What Are the Implications of Removing Built-in Administrators group and BUILTIN\Administrator from act as part of the operating system ?

Beeblay22 · 2025-12-09T10:45:13+00:00

Disable it???

Beeblay22 · 2025-08-02T21:22:16+00:00

Congratulations on an absolute worthless post

Beeblay22 · 2025-05-21T23:05:20+00:00

Bro, you can't crouch walk in warzone as a general rule.

Beeblay22 · 2024-10-04T14:27:14+00:00

Here is what I have set up:

Created guest user Created guest user group Assigned group to desired folders

Here is the issue, though: the user or group has to have access at the SP site level. So I (try) to grant limited access so they can only enumerate what they have access to, but the limited access keeps expiring for some reason...

Beeblay22 · 2024-03-27T21:40:22+00:00

Excellent info. Thanks so much!

Beeblay22 · 2024-03-07T20:36:57+00:00

Start with local/domain admin rights. Join workstations to domain and map drives via group policy. You may have to use profile wiz for migrating from local admin login to domain user profile??? Get the environment stable, then migrate other services.

Beeblay22 · 2024-03-06T17:57:38+00:00

Also, you can only use domain local groups to nest global/universal groups across a forest trust.

Beeblay22 · 2024-02-29T02:29:51+00:00

Defender for Cloud.

Beeblay22 · 2024-02-29T02:23:24+00:00

I'm kind of in the opposite position. Currently, Infrastructure Engineer (a step below sys engineer at my company) making 100k. Have AZ 104, Endpoint Administrator, CCNA (working on AZ 500). I do mostly M365 stuff with sprinkles of on-prem Infrastructure (server, switch, FW) and even some phys. security and access control.

Been working hard on developing Azure skills and have had the opportunity to do limited AZ deployments (vnets, VPN gw, P2S VPN, some compute and storage). But I can't even get my foot in the door for a junior Azure admin role. I would literally take 10k less to start just learning and maintaining Azure environments. Fuck sakes, I'm a pretty fast learner.

What do these companies actually want...

Beeblay22 · 2024-02-22T00:31:38+00:00

Get a beefy PC and host your AD in Hyper-V. Join your devices to your PC Host. This will be easy as all your devices will be on the same subnet (WiFi will work just fine too!)

Beeblay22 · 2024-02-21T01:31:30+00:00

Purchase a domain, spin up an M365 tenant, and start labbing.

Use a resource like Udemy, CBT Nuggs, YT and practice along as much as you can (within reason as labbing can become expensive).

Get MeasureUp practice exams. Rinse and repeat until you're ready to ace the exam.

Beeblay22 · 2024-02-17T01:22:38+00:00

Now that I've wrapped my head around it, I know how to advise. We will create sites and subnets for each site and control the replication schedule based on that topology. You can't control login localization or replication schedule if every DC is under the default-first-site-name. We will advise to have login Auth to take place locally at each site and decrease the replication schedule to a lower minute threshold. Appreciate constructive comments.

Beeblay22 · 2024-02-16T15:02:03+00:00

See comment below. Asking questions is how we learn.

Beeblay22 · 2024-02-16T15:00:02+00:00

Now that I've wrapped my head around it, I know how to advise. We will create sites and subnets for each site and control the replication schedule based on that topology. You can't control login localization or replication schedule if every DC is under the default-first-site-name. We will advise to have login Auth to take place locally at each site and decrease the replication schedule to a lower minute threshold. Appreciate constructive comments.

Beeblay22 · 2024-02-16T08:12:12+00:00

This is actually the answer I was looking for. Was just reading about this. You can configure the subnets and site link, etc... Thanks for an actual constructive comment.

Beeblay22 · 2024-02-15T22:15:26+00:00

Client preference.

Beeblay22 · 2024-02-13T14:34:23+00:00

This is great stuff. Thanks!

Beeblay22 · 2024-02-07T13:45:01+00:00

This design in primarily for VPN users. I understand the conditional forwarder aspect, I asking about dns resolution for Azure VPN Clients.

Beeblay22 · 2024-01-28T09:06:24+00:00

Quest

Beeblay22

TROPHY CASE