I just wanted to share this post from the “Ask Premier Field Engineering” blog: https://blogs.technet.microsoft.com/askpfeplat/2017/01/17/turn-on-that-scary-dc/ In the past I had clients with similar issues, but I’d removed the DC and done metadata cleanup as if it were a long lost irretrievable DC. What if there was a need to get data off of the orphan domain controller? […]
I had done a project to implement a local admin account password management system a few years ago, and just today stumbled across “Local Administrator Password Solution” aka LAPS – a free, officially supported Microsoft solution for managing local admin passwords within Active Directory. You can download it from Microsoft here. And here is a […]
I’m beginning to test Windows 10 Enterprise at work. My main goal was to test functionality of our LoB apps, but I pretty immediately became distracted with the option to perform an Azure AD Join instead of a traditional domain join. After the initial installation, you’ll be given these options: Of course I had an […]
I had a client that was dinged on a penetration test by having one communal password for the local administrator account on all machines. This is convenient for help desk, but is obviously very insecure. In the case of this client, the local admin password was commonly known, so they ran some sort of linuxsuperhacker […]