Category Archives: Active Directory

New versions of ADFind and ADMod are now available

Joe Richards has published new versions of his independent ADFind and ADMod tools. Long before Windows Server came with Windows PowerShell, Joe published the first versions of these tools. Now, the latest versions are here for you to enjoy. About Joe Richards Joe Richards currently works as Enterprise Technical Expert CyberSecurity InfoSec Identity and Directory […]

0  

How Hot Patch for Windows Server Azure Edition helps secure Domain Controllers

At Microsoft Ignite 2021 Spring Edition, Microsoft introduces the Public Preview of Hot Patching for Windows Server Azure Edition. About hot patching for Windows Server Azure Edition Microsoft announced new capabilities at Microsoft Ignite 2021 Spring edition for Azure Automanage to simplify operations for Windows Server-based virtual machines (VMs). Azure Automanage helps organizations to reduce […]

0  

The March 2021 Cumulative Update addresses seven Windows Server DNS vulnerabilities

Today, for its March 2021 Patch Tuesday, Microsoft released a security update that addresses seven vulnerabilities in DNS Servers running Windows Server: About the vulnerabilities The vulnerabilities are described as followed:    CVE-2021-26877 Windows DNS Server Remote Code Execution Vulnerability Critical A remote code execution vulnerability, identified as CVE-2021-26877, exists in Windows Domain Name System […]

2  

HOWTO: Hunt for abuse of Azure AD Connect’s AD Connector account

Azure AD Connect Sync’s uses three separate accounts. Its AD Connector account is an account that has several permissions that warrant a closer look at how the account can be abused. Of course, we’ll need command lines to hunt for any misuse. About the AD Connector account Since Azure AD Connect version 1.4.18.0, the use […]

0  

HOWTO: Find out the capabilities Domain Controllers may offer your device

One of the hard nuts to crack in Active Directory is meeting the requirements for the infrastructure features your organization’s business needs to operate reliably, securely and smooth. About Active Directory requirements Throughout Microsoft’s recent history, features have been introduced in all sorts of products that have certain Active Directory requirements. The perfect example is […]

0  

KnowledgeBase: You experience EventID 1699 on Domain Controllers targeted by Azure AD Connect

One of the issues you might encounter, when you misconfigure the delegated permissions for Azure AD Connect’s Active Directory connector account is events in your Domain Controllers’ event viewers every hour with event ID 1699. The situation You are using Azure AD Connect with Password Hash Synchronization as either the sign-in method to Azure AD […]

2  

Windows PKU2U Elevation of Privilege Vulnerability (CVE-2021-25195, Critical)

Yesterday, for its February 2021 Patch Tuesday, Microsoft released a critical security update for PKU2U. This vulnerability is known as CVE-2021-25195 and rated with CVSSv3.0 scores of 7.8/6.8.   About PKU2U Authentication PKU2U is a peer-to-peer authentication protocol. This setting prevents online identities from authenticating to domain-joined systems. Authentication will be centrally managed with Windows […]

0  

Windows DNS Server Remote Code Execution Vulnerability (CVE-2021-24078, Critical CVSSv3 9.8/8.5)

Today, for its February 2021 Patch Tuesday, Microsoft released a critical security update for DNS Servers running Windows Server. This vulnerability is known as CVE-2021-24078 and rated with CVSSv3.0 scores of 9.8/8.5. A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers. An attacker who successfully exploited the vulnerability could run arbitrary […]

0  

On-premises Identity-related updates and fixes for January 2021

Even though Microsoft’s Identity focus moves towards the cloud, they are not forgetting their on-premises roots. Windows Server 2016 and Windows Server 2019 still receive updates. These are the Identity-related updates and fixes we saw for January 2021:   Windows Server 2016 We observed the following update for Windows Server 2016: KB4598243 January 12, 2021 […]

0  

Active Directory’s ESE database code now available on GitHub

Active Directory Domain Services (AD DS) and Active Directory Certificate Services (AD CS) use the Extensible Storage Engine (ESE) as its database. Now Microsoft has open sourced the code for its database engine available to all on GitHub.   About the Extensible Storage Engine The Extensible Storage Engine (ESE) is an embedded / Indexed Sequential […]

0