Microsoft Active Directory is arguably one of the most attacked resources that you can run on-premises. The reason for this is that it stores the “keys to the kingdom.” Everything identity related on-premises and even in hybrid-joined cloud environments... Read More
Active Directory - Technical
How to communicate a new password policy to your end users
Rolling out a new password policy without a communication plan is a recipe for disaster. You want to avoid a situation where all end users are prompted to change their passwords without understanding what they’re doing or why –... Read More
How to set up the key components of a password policy in Active Directory
Once you’ve planned out a new password policy, it’s time to put it into practice by setting the right configurations within your Active Directory. If you’re still at the planning stage, we’d recommend checking out our strategy tips for... Read More
How to recover a deleted Active Directory object
Most organizations today are still running Active Directory on-premises as their identity and access management solution. Many businesses are also synchronizing it with cloud directories as part of a hybrid configuration. Recovering Active Directory and deleted objects is an... Read More
Best practice guide for rolling out Specops Password Policy
Rolling out a new password policy without a plan is a recipe for disaster. You want to avoid a situation where all end users are prompted to change their passwords at the exact same time – triggering chaos for... Read More
Microsoft transitions NTLM to Kerberos in Windows to boost security
Windows authentication is a process that’s been around for decades. Unsurprisingly, attackers often target this authentication mechanism, preying upon weaknesses and vulnerabilities as they crop up. To help secure Windows authentication, Microsoft recently announced it was deprecating reliance on... Read More
Default account lockout policies in Windows 11
Windows 11 is the newest and generally most secure operating system in the Windows family. In the newest iteration of Windows, there are default account lockout policies that exist to mitigate RDP and other brute force password vectors. Why... Read More
PowerShell Scripts to Force Password Change for All Users After a Security Incident
After a confirmed or even suspected security breach it may be advised to have all users change their passwords. In this post we’ll review how to confirm if users have changed their passwords and how to force users to complete... Read More
How to delegate password reset permissions in Active Directory
Least privilege access is a crucial part of security that protects against overprovisioning user permissions. Even with IT technicians, and junior administrators, this needs to be considered when configuring permissions in the environment. A case in point is helpdesk... Read More
Analyzing TCP port 21 FTP vulnerabilities
Port 21 is the gateway through which File Transfer Protocol (FTP) clients and servers communicate. It is used to send commands and receive responses, making it a critical component of the FTP process. However, this same port is also... Read More