Updating googet packages behind a proxy
Compute Engine uses googet
to pre-install drivers and other critical system components on Windows VMs. But how do you update these packages if the VM does not have internet access?
Read more »
Compute Engine uses googet
to pre-install drivers and other critical system components on Windows VMs. But how do you update these packages if the VM does not have internet access?
Read more »
What happens if you use the “Set Windows password” function on a domain controller? Read more »
After creating a Windows VM on Google Cloud, users can use the Cloud Console or IAP Desktop to request login credentials. But what are the risks of letting users generate credentials, and is there a way to prevent them from doing so? Read more »
13 years ago, I wrote NTrace, a dynamic function boundary tracing toolkit for Windows NT inspired by DTrace. NTrace supported both user-mode and kernel mode tracing and, like DTrace, was able to instrument machine code on the fly. Read more »
If you frequently use Remote Desktop, then you might be used to creating .rdp
files for the servers you connect to most often. IAP Desktop does not support .rdp
files, but there is an alternative way to open IAP Desktop and connect to a server in a single click.
Read more »
When you authenticate a user by using OpenID Connect and request the email
scope, most identity providers add two additional claims to the ID Token, email
and email_verified
. The email
claim does not need much explanation – but what about email_verified
, what does this claim indicate and how does Google populate it?
Read more »
Yesterday I released version 2.11 of IAP Desktop. This new version introduces multi-display support and more. Read more »
When you create a VM instance on Google Cloud, you can optionally specify instance metadata. Instance metadata is a list of key/value pairs and the most common use case for using metadata is passing a startup or shutdown script to a VM. But startup and shutdown scripts are not the only platform features that rely on metadata. Read more »
One of the less well known features of Google Cloud Shell is that it has PowerShell preinstalled. All it takes to convert your Cloud Shell session into a PowerShell session is to run a single command. Read more »
In the last post, we looked at the risks of using local port forwarding and how it’s difficult to protect TCP tunnels in a multi-user environment. In this post, we take a look at how IAP Desktop protects its tunnels. Read more »