Hardening SMB on Domain Controllers, Step 1: Reporting on SMBv1 connections , SMBv2 connections and SMB null sessions

Server Message Block (SMB) is a critical component for any Microsoft-oriented networking environment. That’s why hardening SMB is one of the critical steps in securing Active Directory Domain Controllers. In this blog post series, I’ll share my approach on hardening SMB on Domain Controllers. Tip! I apply this approach to Active Directory Domain Controllers, but … Continue reading "Hardening SMB on Domain Controllers, Step 1: Reporting on SMBv1 connections , SMBv2 connections and SMB null sessions"

On-premises Identity-related updates and fixes for August 2021

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for August 2021:   Windows Server 2016 We observed the following updates for Windows Server 2016: KB5005043 August 10, 2021 … Continue reading "On-premises Identity-related updates and fixes for August 2021"

Active Directory- and Azure AD-related sessions at The Experts Conference (TEC) 2021

The Experts Conference (TEC), sponsored by Quest is a yearly conference to get advanced practical Active Directory and Office 365 education. Sponsored by the leaders who have helped move, manage and secure over 336 million Active Directory users, TEC 2021 gives you the opportunity to expand your knowledge by connecting with Microsoft MVPs, industry and … Continue reading "Active Directory- and Azure AD-related sessions at The Experts Conference (TEC) 2021"

HOWTO: Manually delete unavailable print queues from Active Directory

Recently, I advised to disable the Print Spooler service on Domain Controllers. Concluding that blogpost, I mentioned that admins need to perform manual tasks at the end of the lifecycles of published printers if they have printers published. Today, let’s take a look at these manual tasks in the two scenarios you need to pay … Continue reading "HOWTO: Manually delete unavailable print queues from Active Directory"

What's New in Microsoft Defender for Identity in July 2021

Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate (potential) breaches … Continue reading "What's New in Microsoft Defender for Identity in July 2021"

On-premises Identity-related updates and fixes for July 2021

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for July 2021: Windows Server 2016 We observed the following updates for Windows Server 2016: KB5004948 July 7, 2021 Out … Continue reading "On-premises Identity-related updates and fixes for July 2021"

A Windows KDC Information Disclosure Vulnerability exists when you use non-RFC4556-compliant devices

Two weeks ago, for its July 2021 Patch Tuesday, Microsoft released an important security update for the Windows Key Distribution Center, found on Active Directory Domain Controllers. Today, an update to that original update was issued to relieve some of the pain points. About the vulnerability An information disclosure vulnerability exists in the way the … Continue reading "A Windows KDC Information Disclosure Vulnerability exists when you use non-RFC4556-compliant devices"

Five Things You should know about Azure AD Connect version 2

Last week, Microsoft released the first version in the 2,0 branch of Azure AD Connect: v2.0.3.0. There are a couple of things that you should be aware of with this version. I’m sharing them with you in this blogpost. Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes … Continue reading "Five Things You should know about Azure AD Connect version 2"

Azure AD Connect version 2.0.3.0 is here

It’s time for a new version of Azure AD Connect to incorporate Microsoft’s lessons learned and distribute the fixes Microsoft made to the larger public. Yesterday, Microsoft released the first version in the 2.x branch of Azure AD Connect: v2.0.3.0 Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their … Continue reading "Azure AD Connect version 2.0.3.0 is here"

The July 2021 Patch Tuesday addresses twelve vulnerabilities for Domain Controllers running as DNS Servers

When looking at the July 2021 Patch Tuesday today, I noticed three updates that specifically address vulnerabilities in the DNS snap-in and nine vulnerabilities in DNS Server. These vulnerabilities are specific to Domain Controllers running DNS Server (in the default configuration), so this sparked my interest in these updates. Three DNS Snap-in vulnerabilities There are … Continue reading "The July 2021 Patch Tuesday addresses twelve vulnerabilities for Domain Controllers running as DNS Servers"