MS13-032 Vulnerability in Active Directory Could Allow Remote Code Execution (Important)

It’s not often, that Active Directory Domain Controllers get security updates. The Active Directory Domain Services Server Role is one of the most robustly written code, as I pointed out in an earlier blogpost on Statistics on Active Directory-related Security Bulletins. Since 2001, Microsoft has issued 18 Security Bulletins with patches to address issues in … Continue reading "MS13-032 Vulnerability in Active Directory Could Allow Remote Code Execution (Important)"

From the Field: the Case of Display Issues (garbled or missing Text) in Active Directory Administrative Center

I’ve been working with Active Directory Administrative Center (ADAC) for a while now, but didn’t have time to look at Delegation of Control lately. Yesterday I finally came round to configuring it and was baffled by a serious issue

Active Directory Time Sync (broken by default)

Active Directory relies on accurate time for a number of reasons. One of this reasons is Kerberos authentication, which by nature can only cope with a difference in time (time skew) of five minutes between the Kerberos server and client. Now, don’t get me wrong. I think the time skew limitation and the overall Kerberos … Continue reading "Active Directory Time Sync (broken by default)"

An early look at new features in Server Core

At Tech∙Ed last week some information emerged on Windows Server 2008 R2. Specifically some information was handed out on the Server Core installation option in the successor to Windows Server 2008. Let’s take an early look at the differences between Server Core installations of Windows Server 2008 and Server Core installations of Windows Server 2008 … Continue reading "An early look at new features in Server Core"