Core Infrastructure and Security Blog

Options
1,764
BrandonWilson on Nov 27 2022 09:00 PM
1,296
AtilGurcan on Nov 24 2022 12:40 AM
1,511
AndrewCoughlin on Nov 21 2022 12:00 AM
2,229
BrandonWilson on Nov 18 2022 09:00 PM
10.5K
PaulHarrison on Nov 18 2022 10:42 AM
1,784
fbinotto on Nov 14 2022 12:02 AM
1,615
Bruno Gabrielli on Nov 10 2022 12:00 AM
2,391
Bruno Gabrielli on Nov 09 2022 12:00 AM
1,756
BrandonWilson on Nov 03 2022 02:49 PM
7,095
Michael Hildebrand on Oct 31 2022 04:00 AM
3,733
hspinto on Oct 24 2022 12:00 AM
2,811
WillAftring on Oct 17 2022 05:17 AM
3,929
fbinotto on Oct 09 2022 04:12 PM
2,201
BrandonWilson on Oct 07 2022 09:39 AM
5,954
Anthony_W on Oct 03 2022 12:26 AM
6,034
Michael Hildebrand on Sep 30 2022 10:03 AM
4,182
AndrewCoughlin on Sep 26 2022 12:00 AM
4,611
wernerrall on Sep 19 2022 01:16 AM
15.8K
Anthony_W on Sep 12 2022 01:04 AM
3,271
BrandonWilson on Sep 09 2022 02:17 PM
8,888
fbinotto on Sep 06 2022 04:09 PM
15.5K
varghesejoji on Sep 01 2022 11:19 AM
5,067
DarrenTurchiarelli on Aug 29 2022 04:24 PM
3,162
PaulHarrison on Aug 25 2022 02:00 AM
3,059
wernerrall on Aug 22 2022 12:35 AM
3,524
PaddyDamodharan on Aug 15 2022 12:00 AM
6,828
PaddyDamodharan on Aug 08 2022 12:00 AM
2,283
BrandonWilson on Aug 04 2022 08:12 AM
3,247
Joel Vickery on Aug 01 2022 08:33 PM
4,549
AndrewCoughlin on Jul 25 2022 12:00 AM

Latest Comments

Took a few hours, but got this to work. Things that were helpful for me: Redirect URL - http://localhost Creating the credential file - run powershell as another user (service account) and then elevate the session with Start-Process PowerShell -Verb RunAsAzure AD Sign-in Logs > filter by application...
0 Likes
@Jerry Devore we are only observing RC4 used for TGT tickets obtained by NetApp storage. It is reported in the event 4768 as Ticket Encryption Type 0x17. The vast majority of other computer and user accounts are using AES encryption for TGT tickets for a long time already. And we have changed the pa...
0 Likes
Thank you @Jerry Devore and @RossUA . Your help is much appriciated. After changing msDS-SupportedEncryptionTypes to 0x4 (RC4_HMAC_MD5) , we're able to access the NetApp again. The session key now is RC4. Thank you for your help, we'll check how to get rid of this configuration by either getting rid...
0 Likes
Hi Eric A question that occurred to me. Am I correct in assuming that the "Owner" Security Principal of a computer object would have this capability as well? If that is true and you are some sort of computer provisioning/deployment software like SCCM etc. you would probably want to make sure that Ow...
0 Likes
It would be unrestricted for Kerberos if the GPO for the "Network security: Configure encryption types allowed for Kerberos" policy is not defined.Also, the msDS-SupportEncryptionTypes attribute for the KRBTGT not set(nothing).Will the KRBTGT's encryption type remain the same as RC4 since we deploye...
0 Likes