Thursday, September 10, 2015

Cisco Anyconnect does not work after upgrading to 9.4 or 9.5.

The issue is that 9.4 and above which requires configuring custom ciphers in order to user third party CA certs for Anyconnect.  

ssl cipher tlsv1.2 custom "AES256-SHA:AES128-SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:DES-CBC3-SHA:DES-CBC-SHA:RC4-SHA:RC4-MD5"


Here’s the 9.4 release notes that detail the issue - http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/release/notes/asarn94.html

Friday, September 4, 2015

How to get a list of the last time users changed passwords and if they are set for their passwords to never expire.

Open PowerShell, type-

 get-aduser -filter * -properties passwordlastset, passwordneverexpires |ft Name, passwordlastset, Passwordneverexpires

To Export to CSV-
Get-ADUser -filter * -properties passwordlastset, passwordneverexpires | sort-object name | select-object Name, passwordlastset, passwordneverexpires | Export-csv -path c:tempuser-password-info-20131119.csv


For enabled only-
get-aduser -filter 'enabled -eq $true'  -properties passwordlastset, passwordneverexpires |ft Name, passwordlastset, Passwordneverexpires

To see an accounts creation date-

Get-ADUser <UserName> -Properties whenCreated | Format-List Name,whenCreated