On-premises Identity-related updates and fixes for January 2023

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for January 2023:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for January 2023"

Best Active Directory Monitoring tool

Today, Active Directory is still the cornerstone of most networking infrastructure environments. In Hybrid Identity environments, where on-premises Active Directory is coupled with Azure AD, the reliance on Active Directory is enormous. In these environments, the answers to the question ‘What if something would happen to Active Directory?’ range from ‘Everything goes down’ to ‘Game … Continue reading "Best Active Directory Monitoring tool"

You're invited to the IT-University Masterclass – Adequately Securing Active Directory

On February 6th, 2023, I will be presenting a masterclass, together with Raymond Comvalius for IT-University.nl. Dutch Raymond and I will be presenting on a topic that is close to my heart: Active Directory. Active Directory has captivated the hearts of adversaries. Some ransomware gangs just simply lose interest want the device of a potential victim … Continue reading "You're invited to the IT-University Masterclass – Adequately Securing Active Directory"

The Azure ATP Portal is being decommissioned in February 2023

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. Microsoft Defender for Identity was formerly known as Azure Advanced Threat Protection (Azure ATP). Admins at many organizations that onboarded to the Defender for Identity functionality still manage it through the Azure ATP Portal. … Continue reading "The Azure ATP Portal is being decommissioned in February 2023"

The January 2023 updates address Two LDAP vulnerabilities affecting Domain Controllers

When looking at the January 10, 2023, cumulative updates (1B23) for Windows Server today, I noticed two updates that specifically address a Remote Code Execution (RCE) vulnerability and a Denial of Service (DoS) vulnerability in Windows LDAP. These vulnerabilities are specific to Domain Controllers (in the default configuration), so this sparked my interest in these … Continue reading "The January 2023 updates address Two LDAP vulnerabilities affecting Domain Controllers"

You can only get Active Directory Monitoring right if you do Domain Controller Monitoring, too

When ENow launched COMPASS in 2011, the family of products it entered was commonly referred to as Active Directory monitoring. However, in contrast with other Active Directory monitoring solutions, COMPASS is also a Domain Controller monitoring solution. Many of the other Active Directory monitoring solutions on this common list of best Active Directory Monitoring solutions … Continue reading "You can only get Active Directory Monitoring right if you do Domain Controller Monitoring, too"

On-premises Identity-related updates and fixes for December 2022

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for December 2022:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for December 2022"

On-premises Identity-related updates and fixes for November 2022

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for November 2022:   Windows Server 2016 We observed the following updates … Continue reading "On-premises Identity-related updates and fixes for November 2022"

Domain Controllers running the latest updates may encounter LSASS memory leaks and unexpected restarts, unless…

After installing the most recent Updates on their Domain Controllers, some readers have reported in the comments that they experienced that the Local Security Authority Subsystem Service (LSASS) process on their Domain Controllers continually increases memory usage making their Domain Controllers become unresponsive and even automatically restart…   The cause Many Active Directory admins experienced issues … Continue reading "Domain Controllers running the latest updates may encounter LSASS memory leaks and unexpected restarts, unless…"

HOWTO: Install the most recent Updates on your Domain Controllers

To address a known issue that affects Windows Servers that have the Domain Controller role, Microsoft has released an out-of-band update. After installing the November 2022 cumulative updates on Domain Controllers, you might experience Kerberos authentication issues due to the way Microsoft addressed CVE-2022-37966.   Microsoft Windows 2022 Regardless of having installed the November 8, 2022 update for … Continue reading "HOWTO: Install the most recent Updates on your Domain Controllers"