Earlier this week, during the September 2013 Patch Tuesday, Microsoft has released a new Active Directory-related security bulletin: MS13-079. With the third Active Directory-related Security bulletin this year, (after MS13-066 and MS13-032) Microsoft is sure having its hands full on patching the vulnerabilities found in these technologies.
MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)
On Tuesday, August 13, 2013 Microsoft, in its monthly Patch Tuesday, released MS13-066, a Security Bulletin addressing an issue with Active Directory Federation Services. This security update resolves a privately reported vulnerability in Active Directory Federation Services (AD FS). reveal information pertaining to the service account used by AD FS. An attacker could then attempt … Continue reading "MS13-066 Vulnerability in Active Directory Federation Services Could Allow Information Disclosure (Important)"
Nice offer on a great Server Core book when you’re in the Netherlands! (and a little promotion of this blog)
For a limited time, Computer Collectief is offering books on Windows Server 2008 for a mere €10 each. While all these books would be great resources and a professional way to spend your holidays on the beach, I feel one particular book, should really make it to your reading list, when you’re working with Server … Continue reading "Nice offer on a great Server Core book when you’re in the Netherlands! (and a little promotion of this blog)"
Active Directory Services on Server Core installations
Windows Server 2012 is a major leap forward for Server Core installations of Windows Server. Not only are Full installations of Windows Server convertible back and forth to Server Core installations without reinstallation, a whole slew of new Server Roles have become available for installation on the mean, clean Server Core installations. Active Directory Domain … Continue reading "Active Directory Services on Server Core installations"
KnowledgeBase: You cannot use redirusr.exe and redircmp.exe in the Windows Server 2008 DFL on Windows Server 2008
In the past years, I’ve found many systems and many errors. Today, I’m sharing behavior in Microsoft Windows Server that had me frown and chuckle. A bug in Active Directory code I’ve been grateful for, since it illustrates the nature of software. Note: This behavior has not been publicized in the Microsoft KnowledgeBase (yet). In … Continue reading "KnowledgeBase: You cannot use redirusr.exe and redircmp.exe in the Windows Server 2008 DFL on Windows Server 2008"
PowerShell, LDIFDE, CSVDE and Protection from Accidental Deletion
When you build test environments regularly, at some point you’ll want to fill your Active Directory quickly. If, for instance, you have a data set with Organizational Units (OUs), user accounts and groups, you’ll want to quickly import this data. If, on the other hand, in your business you’re allowed to use the user information … Continue reading "PowerShell, LDIFDE, CSVDE and Protection from Accidental Deletion"
Active Directory in Hyper-V environments, Part 7
For a while, Microsoft’s KnowledgeBase article 976424, titled Error code when the kpasswd protocol fails after you perform an authoritative restore: "KDC_ERROR_S_PRINCIPAL_UNKNOWN", has been available to solve issues with unexpected behavior after authoritatively restoring the krbtg account on Windows Server 2008 and Windows Server 2008 R2-based Domain Controllers.
DCPROMO Advanced Mode, what does it do?
In the past 11 years, Microsoft has released four versions of Windows Server on which you could install Active Directory. On all these platforms, Microsoft offered two ways to promote a server to a Domain Controller. In this blogpost I’ll reveal the differences between the advanced mode and normal mode for dcpromo.exe for the Windows … Continue reading "DCPROMO Advanced Mode, what does it do?"
How to effectively defend against Morto.A in the enterprise
Whenever a worm utilizes the normal access and daily tools systems admins use, there is a significant problem. After all, shutting down the attack vector suddenly isn’t that easy. So, without making dramatic changes to your environment, how can you rest assured?
Preventing OUs and Containers from Accidental Deletion
Those of you running Domain Controllers with full installations of Windows Server 2008 R2 or are managing Windows Server 2008 R2-based Domain Controllers using the Remote Server Administration Tools (RSAT) on Windows 7, might have seen the following configuration warning in the Active Directory Best Practice Analyzer (AD BPA)