LAPS Security Concern : Computers joiners are able to see LAPS Password

Here we will discuss a common concern about LAPS as many customers noticed that people who join the computers to the domain can retrieve the LAPS password although they are not given the Permission to do so and because some organizations allow normal users to join their machines to the domain this consider a security … Continue reading LAPS Security Concern : Computers joiners are able to see LAPS Password

Active Directory Security Best Practices: Part 2

Hello Again , this our second blog about AD security best practices in our fist blog we talked about one of the most important security mitigation which is secured privileged accounts , you can find it in the following link , https://secureinfra.blog/2019/09/26/active-directory-security-best-practices-part-1/ here we will talk about our second mitigation : Slow Lateral Movement Lets … Continue reading Active Directory Security Best Practices: Part 2

Quick blog – Importing Updates into WSUS – CVE-2019-1367

a Question that was raised this week by quite a few customers is around importing updates into the SCCM environment, that are not available on WSUS, but are on Microsoft Update. The below steps will guide you through the steps to get the updates into the environment quickly As per the CVV article, there are … Continue reading Quick blog – Importing Updates into WSUS – CVE-2019-1367

Field Notes: Azure Active Directory Connect – Verifying Federated Login

I started off this Azure AD Connect series by going through the express installation path, where the password hash synchronization sign-in option is selected by default. This was followed by the custom installation path using pass-through authentication and a remote SQL installation. The latest post in the series covers federation with Active Directory Federation Services … Continue reading Field Notes: Azure Active Directory Connect – Verifying Federated Login

Step by Step: Enforce Require LDAP Signing on domain controllers. Part 2

Introduction On Part 2 of this post, I will show how to request a certificate for a domain controller to use LDAPS, we will see also why we should never use simple bind on clear text. This post is intended to give you an action plan on how you can Enforce Require LDAP Signing on … Continue reading Step by Step: Enforce Require LDAP Signing on domain controllers. Part 2

Field Notes: Azure Active Directory Connect – Federation with AD FS

I started off this Azure AD Connect series by going through the express installation path, where the password hash synchronization sign-in option is selected by default. This was followed by the custom installation path using pass-through authentication and a remote SQL installation. See: Field Notes: Azure Active Directory Connect – Express InstallationField Notes: Azure Active Directory … Continue reading Field Notes: Azure Active Directory Connect – Federation with AD FS