Active Directory Backup & Recovery
Categories
- Active Directory Backup & Recovery (60)
- Active Directory Security (201)
- AD Security 101 (17)
- Community Tools (19)
- Directory Modernization (9)
- From the Front Lines (69)
- Hybrid Identity Protection (62)
- Identity Attack Catalog (17)
- Identity Threat Detection & Response (133)
- Our Mission: Be a Force for Good (14)
- Purple Knight (5)
- The CISO's Perspective (16)
- Threat Research (60)
- Uncategorized (1)
Two New Microsoft Hybrid Services Dramatically Simplify Connecting your Active Directory to Azure
- Sean Deuby | Principal Technologist
Microsoft recently announced the public preview of two major new capabilities that will make integrating your on-premises Active Directory to Azure AD much, much easier. Passthrough authentication (PTA) and Seamless Single Sign-On (I'm choosing to call it 3SO) will allow your users to easily access Azure AD applications such as…
NIST joins Microsoft in Changing How We Should Think About Passwords
- Sean Deuby | Principal Technologist
On the heels of Microsoft's updated password recommendations, the National Institute for Standards and Technology (NIST) has come out with its own updated password guidelines. These recommendations parallel many of Microsoft's recommendations and thus give them extra credibility; in some areas they go further. When two major security industry influencers…
Understanding Azure AD Password (Hash) Sync
- Sean Deuby | Principal Technologist
Now that businesses are adopting cloud computing as part of their business model, a large percentage are choosing to connect their on-premises Active Directory environment to its counterpart in the cloud, Microsoft's Azure Active Directory. When you extend your on-premises AD to Azure AD, you have two choices for how…
Active Directory Corruption Comes In Two Flavors
- Sean Deuby | Principal Technologist
Active Directory is a very robust application, as it should be for such a fundamental building block of a company's IT infrastructure. But the architecture that makes it robust also makes it hard to understand. This lack of understanding often leads to assumptions in your recovery strategy that can leave…
Active Directory Replication Status Tool (ADREPLSTATUS) Rises Again
- Sean Deuby | Principal Technologist
Back in 2012, I wrote about a nifty tool known as the Active Directory Replication Status Monitor (inevitably shortened to ADREPLSTATUS for efficiency's sake) and how it was the first Microsoft tool produced in years to make monitoring Active Directory easier. Then recently Microsoft sort of took it away. Then,…
8 Situations That Put Your Active Directory At Risk
- Sean Deuby | Principal Technologist
Active Directory Domain Services (AD DS) has grown to be a marvelously reliable, highly scalable, and fault tolerant core component of your company’s IT infrastructure. It generally works quite well without requiring a lot of attention. But the AD DS admin must put in extra work to take the service…
Thinking The Unthinkable: Do You Have An Active Directory Forest Recovery Plan?
- Sean Deuby | Principal Technologist
If you want to make an Active Directory administrator uncomfortable, ask them about their recovery plan. When you ask this question, many AD admins will instead tell you about their object recovery plan. Some will describe their domain controller recovery procedures. But if you press further to ask if they've…
Vulnerability in Kerberos Allows Elevation of Privilege
- Sharon Vardi
Recently, Microsoft has released a security update (MS14-068) for Windows Server. The patched vulnerability is in the Windows Kerberos Key Distribution Center (KDC), which generates the session tickets to identities within Active Directory while accessing the Domain's resources. When clients request access to a resource, they contact the ticket-granting service…
