Victor Silva, profile picture
Uploaded byVictor Silva
PPTX, PDF160 views

Just Enough Administration: Introduction - PowerShell Meetup UY

This document provides an introduction to Just Enough Administration (JEA), a PowerShell security technology that provides role-based access control for anything managed with PowerShell. It discusses determining which commands to allow, defining limits, integration with PowerShell Desired State Configuration, how JEA works by building on PowerShell remoting, and creating a role capability file to define what users can see and do. The document also asks if there is a GUI and provides a link for more information and demo instructions.

Embed presentation

Download to read offline
JUST ENOUGH ADMINISTRATION Introduction
Twitter: @vmsilvamolina Blog: https://blog.victorsilva.com.uy Hello! I Am Victor Silva
JUST ENOUGH ADMINISTRATION?
Just Enough Administration (JEA) is a PowerShell security technology that provides a role based access control platform for anything that can be managed with PowerShell.
Better understand what your users are doing Limit what users can do Reduce the number of administrators on your machines
INSTALL Server Operating System JEA Availability Windows Server 2016 Preinstalled Windows Server 2012 R2 Full functionality with WMF 5.1 Windows Server 2012 Full functionality with WMF 5.1 Windows Server 2008 R2 Reduced functionality with WMF 5.1
DETERMINE WHICH COMMANDS TO ALLOW • Identify the commands • Update use of PowerShell • Restrict the scope • Create custom functions • Test :)
DEFINE LIMITS
INTEGRATION • PowerShell DSC (Desire State Configuration)
HOW TO WORK? • PowerShell Remoting provides the foundation on which JEA is built. Conclusion: Run Enable-PSRemoting • Optional: Enable PowerShell module and script block logging
HOW TO WORK?
CREATE A ROLE CAPABILITY FILE New-PSRoleCapabilityFile -Path .MyFirstJEARole.psrc VisibleCmdlets = 'Restart-Computer', 'Get- NetIPAddress' VisibleExternalCommands = 'C:WindowsSystem32whoami.exe', 'C:Program FilesContosoScriptsUpdateITSoftware.ps1'
…IS THERE A GUI?
MORE INFO? http://aka.ms/JEAdo cs
DEMO Utilizar Azure Cloud Shell Generar un playbook Administrar recursos en Azure
Thanks! You can find me at: @vmsilvamolina / blog.victorsilva.com.uy Any questions?

More Related Content

PDF
Taller permisos de archivos y directorios ubuntu
byJose Diaz Silva
 
DOCX
Design A Screen saver in c on Moving Train with Side view.
bySanjay Kumar Chakravarti
 
PDF
Greenfoot 1
byElian Maya
 
PDF
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
byWomen in Technology Poland
 
PDF
ReCertifying Active Directory
byWill Schroeder
 
PDF
Greenfoot 3
byChristian Medina
 
PDF
Return to dlresolve
byAngel Boy
 
PDF
Performance Schema for MySQL troubleshooting
bySveta Smirnova
 
Taller permisos de archivos y directorios ubuntu
byJose Diaz Silva
 
Design A Screen saver in c on Moving Train with Side view.
bySanjay Kumar Chakravarti
 
Greenfoot 1
byElian Maya
 
HTML, CSS & Javascript Architecture (extended version) - Jan Kraus
byWomen in Technology Poland
 
ReCertifying Active Directory
byWill Schroeder
 
Greenfoot 3
byChristian Medina
 
Return to dlresolve
byAngel Boy
 
Performance Schema for MySQL troubleshooting
bySveta Smirnova
 

What's hot

PDF
Data processing with celery and rabbit mq
byJeff Peck
 
PDF
Windows.forms.ejercicios
byCHRISTIAN ASENCIO
 
DOCX
PRACTICA 6 ALICE
byestefania loredo cortes
 
PPTX
UI Customization in AEM 6.0
byGilles Knobloch
 
PPTX
Min priority queue
by9854098540
 
PDF
[若渴]Study on Side Channel Attacks and Countermeasures
byAj MaChInE
 
PPTX
Catch Me If You Can: PowerShell Red vs Blue
byWill Schroeder
 
PDF
SANS Forensics 2009 - Memory Forensics and Registry Analysis
bymooyix
 
PPTX
Here Be Dragons: The Unexplored Land of Active Directory ACLs
byAndy Robbins
 
PDF
DerbyCon 2019 - Kerberoasting Revisited
byWill Schroeder
 
PPTX
Secure Code Warrior - LDAP injection
bySecure Code Warrior
 
PDF
[pgday.Seoul 2022] POSTGRES 테스트코드로 기여하기 - 이동욱
byPgDay.Seoul
 
PPTX
Abusing Microsoft Kerberos - Sorry you guys don't get it
byBenjamin Delpy
 
PDF
Ceh v5 module 19 evading ids firewall and honeypot
byVi Tính Hoàng Nam
 
PDF
[2019] 게임 서버 대규모 부하 테스트와 모니터링 이렇게 해보자
byNHN FORWARD
 
DOCX
PRACTICA 8 ALICE
byestefania loredo cortes
 
Data processing with celery and rabbit mq
byJeff Peck
 
Windows.forms.ejercicios
byCHRISTIAN ASENCIO
 
PRACTICA 6 ALICE
byestefania loredo cortes
 
UI Customization in AEM 6.0
byGilles Knobloch
 
Min priority queue
by9854098540
 
[若渴]Study on Side Channel Attacks and Countermeasures
byAj MaChInE
 
Catch Me If You Can: PowerShell Red vs Blue
byWill Schroeder
 
SANS Forensics 2009 - Memory Forensics and Registry Analysis
bymooyix
 
Here Be Dragons: The Unexplored Land of Active Directory ACLs
byAndy Robbins
 
DerbyCon 2019 - Kerberoasting Revisited
byWill Schroeder
 
Secure Code Warrior - LDAP injection
bySecure Code Warrior
 
[pgday.Seoul 2022] POSTGRES 테스트코드로 기여하기 - 이동욱
byPgDay.Seoul
 
Abusing Microsoft Kerberos - Sorry you guys don't get it
byBenjamin Delpy
 
Ceh v5 module 19 evading ids firewall and honeypot
byVi Tính Hoàng Nam
 
[2019] 게임 서버 대규모 부하 테스트와 모니터링 이렇게 해보자
byNHN FORWARD
 
PRACTICA 8 ALICE
byestefania loredo cortes
 

More from Victor Silva

PPTX
Docker + Azure DevOps = Pipeline for Jekyll sites
byVictor Silva
 
PPTX
NET Conf CL v2018 Infrastructure as Code on Azure
byVictor Silva
 
PPTX
Infrastructure as Code on Azure - NET Conf CO v2018
byVictor Silva
 
PPTX
PowerShell reports
byVictor Silva
 
PPTX
Infrastructure as Code on Azure - NET Conf AR v2018
byVictor Silva
 
PPTX
Azure cloud shell introduction
byVictor Silva
 
PPTX
Infrastructure as code
byVictor Silva
 
PPTX
Introducción a PowerShell DSC - NET Conf UY v2017
byVictor Silva
 
PPTX
DevOps, PowerShell y Windows Containers - NET Conf UY v2016
byVictor Silva
 
Docker + Azure DevOps = Pipeline for Jekyll sites
byVictor Silva
 
NET Conf CL v2018 Infrastructure as Code on Azure
byVictor Silva
 
Infrastructure as Code on Azure - NET Conf CO v2018
byVictor Silva
 
PowerShell reports
byVictor Silva
 
Infrastructure as Code on Azure - NET Conf AR v2018
byVictor Silva
 
Azure cloud shell introduction
byVictor Silva
 
Infrastructure as code
byVictor Silva
 
Introducción a PowerShell DSC - NET Conf UY v2017
byVictor Silva
 
DevOps, PowerShell y Windows Containers - NET Conf UY v2016
byVictor Silva
 

Recently uploaded

PDF
Webinar: Introduction to LF Energy SEAPATH
byDanBrown980551
 
PDF
November Patch Tuesday
byIvanti
 
PDF
Build Agentic AI Applications with Oracle AI Database Private Agent Factory
bySandesh Rao
 
PDF
Automating ArcGIS Enterprise Compliance for Operational Excellence
bySafe Software
 
PDF
Manage Network Security (Firewall) in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PDF
Digital Garage Certification - Google - Viktor Huszag - Online Marketing Fund...
byViktor Huszag
 
PDF
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
Discover - Assemble - and Gain Insights into your Content with SharePoint Con...
byDrew Madelung
 
PDF
Agile Trailblazers (Scrum Masters, Product Owners, Coaches, Project Managers,...
byScott M. Graffius
 
PDF
Sylvester Konadu Worcester MA - An Accomplished IT Analyst
bySylvester Konadu Worcester
 
PDF
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
PDF
Open Source SecurityCon 2025 in Atlanta - Transparency Exchange API: Where To...
byPavel Shukhman
 
PDF
Unveiling the Basics of Agentic AI - OSUG Mumbai
bythesubuiyer
 
PPTX
Explaining ourselves – people, computers and AI
byAlan Dix
 
PPTX
Bulwark Pokemon League Top 8 graphic archive
byGc Howard
 
PPTX
Building powerful web apps to improve productivity and engagement - Esri UK W...
byEsri UK
 
PDF
Improve Command Line Productivity - RHCSA (RH134).pdf
byLinuxCert Guru
 
PPTX
Career Blueprint - Future Career Vision & Success Stories - 2025 - Part 1
byDianaGray10
 
PDF
Create or Remove files and directories - RHCE.pdf
byLinuxCert Guru
 
PDF
Tune System Performance - RHCSA (RH134).pdf
byLinuxCert Guru
 
Webinar: Introduction to LF Energy SEAPATH
byDanBrown980551
 
November Patch Tuesday
byIvanti
 
Build Agentic AI Applications with Oracle AI Database Private Agent Factory
bySandesh Rao
 
Automating ArcGIS Enterprise Compliance for Operational Excellence
bySafe Software
 
Manage Network Security (Firewall) in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Digital Garage Certification - Google - Viktor Huszag - Online Marketing Fund...
byViktor Huszag
 
Access Network Attached Storage in RHEL - RHCSA (RH134).pdf
byLinuxCert Guru
 
Discover - Assemble - and Gain Insights into your Content with SharePoint Con...
byDrew Madelung
 
Agile Trailblazers (Scrum Masters, Product Owners, Coaches, Project Managers,...
byScott M. Graffius
 
Sylvester Konadu Worcester MA - An Accomplished IT Analyst
bySylvester Konadu Worcester
 
Career Blueprint: Mentor Tracks & Career Clinic - Part 2
byDianaGray10
 
Open Source SecurityCon 2025 in Atlanta - Transparency Exchange API: Where To...
byPavel Shukhman
 
Unveiling the Basics of Agentic AI - OSUG Mumbai
bythesubuiyer
 
Explaining ourselves – people, computers and AI
byAlan Dix
 
Bulwark Pokemon League Top 8 graphic archive
byGc Howard
 
Building powerful web apps to improve productivity and engagement - Esri UK W...
byEsri UK
 
Improve Command Line Productivity - RHCSA (RH134).pdf
byLinuxCert Guru
 
Career Blueprint - Future Career Vision & Success Stories - 2025 - Part 1
byDianaGray10
 
Create or Remove files and directories - RHCE.pdf
byLinuxCert Guru
 
Tune System Performance - RHCSA (RH134).pdf
byLinuxCert Guru
 

Just Enough Administration: Introduction - PowerShell Meetup UY