Core Infrastructure and Security Blog

Options
1,616
BrandonWilson on Nov 27 2022 09:00 PM
1,275
AtilGurcan on Nov 24 2022 12:40 AM
1,490
AndrewCoughlin on Nov 21 2022 12:00 AM
2,213
BrandonWilson on Nov 18 2022 09:00 PM
10.4K
PaulHarrison on Nov 18 2022 10:42 AM
1,779
fbinotto on Nov 14 2022 12:02 AM
1,610
Bruno Gabrielli on Nov 10 2022 12:00 AM
2,387
Bruno Gabrielli on Nov 09 2022 12:00 AM
1,751
BrandonWilson on Nov 03 2022 02:49 PM
7,057
Michael Hildebrand on Oct 31 2022 04:00 AM
3,729
hspinto on Oct 24 2022 12:00 AM
2,807
WillAftring on Oct 17 2022 05:17 AM
3,919
fbinotto on Oct 09 2022 04:12 PM
2,196
BrandonWilson on Oct 07 2022 09:39 AM
5,948
Anthony_W on Oct 03 2022 12:26 AM
6,030
Michael Hildebrand on Sep 30 2022 10:03 AM
4,177
AndrewCoughlin on Sep 26 2022 12:00 AM
4,605
wernerrall on Sep 19 2022 01:16 AM
15.8K
Anthony_W on Sep 12 2022 01:04 AM
3,266
BrandonWilson on Sep 09 2022 02:17 PM
8,882
fbinotto on Sep 06 2022 04:09 PM
15.5K
varghesejoji on Sep 01 2022 11:19 AM
5,060
DarrenTurchiarelli on Aug 29 2022 04:24 PM
3,157
PaulHarrison on Aug 25 2022 02:00 AM
3,055
wernerrall on Aug 22 2022 12:35 AM
3,520
PaddyDamodharan on Aug 15 2022 12:00 AM
6,822
PaddyDamodharan on Aug 08 2022 12:00 AM
2,279
BrandonWilson on Aug 04 2022 08:12 AM
3,241
Joel Vickery on Aug 01 2022 08:33 PM
4,543
AndrewCoughlin on Jul 25 2022 12:00 AM

Latest Comments

Took a few hours, but got this to work. Things that were helpful for me: Redirect URL - http://localhost Creating the credential file - run powershell as another user (service account) and then elevate the session with Start-Process PowerShell -Verb RunAsAzure AD Sign-in Logs > filter by application...
0 Likes
@Jerry Devore we are only observing RC4 used for TGT tickets obtained by NetApp storage. It is reported in the event 4768 as Ticket Encryption Type 0x17. The vast majority of other computer and user accounts are using AES encryption for TGT tickets for a long time already. And we have changed the pa...
0 Likes
Thank you @Jerry Devore and @RossUA . Your help is much appriciated. After changing msDS-SupportedEncryptionTypes to 0x4 (RC4_HMAC_MD5) , we're able to access the NetApp again. The session key now is RC4. Thank you for your help, we'll check how to get rid of this configuration by either getting rid...
0 Likes
Hi Eric A question that occurred to me. Am I correct in assuming that the "Owner" Security Principal of a computer object would have this capability as well? If that is true and you are some sort of computer provisioning/deployment software like SCCM etc. you would probably want to make sure that Ow...
0 Likes
It would be unrestricted for Kerberos if the GPO for the "Network security: Configure encryption types allowed for Kerberos" policy is not defined.Also, the msDS-SupportEncryptionTypes attribute for the KRBTGT not set(nothing).Will the KRBTGT's encryption type remain the same as RC4 since we deploye...
0 Likes