Microsoft has recently raised concerns about the increasing threat of a sophisticated attack method known as Kerberoasting. In response, the company has outlined the attack’s methodology, associated risks, and key strategies to help organizations defend against these cyber threats. What is Kerberoasting and how does it work? Kerberoasting is a cyberattack technique that compromises the…
Identity solution provider HID has announced a new integration with Microsoft Entra ID (formerly Azure Active Directory). This new offering allows organizations to use their physical access cards as an additional multifactor authentication (MFA) method to access Entra ID as well as Microsoft 365 apps and services. Microsoft’s research has found that implementing multifactor authentication…
In this article, I’m going to show you how to check which domain controllers (DC) hold the FSMO roles in Active Directory (AD). FSMO roles are assigned to specific domain controllers and are designed to prevent conflicts once data is replicated. You can also quickly transfer FSMO and seize FSMO roles using PowerShell. How to…
FSMO roles are a crucial piece in Active Directory functionality. Learn about their purpose, types, and how they work together in this guide. Windows Server Active Directory multi-master model A multi-master enabled database, such as Active Directory, provides the flexibility of allowing changes to occur at any domain controller (DC) in the enterprise, but it…
Last Update: Oct 16, 2024
How can I forcibly seize FSMO Roles from one domain controller (DC) to another? Windows Server Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation). The five FSMO roles are: Seize FSMO roles using PowerShell You can seize FSMO roles using the PowerShell Move-ADDirectoryServerOperationMasterRole cmdlet. The syntax for the…
Last Update: Oct 15, 2024
In this article, you will learn how to transfer FSMO roles in Active Directory quickly using the command lines tools and GUI. Windows Server Active Directory domains utilize a Single Operation Master method called FSMO (Flexible Single Master Operation). In most cases an administrator can keep the FSMO role holders (all 5 of them) in…
Last Update: Oct 15, 2024
In part one of this new series on Active Directory Federation Services (AD FS), learn to set up Workplace Join in Windows Server 2012 R2.
Last Update: Oct 10, 2024
In this quick Ask an Admin, check out how to restore Active Directory using Windows Server Backup.
A simple (non-complex) Active Directory password (AD) is vulnerable to hacking and exploitation. Requiring complex passwords in your Active Directory password policy increases the effectiveness of passwords exponentially – each additional special character you require in your users’ passwords makes them ultimately impervious to brute-force attacks. Going back to the 2000s, Excel’s simple workbook-protected passwords…
Are you responsible for managing Active Directory (AD) within your organization? Whether you’re an IT professional, security specialist, or part of an infrastructure team, understanding AD resiliency and best practices is crucial. Active Directory is still the most widely used Identity and Access Management (IAM) solution on the market. And for the first time in…
In this episode of First Ring Daily, Brad Sams and Paul Thurrott discuss Microsoft’s busy week with the public release of Windows 11 version 24H2 and the upcoming public preview of new AI features on Copilot+ PCs.
Last Update: Sep 30, 2024
This article will offer you a straightforward way to list Active Directory users with Active Directory Users and Computers (ADUC). I’ll show you how to do that using the graphical user interface (GUI) with the ADUC tool. Check out how to list Active Directory Users with PowerShell on Petri if you would prefer to perform…