It’s important to understand what an AD Password Expiration Policy is to set up proper security measures in your organization. This policy sets out a defined timeline on when a user’s information and passwords are changed in order to ensure security and privacy remain at the forefront for everyone. Here are some key points to help you find out what it is:

• Types of Password Policies – There are different types of password policies that can be used dependent on your company or organization’s needs. Examples include a set number of days for when a user’s password should expire or a set number of days in which the user is required to change their password.
• Requirements – In addition to managing and knowing the timeline in which passwords expire, there may also be specific and unique requirements that the User must adhere to. This can be anything from special characters or numbers to length requirements.
• Account Lockouts and Messages – When a user miss a password expiration policy, the account will become locked out and the user will likely receive an expiration message when they attempt to log in. This is usually implemented to give the User enough warning to update their password before their account is completely disabled.

The AD password expiration policy is an important security feature for any organization as it helps to protect the integrity and privacy of data shared through the network. Following the expiration policy requires having a thorough understanding of the timeline, requirements, and messages associated with it. By implementing the AD password expiration policy, an organization ensures that its data remains safe and secure for everyone.

[mai mult...]

Setting Password Expiry Date is important for organizational security. With Active Directory (AD) users are able to easily and quickly configure expiration dates on all password within the domain. By incorporating regular password expiration cycles, organizations can strengthen security for their systems and protect user accounts.

Follow these steps to set a password expiration date with AD:

• Open Active Directory Users and Computers.
• Right-click on the OU that contains the user accounts that need to be configured.
• Select Properties from the menu.
• Click on the Group Policy tab.
• Create a new GPO, or edit an existing one, and then navigate to User Configuration > Policies > Windows Settings > Security Settings > Account Policies > Password Policy.
• In the Maximum Password Age section specify the desired expiration date.
• Save the GPO.
• Link the GPO to the appropriate OU(s).

With these steps, admins can easily configure password expiration dates within their Active Directory environments. Administrators should ensure that expiration dates are regularly changed to boost security and avoid potential risks.

[mai mult...]

Navigating a new video editing software can be a daunting task, but Clipchamp makes this experience as smooth as possible. Here’s a step-by-step guide to help you get started with ease:

Downloading the Software

1. Windows Users: For those using Windows 10 or Windows 11, downloading Clipchamp is straightforward. Visit the Microsoft Store and search for Clipchamp. Then, click on the ‘Get’ button to install.

2. Apple iOS Users: If you’re on an iPhone or iPad, go to the App Store and search for Clipchamp. Download and install the application just as you would with any other iOS app.

Creating an account

1. Microsoft and OneDrive Integration: One of the benefits of using Clipchamp is the ease with which you can integrate your existing Microsoft or OneDrive accounts. This makes for a streamlined experience, allowing you to save your projects directly to the cloud.

2. Other Options: If you don’t have a Microsoft account, you can still sign up using your email address. Clipchamp offers various sign-up options to cater to a wide range of users.

Familiarizing yourself with the user interface

1. Dashboard: When you open Clipchamp, you’ll be greeted with a dashboard that presents all your current projects and options to start a new one.

2. Brand Kit: On the left sidebar, you’ll see an option for your Brand Kit. Here, you can set your default styles—this includes fonts, overlays, and transitions—so that all your videos maintain a consistent look and feel.

3. Media Library: Another crucial feature is the media library, where you can import video files, stock videos, and even sound effects to use in your projects.

Templates and starting a new project

1. Using Templates: For those who want a quick start, Clipchamp offers a wide range of templates tailored to different social media platforms and content types. Simply pick a template that aligns with your vision and start editing.

2. Starting from Scratch: If you prefer a more hands-on approach, you can start a new project from scratch. Clipchamp allows you to choose the aspect ratio and other initial settings, offering you full control from the get-go.

Settings and preferences

1. General Settings: Familiarize yourself with the general settings, where you can customize the tool to suit your workflow. Here, you can set your preferences for shortcuts, default export options, and more.

2. Accessibility: Clipchamp also has accessibility features, including text-to-speech options, to make the software more user-friendly for all.

By following these steps, you’ll be well on your way to becoming a Clipchamp pro. Its user-friendly interface coupled with powerful functionality ensures that whether you are a beginner or a seasoned video editor, getting started with Clipchamp is a breeze.

Importing video files

Drag and drop your video files into the workspace. The software supports various aspect ratios, so whether you’re editing TikTok videos or YouTube videos, you’re covered.

Cutting and trimming

The basic workflow includes cutting unwanted parts. Use the shortcuts to make this process quicker.

Adding transitions

From fades to more intricate transitions, Clipchamp offers a plethora. You can also preview them in real-time before applying.

Text and fonts

Customize your captions using various fonts. You can add text-to-speech functionality as well if needed.

Picture-in-picture and green screen

These editing features are vital for tutorials or if you want to overlay additional content on your video. To brand your videos, you can use overlays and even add a watermark. This is particularly useful for social media where video theft is common.

Stock video, sound effects, and even GIFs can be integrated into your video. This is excellent for those who might not have all the required resources for their content.

For tutorials or Zoom meetings, the screen recording and webcam features are very useful. This makes Clipchamp a comprehensive video creation and video editing tool.

While Clipchamp is not as robust as Adobe when it comes to sound editing, it offers sufficient sound effects and even allows for basic sound level adjustments.

Once your editing is complete, you can export the video in various formats. Clipchamp offers a built-in functionality to upload your videos directly to social media platforms or save them to OneDrive.

[mai mult...]

Classic Outlook

Show reminders over other programs or apps. You can set up Outlook to display your reminder window on top of other programs you’re working in.

1. Select File > Options > Advanced.
2. In the Reminders section, check the box marked Show reminders on top of other windows.
   
3. Click OK.

Add or remove reminders for meetings. Set reminders for all new meetings

1. Click File > Options > Calendar
2. Under Calendar options, select or clear Default reminders
3. Set the default amount of time at which you want to receive reminders before new calendar items (for example, 15 minutes, 30 minutes, etc.)
   • 

Set a reminder for an existing meeting

1. At the bottom of the screen, click Calendar.
   • 
2. Open the meeting. If the Open Recurring Item dialog box appears, do one of the following:
   • To set the reminder for just one appointment or meeting in a series, select Just this one.
   • To set the reminder for all the appointments or meetings in a series, select The entire series.
3. On the Meeting tab (for a recurring meeting it’s the Meeting Series tab, click the Reminder dropdown and select how long before the appointment or meeting you want to get a reminder. To turn a reminder off, select None.
   • 

Automatically dismiss reminders for past events

If you don’t want to see reminders for events in the past, you can tell Outlook to automatically dismiss reminders for past events. For example, if you’re out of the office for three days, you might not want to come back and see reminders for the meetings that took place while you were gone.

1. Select File > Options > Advanced.
2. In the Reminders section, select Automatically dismiss reminders for past events.

Set reminders for email messages

1. At the bottom of the screen click Mail.
   • 
2. Select an email message.
3. Click Home > Follow Up > Add Reminder.
   • 
4. In the Custom dialog box, check or uncheck Reminder.

Set reminders for tasks

1. At the bottom of the screen, click Tasks.
   • 
2. To view the tasks, click Home > To-Do List.
   • 
3. Click a task in the list.
4. Do one of the following:
   • To add a task reminder to your Tasks list, select the task and then in the Follow-up group, choose a time frame to meet your deadline.
   • To remove a task reminder from your Tasks list/To-Do list, in the Manage Task group, click Remove from List.

New Outlook

With the new reminders window, you can select to snooze calendar events and tasks, join a Teams meeting, or dismiss events and tasks in a separate window.

Turn on the reminders window

You can set up Outlook to display your calendar and To Do (or Task) reminders in a separate window that opens on top of other programs you’re working in.

1. Go to Settings > General > Notifications.
2. Expand the Calendar section, ensure Event Reminders is turned on, and the Reminder notification style is selected.To dismiss reminders for past events (for example, you’ve been away and you don’t want to come back to reminders for events that took place while you were gone), select the Automatically dismiss reminders for past events toggle.

Add or remove reminders for calendar events

Set a default reminder for all calendar events

1. Go to Settings > Calendar > Events and invitations.
2. Under Events you create, select the Default reminder dropdown and then select the default amount of time that you want to be reminded of upcoming events. Select Save if prompted.

Set a reminder for a single meeting or series

You can override the default reminder setting for a single meeting or a meeting series.

1. From the navigation icons on the Outlook Window, select Calendar.
2. From the Calendar window, open the meeting you want to change.
3. If you’re changing a meeting series, first select View series. If you’re changing a single event (or an event series if you selected View series), go to the ribbon, select the Reminder dropdown, and then select an amount for the new reminder time. If you don’t want a reminder for the event or series, select Don’t remind me.

Add or remove reminders for tasks

1. From the navigation icons on the Outlook Window, select the To Do icon.
2. Select a task you want to add a reminder to, and from the task pane that opens, select Remind me. To remove the reminder, select the task and then hover over the reminder until it’s highlighted and the cancel icon appears. Select it to remove the reminder.
   • 

[mai mult...]

Only the administrator account or other IT staff should have full control of files and folders. I can’t think of a good reason a regular user needs full control. By giving regular users full control they are granted the ability to change settings and permissions, which is a bad idea.

Try and limit settings NTFS permissions to no more than two or three levels deep. There will always be exceptions to this rule, but if you set no rules for this these permissions, things will get out of control. Your users will request for every file or folder to have special permissions which will cause problems.

Here is an example.

The accounting department has a folder that has a level 1 folder and two subfolders (level 2 and level 3). It is no problem to set explicit permissions on level 1 and level 2 but I would not go any level deeper (level 3) as this becomes difficult to manage, and the same goes for files.

I would also try to limit setting explicit permissions to folders only. Users will call and will want to set specific permissions on individual files, this will become a pain to manage so try to avoid this.

Avoid Breaking Inheritance

By default, the permissions set at the root folder will be inherited by all subfolders. If you break inheritance it can make it difficult to read and manage NTFS permissions.

Let’s look at an example.

In the above screenshot, accounting, sales, and purchasing are what I consider the root folder. These folders have NTFS permissions set and all the subfolders will inherit their permissions.

For example, I set permissions on the accounting folder, and therefore all its subfolders inherit its permissions. If I broke the inheritance I would have to set the NTFS permissions on the folder.There will be times when you need to break inheritance such as limiting access to a specific folder but this should be kept to a minimum. You can easily check for folder inheritance with the AD Pro Toolkit.

[mai mult...]

What is the Everyone group

All interactive, network, dial-up, and authenticated users are members of the Everyone group. This special identity group gives wide access to system resources. When a user logs on to the network, the user is automatically added to the Everyone group. Membership is controlled by the operating system.

https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/manage/understand-special-identities-groups

The Everyone group also includes the Guest account. This is just bad news for security so I highly recommend never using the Everyone group for anything.

Unfortunately, there are some poorly designed programs and tech support that do not understand this. Has a vendor tech support ever told you, “you need to add the everyone group and give them it permissions”? This is horrible advice and if followed you have significantly weakened security in your network.

Some admins will argue that it is not an issue to use everyone on shared permissions and then lock it down using NTFS permissions. This would still allow hackers to scan and detect shared folders in the network so why allow it? Instead, use the least principle model and only allow those that need access to it.

You can quickly find where the Everyone account is in use by using a reporting tool and filter for the account.In the example below, I scanned my file server and found 4 folders that are using the Everyone account and have full control, and this is not good.

The principle of least privilege means a user should only have access to the data, resources, and applications needed to complete a required task.

Preventing unnecessary permissions prevents mishandling of company data and helps to mitigate security threats. Just because a user is part of a department doesn’t mean they need full access to all department folders and files. Consider using read-only and read/write groups to set granular permissions on files and folders.

[mai mult...]

You can easily provide groups of users with unwanted access if you do not use descriptive security group names. For example, the accounting department just purchased a SaaS based accounting program. It can sync with Active Directory for single sign-on and permissions. The administrator created an Accounting_1 and Accounting_2 group to manage access to the software. Accounting_1 is full access and Accounting_2 is limited. Both groups are generic and have no description or documentation.

The accounting department also needs a shared folder setup so they can share and collaborate on some files. The administrator thinks, oh I’ve already got accounting groups configured, and therefore proceeds to use Accounting_1. Users are added to Accounting_1 to provide access to the NTFS share, but unfortunately this now grants users full access to the SaaS accounting program.

Bad Security Group Names

The groups below are examples of bad security group names because there is no description and are generic, telling the administrator nothing. You would have to scan the entire network to know where these groups are being used.

Good Security Group Names

In the examples below you can look at the group name and instantly know what it is used for and there is information in the description box.

Do not create generic security group names, instead be descriptive in their use and use the description field.

[mai mult...]

Whether you have an existing file server or are setting up a new one it is important to review your NTFS permissions, this at times can even be a requirement of an audit. To simplify this task I recommend using an NTFS Permissions Report Tool that can scan all folders and show you who has access to what. With a reporting tool, you can list all folder permissions, verify users have the correct permissions, check inheritance, find insecure permissions, verify directory rights, and export the report to CSV, Excel, or PDF.

Secure NTFS Permissions with Security Groups

It is a best practice to create security groups to set NTFS permissions rather than using individual user accounts. Security groups have the following advantages:

• Easier to manage permissions for a group of users
• Easily remove user’s permissions
• Easily grant users access to a file or folder
• Makes it easier to identify who has access to what
• Simplifies auditing and compliance reports

Let me walk through an example of how using security groups simplifies NTFS permissions management.

Say you have 100 employees that need access to the accounting folder, 80 need read/write permissions, and the other 20 need read-only access. To set these permissions you only need to create two security groups, and then configure the permissions for these two groups. Example below.

Now as new employees are hired, all you need to do is add the user to one of these groups to give them access. To remove access you would just remove them from the group. If you did not use security groups for the NTFS permissions you would have to add all 100 users to the ACL, this would be very time consuming and difficult to manage. Example below.

[mai mult...]

Is your server guilty of using too much swap space? You can run a quick check with the command:

# free -h 
total used free shared buff/cache available
Mem: 7.6G 895M 4.3G 362M 2.7G 6.2G
Swap: 2G 1.9G 0.2G

If your swap usage is high, this often indicates a problem with the server performance. According to our in-house tech experts, the extremely high swap usage often occurs during and after the server is low on memory.

In other words, the swap usage in itself is not the issue on hand, it is merely a symptom of the actual issue. In fact, swap usage helps speed up the server when it is running low on memory.

Furthermore, swap is where less frequently used data gets cached. This allows your server to place the more highly trafficked data in RAM and yet still have access to the less frequently used data in the swap space.

Why doesn’t High swap usage in cPanel server go down?

Let’s take a closer look at why the amount of swap space doesn’t actually go down. First, we have to realize that moving data to swap is actually an intensive and slow task. The kernel effectively moves data to swap only when the benefits outweigh the operation time.

Similarly, moving data out of swap space is also a slow process. Hence, the kernel tends to take its time when it comes to moving data from the swap.

Why does high swap usage occur?

According to our Support Techs, high swap usage often depends on the type of application run by your server. Other factors that may cause it includes the server configuration and usage patterns. Any time the server runs low on memory, it starts relying more on swap space.

Rather than focusing on the amount of swap usage, it is better to monitor the rate at which the server moves pages to and from the swap space.

Our Support Team recommends monitoring the swap rate regularly. This makes it easier to identify when it becomes higher than usual. In most cases, the swap rate increases rapidly when the server starts having trouble.

How resolve extremely high High swap usage in cPanel server?

The easiest way to ensure that your swap usage by your server becomes 0 is to turn swap off and then turn it back on again.

In other words, this will prompt your swap space to flush out the swap pages into RAM and thereby setting the swap space back to 0.

You can turn your swap usage off by running the following command:

swapoff

Then turn it back on with the following command:

swapon

According to our Support Engineers, as long as your server is not having a low memory condition, it is safe to run these commands.However, if your server is currently facing low memory issues, contact our Server Management Services for further assistance.

[mai mult...]

Move Pagefile.sys to Another Drive

In this method, we will show you how to move pagefile.sys to another drive in Windows via the Settings app to improve your PC’s performance:

Step 1. Open Settings and navigate to “System” > “About”

Step 2. Click “Advanced system settings” next to Related links.

Step 3. In the System Properties pop-up window, click the “Advanced” tab. Next, under the Performance section, click the “Settings” button.

Step 4. In the Performance Options pop-up window, click the “Advanced” tab. Next, under the Virtual memory section, click the “Change” button.

Step 5. Uncheck “Automatically manage paging file size for all drives” in the Virtual Memory window.

Step 6. Under the Paging file size for each drive section, choose the C drive and select the “No paging file” option.

Step 7. Click the “Set” button. Click “Yes” when prompted.

Step 8. Select the drive you want to save the pagefile, for example, D:. Next, select the “System managed size” option. Click the “Set” button.

Step 9. Click “OK” and then “Apply.”

Step 10. Click “OK” and restart your PC.

[mai mult...]