I improve security for enterprises around the world working for TrustedSec & I am @PyroTek3 on Twitter. Read the About page (top left) for information about me. :) https://adsecurity.org/?page_id=8
Sean Metcalf
Author's posts
Feb 28 2014
KMS Part 2
This is an addendum post to the original KMS info post with a bunch of useful info I gathered recently. Useful KMS and Windows activation commands: Change Windows 2008 R2 license key type from Retail to KMS activated: Slmgr /ipk 489J6-VHDMP-X63PK-3K798-CPX3Y Clear cached KMS host: Slmgr.vbs /ckms Disable KMS host caching: Slmgr.vbs /ckhc Flush local …
Feb 23 2014
Security Considerations for Active Directory (AD) Trusts
TechNet has an article on the Security Considerations for Active Directory (AD) Trusts. This is a must read to fully understand the issues with the security implications of trust configurations. Potential Threats to Interforest Trusts Security Settings for Interforest Trusts Minimum Administrative Credentials for Securing Trusts Trust Security and Other Windows Technologies Related Information …
Feb 15 2014
Active Directory Security Group Resources
Laura Robinson (Microsoft) has 2 posts which are excellent resources when working on your Active Directory delegation model. These posts focus on the concept of an “Admin-Free Active Directory” meaning that there are no accounts in the powerful AD groups: Enterprise Admins, Domain Admins, Administrators, & Schema Admins. The posts also list all of the …
Feb 13 2014
Microsoft Key Management Server (KMS) Details
KMS Introduction The Microsoft Key Management Server (KMS) is part of the Microsoft Volume Activation 2.0 solution managing Windows OS activation keys and performs activation for supported clients automatically. Starting with Windows Server 2008 & Windows Vista, Microsoft switched to an online activation system where every Windows OS requires activation. KMS shifts the activation requirement …
Feb 01 2014
Microsoft KMS Server
The KMS Server is the Key Management Server for Microsoft product activation, primarily OS activation. An organization can configure a KMS Server to service all activation requests in the enterprise. In order for the KMS Server to activate Windows 7, the easiest method is to install KMS on a Windows 2008 R2 server (Windows 2003 …
Jul 03 2013
Using Group Policy Preferences for Password Management = Bad Idea
Using Group Policy Preferences for Password Management = Bad Idea OR “How to Get Your Network Owned in Several Simple Steps” One of my customers recently needed to change the local administrator password on several hundred Windows 7 workstations and was trying to determine the best method: PowerShell script or Group Policy Preferences. The easy …
Nov 17 2012
Windows 2012 RID Management
While “1 Billon RIDs should be enough for anyone,” there are scenarios where a domain could run out of RIDs. This is a “very bad thing” since every security principal requires a RID for creation (Domain SID + RID = security principal SID). One can check the number of RIDs remaining in a domain through …
Mar 06 2012
My Journey to Become a Microsoft Certified Master (MCM) Part 2: The MCM Program
NOTE: I do not work for Microsoft, nor have I ever worked for Microsoft. The information in this post is my thoughts and not those of Microsoft or any other company. Unless said company read my mind and placed some thoughts there… I should buy a Dell… 🙂 The content in this post belongs to …
Feb 28 2012
My Journey to Become a Microsoft Certified Master (MCM) Part 1: The Journey Begins
Just a quick note before I start. I do not work for Microsoft and have never worked for Microsoft. The information in this post is my thoughts and not those of Microsoft, or any other company. Unless said company read my mind and placed some thoughts there… I should buy a Dell… 🙂 The content …
Recent Comments