ADFS – export RP and its claims
If you choose not to use the AD FS Rapid Restore Tool, then at a minimum, you should export the “Microsoft Office 365 Identity Platform” relying party trust and any associated custom claim rules you...
View ArticleAD – DCShadow attack
Description of the attack: https://www.dcshadow.com/ Detection of the attack: PowerShell: https://github.com/AlsidOfficial/UncoverDCShadow ATA Azure ATP detection:...
View ArticleAD – Security – Forest trusts are not a security boundary
https://posts.specterops.io/not-a-security-boundary-breaking-forest-trusts-cd125829518d
View ArticleAADConnect – restrict permissions on service account
To restrict permissions on AADConnect service account is new since the version 1.1.880.0 (Aug 2018):...
View ArticleADFS 2019
ADFS 2019 what’s new: https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/overview/whats-new-active-directory-federation-services-windows-server ADFS 2019 on Windows server 2019 has just...
View ArticleADFS 2016 – configure Extranet Smart Lockout protection
How to: before to configure ADFS smart lockout, remove your account from GAD protected users group, else you can get access denied...
View ArticleWindows – Advanced Audit settings
If you want to enable advanced audit settings using Local GPOs or domain GPOs, you must enable the Audit option: Audit: force audit policy subcategory settings to override audit policy category settings
View ArticleDFS – backup and restore
To backup a DFS root: dfsUtil root export \\mydomain.net\rootdfs .\logs\rootdfs_Configuration.xml To restore a DFS root: dfsUtil root addDom \\mydomain.net\rootdfs dfsUtil root import set...
View ArticleWindows – Desired State Configuration
Overview: https://docs.microsoft.com/en-us/powershell/dsc/overview/overview Blog: https://blogs.msdn.microsoft.com/powershell/2018/09/13/desired-state-configuration-dsc-planning-update-september-2018/...
View ArticleAD – How to monitor LDAP queries,Kerberos,NTLM, Ldap timeouts and traffic to...
How to monitor LDAP, NTLM, Kerberos to your domain controllers ?...
View ArticleSecurity: Abusing Exchange: One API call away from Domain Admin
https://dirkjanm.io/abusing-exchange-one-api-call-away-from-domain-admin/
View ArticleCentrify config file optimization
Centrifydc.conf optimization: https://centrify.force.com/support/Article/KB-0291-Recommended-settings-in-centrifydc-conf-for-high-load-CPU-servers/ Centrifydc reference guide:...
View ArticleAADConnect – Enable synchronization of userType
Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-change-the-configuration#enable-synchronization-of-usertype
View ArticleAD security: ADTimeline (ANSSI) – FR
Article: https://www.ssi.gouv.fr/publication/investigation-numerique-sur-lannuaire-active-directory-avec-les-metadonnees-de-replication-outil-adtimeline/ Download:...
View ArticleClik here to view.
Office 365 : sipAddress vs msRTCSIP-PrimaryUserAddress
As we prepare for the migration from on-premises Skype for Business to Skype for Business Online, there are a few important considerations to bear in mind before you take the leap. I will be covering...
View ArticleClik here to view.
Understanding and Troubleshooting MS RPC
Overview: A very brief summary of how the protocol works: There is an “endpoint mapper” that runs on TCP port 135. You can bind to that port on a remote computer anonymously and enumerate all the...
View ArticleAADConnect filtering options
With AAD Connect, https://azure.microsoft.com/en-us/documentation/articles/active-directory-aadconnectsync-configure-filtering/ The following filtering configuration types can be applied to the...
View ArticleAADConnect and disabled AD user accounts
By default Azure AD connect will synchronize disabled accounts from AD to AAD. It is normal and is it recommended due to Exchange hybrid and EXO requirements. It is possible to create a custom rule...
View ArticleWindows – Windows Admin Center
Windows Admin Center: https://docs.microsoft.com/en-us/windows-server/manage/windows-admin-center/understand/windows-admin-center Installation: You can install Windows Admin Center on the following...
View ArticlePowerShell – DNS – Create conditional forwarder zone
Best practices for DNS forwarding: https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc754941%28v%3dws.10%29...
View Article