Tag: Windows Server

Microsoft Advanced Threat Analytics Banner

Microsoft Advanced Threat Analytics Fundamentals

Introduction Hi there, want to know more about Microsoft Advanced Threat Analytics (ATA)? You’ve come to the right place. In this blog post I’d like to share some fundamentals of the product and platform to get you started right away. Microsoft¬†acquired Aorato in 2014 which was a security company. They are now part of Microsoft

Continue Reading

Illegal cross-realm Ticket and the Rejected Authentication by Kerberos

Introduction Finally I have found some time to write this blogpost in detail. It took place last year somewhere around october and november, so here we go! The other day I received some complaints about not being able to access a CIFS share on the network. Several users acknowledged this, they got the Windows authentication

Continue Reading

How To Get a List of Specified Users and Their Group Membership From Active Directory

Once in a while someone at your company asks you if you can deliver a list of users who are member of administration groups within your Active Directory environment. We want to restrict admin access to a minimum so it’s good to know who are the lucky ones and who are slipped through. ūüėČ

Continue Reading

How To Monitor LDAP, Kerberos and NTLM Traffic To Your Domain Controllers

Now with the extended support date for Windows Server 2003 in mind (14-07-2015) it’s good to look at how to finally get rid of those old domain controllers. ¬†I came across a nice Technet article about how to monitor LDAP, kerberos and NTLM traffic to your domain controllers to find out which applications and servers

Continue Reading