After installing the most recent Updates on their Domain Controllers, some readers have reported in the comments that they experienced that the Local Security Authority Subsystem Service (LSASS) process on their Domain Controllers continually increases memory usage making their Domain Controllers become unresponsive and even automatically restart… The cause Many Active Directory admins experienced issues … Continue reading "Domain Controllers running the latest updates may encounter LSASS memory leaks and unexpected restarts, unless…"
To address a known issue that affects Windows Servers that have the Domain Controller role, Microsoft has released an out-of-band update. After installing the November 2022 cumulative updates on Domain Controllers, you might experience Kerberos authentication issues due to the way Microsoft addressed CVE-2022-37966. Microsoft Windows 2022 Regardless of having installed the November 8, 2022 update for … Continue reading "HOWTO: Install the most recent Updates on your Domain Controllers"
To continually increase the information security of on-premises Domain Controllers, Microsoft provides new functionality to Windows Server and Active Directory. Sometimes, the new security measures affect the efforts of admins to get their Active Directory environments to a safer state, ahead of the curve. In this knowledgebase article, I’ll discuss such a measure. The … Continue reading "KnowledgeBase: You experience errors with Event ID 14 and source Kerberos-Key-Distribution-Center on Domain Controllers"
To continually increase the information security of on-premises Domain Controllers, Microsoft provides new functionality to Windows Server and Active Directory. Sometimes, the new security measures affect backward compatibility. In this knowledgebase article, I’ll discuss such a measure. The situation You run Active Directory with Domain Controllers on one or more of the below Windows Server … Continue reading "KnowledgeBase: You experience errors with Event ID 42 and source Kdcsvc on Domain Controllers"
This Patch Tuesday, Microsoft addressed 68 vulnerabilities. Of these vulnerabilities, three vulnerabilities are specific to Windows Server installations running as Domain Controllers. These updates are not of the ‘update and forget’ type of updates, but require some more work. So, spend some time on properly configuring your Domain Controllers, this Patch Tuesday. The three vulnerabilities … Continue reading "Spend some Time on Properly Configuring and Monitoring your Domain Controllers this Patch Tuesday"
There are many great Active Directory Monitoring solutions, however, there are not many great Domain Controller Monitoring solutions. What’s the difference? Not every Active Directory Monitoring solution is capable of monitoring what’s going on on the Domain Controllers. Active Directory Monitoring solutions that are part of bigger monitoring solutions even go as far as treating … Continue reading "Domain Controller Monitoring: Why, What, How?"
On October 4, 2022, Raymond and I are presenting at the Detron Headquarters in Veenendaal on adequately securing Active Directory from 6:30PM to 9PM. I presented on one of their Knowledge session events in 2017, and earlier this year, Xander Bikbergen contacted me to present on a topic close to his experience: the Active Directory … Continue reading "I'm co-presenting an in-person Knowledge session with Detron on adequately securing Active Directory"
Running into Coert Bosker at several events this year, Raymond and I started talking about presenting a session at AppManagEvent. This year, we’re back at this awesome event in Utrecht! About AppManagEvent AppManagEvent is the annual industry event around application management. The event provides its visitors a status update and a future update on the … Continue reading "I’m co-presenting at AppManagEvent 2022"
I’m proud to announce that I will be co-presenting a webinar with Netwrix’ Anthony Moillic and ARMA International on Thursday October 6, 2022 at 1PM CDT (UTC-5). About the webinar Active Directory controls access to critical systems and data for organizations around the world, but it is not always managed securely. That makes it a … Continue reading "I’m co-presenting a webinar with ARMA International and Netwrix"
In a world with both Active Directory and Azure AD, organizations have to make choices. It seems they can either stick with their proven Active Directory, or jump ahead to Azure AD. Luckily, there’s a third option. Using Azure AD Connect, organizations can have the best of the Active Directory and Azure AD worlds. The … Continue reading "Why Everyone’s talking about Hybrid Cloud Trust"