I improve security for enterprises around the world working for TrimarcSecurity.com Read the About page (top left) for information about me. :) https://adsecurity.org/?page_id=8
Author's posts
May 22 2014
Virtualization Updates to Active Directory 2012
As part of the many updates to Active Directory, one of the most interesting is virtualization safeguarding in Windows Server 2012. Active Directory Domain Controllers running Windows Server 2012 can now identify if they are virtualized and have been improperly restored or cloned (copied). Windows Server 2012 introduces a new feature called the VM Generation …
May 20 2014
Microsoft BlueHat Resources
Microsoft has their own internal employee security conference called “BlueHat“. Here are session links from the past few years:
May 15 2014
Group Policy Preferences Password Vulnerability Now Patched
Looks like Microsoft finally removed the ability to set admin account passwords through GPP due to the Group Policy Preferences password exposure vulnerability. More information on how Group Policy Preferences are attacked is in the post “Finding Passwords in SYSVOL & Exploiting Group Policy Preferences“. Because of the security concerns with storing passwords in Group …
May 15 2014
Active Directory Changes in Windows Server 2012
Active Directory, aka Directory Services, has been updated quite a bit in Windows Server 2012. Here are some of the major updates: Virtualization: Rapid deployment with cloning & safeguarding Dynamic Access Control DirectAccess Offline Domain Join Active Directory Federation Services (AD FS) Active Directory Administrative Center Improvements PowerShell version 3 commandlets including Active Directory Replication …
May 13 2014
How to Clean up the WinSxS Directory and Free Up Disk Space on Windows Server 2008 R2 with New Update
It’s finally here! After pages and pages of comments from you requesting the ability to clean up the WinSxS directory and component store on Windows Server 2008 R2, an update is available. http://support.microsoft.com/kb/2852386 As a refresher, the Windows Server 2008 R2 update is directly related to my previous blog post announcing a similar fix for …
May 08 2014
Active Directory FSMO Placement Guidance
FSMO Placement Guidance Summary: Make sure the PDC is highly available and connected. Place the PDC on your best hardware in a reliable hub site that contains replica domain controllers in the same Active Directory site and domain. Place the Forest FSMOs on the forest root PDC (schema master & domain naming master). Place the …
May 06 2014
Windows Server 2012 MCSM Reading List
Here’s a link to download the MCM/MCSM Directory Services Reading List document that I developed for the MCSM Directory Services (Windows Server 2012) program and was created after the MCSM Directory Services (Windows Server 2012) test questions were written. It is based on the original one created for the MCM DS program provided to candidates. …
May 04 2014
Enabling and Managing the Active Directory Recycle Bin
So, you have upgraded all your DCs in the forest to Windows Server 2008 R2 and raised the domain and forest functional levels to Windows Server 2008 R2. Congratulations! Now what? Yes, you have to enable the AD Recycle Bin manually by running the following PowerShell commands: Import-Module ActiveDirectory Enable-ADOptionalFeature –Identity ‘CN=Recycle Bin Feature,CN=Optional Features,CN=Directory …
May 02 2014
Facebook increases privacy on all new posts by default
Looks like Facebook might be coming to its senses… http://www.theverge.com/2014/5/22/5739744/facebook-changes-default-privacy-of-posts-from-public-to-friends
Apr 29 2014
AD Reading: How Key Active Directory Components Work
The following links provide in-depth information on how key Active Directory components work. AD Data Store Windows Server 2003 Active Directory Branch Office Guide Bridgehead Server Selection (Windows 2008 R2) AD Replication Model Certificate Revocation & Status Checking Core Group Policy DNS How DNS Support for AD works Windows 2000 DNS DFS Fine-Grained Password Policy …
Recent Comments