL Creating a new Azure SQL Database (PaaS), [AZURE] Restore MSSQL Server on…

Read More “How to create a two-way Active Directory Trust” »

Windows Server

How to create a new Azure SQL Database [PaaS]

Posted on Link State By Link State No Comments on How to create a new Azure SQL Database [PaaS]
How to create a new Azure SQL Database [PaaS]

In this article, we shall discuss “how to create a new Azure SQL Database [PaaS]” using the Azure Portal, highlighting the key steps, the most relevant configuration options, and the architectural considerations to keep in mind from the very beginning. Please, see How to create a two-way Active Directory Trust, [AZURE] Restore MSSQL Server on…

Read More “How to create a new Azure SQL Database [PaaS]” »

AWS/Azure/OpenShift, Oracle/MSSQL/MySQL